metasploit-payloads 2.0.112 → 2.0.113

Sign up to get free protection for your applications and to get access to all the features.
Files changed (77) hide show
  1. checksums.yaml +4 -4
  2. checksums.yaml.gz.sig +0 -0
  3. data/data/android/meterpreter.jar +0 -0
  4. data/data/android/metstage.jar +0 -0
  5. data/data/android/shell.jar +0 -0
  6. data/data/meterpreter/elevator.x64.debug.dll +0 -0
  7. data/data/meterpreter/elevator.x64.dll +0 -0
  8. data/data/meterpreter/elevator.x86.debug.dll +0 -0
  9. data/data/meterpreter/elevator.x86.dll +0 -0
  10. data/data/meterpreter/ext_server_bofloader.x64.debug.dll +0 -0
  11. data/data/meterpreter/ext_server_bofloader.x64.dll +0 -0
  12. data/data/meterpreter/ext_server_bofloader.x86.debug.dll +0 -0
  13. data/data/meterpreter/ext_server_bofloader.x86.dll +0 -0
  14. data/data/meterpreter/ext_server_espia.x64.debug.dll +0 -0
  15. data/data/meterpreter/ext_server_espia.x64.dll +0 -0
  16. data/data/meterpreter/ext_server_espia.x86.debug.dll +0 -0
  17. data/data/meterpreter/ext_server_espia.x86.dll +0 -0
  18. data/data/meterpreter/ext_server_extapi.x64.debug.dll +0 -0
  19. data/data/meterpreter/ext_server_extapi.x64.dll +0 -0
  20. data/data/meterpreter/ext_server_extapi.x86.debug.dll +0 -0
  21. data/data/meterpreter/ext_server_extapi.x86.dll +0 -0
  22. data/data/meterpreter/ext_server_incognito.x64.debug.dll +0 -0
  23. data/data/meterpreter/ext_server_incognito.x64.dll +0 -0
  24. data/data/meterpreter/ext_server_incognito.x86.debug.dll +0 -0
  25. data/data/meterpreter/ext_server_incognito.x86.dll +0 -0
  26. data/data/meterpreter/ext_server_kiwi.x64.debug.dll +0 -0
  27. data/data/meterpreter/ext_server_kiwi.x64.dll +0 -0
  28. data/data/meterpreter/ext_server_kiwi.x86.debug.dll +0 -0
  29. data/data/meterpreter/ext_server_kiwi.x86.dll +0 -0
  30. data/data/meterpreter/ext_server_lanattacks.x64.debug.dll +0 -0
  31. data/data/meterpreter/ext_server_lanattacks.x64.dll +0 -0
  32. data/data/meterpreter/ext_server_lanattacks.x86.debug.dll +0 -0
  33. data/data/meterpreter/ext_server_lanattacks.x86.dll +0 -0
  34. data/data/meterpreter/ext_server_peinjector.x64.debug.dll +0 -0
  35. data/data/meterpreter/ext_server_peinjector.x64.dll +0 -0
  36. data/data/meterpreter/ext_server_peinjector.x86.debug.dll +0 -0
  37. data/data/meterpreter/ext_server_peinjector.x86.dll +0 -0
  38. data/data/meterpreter/ext_server_powershell.x64.debug.dll +0 -0
  39. data/data/meterpreter/ext_server_powershell.x64.dll +0 -0
  40. data/data/meterpreter/ext_server_powershell.x86.debug.dll +0 -0
  41. data/data/meterpreter/ext_server_powershell.x86.dll +0 -0
  42. data/data/meterpreter/ext_server_priv.x64.debug.dll +0 -0
  43. data/data/meterpreter/ext_server_priv.x64.dll +0 -0
  44. data/data/meterpreter/ext_server_priv.x86.debug.dll +0 -0
  45. data/data/meterpreter/ext_server_priv.x86.dll +0 -0
  46. data/data/meterpreter/ext_server_python.x64.debug.dll +0 -0
  47. data/data/meterpreter/ext_server_python.x64.dll +0 -0
  48. data/data/meterpreter/ext_server_python.x86.debug.dll +0 -0
  49. data/data/meterpreter/ext_server_python.x86.dll +0 -0
  50. data/data/meterpreter/ext_server_sniffer.x64.dll +0 -0
  51. data/data/meterpreter/ext_server_sniffer.x86.dll +0 -0
  52. data/data/meterpreter/ext_server_stdapi.py +5 -6
  53. data/data/meterpreter/ext_server_stdapi.x64.debug.dll +0 -0
  54. data/data/meterpreter/ext_server_stdapi.x64.dll +0 -0
  55. data/data/meterpreter/ext_server_stdapi.x86.debug.dll +0 -0
  56. data/data/meterpreter/ext_server_stdapi.x86.dll +0 -0
  57. data/data/meterpreter/ext_server_unhook.x64.debug.dll +0 -0
  58. data/data/meterpreter/ext_server_unhook.x64.dll +0 -0
  59. data/data/meterpreter/ext_server_unhook.x86.debug.dll +0 -0
  60. data/data/meterpreter/ext_server_unhook.x86.dll +0 -0
  61. data/data/meterpreter/ext_server_winpmem.x64.debug.dll +0 -0
  62. data/data/meterpreter/ext_server_winpmem.x64.dll +0 -0
  63. data/data/meterpreter/ext_server_winpmem.x86.debug.dll +0 -0
  64. data/data/meterpreter/ext_server_winpmem.x86.dll +0 -0
  65. data/data/meterpreter/meterpreter.py +31 -5
  66. data/data/meterpreter/metsrv.x64.debug.dll +0 -0
  67. data/data/meterpreter/metsrv.x64.dll +0 -0
  68. data/data/meterpreter/metsrv.x86.debug.dll +0 -0
  69. data/data/meterpreter/metsrv.x86.dll +0 -0
  70. data/data/meterpreter/screenshot.x64.debug.dll +0 -0
  71. data/data/meterpreter/screenshot.x64.dll +0 -0
  72. data/data/meterpreter/screenshot.x86.debug.dll +0 -0
  73. data/data/meterpreter/screenshot.x86.dll +0 -0
  74. data/lib/metasploit-payloads/version.rb +1 -1
  75. data.tar.gz.sig +0 -0
  76. metadata +2 -2
  77. metadata.gz.sig +0 -0
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: dff880efffb98315c75fd5b99d9b8d18d38b00b89b895402efec6d3a75391a34
4
- data.tar.gz: 7c46f591405adf2dc595752bfcfeb43883eecdf371ffaf33a27b2e1ef3765b02
3
+ metadata.gz: 2dc5e006186337d50009cb0436f562ab25cc109867c07a6cde0734e29aa1a0ab
4
+ data.tar.gz: 024611f12e3b854a9a033d7d76d284773ebb434cf491118254231fe999301a10
5
5
  SHA512:
6
- metadata.gz: 827953f6a7fd7aa3013d1aab5b44731ed50ea31b68821744cd48889344055c79ca9ab837a26e161acc4e63b5b78422b549933b1a8990083b860dcc8e2825e6dc
7
- data.tar.gz: 8db85ed51660aace2c95c2083ec9d62c827e1505dc900e97eae93e2f6fbbf1bf1a27271b7ce768d06151a96870153fd35bc2b1db1e3edd9a99dd3f6153994dc9
6
+ metadata.gz: 95ff44c78979d456f703e7ceffbb93354e04526ec0ba1e20d1e9ef5e4cac0cebec34cbf1b5e69ae02a9fd3a2bd39557e8f7f69c1f9fbcca09a3c6d7cbc49dbb7
7
+ data.tar.gz: d95484a3f3c8cf1e916d0c2033854567c54499fd3d97bcbcd79ca0968e227725218067b9f39feefdbf3c169bfef39baaec208ab9d94d2149d9d271e447dd631c
checksums.yaml.gz.sig CHANGED
Binary file
Binary file
Binary file
Binary file
Binary file
Binary file
@@ -743,6 +743,7 @@ PROCESS_TERMINATE = 0x0001
743
743
  PROCESS_VM_READ = 0x0010
744
744
  PROCESS_QUERY_INFORMATION = 0x0400
745
745
  PROCESS_QUERY_LIMITED_INFORMATION = 0x1000
746
+ PROCESS_ALL_ACCESS = 0x1fffff
746
747
  VER_NT_WORKSTATION = 0x0001
747
748
  VER_NT_DOMAIN_CONTROLLER = 0x0002
748
749
  VER_NT_SERVER = 0x0003
@@ -1334,13 +1335,10 @@ def stdapi_sys_config_sysinfo(request, response):
1334
1335
 
1335
1336
  @register_function
1336
1337
  def stdapi_sys_process_close(request, response):
1337
- proc_h_id = packet_get_tlv(request, TLV_TYPE_HANDLE)
1338
+ proc_h_id = packet_get_tlv(request, TLV_TYPE_HANDLE)['value']
1338
1339
  if not proc_h_id:
1339
1340
  return ERROR_SUCCESS, response
1340
- proc_h_id = proc_h_id['value']
1341
- if proc_h_id in meterpreter.processes:
1342
- del meterpreter.processes[proc_h_id]
1343
- if not meterpreter.close_channel(proc_h_id):
1341
+ if not meterpreter.close_process(proc_h_id):
1344
1342
  return ERROR_FAILURE, response
1345
1343
  return ERROR_SUCCESS, response
1346
1344
 
@@ -1383,6 +1381,7 @@ def stdapi_sys_process_execute(request, response):
1383
1381
  proc_h.start()
1384
1382
  else:
1385
1383
  proc_h = subprocess.Popen(args, stdin=subprocess.PIPE, stdout=subprocess.PIPE, stderr=subprocess.PIPE)
1384
+
1386
1385
  proc_h_id = meterpreter.add_process(proc_h)
1387
1386
  response += tlv_pack(TLV_TYPE_PID, proc_h.pid)
1388
1387
  response += tlv_pack(TLV_TYPE_PROCESS_HANDLE, proc_h_id)
@@ -1882,7 +1881,7 @@ def stdapi_net_config_get_arp_table(request, response):
1882
1881
  ('dwNumEntries', ctypes.c_uint32),
1883
1882
  ('table', MIB_IPNETROW * ctypes.cast(ipnet_table.value, ctypes.POINTER(ctypes.c_ulong)).contents.value)
1884
1883
  ]
1885
-
1884
+
1886
1885
  ipnet_table = ctypes.cast(ipnet_table, ctypes.POINTER(MIB_IPNETTABLE))
1887
1886
  for ipnet_row in ipnet_table.contents.table:
1888
1887
  if (ipnet_row.dwType != MIB_IPNET_TYPE_DYNAMIC and ipnet_row.dwType != MIB_IPNET_TYPE_STATIC):
@@ -1260,11 +1260,37 @@ class PythonMeterpreter(object):
1260
1260
  return idx
1261
1261
 
1262
1262
  def add_process(self, process):
1263
- idx = self.next_process_id
1264
- self.processes[idx] = process
1265
- debug_print('[*] added process id: ' + str(idx))
1266
- self.next_process_id += 1
1267
- return idx
1263
+ if has_windll:
1264
+ PROCESS_ALL_ACCESS = 0x1fffff
1265
+ OpenProcess = ctypes.windll.kernel32.OpenProcess
1266
+ OpenProcess.argtypes = [ctypes.c_ulong, ctypes.c_long, ctypes.c_ulong]
1267
+ OpenProcess.restype = ctypes.c_void_p
1268
+ handle = OpenProcess(PROCESS_ALL_ACCESS, False, process.pid)
1269
+ else:
1270
+ handle = self.next_process_id
1271
+ self.next_process_id += 1
1272
+ self.processes[handle] = process
1273
+ debug_print('[*] added process id: ' + str(process.pid) + ', handle: ' + str(handle))
1274
+ return handle
1275
+
1276
+ def close_process(self, proc_h_id):
1277
+ proc_h = self.processes.pop(proc_h_id, None)
1278
+ if not proc_h:
1279
+ return False
1280
+ for channel_id, channel in self.channels.items():
1281
+ if not isinstance(channel, MeterpreterProcess):
1282
+ continue
1283
+ if not channel.proc_h is proc_h:
1284
+ continue
1285
+ self.close_channel(channel_id)
1286
+ break
1287
+ if has_windll:
1288
+ CloseHandle = ctypes.windll.kernel32.CloseHandle
1289
+ CloseHandle.argtypes = [ctypes.c_void_p]
1290
+ CloseHandle.restype = ctypes.c_long
1291
+ CloseHandle(proc_h_id)
1292
+ debug_print('[*] closed and removed process id: ' + str(proc_h.pid) + ', handle: ' + str(proc_h_id))
1293
+ return True
1268
1294
 
1269
1295
  def close_channel(self, channel_id):
1270
1296
  if channel_id not in self.channels:
Binary file
Binary file
Binary file
Binary file
Binary file
Binary file
@@ -1,6 +1,6 @@
1
1
  # -*- coding:binary -*-
2
2
  module MetasploitPayloads
3
- VERSION = '2.0.112'
3
+ VERSION = '2.0.113'
4
4
 
5
5
  def self.version
6
6
  VERSION
data.tar.gz.sig CHANGED
Binary file
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: metasploit-payloads
3
3
  version: !ruby/object:Gem::Version
4
- version: 2.0.112
4
+ version: 2.0.113
5
5
  platform: ruby
6
6
  authors:
7
7
  - OJ Reeves
@@ -96,7 +96,7 @@ cert_chain:
96
96
  EknWpNgVhohbot1lfVAMmIhdtOVaRVcQQixWPwprDj/ydB8ryDMDosIMcw+fkoXU
97
97
  9GJsSaSRRYQ9UUkVL27b64okU8D48m8=
98
98
  -----END CERTIFICATE-----
99
- date: 2023-02-17 00:00:00.000000000 Z
99
+ date: 2023-02-24 00:00:00.000000000 Z
100
100
  dependencies:
101
101
  - !ruby/object:Gem::Dependency
102
102
  name: rake
metadata.gz.sig CHANGED
Binary file