Skip to content

Commit

Permalink
Land #18405, Show errors on inaccessible payload files
Browse files Browse the repository at this point in the history
  • Loading branch information
adfoster-r7 authored Oct 3, 2023
2 parents 92867ce + e70f356 commit 14c42fc
Show file tree
Hide file tree
Showing 13 changed files with 40 additions and 17 deletions.
4 changes: 2 additions & 2 deletions Gemfile.lock
Original file line number Diff line number Diff line change
Expand Up @@ -33,7 +33,7 @@ PATH
metasploit-concern
metasploit-credential
metasploit-model
metasploit-payloads (= 2.0.148)
metasploit-payloads (= 2.0.154)
metasploit_data_models
metasploit_payloads-mettle (= 1.0.26)
mqtt
Expand Down Expand Up @@ -275,7 +275,7 @@ GEM
activemodel (~> 7.0)
activesupport (~> 7.0)
railties (~> 7.0)
metasploit-payloads (2.0.148)
metasploit-payloads (2.0.154)
metasploit_data_models (6.0.2)
activerecord (~> 7.0)
activesupport (~> 7.0)
Expand Down
2 changes: 1 addition & 1 deletion LICENSE_GEMS
Original file line number Diff line number Diff line change
Expand Up @@ -80,7 +80,7 @@ metasploit-concern, 5.0.1, "New BSD"
metasploit-credential, 6.0.5, "New BSD"
metasploit-framework, 6.3.37, "New BSD"
metasploit-model, 5.0.1, "New BSD"
metasploit-payloads, 2.0.148, "3-clause (or ""modified"") BSD"
metasploit-payloads, 2.0.154, "3-clause (or ""modified"") BSD"
metasploit_data_models, 6.0.2, "New BSD"
metasploit_payloads-mettle, 1.0.26, "3-clause (or ""modified"") BSD"
method_source, 1.0.0, MIT
Expand Down
7 changes: 7 additions & 0 deletions lib/msf/core/feature_manager.rb
Original file line number Diff line number Diff line change
Expand Up @@ -18,6 +18,7 @@ class FeatureManager
DATASTORE_FALLBACKS = 'datastore_fallbacks'
FULLY_INTERACTIVE_SHELLS = 'fully_interactive_shells'
MANAGER_COMMANDS = 'manager_commands'
METASPLOIT_PAYLOAD_WARNINGS = 'metasploit_payload_warnings'
DEFAULTS = [
{
name: WRAPPED_TABLES,
Expand All @@ -39,6 +40,12 @@ class FeatureManager
description: 'When enabled you can consistently set username across modules, instead of setting SMBUser/FTPUser/BIND_DN/etc',
requires_restart: true,
default_value: true
}.freeze,
{
name: METASPLOIT_PAYLOAD_WARNINGS,
description: 'When enabled Metasploit will output warnings about missing Metasploit payloads, for instance if they were removed by antivirus etc',
requires_restart: true,
default_value: false
}.freeze
].freeze

Expand Down
2 changes: 1 addition & 1 deletion lib/msf/core/payload/java.rb
Original file line number Diff line number Diff line change
Expand Up @@ -58,7 +58,7 @@ def generate_jar(opts={})
jar = Rex::Zip::Jar.new
jar.add_sub("metasploit") if opts[:random]
jar.add_file("metasploit.dat", stager_config(opts))
jar.add_files(paths, MetasploitPayloads.path('java'))
jar.add_files(paths, ::MetasploitPayloads.path('java'))
jar.build_manifest(:main_class => main_class)

jar
Expand Down
9 changes: 4 additions & 5 deletions lib/msf/core/payload/stager.rb
Original file line number Diff line number Diff line change
Expand Up @@ -188,15 +188,14 @@ def handle_connection(conn, opts={})
end
end

p = generate_stage(opts)

# Encode the stage if stage encoding is enabled
# Generate and encode the stage if stage encoding is enabled
begin
p = generate_stage(opts)
p = encode_stage(p)
rescue ::RuntimeError
rescue ::RuntimeError, ::StandardError => e
warning_msg = "Failed to stage"
warning_msg << " (#{conn.peerhost})" if conn.respond_to? :peerhost
warning_msg << ": #{$!}"
warning_msg << ": #{e}"
print_warning warning_msg
if conn.respond_to? :close && !conn.closed?
conn.close
Expand Down
14 changes: 13 additions & 1 deletion lib/msf/ui/console/driver.rb
Original file line number Diff line number Diff line change
Expand Up @@ -364,7 +364,19 @@ def on_startup(opts = {})

run_single("banner") unless opts['DisableBanner']

av_warning_message if framework.eicar_corrupted?
payloads_manifest_errors = framework.features.enabled?(::Msf::FeatureManager::METASPLOIT_PAYLOAD_WARNINGS) ? ::MetasploitPayloads.manifest_errors : []

av_warning_message if (framework.eicar_corrupted? || payloads_manifest_errors.any?)

if framework.features.enabled?(::Msf::FeatureManager::METASPLOIT_PAYLOAD_WARNINGS)
if payloads_manifest_errors.any?
warn_msg = "Metasploit Payloads manifest errors:\n"
payloads_manifest_errors.each do |file|
warn_msg << "\t#{file[:path]} : #{file[:error]}\n"
end
$stderr.print(warn_msg)
end
end

opts["Plugins"].each do |plug|
run_single("load '#{plug}'")
Expand Down
7 changes: 6 additions & 1 deletion lib/rex/post/meterpreter/client_core.rb
Original file line number Diff line number Diff line change
Expand Up @@ -363,7 +363,12 @@ def use(mod, opts = { })
# Get us to the installation root and then into data/meterpreter, where
# the file is expected to be
modname = "ext_server_#{mod.downcase}"
path = MetasploitPayloads.meterpreter_path(modname, suffix, debug: client.debug_build)
begin
path = MetasploitPayloads.meterpreter_path(modname, suffix, debug: client.debug_build)
rescue ::StandardError => e
elog(e)
path = nil
end

if opts['ExtensionPath']
path = ::File.expand_path(opts['ExtensionPath'])
Expand Down
2 changes: 1 addition & 1 deletion metasploit-framework.gemspec
Original file line number Diff line number Diff line change
Expand Up @@ -72,7 +72,7 @@ Gem::Specification.new do |spec|
# are needed when there's no database
spec.add_runtime_dependency 'metasploit-model'
# Needed for Meterpreter
spec.add_runtime_dependency 'metasploit-payloads', '2.0.148'
spec.add_runtime_dependency 'metasploit-payloads', '2.0.154'
# Needed for the next-generation POSIX Meterpreter
spec.add_runtime_dependency 'metasploit_payloads-mettle', '1.0.26'
# Needed by msfgui and other rpc components
Expand Down
2 changes: 1 addition & 1 deletion modules/payloads/singles/java/shell_reverse_tcp.rb
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@

module MetasploitModule

CachedSize = 7503
CachedSize = 7497

include Msf::Payload::Single
include Msf::Payload::Java
Expand Down
2 changes: 1 addition & 1 deletion modules/payloads/stagers/java/bind_tcp.rb
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,7 @@

module MetasploitModule

CachedSize = 5262
CachedSize = 5256

include Msf::Payload::Stager
include Msf::Payload::Java
Expand Down
2 changes: 1 addition & 1 deletion modules/payloads/stagers/java/reverse_tcp.rb
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,7 @@

module MetasploitModule

CachedSize = 5262
CachedSize = 5256

include Msf::Payload::Stager
include Msf::Payload::Java
Expand Down
2 changes: 1 addition & 1 deletion scripts/resource/meterpreter_compatibility.rc
Original file line number Diff line number Diff line change
Expand Up @@ -13,7 +13,7 @@ framework.sessions.values.map do |session|
puts "[#{Time.now}][#{extension_name}] Starting to loading extension"
session.core.use(extension_name)
puts "[#{Time.now}][#{extension_name}] Loaded extension"
rescue ::RuntimeError
rescue ::RuntimeError, ::MetasploitPayloads::Error
puts "[#{Time.now}][#{extension_name}] Failed loading"
# noop
end
Expand Down
2 changes: 1 addition & 1 deletion test/modules/post/test/extapi.rb
Original file line number Diff line number Diff line change
Expand Up @@ -30,7 +30,7 @@ def setup
vprint_status("Loading extapi extension...")
begin
session.core.use("extapi")
rescue Errno::ENOENT, Rex::Post::Meterpreter::ExtensionLoadError
rescue Errno::ENOENT, Rex::Post::Meterpreter::ExtensionLoadError, ::MetasploitPayloads::Error
print_status("This module is only available in a windows meterpreter session.")
return
end
Expand Down

0 comments on commit 14c42fc

Please sign in to comment.