Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Socks5h and socks5 support for python/meterpreter #735

Open
wants to merge 5 commits into
base: master
Choose a base branch
from
Open

Socks5h and socks5 support for python/meterpreter #735

wants to merge 5 commits into from
+58 −49

Conversation

0xriasaat
Copy link

@0xriasaat 0xriasaat commented Nov 30, 2024
edited
Loading

Added requests library to properly use socks5 and socks5h for proxy also supports previous HTTP proxy
proxy format
socks5://ipadrress:port
socks5h://ipadrress:port ( added this to use DNS through proxy )
http://ipadrress:port
https://ipadrress:port
same thing goes for HttpProxyUser and Pass both HTTP and SOCKS uses same format

@0xriasaat
Update meterpreter.py
510890b 
Added support for socks5 and socks5h proxy
@0xriasaat
Update meterpreter.py
e3cc3ee 
added socks5 and socks5h support
@0xriasaat
Copy link
Author

I don't have enough knowledge to apply it directly to msfvenom
I would be glad if anyone could teach me how I can use it from MSFvenom ( For now I am modifying the output py file🥹 )

@0xriasaat
Update meterpreter.py
5569fc4 
FIxed a small bug
@0xriasaat
Update python.yml
42b0fbc 
fixed error for no module named
@0xriasaat
Update meterpreter.py
50c3771 
fixed an error for older Python versions
adfoster-r7
adfoster-r7 reviewed Dec 1, 2024
View reviewed changes
python/meterpreter/meterpreter.py
@@ -13,6 +13,8 @@
import threading
import time
import traceback
import requests
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I could be wrong, but I believe the Python Meterpreter payload is meant to have zero dependencies to increase the likelhood that it works in all contexts. i.e. we couldn't have import requests here in the payload and expect it to work 👀

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I see. So I just have to make it an optional feature with try or if statement, so only if socks proxy is configured then it will import request library otherwise it will use UrlLib

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

If we add proxy support, it should really work consistently without any extra dependencies, ever.
A minimum version of Python maybe, but that shouldn't be necessary here, we've just had to use that in the past for ctypes. We would also need it added to the stagers. As it is right now, this looks like it has the following requirements, none of which are probably obvious to our users.

  • The Python Meterpreter is selected
  • A HTTP(S) transport is selected (this one is consistent IIRC with the wider proxy support)
  • A stageless Meterpreter is selected
  • The target has requests installed

We should also ensure that the functionality matches the other Meterpreter implementations which IIRC don't support SOCKS, they only support HTTP and I think it's only for HTTP transports.

@adfoster-r7 adfoster-r7 mentioned this pull request Dec 1, 2024
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@adfoster-r7 adfoster-r7 adfoster-r7 left review comments

@smcintyre-r7 smcintyre-r7 smcintyre-r7 left review comments

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@0xriasaat @smcintyre-r7 @adfoster-r7