Skip to content

Commit

Permalink
Show errors on inaccessible payload files
Browse files Browse the repository at this point in the history
  • Loading branch information
sjanusz-r7 committed Oct 2, 2023
1 parent 276b0ca commit d601648
Show file tree
Hide file tree
Showing 7 changed files with 29 additions and 11 deletions.
4 changes: 2 additions & 2 deletions Gemfile.lock
Original file line number Diff line number Diff line change
Expand Up @@ -33,7 +33,7 @@ PATH
metasploit-concern
metasploit-credential
metasploit-model
metasploit-payloads (= 2.0.148)
metasploit-payloads (= 2.0.154)
metasploit_data_models
metasploit_payloads-mettle (= 1.0.26)
mqtt
Expand Down Expand Up @@ -275,7 +275,7 @@ GEM
activemodel (~> 7.0)
activesupport (~> 7.0)
railties (~> 7.0)
metasploit-payloads (2.0.148)
metasploit-payloads (2.0.154)
metasploit_data_models (6.0.2)
activerecord (~> 7.0)
activesupport (~> 7.0)
Expand Down
2 changes: 1 addition & 1 deletion LICENSE_GEMS
Original file line number Diff line number Diff line change
Expand Up @@ -80,7 +80,7 @@ metasploit-concern, 5.0.1, "New BSD"
metasploit-credential, 6.0.5, "New BSD"
metasploit-framework, 6.3.37, "New BSD"
metasploit-model, 5.0.1, "New BSD"
metasploit-payloads, 2.0.148, "3-clause (or ""modified"") BSD"
metasploit-payloads, 2.0.154, "3-clause (or ""modified"") BSD"
metasploit_data_models, 6.0.2, "New BSD"
metasploit_payloads-mettle, 1.0.26, "3-clause (or ""modified"") BSD"
method_source, 1.0.0, MIT
Expand Down
7 changes: 7 additions & 0 deletions lib/msf/core/feature_manager.rb
Original file line number Diff line number Diff line change
Expand Up @@ -18,6 +18,7 @@ class FeatureManager
DATASTORE_FALLBACKS = 'datastore_fallbacks'
FULLY_INTERACTIVE_SHELLS = 'fully_interactive_shells'
MANAGER_COMMANDS = 'manager_commands'
METASPLOIT_PAYLOAD_WARNINGS = 'metasploit_payload_warnings'
DEFAULTS = [
{
name: WRAPPED_TABLES,
Expand All @@ -39,6 +40,12 @@ class FeatureManager
description: 'When enabled you can consistently set username across modules, instead of setting SMBUser/FTPUser/BIND_DN/etc',
requires_restart: true,
default_value: true
}.freeze,
{
name: METASPLOIT_PAYLOAD_WARNINGS,
description: 'When enabled Metasploit will output warnings about missing Metasploit payloads, for instance if they were removed by antivirus etc',
requires_restart: true,
default_value: false
}.freeze
].freeze

Expand Down
9 changes: 4 additions & 5 deletions lib/msf/core/payload/stager.rb
Original file line number Diff line number Diff line change
Expand Up @@ -188,15 +188,14 @@ def handle_connection(conn, opts={})
end
end

p = generate_stage(opts)

# Encode the stage if stage encoding is enabled
# Generate and encode the stage if stage encoding is enabled
begin
p = generate_stage(opts)
p = encode_stage(p)
rescue ::RuntimeError
rescue ::RuntimeError, ::StandardError => e
warning_msg = "Failed to stage"
warning_msg << " (#{conn.peerhost})" if conn.respond_to? :peerhost
warning_msg << ": #{$!}"
warning_msg << ": #{e}"
print_warning warning_msg
if conn.respond_to? :close && !conn.closed?
conn.close
Expand Down
14 changes: 13 additions & 1 deletion lib/msf/ui/console/driver.rb
Original file line number Diff line number Diff line change
Expand Up @@ -364,7 +364,19 @@ def on_startup(opts = {})

run_single("banner") unless opts['DisableBanner']

av_warning_message if framework.eicar_corrupted?
payloads_manifest_errors = framework.features.enabled?(::Msf::FeatureManager::METASPLOIT_PAYLOAD_WARNINGS) ? ::MetasploitPayloads.manifest_errors : []

av_warning_message if (framework.eicar_corrupted? || payloads_manifest_errors.any?)

if framework.features.enabled?(::Msf::FeatureManager::METASPLOIT_PAYLOAD_WARNINGS)
if payloads_manifest_errors.any?
warn_msg = "Metasploit Payloads manifest errors:\n"
payloads_manifest_errors.each do |file|
warn_msg << "\t#{file[:path]} : #{file[:error]}\n"
end
$stderr.print(warn_msg)
end
end

opts["Plugins"].each do |plug|
run_single("load '#{plug}'")
Expand Down
2 changes: 1 addition & 1 deletion metasploit-framework.gemspec
Original file line number Diff line number Diff line change
Expand Up @@ -72,7 +72,7 @@ Gem::Specification.new do |spec|
# are needed when there's no database
spec.add_runtime_dependency 'metasploit-model'
# Needed for Meterpreter
spec.add_runtime_dependency 'metasploit-payloads', '2.0.148'
spec.add_runtime_dependency 'metasploit-payloads', '2.0.154'
# Needed for the next-generation POSIX Meterpreter
spec.add_runtime_dependency 'metasploit_payloads-mettle', '1.0.26'
# Needed by msfgui and other rpc components
Expand Down
2 changes: 1 addition & 1 deletion test/modules/post/test/extapi.rb
Original file line number Diff line number Diff line change
Expand Up @@ -30,7 +30,7 @@ def setup
vprint_status("Loading extapi extension...")
begin
session.core.use("extapi")
rescue Errno::ENOENT, Rex::Post::Meterpreter::ExtensionLoadError
rescue Errno::ENOENT, Rex::Post::Meterpreter::ExtensionLoadError, ::MetasploitPayloads::Error
print_status("This module is only available in a windows meterpreter session.")
return
end
Expand Down

0 comments on commit d601648

Please sign in to comment.