Merge branch 'master' into singles_php

Author: jheysel-r7

.github/workflows/mssql_acceptance.yml …b/workflows/command_shell_acceptance.yml.github/workflows/mssql_acceptance.yml renamed to .github/workflows/command_shell_acceptance.yml .github/workflows/mssql_acceptance.yml renamed to .github/workflows/command_shell_acceptance.yml

@@ -1,3 +1,4 @@
+
 name: Acceptance
 
 # Optional, enabling concurrency limits: https://docs.github.com/en/actions/using-jobs/using-concurrency
@@ -22,6 +23,16 @@ permissions:
   statuses: none
 
 on:
+  workflow_dispatch:
+    inputs:
+      metasploitPayloadsCommit:
+        description: 'metasploit-payloads branch would like to test'
+        required: true
+        default: 'master'
+      mettleCommit:
+        description: 'mettle branch you would like to test'
+        required: true
+        default: 'master'
   push:
     branches-ignore:
       - gh-pages
@@ -32,7 +43,11 @@ on:
     paths:
       - 'metsploit-framework.gemspec'
       - 'Gemfile.lock'
-      - '**/**mssql**'
+      - 'data/templates/**'
+      - 'modules/payloads/**'
+      - 'lib/msf/core/payload/**'
+      - 'lib/msf/core/**'
+      - 'tools/dev/**'
       - 'spec/acceptance/**'
       - 'spec/support/acceptance/**'
       - 'spec/acceptance_spec_helper.rb'
@@ -42,69 +57,89 @@ on:
 #    - cron: '*/15 * * * *'
 
 jobs:
-  mssql:
-    runs-on: ${{ matrix.os }}
-    timeout-minutes: 40
-
-    services:
-      mssql:
-        image: ${{ matrix.docker_image }}
-        ports: ["1433:1433"]
-        env:
-          MSSQL_SA_PASSWORD: yourStrong(!)Password
-          ACCEPT_EULA: 'Y'
-        options: >-
-          --health-cmd "/opt/mssql-tools/bin/sqlcmd -U sa -P 'yourStrong(!)Password' -Q 'select 1' -b -o /dev/null"
-          --health-interval 10s
-          --health-timeout 5s
-          --health-retries 5
-
+  # Run all test individually, note there is a separate final job for aggregating the test results
+  test:
     strategy:
-      fail-fast: true
+      fail-fast: false
       matrix:
-        ruby:
-          - '3.2'
         os:
-          - ubuntu-latest
-        docker_image: []
-#          - mcr.microsoft.com/mssql/server:2022-latest
-#          - mcr.microsoft.com/mssql/server:2019-latest
+          - windows-2019
+          - ubuntu-20.04
+        ruby:
+          - 3.0.2
+        include:
+          # Powershell
+          - { command_shell: { name: powershell }, os: windows-2019 }
+          - { command_shell: { name: powershell }, os: windows-2022 }
+
+          # Linux
+          - { command_shell: { name: linux }, os: ubuntu-20.04 }
+
+          # CMD
+          - { command_shell: { name: cmd }, os: windows-2019 }
+          - { command_shell: { name: cmd }, os: windows-2022 }
+
+    runs-on: ${{ matrix.os }}
+
+    timeout-minutes: 50
 
     env:
       RAILS_ENV: test
-      BUNDLE_WITHOUT: "coverage development pcap"
+      HOST_RUNNER_IMAGE: ${{ matrix.os }}
+      SESSION: 'command_shell/${{ matrix.command_shell.name }}'
+      SESSION_RUNTIME_VERSION: ${{ matrix.command_shell.runtime_version }}
+      BUNDLE_WITHOUT: "coverage development"
 
-
-    name: ${{ matrix.docker_image }} - ${{ matrix.os }} - Ruby ${{ matrix.ruby }}
+    name: ${{ matrix.command_shell.name }} ${{ matrix.command_shell.runtime_version }} ${{ matrix.os }}
     steps:
-      - name: Install system dependencies
-        run: sudo apt-get install -y --no-install-recommends libpcap-dev graphviz
+      - name: Install system dependencies (Linux)
+        if: runner.os == 'Linux'
+        run: sudo apt-get -y --no-install-recommends install libpcap-dev graphviz
 
-      - name: Checkout code
+      - uses: shivammathur/setup-php@fc14643b0a99ee9db10a3c025a33d76544fa3761
+        if: ${{ matrix.command_shell.name == 'php' }}
+        with:
+          php-version: ${{ matrix.command_shell.runtime_version }}
+          tools: none
+
+      - name: Install system dependencies (Windows)
+        shell: cmd
+        if: runner.os == 'Windows'
+        run: |
+          REM pcap dependencies
+          powershell -Command "[System.Net.ServicePointManager]::ServerCertificateValidationCallback = {$true} ; [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12; (New-Object System.Net.WebClient).DownloadFile('https://www.winpcap.org/install/bin/WpdPack_4_1_2.zip', 'C:\Windows\Temp\WpdPack_4_1_2.zip')"
+
+          choco install 7zip.installServerCertificateValidationCallback
+          7z x "C:\Windows\Temp\WpdPack_4_1_2.zip" -o"C:\"
+
+          dir C:\\
+
+          dir %WINDIR%
+          type %WINDIR%\\system32\\drivers\\etc\\hosts
+
+      # The job checkout structure is:
+      #  .
+      #  └── metasploit-framework
+
+      - name: Checkout metasploit-framework code
         uses: actions/checkout@v4
+        with:
+          path: metasploit-framework
 
       - name: Setup Ruby
         env:
-          # Nokogiri doesn't release pre-compiled binaries for preview versions of Ruby; So force compilation with BUNDLE_FORCE_RUBY_PLATFORM
-          BUNDLE_FORCE_RUBY_PLATFORM: "${{ contains(matrix.ruby, 'preview') && 'true' || 'false' }}"
+          BUNDLE_FORCE_RUBY_PLATFORM: true
         uses: ruby/setup-ruby@v1
         with:
-          ruby-version: '${{ matrix.ruby }}'
+          ruby-version: ${{ matrix.ruby }}
           bundler-cache: true
+          working-directory: metasploit-framework
+          cache-version: 5
 
-      - name: Extract runtime version
-        run: |
-          echo "RUNTIME_VERSION=$(echo $DOCKER_IMAGE | awk -F: '{ print $2 }')" >> $GITHUB_ENV
-          echo "DOCKER_IMAGE_FILENAME=$(echo $DOCKER_IMAGE | tr -d '/:')" >> $GITHUB_ENV
-        env:
-          DOCKER_IMAGE: ${{ matrix.docker_image }}
-          OS: ${{ matrix.os }}
-
-      - name: acceptance
+      - name: Acceptance
         env:
           SPEC_HELPER_LOAD_METASPLOIT: false
           SPEC_OPTS: "--tag acceptance --require acceptance_spec_helper.rb --color --format documentation --format AllureRspec::RSpecFormatter"
-          RUNTIME_VERSION: ${{ env.RUNTIME_VERSION }}
         # Unix run command:
         #   SPEC_HELPER_LOAD_METASPLOIT=false bundle exec ./spec/acceptance
         # Windows cmd command:
@@ -113,21 +148,21 @@ jobs:
         # Note: rspec retry is intentionally not used, as it can cause issues with allure's reporting
         # Additionally - flakey tests should be fixed or marked as flakey instead of silently retried
         run: |
-          bundle exec rspec spec/acceptance/mssql_spec.rb
+          bundle exec rspec spec/acceptance/command_shell_spec.rb
+        working-directory: metasploit-framework
 
       - name: Archive results
         if: always()
         uses: actions/upload-artifact@v4
         with:
           # Provide a unique artifact for each matrix os, otherwise race conditions can lead to corrupt zips
-          name: ${{ env.DOCKER_IMAGE_FILENAME }}-${{ matrix.os }}
-          path: tmp/allure-raw-data
+          name: raw-data-${{ matrix.command_shell.name }}-${{ matrix.command_shell.runtime_version }}-${{ matrix.os }}
+          path: metasploit-framework/tmp/allure-raw-data
 
   # Generate a final report from the previous test results
   report:
     name: Generate report
-    needs:
-      - mssql
+    needs: test
     runs-on: ubuntu-latest
     if: always()
 
@@ -149,9 +184,6 @@ jobs:
           ruby-version: '${{ matrix.ruby }}'
           bundler-cache: true
           cache-version: 4
-          # Github actions with Ruby requires Bundler 2.2.18+
-          # https://github.com/ruby/setup-ruby/tree/d2b39ad0b52eca07d23f3aa14fdf2a3fcc1f411c#windows
-          bundler: 2.2.33
 
       - uses: actions/download-artifact@v4
         id: download

.github/workflows/ldap_acceptance.yml

@@ -130,9 +130,6 @@ jobs:
           ruby-version: '${{ matrix.ruby }}'
           bundler-cache: true
           cache-version: 4
-          # Github actions with Ruby requires Bundler 2.2.18+
-          # https://github.com/ruby/setup-ruby/tree/d2b39ad0b52eca07d23f3aa14fdf2a3fcc1f411c#windows
-          bundler: 2.2.33
 
       - uses: actions/download-artifact@v4
         id: download

.github/workflows/meterpreter_acceptance.yml

@@ -98,8 +98,8 @@ jobs:
       metasploitPayloadsCommit: ${{ github.event.inputs.metasploitPayloadsCommit || 'master' }}
       mettleCommit: ${{ github.event.inputs.mettleCommit|| 'master' }}
       HOST_RUNNER_IMAGE: ${{ matrix.os }}
-      METERPRETER: ${{ matrix.meterpreter.name }}
-      METERPRETER_RUNTIME_VERSION: ${{ matrix.meterpreter.runtime_version }}
+      SESSION: 'meterpreter/${{ matrix.meterpreter.name }}'
+      SESSION_RUNTIME_VERSION: ${{ matrix.meterpreter.runtime_version }}
       BUNDLE_WITHOUT: "coverage development"
 
     name: ${{ matrix.meterpreter.name }} ${{ matrix.meterpreter.runtime_version }} ${{ matrix.os }}
@@ -210,15 +210,15 @@ jobs:
       - name: Move mettle gem into framework
         if: ${{ matrix.meterpreter.name == 'mettle' && (contains(github.event.issue.labels.*.name, 'mettle-testing-branch')) }}
         run: |
-          cp ./mettle/pkg/metasploit_payloads-mettle-${{ env.METTLE_VERSION }}.pre.dev.gem ./metasploit-framework
+          cp ../mettle/pkg/metasploit_payloads-mettle-${{ env.METTLE_VERSION }}.pre.dev.gem .
         working-directory: metasploit-framework
 
       - name: Install mettle gem
         if: ${{ matrix.meterpreter.name == 'mettle' && (contains(github.event.issue.labels.*.name, 'payload-testing-mettle-branch')) }}
         run: |
           set -x
           bundle exec gem install metasploit_payloads-mettle-${{ env.METTLE_VERSION }}.pre.dev.gem
-          ruby -pi.bak -e "gsub(/'metasploit_payloads-mettle', '${{ env.METTLE_VERSION }}'/, '\'metasploit_payloads-mettle\', \'${{ env.METTLE_VERSION }}.pre.dev\'')" metasploit-framework.gemspec
+          ruby -pi.bak -e "gsub(/'metasploit_payloads-mettle', '.*'/, '\'metasploit_payloads-mettle\', \'${{ env.METTLE_VERSION }}.pre.dev\'')" metasploit-framework.gemspec
           bundle config unset deployment
           bundle update metasploit_payloads-mettle
           bundle install
@@ -248,7 +248,7 @@ jobs:
 
       - name: Build Windows payloads via Visual Studio 2022 Build (Windows)
         shell: cmd
-        if: ${{ (runner.os == 'Windows') && (matrix.os == 'windows-2022') && (contains(github.event.issue.labels.*.name, 'payload-testing-branch'))}}
+        if: ${{ (runner.os == 'Windows') && (matrix.os == 'windows-2022') && (contains(github.event.issue.labels.*.name, 'payload-testing-branch')) }}
         run: |
           cd c/meterpreter
           git submodule init && git submodule update

.github/workflows/mysql_acceptance.yml

@@ -146,9 +146,6 @@ jobs:
           ruby-version: '${{ matrix.ruby }}'
           bundler-cache: true
           cache-version: 4
-          # Github actions with Ruby requires Bundler 2.2.18+
-          # https://github.com/ruby/setup-ruby/tree/d2b39ad0b52eca07d23f3aa14fdf2a3fcc1f411c#windows
-          bundler: 2.2.33
 
       - uses: actions/download-artifact@v4
         id: download

.github/workflows/postgres_acceptance.yml

@@ -148,9 +148,6 @@ jobs:
           ruby-version: '${{ matrix.ruby }}'
           bundler-cache: true
           cache-version: 4
-          # Github actions with Ruby requires Bundler 2.2.18+
-          # https://github.com/ruby/setup-ruby/tree/d2b39ad0b52eca07d23f3aa14fdf2a3fcc1f411c#windows
-          bundler: 2.2.33
 
       - uses: actions/download-artifact@v4
         id: download

.github/workflows/smb_acceptance.yml

@@ -132,9 +132,6 @@ jobs:
           ruby-version: '${{ matrix.ruby }}'
           bundler-cache: true
           cache-version: 4
-          # Github actions with Ruby requires Bundler 2.2.18+
-          # https://github.com/ruby/setup-ruby/tree/d2b39ad0b52eca07d23f3aa14fdf2a3fcc1f411c#windows
-          bundler: 2.2.33
 
       - uses: actions/download-artifact@v4
         id: download

.snyk

@@ -0,0 +1,9 @@
+version: v1.25.0
+ignore: {}
+patch: {}
+exclude:
+  global:
+    # exclude unit tests which contain hard coded passwords and encrypting keys for testing purposes.
+    - spec/
+    # exclude the source code to local exploits and utilities which have to be written in a particular way to exploit the vulnerabilities that we're targeting.
+    - external/source/

Gemfile.lock

@@ -1,7 +1,7 @@
 PATH
   remote: .
   specs:
-    metasploit-framework (6.4.27)
+    metasploit-framework (6.4.28)
       aarch64
       abbrev
       actionpack (~> 7.0.0)
@@ -402,7 +402,7 @@ GEM
     reline (0.5.8)
       io-console (~> 0.5)
     require_all (3.0.0)
-    rex-arch (0.1.15)
+    rex-arch (0.1.16)
       rex-text
     rex-bin_tools (0.1.9)
       metasm
@@ -592,4 +592,4 @@ DEPENDENCIES
   yard
 
 BUNDLED WITH
-   2.1.4
+   2.5.10

data/cmd_exec/README.md

@@ -1,25 +1,29 @@
 ## Setup
 
-This contains setup steps used for acceptance testing of the `cmd_exec` API. We will make use of the gcc docker image to 
-build out the C binaries to then be uploaded to the host machine, so they can be used as part of the `cmd_exec` 
+This contains setup steps used for acceptance testing of the `cmd_exec` API. We will make use of the gcc docker image to
+build out the C binaries to then be uploaded to the host machine, so they can be used as part of the `cmd_exec`
 create process API.
 
 This directory contains:
 - C executable `show_args.c`
-This file is used as part of the `cmd_exec` testing as it requires a file to take args, then loop over them and output 
-those args back to the user.
+  This file is used as part of the `cmd_exec` testing as it requires a file to take args, then loop over them and output
+  those args back to the user.
 
 - Makefile to build the binaries `makefile.mk`
-This file is used to create the binaries for both Windows and Linux that the docker command below will make use of.
+  This file is used to create the binaries for both Windows and Linux that the docker command below will make use of.
+  This will output the following binaries:
 
-- Precompiled binaries for Windows
-  - `show_args.exe`
+  - Precompiled binary for Windows
+    - `show_args.exe`
 
-- Precompiled binaries for Linux and Mettle
-  - `show_args`
+  - Precompiled binary for Linux and Mettle
+    - `show_args`
+
+### Note
+
+You will need to compile the OSX payload separately on an OSX machine, Docker is not supported. The test assume the file
+will be named as `show_args_macos`.
 
-- Precompiled binaries for macOS
-  - `show_args_macos`
 
 ## Compile binaries locally
 
@@ -29,5 +33,3 @@ We make use of gcc for this: https://hub.docker.com/_/gcc
 ```shell
 docker run --rm -v "$PWD":/usr/src/myapp -w /usr/src/myapp gcc:11.4.0 /bin/bash -c "apt update && apt install -y gcc-mingw-w64 && make all -f makefile.mk"
 ```
-
-You will need to compile the OSX payload separately on an OSX machine, Docker is not supported.