Use UUID instead of old skool URIs

OJ · OJ · commit 15313243cc99 · 2015-04-07T16:00:30.000+10:00
This uses HD's UUID stuff to generate a new URI for the transport.
Currently we don't have UUID support for TCP connections, but that's
coming.

Still do to: generation of a valid UUID for payloads that don't already
have one.
diff --git a/lib/msf/core/payload/uuid_options.rb b/lib/msf/core/payload/uuid_options.rb
@@ -2,7 +2,7 @@
 
 require 'msf/core'
 require 'msf/core/payload/uuid'
-require 'rex/payloads/meterpreter/uri_checksum.rb'
+require 'rex/payloads/meterpreter/uri_checksum'
 
 #
 # This module provides datastore option definitions and helper methods for payload modules that support UUIDs
diff --git a/lib/rex/post/meterpreter/client_core.rb b/lib/rex/post/meterpreter/client_core.rb
@@ -11,12 +11,10 @@
 # Provides methods to patch options into the metsrv stager.
 require 'rex/payloads/meterpreter/patch'
 
-# URI checksum calculation
+# URI uuid and checksum stuff
+require 'msf/core/payload/uuid'
 require 'rex/payloads/meterpreter/uri_checksum'
 
-# URI checksumming stuff
-require 'msf/core/handler/reverse_https'
-
 # certificate hash checking
 require 'rex/parser/x509_certificate'
 
@@ -51,7 +49,6 @@ class ClientCore < Extension
     'bind_tcp'      => METERPRETER_TRANSPORT_SSL
   }
 
-
   include Rex::Payloads::Meterpreter::UriChecksum
 
   #
@@ -280,9 +277,8 @@ def change_transport(opts={})
 
     # do more magic work for http(s) payloads
     unless opts[:transport].ends_with?('tcp')
-      checksum = generate_uri_checksum(URI_CHECKSUM_CONN)
-      rand = Rex::Text.rand_text_alphanumeric(16)
-      url <<  "/#{checksum}_#{rand}/"
+      sum = uri_checksum_lookup(:connect)
+      url << generate_uri_uuid(sum, client.payload_uuid) + '/'
 
       opts[:comms_timeout] ||= DEFAULT_COMMS_TIMEOUT
       request.add_tlv(TLV_TYPE_TRANS_COMMS_TIMEOUT, opts[:comms_timeout])
diff --git a/lib/rex/post/meterpreter/ui/console/command_dispatcher/core.rb b/lib/rex/post/meterpreter/ui/console/command_dispatcher/core.rb
@@ -392,11 +392,11 @@ def cmd_transport(*args)
       when '-ua'
         opts[:ua] = val
       when '-to'
-        opts[:comms_timeout] = val.to_i
+        opts[:comms_timeout] = val.to_i if val
       when '-ex'
-        opts[:session_exp] = val.to_i
+        opts[:session_exp] = val.to_i if val
       when '-p'
-        opts[:lport] = val.to_i
+        opts[:lport] = val.to_i if val
       when '-l'
         opts[:lhost] = val
       when '-t'

Original file line number	Diff line number	Diff line change
`@@ -2,7 +2,7 @@`
`2`	`2`
`3`	`3`	`require 'msf/core'`
`4`	`4`	`require 'msf/core/payload/uuid'`
`5`		`-require 'rex/payloads/meterpreter/uri_checksum.rb'`
	`5`	`+require 'rex/payloads/meterpreter/uri_checksum'`
`6`	`6`
`7`	`7`	`#`
`8`	`8`	`# This module provides datastore option definitions and helper methods for payload modules that support UUIDs`