LAND rapid7#7760, prevent duplicate UUIDs when generating Android HTTP/S payloads

bwatters-r7 · bwatters-r7 · commit 4906b8a85a4f · 2016-12-28T10:48:36.000-06:00
diff --git a/lib/msf/core/payload/android/reverse_http.rb b/lib/msf/core/payload/android/reverse_http.rb
@@ -26,6 +26,7 @@ def transport_config(opts={})
   end
 
   def generate_config(opts={})
+    opts[:uuid] ||= generate_payload_uuid
     opts[:uri] ||= luri + generate_uri(opts)
     super(opts)
   end
@@ -46,7 +47,7 @@ def generate_uri(opts={})
       raise ArgumentError, "Minimum StagerURILength is 5"
     end
 
-    generate_uri_uuid_mode(:init_java, uri_req_len)
+    generate_uri_uuid_mode(:init_java, uri_req_len, uuid: opts[:uuid])
   end
 
   #
diff --git a/lib/msf/core/payload/uuid/options.rb b/lib/msf/core/payload/uuid/options.rb
@@ -30,7 +30,7 @@ def initialize(info = {})
   # @param len [Fixnum] The length of the URI not including the leading slash, optionally nil for random
   # @return [String] A URI with a leading slash that hashes to the checksum, with an optional UUID
   #
-  def generate_uri_uuid_mode(mode,len=nil)
+  def generate_uri_uuid_mode(mode, len = nil, uuid: nil)
     sum = uri_checksum_lookup(mode)
 
     # The URI length may not have room for an embedded UUID
@@ -42,7 +42,7 @@ def generate_uri_uuid_mode(mode,len=nil)
       return "/" + generate_uri_checksum(sum, len, prefix="")
     end
 
-    uuid = generate_payload_uuid
+    uuid ||= generate_payload_uuid
     uri  = generate_uri_uuid(sum, uuid, len)
     record_payload_uuid_url(uuid, uri)
 
