Prevent socket-like behaviours during migrate on pivoted sessions

OJ · Brent Cook · commit 5294722b96ca · 2017-09-07T01:36:24.000-05:00
diff --git a/lib/rex/post/meterpreter/client_core.rb b/lib/rex/post/meterpreter/client_core.rb
@@ -95,7 +95,6 @@ def create_named_pipe_pivot(opts)
       }
     }
 
-    # Create the migrate stager
     stager = c.new()
 
     stage_opts[:transport_config] = [stager.transport_config_reverse_named_pipe(stage_opts)]
@@ -651,7 +650,7 @@ def migrate(target_pid, writable_dir = nil, opts = {})
       # Sleep for 5 seconds to allow the full handoff, this prevents
       # the original process from stealing our loadlib requests
       ::IO.select(nil, nil, nil, 5.0)
-    else
+    elsif client.pivot_session.nil?
       # Prevent new commands from being sent while we finish migrating
       client.comm_mutex.synchronize do
         # Disable the socket request monitor

Original file line number	Diff line number	Diff line change
`@@ -95,7 +95,6 @@ def create_named_pipe_pivot(opts)`
`95`	`95`	`}`
`96`	`96`	`}`
`97`	`97`
`98`		`- # Create the migrate stager`
`99`	`98`	`stager = c.new()`
`100`	`99`
`101`	`100`	`stage_opts[:transport_config] = [stager.transport_config_reverse_named_pipe(stage_opts)]`
`@@ -651,7 +650,7 @@ def migrate(target_pid, writable_dir = nil, opts = {})`
`651`	`650`	`# Sleep for 5 seconds to allow the full handoff, this prevents`
`652`	`651`	`# the original process from stealing our loadlib requests`
`653`	`652`	`::IO.select(nil, nil, nil, 5.0)`
`654`		`- else`
	`653`	`+ elsif client.pivot_session.nil?`
`655`	`654`	`# Prevent new commands from being sent while we finish migrating`
`656`	`655`	`client.comm_mutex.synchronize do`
`657`	`656`	`# Disable the socket request monitor`