Skip to content

Commit c3635e0

Browse files
committed
Land rapid7#7126, mettle 0.0.6 updates
2 parents 952c2f9 + 288b39e commit c3635e0

File tree

7 files changed

+29
-23
lines changed

7 files changed

+29
-23
lines changed

Gemfile.lock

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -16,7 +16,7 @@ PATH
1616
metasploit-model
1717
metasploit-payloads (= 1.1.13)
1818
metasploit_data_models
19-
metasploit_payloads-mettle
19+
metasploit_payloads-mettle (= 0.0.6)
2020
msgpack
2121
net-ssh
2222
network_interface
@@ -166,7 +166,7 @@ GEM
166166
postgres_ext
167167
railties (~> 4.2.6)
168168
recog (~> 2.0)
169-
metasploit_payloads-mettle (0.0.5)
169+
metasploit_payloads-mettle (0.0.6)
170170
method_source (0.8.2)
171171
mime-types (3.1)
172172
mime-types-data (~> 3.2015)

lib/rex/post/meterpreter/extensions/stdapi/sys/config.rb

Lines changed: 13 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -87,16 +87,19 @@ def getenv(var_name)
8787
#
8888
def sysinfo
8989
request = Packet.create_request('stdapi_sys_config_sysinfo')
90-
response = client.send_request(request)
91-
92-
{
93-
'Computer' => response.get_tlv_value(TLV_TYPE_COMPUTER_NAME),
94-
'OS' => response.get_tlv_value(TLV_TYPE_OS_NAME),
95-
'Architecture' => response.get_tlv_value(TLV_TYPE_ARCHITECTURE),
96-
'System Language' => response.get_tlv_value(TLV_TYPE_LANG_SYSTEM),
97-
'Domain' => response.get_tlv_value(TLV_TYPE_DOMAIN),
98-
'Logged On Users' => response.get_tlv_value(TLV_TYPE_LOGGED_ON_USER_COUNT)
99-
}
90+
if @sysinfo.nil?
91+
response = client.send_request(request)
92+
93+
@sysinfo = {
94+
'Computer' => response.get_tlv_value(TLV_TYPE_COMPUTER_NAME),
95+
'OS' => response.get_tlv_value(TLV_TYPE_OS_NAME),
96+
'Architecture' => response.get_tlv_value(TLV_TYPE_ARCHITECTURE),
97+
'System Language' => response.get_tlv_value(TLV_TYPE_LANG_SYSTEM),
98+
'Domain' => response.get_tlv_value(TLV_TYPE_DOMAIN),
99+
'Logged On Users' => response.get_tlv_value(TLV_TYPE_LOGGED_ON_USER_COUNT)
100+
}
101+
end
102+
@sysinfo
100103
end
101104

102105
#

lib/rex/post/meterpreter/extensions/stdapi/sys/process.rb

Lines changed: 4 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -224,13 +224,15 @@ def Process.get_processes
224224
response.each(TLV_TYPE_PROCESS_GROUP) { |p|
225225
arch = ""
226226

227-
pa = p.get_tlv_value( TLV_TYPE_PROCESS_ARCH )
228-
if( pa != nil )
227+
pa = p.get_tlv_value(TLV_TYPE_PROCESS_ARCH)
228+
if !pa.nil?
229229
if pa == 1 # PROCESS_ARCH_X86
230230
arch = ARCH_X86
231231
elsif pa == 2 # PROCESS_ARCH_X64
232232
arch = ARCH_X86_64
233233
end
234+
else
235+
arch = p.get_tlv_value(TLV_TYPE_PROCESS_ARCH_NAME)
234236
end
235237

236238
processes <<

lib/rex/post/meterpreter/extensions/stdapi/tlv.rb

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -156,6 +156,7 @@ module Stdapi
156156
TLV_TYPE_PROCESS_ARCH = TLV_META_TYPE_UINT | 2306
157157
TLV_TYPE_PARENT_PID = TLV_META_TYPE_UINT | 2307
158158
TLV_TYPE_PROCESS_SESSION = TLV_META_TYPE_UINT | 2308
159+
TLV_TYPE_PROCESS_ARCH_NAME = TLV_META_TYPE_STRING | 2309
159160

160161
TLV_TYPE_IMAGE_FILE = TLV_META_TYPE_STRING | 2400
161162
TLV_TYPE_IMAGE_FILE_PATH = TLV_META_TYPE_STRING | 2401

lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi/sys.rb

Lines changed: 6 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -63,11 +63,11 @@ class Console::CommandDispatcher::Stdapi::Sys
6363
# Options for the 'ps' command.
6464
#
6565
@@ps_opts = Rex::Parser::Arguments.new(
66-
"-S" => [ true, "String to search for (converts to regex)" ],
67-
"-h" => [ false, "Help menu." ],
68-
"-A" => [ true, "Filters processes on architecture (x86 or x86_64)" ],
69-
"-s" => [ false, "Show only SYSTEM processes" ],
70-
"-U" => [ true, "Filters processes on the user using the supplied RegEx" ])
66+
"-S" => [ true, "String to search for (converts to regex)" ],
67+
"-h" => [ false, "Help menu." ],
68+
"-A" => [ true, "Filters processes on architecture" ],
69+
"-s" => [ false, "Show only SYSTEM processes" ],
70+
"-U" => [ true, "Filters processes on the user using the supplied RegEx"])
7171

7272
#
7373
# Options for the 'suspend' command.
@@ -445,8 +445,7 @@ def cmd_ps(*args)
445445
searched_procs = Rex::Post::Meterpreter::Extensions::Stdapi::Sys::ProcessList.new
446446
processes.each do |proc|
447447
next if proc['arch'].nil? or proc['arch'].empty?
448-
if val.nil? or val.empty? or !(val == "x86" or val == "x86_64")
449-
print_line "You must select either x86 or x86_64"
448+
if val.nil? or val.empty?
450449
return false
451450
end
452451
searched_procs << proc if proc["arch"] == val

metasploit-framework.gemspec

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -72,7 +72,7 @@ Gem::Specification.new do |spec|
7272
# Needed for Meterpreter
7373
spec.add_runtime_dependency 'metasploit-payloads', '1.1.13'
7474
# Needed for the next-generation POSIX Meterpreter
75-
spec.add_runtime_dependency 'metasploit_payloads-mettle'
75+
spec.add_runtime_dependency 'metasploit_payloads-mettle', '0.0.6'
7676
# Needed by msfgui and other rpc components
7777
spec.add_runtime_dependency 'msgpack'
7878
# get list of network interfaces, like eth* from OS.

modules/payloads/stages/linux/armle/mettle.rb

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -5,6 +5,7 @@
55

66
require 'msf/core'
77
require 'msf/base/sessions/meterpreter_armle_linux'
8+
require 'msf/base/sessions/meterpreter_options'
89
require 'rex/elfparsey'
910

1011
module MetasploitModule
@@ -79,6 +80,6 @@ def handle_intermediate_stage(conn, payload)
7980
end
8081

8182
def generate_stage(_opts = {})
82-
MetasploitPayloads::Mettle.read('arm-linux-musleabi', 'mettle.bin')
83+
MetasploitPayloads::Mettle.read('armv5l-linux-musleabi', 'mettle.bin')
8384
end
8485
end

0 commit comments

Comments
 (0)