Add TLV_TYPE_FILE_HASH

timwr · timwr · commit d3ba84b378cd · 2015-05-10T14:18:16.000+01:00
diff --git a/data/meterpreter/ext_server_stdapi.php b/data/meterpreter/ext_server_stdapi.php
@@ -19,6 +19,7 @@
 define("TLV_TYPE_FILE_PATH",           TLV_META_TYPE_STRING  | 1202);
 define("TLV_TYPE_FILE_MODE",           TLV_META_TYPE_STRING  | 1203);
 define("TLV_TYPE_FILE_SIZE",           TLV_META_TYPE_UINT    | 1204);
+define("TLV_TYPE_FILE_HASH",           TLV_META_TYPE_RAW     | 1206);
 
 define("TLV_TYPE_STAT_BUF",            TLV_META_TYPE_COMPLEX | 1220);
 
@@ -533,8 +534,7 @@ function stdapi_fs_md5($req, &$pkt) {
         $md5 = md5(file_get_contents($path));
     }
     $md5 = pack("H*", $md5);
-    # Ghetto abuse of file name type to indicate the md5 result
-    packet_add_tlv($pkt, create_tlv(TLV_TYPE_FILE_NAME, $md5));
+    packet_add_tlv($pkt, create_tlv(TLV_TYPE_FILE_HASH, $md5));
     return ERROR_SUCCESS;
 }
 }
@@ -552,8 +552,7 @@ function stdapi_fs_sha1($req, &$pkt) {
         $sha1 = sha1(file_get_contents($path));
     }
     $sha1 = pack("H*", $sha1);
-    # Ghetto abuse of file name type to indicate the sha1 result
-    packet_add_tlv($pkt, create_tlv(TLV_TYPE_FILE_NAME, $sha1));
+    packet_add_tlv($pkt, create_tlv(TLV_TYPE_FILE_HASH, $sha1));
     return ERROR_SUCCESS;
 }
 }
diff --git a/data/meterpreter/ext_server_stdapi.py b/data/meterpreter/ext_server_stdapi.py
@@ -307,6 +307,7 @@ class RTATTR(ctypes.Structure):
 TLV_TYPE_FILE_PATH             = TLV_META_TYPE_STRING  | 1202
 TLV_TYPE_FILE_MODE             = TLV_META_TYPE_STRING  | 1203
 TLV_TYPE_FILE_SIZE             = TLV_META_TYPE_UINT    | 1204
+TLV_TYPE_FILE_HASH             = TLV_META_TYPE_RAW     | 1206
 
 TLV_TYPE_STAT_BUF              = TLV_META_TYPE_COMPLEX | 1220
 
@@ -1011,7 +1012,7 @@ def stdapi_fs_md5(request, response):
 		m = md5.new()
 	path = packet_get_tlv(request, TLV_TYPE_FILE_PATH)['value']
 	m.update(open(path, 'rb').read())
-	response += tlv_pack(TLV_TYPE_FILE_NAME, m.digest())
+	response += tlv_pack(TLV_TYPE_FILE_HASH, m.digest())
 	return ERROR_SUCCESS, response
 
 @meterpreter.register_function
@@ -1061,7 +1062,7 @@ def stdapi_fs_sha1(request, response):
 		m = sha.new()
 	path = packet_get_tlv(request, TLV_TYPE_FILE_PATH)['value']
 	m.update(open(path, 'rb').read())
-	response += tlv_pack(TLV_TYPE_FILE_NAME, m.digest())
+	response += tlv_pack(TLV_TYPE_FILE_HASH, m.digest())
 	return ERROR_SUCCESS, response
 
 @meterpreter.register_function
diff --git a/lib/rex/post/meterpreter/extensions/stdapi/fs/file.rb b/lib/rex/post/meterpreter/extensions/stdapi/fs/file.rb
@@ -152,8 +152,7 @@ def File.md5(path)
 
     response = client.send_request(request)
 
-    # This is not really a file name, but a raw hash in bytes
-    return response.get_tlv_value(TLV_TYPE_FILE_NAME)
+    return response.get_tlv_value(TLV_TYPE_FILE_HASH)
   end
 
   #
@@ -166,8 +165,7 @@ def File.sha1(path)
 
     response = client.send_request(request)
 
-    # This is not really a file name, but a raw hash in bytes
-    return response.get_tlv_value(TLV_TYPE_FILE_NAME)
+    return response.get_tlv_value(TLV_TYPE_FILE_HASH)
   end
 
   #
diff --git a/lib/rex/post/meterpreter/extensions/stdapi/tlv.rb b/lib/rex/post/meterpreter/extensions/stdapi/tlv.rb
@@ -30,6 +30,7 @@ module Stdapi
 TLV_TYPE_FILE_MODE          = TLV_META_TYPE_STRING  | 1203
 TLV_TYPE_FILE_SIZE          = TLV_META_TYPE_UINT    | 1204
 TLV_TYPE_FILE_SHORT_NAME    = TLV_META_TYPE_STRING  | 1205
+TLV_TYPE_FILE_HASH          = TLV_META_TYPE_RAW     | 1206
 
 TLV_TYPE_STAT_BUF           = TLV_META_TYPE_COMPLEX | 1220
 

Original file line number	Diff line number	Diff line change
`@@ -19,6 +19,7 @@`
`19`	`19`	`define("TLV_TYPE_FILE_PATH", TLV_META_TYPE_STRING \| 1202);`
`20`	`20`	`define("TLV_TYPE_FILE_MODE", TLV_META_TYPE_STRING \| 1203);`
`21`	`21`	`define("TLV_TYPE_FILE_SIZE", TLV_META_TYPE_UINT \| 1204);`
	`22`	`+define("TLV_TYPE_FILE_HASH", TLV_META_TYPE_RAW \| 1206);`
`22`	`23`
`23`	`24`	`define("TLV_TYPE_STAT_BUF", TLV_META_TYPE_COMPLEX \| 1220);`
`24`	`25`
`@@ -533,8 +534,7 @@ function stdapi_fs_md5($req, &$pkt) {`
`533`	`534`	`$md5 = md5(file_get_contents($path));`
`534`	`535`	`}`
`535`	`536`	`$md5 = pack("H*", $md5);`
`536`		`- # Ghetto abuse of file name type to indicate the md5 result`
`537`		`- packet_add_tlv($pkt, create_tlv(TLV_TYPE_FILE_NAME, $md5));`
	`537`	`+ packet_add_tlv($pkt, create_tlv(TLV_TYPE_FILE_HASH, $md5));`
`538`	`538`	`return ERROR_SUCCESS;`
`539`	`539`	`}`
`540`	`540`	`}`
`@@ -552,8 +552,7 @@ function stdapi_fs_sha1($req, &$pkt) {`
`552`	`552`	`$sha1 = sha1(file_get_contents($path));`
`553`	`553`	`}`
`554`	`554`	`$sha1 = pack("H*", $sha1);`
`555`		`- # Ghetto abuse of file name type to indicate the sha1 result`
`556`		`- packet_add_tlv($pkt, create_tlv(TLV_TYPE_FILE_NAME, $sha1));`
	`555`	`+ packet_add_tlv($pkt, create_tlv(TLV_TYPE_FILE_HASH, $sha1));`
`557`	`556`	`return ERROR_SUCCESS;`
`558`	`557`	`}`
`559`	`558`	`}`
Original file line number	Diff line number	Diff line change
`@@ -152,8 +152,7 @@ def File.md5(path)`
`152`	`152`
`153`	`153`	`response = client.send_request(request)`
`154`	`154`
`155`		`- # This is not really a file name, but a raw hash in bytes`
`156`		`- return response.get_tlv_value(TLV_TYPE_FILE_NAME)`
	`155`	`+ return response.get_tlv_value(TLV_TYPE_FILE_HASH)`
`157`	`156`	`end`
`158`	`157`
`159`	`158`	`#`
`@@ -166,8 +165,7 @@ def File.sha1(path)`
`166`	`165`
`167`	`166`	`response = client.send_request(request)`
`168`	`167`
`169`		`- # This is not really a file name, but a raw hash in bytes`
`170`		`- return response.get_tlv_value(TLV_TYPE_FILE_NAME)`
	`168`	`+ return response.get_tlv_value(TLV_TYPE_FILE_HASH)`
`171`	`169`	`end`
`172`	`170`
`173`	`171`	`#`