Rework PROXY_{HOST|PORT|TYPE|USERNAME|PASSWORD) to the new syntax

Author: HD Moore

lib/msf/core/handler/reverse_hop_http.rb

@@ -256,11 +256,11 @@ def send_new_stage
       :expiration     => datastore['SessionExpirationTimeout'],
       :comm_timeout   => datastore['SessionCommunicationTimeout'],
       :ua             => datastore['MeterpreterUserAgent'],
-      :proxyhost      => datastore['PROXY_HOST'],
-      :proxyport      => datastore['PROXY_PORT'],
-      :proxy_type     => datastore['PROXY_TYPE'],
-      :proxy_username => datastore['PROXY_USERNAME'],
-      :proxy_password => datastore['PROXY_PASSWORD']
+      :proxyhost      => datastore['PayloadProxyHost'],
+      :proxyport      => datastore['PayloadProxyPort'],
+      :proxy_type     => datastore['PayloadProxyType'],
+      :proxy_username => datastore['PayloadProxyUser'],
+      :proxy_password => datastore['PayloadProxyPass']
 
     blob = encode_stage(blob)
 

lib/msf/core/handler/reverse_http.rb

@@ -175,14 +175,14 @@ def lookup_proxy_settings
     info = {}
     return @proxy_settings if @proxy_settings
 
-    if datastore['PROXY_HOST'].to_s == ""
+    if datastore['PayloadProxyHost'].to_s == ""
       @proxy_settings = info
       return @proxy_settings
     end
 
-    info[:host] = datastore['PROXY_HOST'].to_s
-    info[:port] = (datastore['PROXY_PORT'] || 8080).to_i
-    info[:type] = datastore['PROXY_TYPE'].to_s
+    info[:host] = datastore['PayloadProxyHost'].to_s
+    info[:port] = (datastore['PayloadProxyPort'] || 8080).to_i
+    info[:type] = datastore['PayloadProxyType'].to_s
 
     uri_host = info[:host]
 
@@ -196,11 +196,11 @@ def lookup_proxy_settings
       info[:info] = "socks=#{info[:info]}"
     else
       info[:info] = "http://#{info[:info]}"
-      if datastore['PROXY_USERNAME'].to_s != ""
-        info[:username] = datastore['PROXY_USERNAME'].to_s
+      if datastore['PayloadProxyUser'].to_s != ""
+        info[:username] = datastore['PayloadProxyUser'].to_s
       end
-      if datastore['PROXY_PASSWORD'].to_s != ""
-        info[:password] = datastore['PROXY_PASSWORD'].to_s
+      if datastore['PayloadProxyPass'].to_s != ""
+        info[:password] = datastore['PayloadProxyPass'].to_s
       end
     end
 
@@ -299,11 +299,11 @@ def on_request(cli, req, obj)
           :expiration     => datastore['SessionExpirationTimeout'],
           :comm_timeout   => datastore['SessionCommunicationTimeout'],
           :ua             => datastore['MeterpreterUserAgent'],
-          :proxyhost      => datastore['PROXY_HOST'],
-          :proxyport      => datastore['PROXY_PORT'],
-          :proxy_type     => datastore['PROXY_TYPE'],
-          :proxy_username => datastore['PROXY_USERNAME'],
-          :proxy_password => datastore['PROXY_PASSWORD']
+          :proxyhost      => datastore['PayloadProxyHost'],
+          :proxyport      => datastore['PayloadProxyPort'],
+          :proxy_type     => datastore['PayloadProxyType'],
+          :proxy_username => datastore['PayloadProxyUser'],
+          :proxy_password => datastore['PayloadProxyPass']
 
         resp.body = encode_stage(blob)
 

lib/msf/core/handler/reverse_https_proxy.rb

@@ -40,11 +40,11 @@ def initialize(info = {})
       [
         OptString.new('LHOST', [ true, "The local listener hostname" ,"127.0.0.1"]),
         OptPort.new('LPORT', [ true, "The local listener port", 8443 ]),
-        OptString.new('PROXY_HOST', [true, "The proxy server's IP address", "127.0.0.1"]),
-        OptPort.new('PROXY_PORT', [true, "The proxy port to connect to", 8080 ]),
-        OptEnum.new('PROXY_TYPE', [true, 'The proxy type, HTTP or SOCKS', 'HTTP', ['HTTP', 'SOCKS']]),
-        OptString.new('PROXY_USERNAME', [ false, "An optional username for HTTP proxy authentication"]),
-        OptString.new('PROXY_PASSWORD', [ false, "An optional password for HTTP proxy authentication"])
+        OptString.new('PayloadProxyHost', [true, "The proxy server's IP address", "127.0.0.1"]),
+        OptPort.new('PayloadProxyPort', [true, "The proxy port to connect to", 8080 ]),
+        OptEnum.new('PayloadProxyType', [true, 'The proxy type, HTTP or SOCKS', 'HTTP', ['HTTP', 'SOCKS']]),
+        OptString.new('PayloadProxyUser', [ false, "An optional username for HTTP proxy authentication"]),
+        OptString.new('PayloadProxyPass', [ false, "An optional password for HTTP proxy authentication"])
       ], Msf::Handler::ReverseHttpsProxy)
 
     register_advanced_options(

modules/payloads/stagers/python/reverse_http.rb

@@ -26,8 +26,8 @@ def initialize(info = {})
 
     register_options(
       [
-        OptString.new('PROXY_HOST', [false, "The proxy server's IP address"]),
-        OptPort.new('PROXY_PORT', [true, "The proxy port to connect to", 8080 ])
+        OptString.new('PayloadProxyHost', [false, "The proxy server's IP address"]),
+        OptPort.new('PayloadProxyPort', [true, "The proxy port to connect to", 8080 ])
       ], self.class)
   end
 
@@ -52,8 +52,8 @@ def generate
     target_url << '/'
     target_url << generate_uri_checksum(Msf::Handler::ReverseHttp::URI_CHECKSUM_INITP)
 
-    proxy_host = datastore['PROXY_HOST'].to_s
-    proxy_port = datastore['PROXY_PORT'].to_i
+    proxy_host = datastore['PayloadProxyHost'].to_s
+    proxy_port = datastore['PayloadProxyPort'].to_i
 
     cmd  = "import sys\n"
     if proxy_host == ''

modules/payloads/stagers/windows/reverse_https_proxy.rb

@@ -82,8 +82,8 @@ def generate
     p[i, u.length] = u
 
     # patch proxy info
-    proxyhost = datastore['PROXY_HOST'].to_s
-    proxyport = datastore['PROXY_PORT'].to_s || "8080"
+    proxyhost = datastore['PayloadProxyHost'].to_s
+    proxyport = datastore['PayloadProxyPort'].to_s || "8080"
 
     if Rex::Socket.is_ipv6?(proxyhost)
       proxyhost = "[#{proxyhost}]"
@@ -93,7 +93,7 @@ def generate
     if proxyport == "80"
       proxyinfo = proxyhost
     end
-    if datastore['PROXY_TYPE'].to_s == 'HTTP'
+    if datastore['PayloadProxyType'].to_s == 'HTTP'
       proxyinfo = 'http://' + proxyinfo
     else #socks
       proxyinfo = 'socks=' + proxyinfo
@@ -107,34 +107,34 @@ def generate
     p[proxyloc-4] = [calloffset].pack('V')[0]
 
     # Authentication credentials have not been specified
-    if datastore['PROXY_USERNAME'].to_s == '' or
-       datastore['PROXY_PASSWORD'].to_s == '' or
-       datastore['PROXY_TYPE'].to_s     == 'SOCKS'
+    if datastore['PayloadProxyUser'].to_s == '' or
+       datastore['PayloadProxyPass'].to_s == '' or
+       datastore['PayloadProxyType'].to_s     == 'SOCKS'
 
       jmp_offset = p.index("PROXY_AUTH_STOP") + 15 - p.index("PROXY_AUTH_START")
 
       # Remove the authentication code
       p = p.gsub(/PROXY_AUTH_START(.)*PROXY_AUTH_STOP/i, "")
     else
-      username_size_diff = 14 - datastore['PROXY_USERNAME'].to_s.length
-      password_size_diff = 14 - datastore['PROXY_PASSWORD'].to_s.length
+      username_size_diff = 14 - datastore['PayloadProxyUser'].to_s.length
+      password_size_diff = 14 - datastore['PayloadProxyPass'].to_s.length
       jmp_offset =
         16 + # PROXY_AUTH_START length
         15 + # PROXY_AUTH_STOP length
-        username_size_diff + # Difference between datastore PROXY_USERNAME length  and db "PROXY_USERNAME length"
-        password_size_diff   # Same with PROXY_PASSWORD
+        username_size_diff + # Difference between datastore PayloadProxyUser length  and db "PayloadProxyUser length"
+        password_size_diff   # Same with PayloadProxyPass
 
       # Patch call offset
-      username_loc = p.index("PROXY_USERNAME")
+      username_loc = p.index("PayloadProxyUser")
       p[username_loc - 4, 4] = [15 - username_size_diff].pack("V")
-      password_loc = p.index("PROXY_PASSWORD")
+      password_loc = p.index("PayloadProxyPass")
       p[password_loc - 4, 4] = [15 - password_size_diff].pack("V")
 
       # Remove markers & change login/password
       p = p.gsub("PROXY_AUTH_START","")
       p = p.gsub("PROXY_AUTH_STOP","")
-      p = p.gsub("PROXY_USERNAME", datastore['PROXY_USERNAME'].to_s)
-      p = p.gsub("PROXY_PASSWORD", datastore['PROXY_PASSWORD'].to_s)
+      p = p.gsub("PayloadProxyUser", datastore['PayloadProxyUser'].to_s)
+      p = p.gsub("PayloadProxyPass", datastore['PayloadProxyPass'].to_s)
     end
 
     # Patch jmp dbl_get_server_host