Skip to content

Commit fea28a8

Browse files
OJbusterb
OJ
authored and
busterb
committed
Fix TLV defs for http headers
1 parent ea37196 commit fea28a8

File tree

2 files changed

+16
-11
lines changed

2 files changed

+16
-11
lines changed

lib/rex/post/meterpreter/client_core.rb

Lines changed: 14 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -139,15 +139,16 @@ def transport_list
139139

140140
response.each(TLV_TYPE_TRANS_GROUP) { |t|
141141
result[:transports] << {
142-
:url => t.get_tlv_value(TLV_TYPE_TRANS_URL),
143-
:comm_timeout => t.get_tlv_value(TLV_TYPE_TRANS_COMM_TIMEOUT),
144-
:retry_total => t.get_tlv_value(TLV_TYPE_TRANS_RETRY_TOTAL),
145-
:retry_wait => t.get_tlv_value(TLV_TYPE_TRANS_RETRY_WAIT),
146-
:ua => t.get_tlv_value(TLV_TYPE_TRANS_UA),
147-
:proxy_host => t.get_tlv_value(TLV_TYPE_TRANS_PROXY_HOST),
148-
:proxy_user => t.get_tlv_value(TLV_TYPE_TRANS_PROXY_USER),
149-
:proxy_pass => t.get_tlv_value(TLV_TYPE_TRANS_PROXY_PASS),
150-
:cert_hash => t.get_tlv_value(TLV_TYPE_TRANS_CERT_HASH)
142+
:url => t.get_tlv_value(TLV_TYPE_TRANS_URL),
143+
:comm_timeout => t.get_tlv_value(TLV_TYPE_TRANS_COMM_TIMEOUT),
144+
:retry_total => t.get_tlv_value(TLV_TYPE_TRANS_RETRY_TOTAL),
145+
:retry_wait => t.get_tlv_value(TLV_TYPE_TRANS_RETRY_WAIT),
146+
:ua => t.get_tlv_value(TLV_TYPE_TRANS_UA),
147+
:proxy_host => t.get_tlv_value(TLV_TYPE_TRANS_PROXY_HOST),
148+
:proxy_user => t.get_tlv_value(TLV_TYPE_TRANS_PROXY_USER),
149+
:proxy_pass => t.get_tlv_value(TLV_TYPE_TRANS_PROXY_PASS),
150+
:cert_hash => t.get_tlv_value(TLV_TYPE_TRANS_CERT_HASH),
151+
:custom_headers => t.get_tlv_value(TLV_TYPE_TRANS_HEADERS)
151152
}
152153
}
153154

@@ -555,6 +556,7 @@ def migrate(target_pid, writable_dir = nil, opts = {})
555556
# We cannot migrate into a process that we are unable to open
556557
# On linux, arch is empty even if we can access the process
557558
if client.platform == 'windows'
559+
558560
if target_process['arch'] == nil || target_process['arch'].empty?
559561
raise RuntimeError, "Cannot migrate into this process (insufficient privileges)", caller
560562
end
@@ -718,7 +720,8 @@ def negotiate_tlv_encryption
718720
# Get a reference to the currently active transport.
719721
#
720722
def get_current_transport
721-
transport_list[:transports][0]
723+
x = transport_list
724+
x[:transports][0]
722725
end
723726

724727
#
@@ -728,6 +731,7 @@ def get_current_transport
728731
def generate_migrate_stub(target_process)
729732
stub = nil
730733

734+
731735
if client.platform == 'windows' && [ARCH_X86, ARCH_X64].include?(client.arch)
732736
t = get_current_transport
733737

lib/rex/post/meterpreter/packet.rb

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -102,7 +102,8 @@ module Meterpreter
102102
TLV_TYPE_TRANS_PROXY_PASS = TLV_META_TYPE_STRING | 438
103103
TLV_TYPE_TRANS_RETRY_TOTAL = TLV_META_TYPE_UINT | 439
104104
TLV_TYPE_TRANS_RETRY_WAIT = TLV_META_TYPE_UINT | 440
105-
TLV_TYPE_TRANS_GROUP = TLV_META_TYPE_GROUP | 441
105+
TLV_TYPE_TRANS_HEADERS = TLV_META_TYPE_STRING | 441
106+
TLV_TYPE_TRANS_GROUP = TLV_META_TYPE_GROUP | 442
106107

107108
TLV_TYPE_MACHINE_ID = TLV_META_TYPE_STRING | 460
108109
TLV_TYPE_UUID = TLV_META_TYPE_RAW | 461

0 commit comments

Comments
 (0)