fix: updated warning messages, inverted is_weak_key logic

dledda-r7 · dledda-r7 · commit 1a8746f07649 · 2024-06-14T10:19:56.000-04:00
diff --git a/lib/msf/base/sessions/meterpreter.rb b/lib/msf/base/sessions/meterpreter.rb
@@ -175,8 +175,9 @@ def bootstrap(datastore = {}, handler = nil)
     end
 
     session.commands.concat(session.core.get_loaded_extension_commands('core'))
-    if session.tlv_enc_key[:is_weak_key]
-      print_warning('Meterpreter session is using a weak encryption key.')
+    if session.tlv_enc_key[:weak_key?]
+      print_warning("Meterpreter session #{session.sid} is using a weak encryption key.")
+      print_warning('Meterpreter start up operations have been aborted. Use the session at your own risk.')
       return nil
     end
     # Unhook the process prior to loading stdapi to reduce logging/inspection by any AV/PSP
diff --git a/lib/rex/post/meterpreter/client_core.rb b/lib/rex/post/meterpreter/client_core.rb
@@ -774,7 +774,7 @@ def negotiate_tlv_encryption(timeout: client.comm_timeout)
 
         if key_dec_data.length == 17 || key_dec_data.length == 33
           sym_key = key_dec_data[0, key_dec_data.length - 1]
-          is_weak_key = key_dec_data[key_dec_data.length - 1] == "\x01"
+          is_weak_key = key_dec_data[key_dec_data.length - 1] != "\x00"
         else
           sym_key = key_dec_data
         end
@@ -789,7 +789,7 @@ def negotiate_tlv_encryption(timeout: client.comm_timeout)
     {
       key:  sym_key,
       type: key_type,
-      is_weak_key: is_weak_key
+      weak_key?: is_weak_key
     }
   end
 
