Skip to content

Commit e13e920

Browse files
authored
Merge pull request #21656 from adfoster-r7/patch-additional-c2-errors
Resolve additional test failures for c2 branch
2 parents 069b108 + 082d99f commit e13e920

15 files changed

Lines changed: 180 additions & 62 deletions

File tree

.github/workflows/command_shell_acceptance.yml

Lines changed: 12 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -109,19 +109,22 @@ jobs:
109109
tools: none
110110

111111
- name: Install system dependencies (Windows)
112-
shell: cmd
112+
shell: pwsh
113113
if: runner.os == 'Windows'
114114
run: |
115-
REM pcap dependencies
116-
powershell -Command "[System.Net.ServicePointManager]::ServerCertificateValidationCallback = {$true} ; [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12; (New-Object System.Net.WebClient).DownloadFile('https://www.winpcap.org/install/bin/WpdPack_4_1_2.zip', 'C:\Windows\Temp\WpdPack_4_1_2.zip')"
115+
$ErrorActionPreference = 'Stop'
116+
# pcap dependencies
117+
[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12
118+
Invoke-WebRequest -Uri 'https://www.winpcap.org/install/bin/WpdPack_4_1_2.zip' -OutFile 'C:\Windows\Temp\WpdPack_4_1_2.zip' -SkipCertificateCheck
119+
$expected = 'ea799cf2f26e4afb1892938070fd2b1ca37ce5cf75fec4349247df12b784edbd'
120+
$actual = (Get-FileHash 'C:\Windows\Temp\WpdPack_4_1_2.zip' -Algorithm SHA256).Hash.ToLower()
121+
if ($actual -ne $expected) { throw "WpdPack_4_1_2.zip SHA256 mismatch: expected $expected, got $actual" }
117122
118-
choco install 7zip.installServerCertificateValidationCallback
119-
7z x "C:\Windows\Temp\WpdPack_4_1_2.zip" -o"C:\"
120-
121-
dir C:\\
123+
choco install 7zip -y --no-progress
124+
if ($LASTEXITCODE -ne 0) { throw "choco install 7zip failed with exit code $LASTEXITCODE" }
122125
123-
dir %WINDIR%
124-
type %WINDIR%\\system32\\drivers\\etc\\hosts
126+
7z x "C:\Windows\Temp\WpdPack_4_1_2.zip" -o"C:\"
127+
if ($LASTEXITCODE -ne 0) { throw "7z extraction failed with exit code $LASTEXITCODE" }
125128
126129
# The job checkout structure is:
127130
# .

.github/workflows/shared_meterpreter_acceptance.yml

Lines changed: 16 additions & 13 deletions
Original file line numberDiff line numberDiff line change
@@ -30,11 +30,11 @@ on:
3030
type: boolean
3131

3232
jobs:
33-
# Compile the Meterpreter payloads via docker if required, we can't always do this on the
34-
# host environment (i.e. for macos). So it instead gets compiled first on a linux
35-
# host, then the artifacts are copied back to the host later
33+
# Compile Java Meterpreter and prepare PHP/Python payloads via docker if required, we can't
34+
# always do this on the host environment (i.e. for macos). So it instead gets compiled first
35+
# on a linux host, then the artifacts are copied back to the host later
3636
meterpreter_compilation:
37-
name: Compile Meterpreter
37+
name: Build Meterpreter Gem (optional)
3838
runs-on: ubuntu-latest
3939
if: ${{ inputs.build_metasploit_payloads }}
4040

@@ -141,19 +141,22 @@ jobs:
141141
java-version: ${{ matrix.meterpreter.runtime_version }}
142142

143143
- name: Install system dependencies (Windows)
144-
shell: cmd
144+
shell: pwsh
145145
if: runner.os == 'Windows'
146146
run: |
147-
REM pcap dependencies
148-
powershell -Command "[System.Net.ServicePointManager]::ServerCertificateValidationCallback = {$true} ; [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12; (New-Object System.Net.WebClient).DownloadFile('https://www.winpcap.org/install/bin/WpdPack_4_1_2.zip', 'C:\Windows\Temp\WpdPack_4_1_2.zip')"
147+
$ErrorActionPreference = 'Stop'
148+
# pcap dependencies
149+
[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12
150+
Invoke-WebRequest -Uri 'https://www.winpcap.org/install/bin/WpdPack_4_1_2.zip' -OutFile 'C:\Windows\Temp\WpdPack_4_1_2.zip' -SkipCertificateCheck
151+
$expected = 'ea799cf2f26e4afb1892938070fd2b1ca37ce5cf75fec4349247df12b784edbd'
152+
$actual = (Get-FileHash 'C:\Windows\Temp\WpdPack_4_1_2.zip' -Algorithm SHA256).Hash.ToLower()
153+
if ($actual -ne $expected) { throw "WpdPack_4_1_2.zip SHA256 mismatch: expected $expected, got $actual" }
149154
150-
choco install 7zip.installServerCertificateValidationCallback
151-
7z x "C:\Windows\Temp\WpdPack_4_1_2.zip" -o"C:\"
155+
choco install 7zip -y --no-progress
156+
if ($LASTEXITCODE -ne 0) { throw "choco install 7zip failed with exit code $LASTEXITCODE" }
152157
153-
dir C:\\
154-
155-
dir %WINDIR%
156-
type %WINDIR%\\system32\\drivers\\etc\\hosts
158+
7z x "C:\Windows\Temp\WpdPack_4_1_2.zip" -o"C:\"
159+
if ($LASTEXITCODE -ne 0) { throw "7z extraction failed with exit code $LASTEXITCODE" }
157160
158161
# The job checkout structure is:
159162
# .

Gemfile.lock

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -61,9 +61,9 @@ PATH
6161
metasploit-concern
6262
metasploit-credential (>= 6.0.21)
6363
metasploit-model
64-
metasploit-payloads (= 2.0.245)
64+
metasploit-payloads (= 2.0.246.pre.7)
6565
metasploit_data_models (>= 6.0.15)
66-
metasploit_payloads-mettle (= 1.0.46)
66+
metasploit_payloads-mettle (= 1.0.48.pre.3)
6767
mqtt
6868
msgpack (~> 1.6.0)
6969
mutex_m
@@ -369,7 +369,7 @@ GEM
369369
drb
370370
mutex_m
371371
railties (>= 7.0, < 8.1)
372-
metasploit-payloads (2.0.245)
372+
metasploit-payloads (2.0.246.pre.7)
373373
metasploit_data_models (6.0.18)
374374
activerecord (>= 7.0, < 8.1)
375375
activesupport (>= 7.0, < 8.1)
@@ -383,7 +383,7 @@ GEM
383383
railties (>= 7.0, < 8.1)
384384
recog
385385
webrick
386-
metasploit_payloads-mettle (1.0.46)
386+
metasploit_payloads-mettle (1.0.48.pre.3)
387387
method_source (1.1.0)
388388
mime-types (3.7.0)
389389
logger

lib/msf/base/sessions/mettle_config.rb

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -135,7 +135,7 @@ def generate_config(opts = {})
135135
# Mettle reserves a fixed 8 KB slot in the binary for the config
136136
# block. Catch the overflow here with a useful message instead of
137137
# letting the gem's `to_binary` raise a generic "config block too
138-
# large" baked-in EXTENSIONS= is the usual culprit.
138+
# large" -- baked-in EXTENSIONS= is the usual culprit.
139139
if opts[:config_block].length > MetasploitPayloads::Mettle::CONFIG_BLOCK_MAX
140140
raise ArgumentError, "Mettle config block (#{opts[:config_block].length} bytes) exceeds the #{MetasploitPayloads::Mettle::CONFIG_BLOCK_MAX}-byte embedded slot. " \
141141
"Drop EXTENSIONS= and `load <ext>` once the session is up."

lib/msf/core/handler/reverse_http.rb

Lines changed: 5 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -287,14 +287,14 @@ def setup_handler
287287
#
288288
# * query parameter (profile: `parameter "name";`)
289289
# * request header (profile: `header "name";`)
290-
# * trailing path seg (default no placement directive)
290+
# * trailing path seg (default -- no placement directive)
291291
#
292292
# For the path case, the URI looks like `<base>/<id>`, where `<base>`
293293
# is the profile's per-verb `set uri` if defined, otherwise `LURI`
294294
# (each is registered as a separate mount point in `all_uris`).
295295
# Taking the last `/`-separated segment skips the base regardless of
296296
# which one was used. Profile authors should not put `/` in
297-
# prepend/append directives that would split the id across segments
297+
# prepend/append directives -- that would split the id across segments
298298
# and defeat this scheme.
299299
#
300300
# If the profile applied `prepend` / `append` / `base64` / `base64url`
@@ -325,7 +325,7 @@ def find_resource_id(cli, request)
325325

326326
# Reverse the prepend/append + base64 transforms the profile applied
327327
# to the id on the payload side. If a declared wrapper is missing from
328-
# the candidate, leave the candidate alone this is not a payload
328+
# the candidate, leave the candidate alone -- this is not a payload
329329
# request, and `process_uri_resource` will return nil for it.
330330
def unwrap_profile_uuid(candidate, placement)
331331
prefix = placement.prepend.map{|d| d.args[0]}.join('')
@@ -357,8 +357,8 @@ def add_response_headers(req, resp)
357357

358358
# Return the live meterpreter session whose passive dispatcher is
359359
# registered for this bare conn_id, or nil if none matches. Used so
360-
# MC2 traffic which Rex routes to on_request because the profile
361-
# URI prefix outranks the session's /<conn_id> mount can still be
360+
# MC2 traffic -- which Rex routes to on_request because the profile
361+
# URI prefix outranks the session's /<conn_id> mount -- can still be
362362
# delivered to the right session instead of triggering a fresh
363363
# "orphaned attach" on every poll.
364364
def session_for_conn_id(bare_conn_id)

lib/msf/core/payload/java/meterpreter_loader.rb

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -18,7 +18,7 @@ module Payload::Java::MeterpreterLoader
1818
include Msf::Sessions::MeterpreterOptions::Java
1919

2020
# Resource path the stageless StagelessMain bootstrap reads. Deliberately
21-
# innocuous no meterpreter/metasploit markers in the name.
21+
# innocuous -- no meterpreter/metasploit markers in the name.
2222
STAGELESS_CONFIG_RESOURCE = 'META-INF/data'.freeze
2323
STAGELESS_MAIN_CLASS = 'com.metasploit.meterpreter.StagelessMain'.freeze
2424

@@ -44,7 +44,7 @@ def stage_payload(opts={})
4444
#
4545
# When opts[:stageless] is set, returns a self-contained jar with the
4646
# TLV config embedded as a resource and Main-Class pinned to
47-
# StagelessMain ready to run under `java -jar`.
47+
# StagelessMain -- ready to run under `java -jar`.
4848
#
4949
def stage_meterpreter(opts={})
5050
met = MetasploitPayloads.read('meterpreter', 'meterpreter.jar')

lib/msf/core/payload/malleable_c2.rb

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -115,7 +115,7 @@ def tokenize(text)
115115
# blank line
116116
next
117117
elsif scanner.scan(/#[^\n]*/)
118-
# comment anchorless so it matches indented comments too
118+
# comment -- anchorless so it matches indented comments too
119119
# (the prior `\s+` rule has already eaten any leading
120120
# whitespace by the time we get here)
121121
next
@@ -450,7 +450,7 @@ def parse(file)
450450
profile.sets << parse_set
451451
elsif block_ahead?
452452
# Any `name { ... }` is a block. We keep the ones we understand
453-
# (http-get/http-post/etc.) and harmlessly retain the rest
453+
# (http-get/http-post/etc.) and harmlessly retain the rest --
454454
# unsupported CS blocks like dns-beacon/process-inject/post-ex
455455
# are parsed for structure and simply ignored by to_tlv.
456456
profile.sections << parse_section

lib/rex/proto/http/request.rb

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -219,7 +219,7 @@ def to_s
219219

220220
#
221221
# Returns a hijacked version of the body that shoves the request's query string in as a
222-
# replacement in cases where there is no body. YOLO! ¯\_(ツ)_/¯
222+
# replacement in cases where there is no body. YOLO! (shrug)
223223
#
224224
def body
225225
str = super || ''

lib/rex/proto/http/server.rb

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -294,7 +294,7 @@ def dispatch_request(cli, request)
294294
p = resources[request.resource]
295295
# This branch is reached when resource_id is nil (e.g. fetch-payload
296296
# adapters have no find_resource_id), so the matched resource is the
297-
# request resource itself not resource_id, which would nil-deref.
297+
# request resource itself -- not resource_id, which would nil-deref.
298298
len = request.resource.length
299299
root = request.resource
300300
else

metasploit-framework.gemspec

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -74,9 +74,9 @@ Gem::Specification.new do |spec|
7474
# are needed when there's no database
7575
spec.add_runtime_dependency 'metasploit-model'
7676
# Needed for Meterpreter
77-
spec.add_runtime_dependency 'metasploit-payloads', '2.0.245'
77+
spec.add_runtime_dependency 'metasploit-payloads', '2.0.246.pre.7'
7878
# Needed for the next-generation POSIX Meterpreter
79-
spec.add_runtime_dependency 'metasploit_payloads-mettle', '1.0.46'
79+
spec.add_runtime_dependency 'metasploit_payloads-mettle', '1.0.48.pre.3'
8080
# Needed by msfgui and other rpc components
8181
# Locked until build env can handle newer version. See: https://github.com/msgpack/msgpack-ruby/issues/334
8282
spec.add_runtime_dependency 'msgpack', '~> 1.6.0'

0 commit comments

Comments
 (0)