remove android meterpreter bins, update to payloads 1.0.2
This switches us to using the Android payload files from the metasploit-payloads gem
This commit is contained in:
Brent Cook
@@ -69,7 +69,10 @@ external/source/exploits/**/Release
|
||||
# the metasploit-payloads gem.
|
||||
data/meterpreter/*.dll
|
||||
data/meterpreter/*.bin
|
||||
data/meterpreter/*.jar
|
||||
data/meterpreter/*.lso
|
||||
data/android
|
||||
data/java
|
||||
|
||||
# Avoid checking in Meterpreter libs that are built from
|
||||
# private source. If you're interested in this functionality,
|
||||
|
||||
+2
-2
@@ -9,7 +9,7 @@ PATH
|
||||
json
|
||||
metasploit-concern (~> 1.0)
|
||||
metasploit-model (~> 1.0)
|
||||
metasploit-payloads (= 1.0.1)
|
||||
metasploit-payloads (= 1.0.2)
|
||||
msgpack
|
||||
nokogiri
|
||||
packetfu (= 1.1.9)
|
||||
@@ -123,7 +123,7 @@ GEM
|
||||
activemodel (>= 4.0.9, < 4.1.0)
|
||||
activesupport (>= 4.0.9, < 4.1.0)
|
||||
railties (>= 4.0.9, < 4.1.0)
|
||||
metasploit-payloads (1.0.1)
|
||||
metasploit-payloads (1.0.2)
|
||||
metasploit_data_models (1.1.0)
|
||||
activerecord (>= 4.0.9, < 4.1.0)
|
||||
activesupport (>= 4.0.9, < 4.1.0)
|
||||
|
||||
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
@@ -87,8 +87,7 @@ module Exploit::Android
|
||||
|
||||
# The NDK stager is used to launch a hidden APK
|
||||
def ndkstager(stagename, arch)
|
||||
path = ['data', 'android', 'libs', NDK_FILES[arch] || arch, 'libndkstager.so']
|
||||
data = File.read(File.join(Msf::Config::InstallRoot, *path), :mode => 'rb')
|
||||
data = MetasploitPayloads.read('android', 'libs', NDK_FILES[arch] || arch, 'libndkstager.so')
|
||||
data.gsub!('PLOAD', stagename)
|
||||
end
|
||||
|
||||
|
||||
@@ -64,7 +64,7 @@ Gem::Specification.new do |spec|
|
||||
# are needed when there's no database
|
||||
spec.add_runtime_dependency 'metasploit-model', '~> 1.0'
|
||||
# Needed for Meterpreter on Windows, soon others.
|
||||
spec.add_runtime_dependency 'metasploit-payloads', '1.0.1'
|
||||
spec.add_runtime_dependency 'metasploit-payloads', '1.0.2'
|
||||
# Needed by msfgui and other rpc components
|
||||
spec.add_runtime_dependency 'msgpack'
|
||||
# Needed by anemone crawler
|
||||
|
||||
@@ -41,7 +41,7 @@ module Metasploit3
|
||||
lurl << "/"
|
||||
lurl << generate_uri_uuid_mode(:init_java, uri_req_len)
|
||||
|
||||
classes = File.read(File.join(Msf::Config::InstallRoot, 'data', 'android', 'apk', 'classes.dex'), {:mode => 'rb'})
|
||||
classes = MetasploitPayloads.read('android', 'apk', 'classes.dex')
|
||||
string_sub(classes, 'ZZZZ' + ' ' * 512, lurl)
|
||||
apply_options(classes)
|
||||
|
||||
@@ -51,7 +51,7 @@ module Metasploit3
|
||||
[ "AndroidManifest.xml" ],
|
||||
[ "resources.arsc" ]
|
||||
]
|
||||
jar.add_files(files, File.join(Msf::Config.install_root, "data", "android", "apk"))
|
||||
jar.add_files(files, MetasploitPayloads.path("android", "apk"))
|
||||
jar.build_manifest
|
||||
|
||||
cert, key = generate_cert
|
||||
|
||||
@@ -41,7 +41,7 @@ module Metasploit3
|
||||
lurl << "/"
|
||||
lurl << generate_uri_uuid_mode(:init_java, uri_req_len)
|
||||
|
||||
classes = File.read(File.join(Msf::Config::InstallRoot, 'data', 'android', 'apk', 'classes.dex'), {:mode => 'rb'})
|
||||
classes = MetasploitPayloads.read('android', 'apk', 'classes.dex')
|
||||
string_sub(classes, 'ZZZZ' + ' ' * 512, lurl)
|
||||
|
||||
verify_cert_hash = get_ssl_cert_hash(datastore['StagerVerifySSLCert'],
|
||||
@@ -59,7 +59,7 @@ module Metasploit3
|
||||
[ "AndroidManifest.xml" ],
|
||||
[ "resources.arsc" ]
|
||||
]
|
||||
jar.add_files(files, File.join(Msf::Config.install_root, "data", "android", "apk"))
|
||||
jar.add_files(files, MetasploitPayloads.path("android", "apk"))
|
||||
jar.build_manifest
|
||||
|
||||
cert, key = generate_cert
|
||||
|
||||
@@ -31,7 +31,7 @@ module Metasploit3
|
||||
def generate_jar(opts={})
|
||||
jar = Rex::Zip::Jar.new
|
||||
|
||||
classes = File.read(File.join(Msf::Config::InstallRoot, 'data', 'android', 'apk', 'classes.dex'), {:mode => 'rb'})
|
||||
classes = MetasploitPayloads.read('android', 'apk', 'classes.dex')
|
||||
|
||||
string_sub(classes, 'XXXX127.0.0.1 ', "XXXX" + datastore['LHOST'].to_s) if datastore['LHOST']
|
||||
string_sub(classes, 'YYYY4444 ', "YYYY" + datastore['LPORT'].to_s) if datastore['LPORT']
|
||||
@@ -44,7 +44,7 @@ module Metasploit3
|
||||
[ "resources.arsc" ]
|
||||
]
|
||||
|
||||
jar.add_files(files, File.join(Msf::Config.data_directory, "android", "apk"))
|
||||
jar.add_files(files, MetasploitPayloads.path("android", "apk"))
|
||||
jar.build_manifest
|
||||
|
||||
cert, key = generate_cert
|
||||
|
||||
@@ -39,11 +39,8 @@ module Metasploit3
|
||||
def generate_stage(opts={})
|
||||
# TODO: wire the UUID into the stage
|
||||
clazz = 'androidpayload.stage.Meterpreter'
|
||||
file = File.join(Msf::Config.data_directory, "android", "metstage.jar")
|
||||
metstage = File.open(file, "rb") {|f| f.read(f.stat.size) }
|
||||
|
||||
file = File.join(Msf::Config.data_directory, "android", "meterpreter.jar")
|
||||
met = File.open(file, "rb") {|f| f.read(f.stat.size) }
|
||||
metstage = MetasploitPayloads.read("android", "metstage.jar")
|
||||
met = MetasploitPayloads.read("android", "meterpreter.jar")
|
||||
|
||||
# Name of the class to load from the stage, the actual jar to load
|
||||
# it from, and then finally the meterpreter stage
|
||||
|
||||
@@ -36,8 +36,7 @@ module Metasploit3
|
||||
#
|
||||
def generate_stage(opts={})
|
||||
clazz = 'androidpayload.stage.Shell'
|
||||
file = File.join(Msf::Config.data_directory, "android", "shell.jar")
|
||||
shell_jar = File.open(file, "rb") {|f| f.read(f.stat.size) }
|
||||
shell_jar = MetasploitPayloads.read("android", "shell.jar")
|
||||
|
||||
# Name of the class to load from the stage, and then the actual jar
|
||||
# to load it from
|
||||
|
||||
Reference in New Issue
Block a user