Show errors on inaccessible payload files

2023-09-27 11:20:17 +01:00
parent 276b0ca53e
commit e70f356239
13 changed files with 40 additions and 17 deletions
@@ -33,7 +33,7 @@ PATH
      metasploit-concern
      metasploit-credential
      metasploit-model
-      metasploit-payloads (= 2.0.148)
+      metasploit-payloads (= 2.0.154)
      metasploit_data_models
      metasploit_payloads-mettle (= 1.0.26)
      mqtt
@@ -275,7 +275,7 @@ GEM
      activemodel (~> 7.0)
      activesupport (~> 7.0)
      railties (~> 7.0)
-    metasploit-payloads (2.0.148)
+    metasploit-payloads (2.0.154)
    metasploit_data_models (6.0.2)
      activerecord (~> 7.0)
      activesupport (~> 7.0)
@@ -80,7 +80,7 @@ metasploit-concern, 5.0.1, "New BSD"
 metasploit-credential, 6.0.5, "New BSD"
 metasploit-framework, 6.3.37, "New BSD"
 metasploit-model, 5.0.1, "New BSD"
-metasploit-payloads, 2.0.148, "3-clause (or ""modified"") BSD"
+metasploit-payloads, 2.0.154, "3-clause (or ""modified"") BSD"
 metasploit_data_models, 6.0.2, "New BSD"
 metasploit_payloads-mettle, 1.0.26, "3-clause (or ""modified"") BSD"
 method_source, 1.0.0, MIT
@@ -18,6 +18,7 @@ module Msf
    DATASTORE_FALLBACKS = 'datastore_fallbacks'
    FULLY_INTERACTIVE_SHELLS = 'fully_interactive_shells'
    MANAGER_COMMANDS = 'manager_commands'
+    METASPLOIT_PAYLOAD_WARNINGS = 'metasploit_payload_warnings'
    DEFAULTS = [
      {
        name: WRAPPED_TABLES,
@@ -39,6 +40,12 @@ module Msf
        description: 'When enabled you can consistently set username across modules, instead of setting SMBUser/FTPUser/BIND_DN/etc',
        requires_restart: true,
        default_value: true
+      }.freeze,
+      {
+        name: METASPLOIT_PAYLOAD_WARNINGS,
+        description: 'When enabled Metasploit will output warnings about missing Metasploit payloads, for instance if they were removed by antivirus etc',
+        requires_restart: true,
+        default_value: false
      }.freeze
    ].freeze

@@ -58,7 +58,7 @@ module Msf::Payload::Java
    jar = Rex::Zip::Jar.new
    jar.add_sub("metasploit") if opts[:random]
    jar.add_file("metasploit.dat", stager_config(opts))
-    jar.add_files(paths, MetasploitPayloads.path('java'))
+    jar.add_files(paths, ::MetasploitPayloads.path('java'))
    jar.build_manifest(:main_class => main_class)

    jar
@@ -188,15 +188,14 @@ module Msf::Payload::Stager
        end
      end

-      p = generate_stage(opts)
-
-      # Encode the stage if stage encoding is enabled
+      # Generate and encode the stage if stage encoding is enabled
      begin
+        p = generate_stage(opts)
        p = encode_stage(p)
-      rescue ::RuntimeError
+      rescue ::RuntimeError, ::StandardError => e
        warning_msg = "Failed to stage"
        warning_msg << " (#{conn.peerhost})"  if conn.respond_to? :peerhost
-        warning_msg << ": #{$!}"
+        warning_msg << ": #{e}"
        print_warning warning_msg
        if conn.respond_to? :close && !conn.closed?
          conn.close
@@ -364,7 +364,19 @@ class Driver < Msf::Ui::Driver

    run_single("banner") unless opts['DisableBanner']

-    av_warning_message if framework.eicar_corrupted?
+    payloads_manifest_errors = framework.features.enabled?(::Msf::FeatureManager::METASPLOIT_PAYLOAD_WARNINGS) ? ::MetasploitPayloads.manifest_errors : []
+
+    av_warning_message if (framework.eicar_corrupted? || payloads_manifest_errors.any?)
+
+    if framework.features.enabled?(::Msf::FeatureManager::METASPLOIT_PAYLOAD_WARNINGS)
+      if payloads_manifest_errors.any?
+        warn_msg = "Metasploit Payloads manifest errors:\n"
+        payloads_manifest_errors.each do |file|
+          warn_msg << "\t#{file[:path]} : #{file[:error]}\n"
+        end
+        $stderr.print(warn_msg)
+      end
+    end

    opts["Plugins"].each do |plug|
      run_single("load '#{plug}'")
@@ -363,7 +363,12 @@ class ClientCore < Extension
        # Get us to the installation root and then into data/meterpreter, where
        # the file is expected to be
        modname = "ext_server_#{mod.downcase}"
-        path = MetasploitPayloads.meterpreter_path(modname, suffix, debug: client.debug_build)
+        begin
+          path = MetasploitPayloads.meterpreter_path(modname, suffix, debug: client.debug_build)
+        rescue ::StandardError => e
+          elog(e)
+          path = nil
+        end

        if opts['ExtensionPath']
          path = ::File.expand_path(opts['ExtensionPath'])
@@ -72,7 +72,7 @@ Gem::Specification.new do |spec|
  # are needed when there's no database
  spec.add_runtime_dependency 'metasploit-model'
  # Needed for Meterpreter
-  spec.add_runtime_dependency 'metasploit-payloads', '2.0.148'
+  spec.add_runtime_dependency 'metasploit-payloads', '2.0.154'
  # Needed for the next-generation POSIX Meterpreter
  spec.add_runtime_dependency 'metasploit_payloads-mettle', '1.0.26'
  # Needed by msfgui and other rpc components
@@ -6,7 +6,7 @@

 module MetasploitModule

-  CachedSize = 7503
+  CachedSize = 7497

  include Msf::Payload::Single
  include Msf::Payload::Java
@@ -5,7 +5,7 @@

 module MetasploitModule

-  CachedSize = 5262
+  CachedSize = 5256

  include Msf::Payload::Stager
  include Msf::Payload::Java
@@ -5,7 +5,7 @@

 module MetasploitModule

-  CachedSize = 5262
+  CachedSize = 5256

  include Msf::Payload::Stager
  include Msf::Payload::Java
@@ -13,7 +13,7 @@ framework.sessions.values.map do |session|
    puts "[#{Time.now}][#{extension_name}] Starting to loading extension"
    session.core.use(extension_name)
    puts "[#{Time.now}][#{extension_name}] Loaded extension"
-  rescue ::RuntimeError
+  rescue ::RuntimeError, ::MetasploitPayloads::Error
    puts "[#{Time.now}][#{extension_name}] Failed loading"
    # noop
  end
@@ -30,7 +30,7 @@ class MetasploitModule < Msf::Post
      vprint_status("Loading extapi extension...")
      begin
        session.core.use("extapi")
-      rescue Errno::ENOENT, Rex::Post::Meterpreter::ExtensionLoadError
+      rescue Errno::ENOENT, Rex::Post::Meterpreter::ExtensionLoadError, ::MetasploitPayloads::Error
        print_status("This module is only available in a windows meterpreter session.")
        return
      end