diff --git a/Gemfile.lock b/Gemfile.lock index e55c5c0e21..4d2254af78 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -33,7 +33,7 @@ PATH metasploit-concern metasploit-credential metasploit-model - metasploit-payloads (= 2.0.148) + metasploit-payloads (= 2.0.154) metasploit_data_models metasploit_payloads-mettle (= 1.0.26) mqtt @@ -275,7 +275,7 @@ GEM activemodel (~> 7.0) activesupport (~> 7.0) railties (~> 7.0) - metasploit-payloads (2.0.148) + metasploit-payloads (2.0.154) metasploit_data_models (6.0.2) activerecord (~> 7.0) activesupport (~> 7.0) diff --git a/LICENSE_GEMS b/LICENSE_GEMS index 425f0d8e99..263c99e81c 100644 --- a/LICENSE_GEMS +++ b/LICENSE_GEMS @@ -80,7 +80,7 @@ metasploit-concern, 5.0.1, "New BSD" metasploit-credential, 6.0.5, "New BSD" metasploit-framework, 6.3.37, "New BSD" metasploit-model, 5.0.1, "New BSD" -metasploit-payloads, 2.0.148, "3-clause (or ""modified"") BSD" +metasploit-payloads, 2.0.154, "3-clause (or ""modified"") BSD" metasploit_data_models, 6.0.2, "New BSD" metasploit_payloads-mettle, 1.0.26, "3-clause (or ""modified"") BSD" method_source, 1.0.0, MIT diff --git a/lib/msf/core/feature_manager.rb b/lib/msf/core/feature_manager.rb index 227e3e9757..baa79c1699 100644 --- a/lib/msf/core/feature_manager.rb +++ b/lib/msf/core/feature_manager.rb @@ -18,6 +18,7 @@ module Msf DATASTORE_FALLBACKS = 'datastore_fallbacks' FULLY_INTERACTIVE_SHELLS = 'fully_interactive_shells' MANAGER_COMMANDS = 'manager_commands' + METASPLOIT_PAYLOAD_WARNINGS = 'metasploit_payload_warnings' DEFAULTS = [ { name: WRAPPED_TABLES, @@ -39,6 +40,12 @@ module Msf description: 'When enabled you can consistently set username across modules, instead of setting SMBUser/FTPUser/BIND_DN/etc', requires_restart: true, default_value: true + }.freeze, + { + name: METASPLOIT_PAYLOAD_WARNINGS, + description: 'When enabled Metasploit will output warnings about missing Metasploit payloads, for instance if they were removed by antivirus etc', + requires_restart: true, + default_value: false }.freeze ].freeze diff --git a/lib/msf/core/payload/java.rb b/lib/msf/core/payload/java.rb index e9fab36a3e..466a272a4b 100644 --- a/lib/msf/core/payload/java.rb +++ b/lib/msf/core/payload/java.rb @@ -58,7 +58,7 @@ module Msf::Payload::Java jar = Rex::Zip::Jar.new jar.add_sub("metasploit") if opts[:random] jar.add_file("metasploit.dat", stager_config(opts)) - jar.add_files(paths, MetasploitPayloads.path('java')) + jar.add_files(paths, ::MetasploitPayloads.path('java')) jar.build_manifest(:main_class => main_class) jar diff --git a/lib/msf/core/payload/stager.rb b/lib/msf/core/payload/stager.rb index 01840c6cf8..354f1ad960 100644 --- a/lib/msf/core/payload/stager.rb +++ b/lib/msf/core/payload/stager.rb @@ -188,15 +188,14 @@ module Msf::Payload::Stager end end - p = generate_stage(opts) - - # Encode the stage if stage encoding is enabled + # Generate and encode the stage if stage encoding is enabled begin + p = generate_stage(opts) p = encode_stage(p) - rescue ::RuntimeError + rescue ::RuntimeError, ::StandardError => e warning_msg = "Failed to stage" warning_msg << " (#{conn.peerhost})" if conn.respond_to? :peerhost - warning_msg << ": #{$!}" + warning_msg << ": #{e}" print_warning warning_msg if conn.respond_to? :close && !conn.closed? conn.close diff --git a/lib/msf/ui/console/driver.rb b/lib/msf/ui/console/driver.rb index fd3ec84f4d..4b82016533 100644 --- a/lib/msf/ui/console/driver.rb +++ b/lib/msf/ui/console/driver.rb @@ -364,7 +364,19 @@ class Driver < Msf::Ui::Driver run_single("banner") unless opts['DisableBanner'] - av_warning_message if framework.eicar_corrupted? + payloads_manifest_errors = framework.features.enabled?(::Msf::FeatureManager::METASPLOIT_PAYLOAD_WARNINGS) ? ::MetasploitPayloads.manifest_errors : [] + + av_warning_message if (framework.eicar_corrupted? || payloads_manifest_errors.any?) + + if framework.features.enabled?(::Msf::FeatureManager::METASPLOIT_PAYLOAD_WARNINGS) + if payloads_manifest_errors.any? + warn_msg = "Metasploit Payloads manifest errors:\n" + payloads_manifest_errors.each do |file| + warn_msg << "\t#{file[:path]} : #{file[:error]}\n" + end + $stderr.print(warn_msg) + end + end opts["Plugins"].each do |plug| run_single("load '#{plug}'") diff --git a/lib/rex/post/meterpreter/client_core.rb b/lib/rex/post/meterpreter/client_core.rb index 297141b2d9..3d86d4636b 100644 --- a/lib/rex/post/meterpreter/client_core.rb +++ b/lib/rex/post/meterpreter/client_core.rb @@ -363,7 +363,12 @@ class ClientCore < Extension # Get us to the installation root and then into data/meterpreter, where # the file is expected to be modname = "ext_server_#{mod.downcase}" - path = MetasploitPayloads.meterpreter_path(modname, suffix, debug: client.debug_build) + begin + path = MetasploitPayloads.meterpreter_path(modname, suffix, debug: client.debug_build) + rescue ::StandardError => e + elog(e) + path = nil + end if opts['ExtensionPath'] path = ::File.expand_path(opts['ExtensionPath']) diff --git a/metasploit-framework.gemspec b/metasploit-framework.gemspec index ec91fba77e..4ebfc3c277 100644 --- a/metasploit-framework.gemspec +++ b/metasploit-framework.gemspec @@ -72,7 +72,7 @@ Gem::Specification.new do |spec| # are needed when there's no database spec.add_runtime_dependency 'metasploit-model' # Needed for Meterpreter - spec.add_runtime_dependency 'metasploit-payloads', '2.0.148' + spec.add_runtime_dependency 'metasploit-payloads', '2.0.154' # Needed for the next-generation POSIX Meterpreter spec.add_runtime_dependency 'metasploit_payloads-mettle', '1.0.26' # Needed by msfgui and other rpc components diff --git a/modules/payloads/singles/java/shell_reverse_tcp.rb b/modules/payloads/singles/java/shell_reverse_tcp.rb index e74ac7184b..a117c15a71 100644 --- a/modules/payloads/singles/java/shell_reverse_tcp.rb +++ b/modules/payloads/singles/java/shell_reverse_tcp.rb @@ -6,7 +6,7 @@ module MetasploitModule - CachedSize = 7503 + CachedSize = 7497 include Msf::Payload::Single include Msf::Payload::Java diff --git a/modules/payloads/stagers/java/bind_tcp.rb b/modules/payloads/stagers/java/bind_tcp.rb index 8e4c7806a4..b8d239b572 100644 --- a/modules/payloads/stagers/java/bind_tcp.rb +++ b/modules/payloads/stagers/java/bind_tcp.rb @@ -5,7 +5,7 @@ module MetasploitModule - CachedSize = 5262 + CachedSize = 5256 include Msf::Payload::Stager include Msf::Payload::Java diff --git a/modules/payloads/stagers/java/reverse_tcp.rb b/modules/payloads/stagers/java/reverse_tcp.rb index effc008285..2b8b3d7157 100644 --- a/modules/payloads/stagers/java/reverse_tcp.rb +++ b/modules/payloads/stagers/java/reverse_tcp.rb @@ -5,7 +5,7 @@ module MetasploitModule - CachedSize = 5262 + CachedSize = 5256 include Msf::Payload::Stager include Msf::Payload::Java diff --git a/scripts/resource/meterpreter_compatibility.rc b/scripts/resource/meterpreter_compatibility.rc index bef129ea4c..072cc0493e 100644 --- a/scripts/resource/meterpreter_compatibility.rc +++ b/scripts/resource/meterpreter_compatibility.rc @@ -13,7 +13,7 @@ framework.sessions.values.map do |session| puts "[#{Time.now}][#{extension_name}] Starting to loading extension" session.core.use(extension_name) puts "[#{Time.now}][#{extension_name}] Loaded extension" - rescue ::RuntimeError + rescue ::RuntimeError, ::MetasploitPayloads::Error puts "[#{Time.now}][#{extension_name}] Failed loading" # noop end diff --git a/test/modules/post/test/extapi.rb b/test/modules/post/test/extapi.rb index 3e79250974..630ece1dcb 100644 --- a/test/modules/post/test/extapi.rb +++ b/test/modules/post/test/extapi.rb @@ -30,7 +30,7 @@ class MetasploitModule < Msf::Post vprint_status("Loading extapi extension...") begin session.core.use("extapi") - rescue Errno::ENOENT, Rex::Post::Meterpreter::ExtensionLoadError + rescue Errno::ENOENT, Rex::Post::Meterpreter::ExtensionLoadError, ::MetasploitPayloads::Error print_status("This module is only available in a windows meterpreter session.") return end