metasploit-payloads/c/meterpreter/source/common/common_config.h

/*!
 * @file config.h
 * @brief Declarations of functions and types that define endpoint and transport configurations.
 */
#ifndef _METERPRETER_COMMON_CONFIG_H
#define _METERPRETER_COMMON_CONFIG_H

/*! @brief This is the size of the certificate hash that is validated (sha1) */
#define CERT_HASH_SIZE 20
#define URL_SIZE 512
#define UA_SIZE 256
#define UUID_SIZE 16
#define PROXY_HOST_SIZE 128
#define PROXY_USER_SIZE 64
#define PROXY_PASS_SIZE 64
#define LOG_PATH_SIZE 260 // https://docs.microsoft.com/en-us/windows/win32/fileio/maximum-file-path-limitation?tabs=cmd

typedef wchar_t CHARTYPE;

typedef CHARTYPE* STRTYPE;
typedef CHARTYPE const * CSTRTYPE;

// Make sure we byte-align based on what we're given in the structure definitions
#pragma pack(push, 1)

typedef struct _MetsrvSession
{
	union
	{
		UINT_PTR handle;
		BYTE padding[8];
	} comms_handle;                       ///! Socket/handle for communications (if there is one).
	DWORD exit_func;                      ///! Exit func identifier for when the session ends.
	int expiry;                           ///! The total number of seconds to wait before killing off the session.
	BYTE uuid[UUID_SIZE];                 ///! UUID
	BYTE session_guid[sizeof(GUID)];      ///! Current session GUID
#ifdef DEBUGTRACE
    CHARTYPE log_path[LOG_PATH_SIZE];      ///! Location to place the log file. Only set when msfconsole specifies MeterpreterDebugLogging
#endif
} MetsrvSession;

typedef struct _MetsrvTransportCommon
{
	CHARTYPE url[URL_SIZE];               ///! Transport url:  scheme://host:port/URI
	int comms_timeout;                    ///! Number of sessions to wait for a new packet.
	int retry_total;                      ///! Total seconds to retry comms for.
	int retry_wait;                       ///! Seconds to wait between reconnects.
} MetsrvTransportCommon;

typedef struct _MetsrvTransportProxy
{
	CHARTYPE hostname[PROXY_HOST_SIZE];   ///! Proxy hostname.
	CHARTYPE username[PROXY_USER_SIZE];   ///! Proxy username.
	CHARTYPE password[PROXY_PASS_SIZE];   ///! Proxy password.
} MetsrvTransportProxy;

typedef struct _MetsrvTransportHttp
{
	MetsrvTransportCommon common;
	MetsrvTransportProxy proxy;
	CHARTYPE ua[256];                     ///! User agent string.
	BYTE ssl_cert_hash[CERT_HASH_SIZE];   ///! Expected SSL certificate hash.
	CHARTYPE custom_headers[1];           ///! Custom headers to add to outbound requests (arb length, NULL terminated).
} MetsrvTransportHttp;

typedef struct _MetsrvTransportTcp
{
	MetsrvTransportCommon common;
} MetsrvTransportTcp;

typedef struct _MetsrvTransportNamedPipe
{
	MetsrvTransportCommon common;
} MetsrvTransportNamedPipe;

typedef struct _MetsrvExtension
{
	DWORD size;                           ///! Size of the extension.
	BYTE dll[1];                          ///! Array of extension bytes (will be more than 1).
} MetsrvExtension;

typedef struct _MetsrvConfig
{
	MetsrvSession session;
	MetsrvTransportCommon transports[1];  ///! Placeholder for 0 or more transports
	// Extensions will appear after this
	// After extensions, we get a list of extension initialisers
	// <name of extension>\x00<datasize><data>
	// <name of extension>\x00<datasize><data>
	// \x00
} MetsrvConfig;

// We force 64bit alignment for HANDLES and POINTERS in order
// to be cross compatible between x86 and x64 migration.
typedef struct _COMMONMIGRATECONTEXT
{
	union
	{
		HANDLE hEvent;
		BYTE bPadding1[8];
	} e;

	union
	{
		LPBYTE lpPayload;
		BYTE bPadding2[8];
	} p;
} COMMONMIGRATECONTEXT, * LPCOMMONMIGRATECONTEXT;

#pragma pack(pop)

#endif
First pass of configuration changes for multi transport This relies on some work done to the RDI repository, need to get that landed before I can get this going. 2015-04-25 11:11:29 +10:00			`/*!`
			`* @file config.h`
			`* @brief Declarations of functions and types that define endpoint and transport configurations.`
			`*/`
Begin removing the delay-load dependency The 'common' library has been removed. The only project that actually used it was metsrv, so the code that metsrv required from common is now directly compiled in as part of that project. The common folder now contains files that are importanta cross all of the projects, with a primary focus on the new "API" style function. What this means is that MetSrv has an API that it exposes through a function pointer that is passed to the extension when it's initialised. This pointer references a structure with all the API functions wired in. This means that: * Extensions don't need to know anything about metsrv at compile time. * The delay loading code can be removed, which was one of the last instances of "metsrv.dll" as a string. * Metsrv.dll no longer exports any functions. More to come. 2020-04-17 17:46:27 +10:00			`#ifndef _METERPRETER_COMMON_CONFIG_H`
			`#define _METERPRETER_COMMON_CONFIG_H`
First pass of configuration changes for multi transport This relies on some work done to the RDI repository, need to get that landed before I can get this going. 2015-04-25 11:11:29 +10:00
			`/! @brief This is the size of the certificate hash that is validated (sha1) /`
			`#define CERT_HASH_SIZE 20`
			`#define URL_SIZE 512`
			`#define UA_SIZE 256`
Begin removing the delay-load dependency The 'common' library has been removed. The only project that actually used it was metsrv, so the code that metsrv required from common is now directly compiled in as part of that project. The common folder now contains files that are importanta cross all of the projects, with a primary focus on the new "API" style function. What this means is that MetSrv has an API that it exposes through a function pointer that is passed to the extension when it's initialised. This pointer references a structure with all the API functions wired in. This means that: * Extensions don't need to know anything about metsrv at compile time. * The delay loading code can be removed, which was one of the last instances of "metsrv.dll" as a string. * Metsrv.dll no longer exports any functions. More to come. 2020-04-17 17:46:27 +10:00			`#define UUID_SIZE 16`
First pass of configuration changes for multi transport This relies on some work done to the RDI repository, need to get that landed before I can get this going. 2015-04-25 11:11:29 +10:00			`#define PROXY_HOST_SIZE 128`
			`#define PROXY_USER_SIZE 64`
			`#define PROXY_PASS_SIZE 64`
winpmem failing to compile 2022-04-06 14:21:08 +01:00			`#define LOG_PATH_SIZE 260 // https://docs.microsoft.com/en-us/windows/win32/fileio/maximum-file-path-limitation?tabs=cmd`
First pass of configuration changes for multi transport This relies on some work done to the RDI repository, need to get that landed before I can get this going. 2015-04-25 11:11:29 +10:00
			`typedef wchar_t CHARTYPE;`
delete Linux meterpreter support 2016-10-02 06:23:58 -05:00
Utilise IE configuration for proxies where possible 2015-05-13 15:46:33 +10:00			`typedef CHARTYPE* STRTYPE;`
			`typedef CHARTYPE const * CSTRTYPE;`
First pass of configuration changes for multi transport This relies on some work done to the RDI repository, need to get that landed before I can get this going. 2015-04-25 11:11:29 +10:00
Add HTTP header support for custom HTTP headers Fixes config size management issues and gets things working in both WinHTTP and WinINET 2017-08-18 16:36:33 +10:00			`// Make sure we byte-align based on what we're given in the structure definitions`
			`#pragma pack(push, 1)`

First pass of configuration changes for multi transport This relies on some work done to the RDI repository, need to get that landed before I can get this going. 2015-04-25 11:11:29 +10:00			`typedef struct _MetsrvSession`
			`{`
Begin removing the delay-load dependency The 'common' library has been removed. The only project that actually used it was metsrv, so the code that metsrv required from common is now directly compiled in as part of that project. The common folder now contains files that are importanta cross all of the projects, with a primary focus on the new "API" style function. What this means is that MetSrv has an API that it exposes through a function pointer that is passed to the extension when it's initialised. This pointer references a structure with all the API functions wired in. This means that: * Extensions don't need to know anything about metsrv at compile time. * The delay loading code can be removed, which was one of the last instances of "metsrv.dll" as a string. * Metsrv.dll no longer exports any functions. More to come. 2020-04-17 17:46:27 +10:00			`union`
			`{`
			`UINT_PTR handle;`
			`BYTE padding[8];`
Add the first pass of named pipe pivot code 2017-07-05 16:15:06 +10:00			`} comms_handle; ///! Socket/handle for communications (if there is one).`
Fix transport switching Creation of transports for switching is done a little differently now. But the transports do cycle correctly now when things fail, each with their respective retry times. 2015-04-28 11:23:37 +10:00			`DWORD exit_func; ///! Exit func identifier for when the session ends.`
First pass of configuration changes for multi transport This relies on some work done to the RDI repository, need to get that landed before I can get this going. 2015-04-25 11:11:29 +10:00			`int expiry; ///! The total number of seconds to wait before killing off the session.`
Begin removing the delay-load dependency The 'common' library has been removed. The only project that actually used it was metsrv, so the code that metsrv required from common is now directly compiled in as part of that project. The common folder now contains files that are importanta cross all of the projects, with a primary focus on the new "API" style function. What this means is that MetSrv has an API that it exposes through a function pointer that is passed to the extension when it's initialised. This pointer references a structure with all the API functions wired in. This means that: * Extensions don't need to know anything about metsrv at compile time. * The delay loading code can be removed, which was one of the last instances of "metsrv.dll" as a string. * Metsrv.dll no longer exports any functions. More to come. 2020-04-17 17:46:27 +10:00			`BYTE uuid[UUID_SIZE]; ///! UUID`
Add session GUID support to Meterpreter payloads 2017-06-05 21:15:27 +10:00			`BYTE session_guid[sizeof(GUID)]; ///! Current session GUID`
Remove debug artifacts from release build 2022-04-21 00:53:34 +01:00			`#ifdef DEBUGTRACE`
Code review changes and small refactor 2022-04-26 23:49:04 +01:00			`CHARTYPE log_path[LOG_PATH_SIZE]; ///! Location to place the log file. Only set when msfconsole specifies MeterpreterDebugLogging`
Remove debug artifacts from release build 2022-04-21 00:53:34 +01:00			`#endif`
First pass of configuration changes for multi transport This relies on some work done to the RDI repository, need to get that landed before I can get this going. 2015-04-25 11:11:29 +10:00			`} MetsrvSession;`

			`typedef struct _MetsrvTransportCommon`
			`{`
Remove guesswork and SOCKADDR persistence from remote Instead, we'll rely on the configuration block for the transport. 2015-04-28 13:50:13 +10:00			`CHARTYPE url[URL_SIZE]; ///! Transport url: scheme://host:port/URI`
First pass of configuration changes for multi transport This relies on some work done to the RDI repository, need to get that landed before I can get this going. 2015-04-25 11:11:29 +10:00			`int comms_timeout; ///! Number of sessions to wait for a new packet.`
			`int retry_total; ///! Total seconds to retry comms for.`
			`int retry_wait; ///! Seconds to wait between reconnects.`
			`} MetsrvTransportCommon;`

			`typedef struct _MetsrvTransportProxy`
			`{`
			`CHARTYPE hostname[PROXY_HOST_SIZE]; ///! Proxy hostname.`
			`CHARTYPE username[PROXY_USER_SIZE]; ///! Proxy username.`
			`CHARTYPE password[PROXY_PASS_SIZE]; ///! Proxy password.`
			`} MetsrvTransportProxy;`

			`typedef struct _MetsrvTransportHttp`
			`{`
			`MetsrvTransportCommon common;`
			`MetsrvTransportProxy proxy;`
			`CHARTYPE ua[256]; ///! User agent string.`
			`BYTE ssl_cert_hash[CERT_HASH_SIZE]; ///! Expected SSL certificate hash.`
Add HTTP header support for custom HTTP headers Fixes config size management issues and gets things working in both WinHTTP and WinINET 2017-08-18 16:36:33 +10:00			`CHARTYPE custom_headers[1]; ///! Custom headers to add to outbound requests (arb length, NULL terminated).`
First pass of configuration changes for multi transport This relies on some work done to the RDI repository, need to get that landed before I can get this going. 2015-04-25 11:11:29 +10:00			`} MetsrvTransportHttp;`

Begin removing the delay-load dependency The 'common' library has been removed. The only project that actually used it was metsrv, so the code that metsrv required from common is now directly compiled in as part of that project. The common folder now contains files that are importanta cross all of the projects, with a primary focus on the new "API" style function. What this means is that MetSrv has an API that it exposes through a function pointer that is passed to the extension when it's initialised. This pointer references a structure with all the API functions wired in. This means that: * Extensions don't need to know anything about metsrv at compile time. * The delay loading code can be removed, which was one of the last instances of "metsrv.dll" as a string. * Metsrv.dll no longer exports any functions. More to come. 2020-04-17 17:46:27 +10:00			`typedef struct _MetsrvTransportTcp`
			`{`
			`MetsrvTransportCommon common;`
			`} MetsrvTransportTcp;`

Add the first pass of named pipe pivot code 2017-07-05 16:15:06 +10:00			`typedef struct _MetsrvTransportNamedPipe`
First pass of configuration changes for multi transport This relies on some work done to the RDI repository, need to get that landed before I can get this going. 2015-04-25 11:11:29 +10:00			`{`
			`MetsrvTransportCommon common;`
Add the first pass of named pipe pivot code 2017-07-05 16:15:06 +10:00			`} MetsrvTransportNamedPipe;`
First pass of configuration changes for multi transport This relies on some work done to the RDI repository, need to get that landed before I can get this going. 2015-04-25 11:11:29 +10:00
			`typedef struct _MetsrvExtension`
			`{`
			`DWORD size; ///! Size of the extension.`
			`BYTE dll[1]; ///! Array of extension bytes (will be more than 1).`
			`} MetsrvExtension;`

			`typedef struct _MetsrvConfig`
			`{`
			`MetsrvSession session;`
			`MetsrvTransportCommon transports[1]; ///! Placeholder for 0 or more transports`
Generate config on the fly for the sake of migration Migration now works again, and supports all the transports while migrating as well. At the moment we don't have the ability to take extensions across as well, though that might come when we have fixed up the issues with stageless meterpreter. 2015-04-28 17:39:55 +10:00			`// Extensions will appear after this`
First pass of stageless initialisation script 2015-11-10 15:43:59 +10:00			`// After extensions, we get a list of extension initialisers`
Begin removing the delay-load dependency The 'common' library has been removed. The only project that actually used it was metsrv, so the code that metsrv required from common is now directly compiled in as part of that project. The common folder now contains files that are importanta cross all of the projects, with a primary focus on the new "API" style function. What this means is that MetSrv has an API that it exposes through a function pointer that is passed to the extension when it's initialised. This pointer references a structure with all the API functions wired in. This means that: * Extensions don't need to know anything about metsrv at compile time. * The delay loading code can be removed, which was one of the last instances of "metsrv.dll" as a string. * Metsrv.dll no longer exports any functions. More to come. 2020-04-17 17:46:27 +10:00			`// <name of extension>\x00<datasize><data>`
First pass of stageless initialisation script 2015-11-10 15:43:59 +10:00			`// <name of extension>\x00<datasize><data>`
			`// \x00`
First pass of configuration changes for multi transport This relies on some work done to the RDI repository, need to get that landed before I can get this going. 2015-04-25 11:11:29 +10:00			`} MetsrvConfig;`

Move migration stub code to MSF This commit changes the code so that the migration stubs are generated in MSF and are transport specific (so that we only do the work we need to). 2016-12-08 16:00:04 +10:00			`// We force 64bit alignment for HANDLES and POINTERS in order`
			`// to be cross compatible between x86 and x64 migration.`
			`typedef struct _COMMONMIGRATECONTEXT`
			`{`
			`union`
			`{`
			`HANDLE hEvent;`
			`BYTE bPadding1[8];`
			`} e;`

			`union`
			`{`
			`LPBYTE lpPayload;`
			`BYTE bPadding2[8];`
			`} p;`
Add the first pass of named pipe pivot code 2017-07-05 16:15:06 +10:00			`} COMMONMIGRATECONTEXT, * LPCOMMONMIGRATECONTEXT;`
Move migration stub code to MSF This commit changes the code so that the migration stubs are generated in MSF and are transport specific (so that we only do the work we need to). 2016-12-08 16:00:04 +10:00
Add HTTP header support for custom HTTP headers Fixes config size management issues and gets things working in both WinHTTP and WinINET 2017-08-18 16:36:33 +10:00			`#pragma pack(pop)`

First pass of configuration changes for multi transport This relies on some work done to the RDI repository, need to get that landed before I can get this going. 2015-04-25 11:11:29 +10:00			`#endif`