github/metasploit-payloads
1
Fork 0
mirror of https://github.com/rapid7/metasploit-payloads synced 2024-11-20 14:39:22 +01:00
Code Releases Activity

Land #662, Fix getenv bug for missing var

Browse Source 
fix bug where env lookups not found return garbage
This commit is contained in:
Spencer McIntyre 2023-06-20 14:48:41 -04:00
commit 0404af93b6
No known key found for this signature in database
GPG Key ID: 58101BA0D0D9C987
1 changed files with 16 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

25
c/meterpreter/source/extensions/stdapi/server/sys/config/config.c
View File

@ -93,16 +93,23 @@ DWORD request_sys_config_getenv(Remote *remote, Packet *packet)
// grab the value of the variable and stick it in the response.
PWCHAR name = met_api->string.utf8_to_wchar(pEnvVarStart);
//Ensure we always have > 0 bytes even if env var doesn't exist
DWORD envlen = GetEnvironmentVariableW(name, NULL, 0) + 1;
PWCHAR wvalue = (PWCHAR)malloc(envlen * sizeof(WCHAR));
GetEnvironmentVariableW(name, wvalue, envlen);
free(name);
char* value = met_api->string.wchar_to_utf8(wvalue);
free(wvalue);
add_env_pair(response, pEnvVarStart, value);
free(value);
DWORD envlen = GetEnvironmentVariableW(name, NULL, 0);
if (envlen == 0)
dprintf("[ENV] Env var added");
{
dprintf("[ENV] Env var not found");
}
else
{
PWCHAR wvalue = (PWCHAR)malloc(envlen * sizeof(WCHAR));
GetEnvironmentVariableW(name, wvalue, envlen);
char* value = met_api->string.wchar_to_utf8(wvalue);
add_env_pair(response, pEnvVarStart, value);
free(wvalue);
free(value);
dprintf("[ENV] Env var added");
}
free(name);
}
} while (0);