Kinda almost sorta working for metsrv

c/meterpreter/Makefile

@@ -0,0 +1,17 @@
+all: meterpreter
+
+clean: meterpreter-x64-clean
+	@rm -rf workspace/build && rm -rf output/*.dll
+
+meterpreter: meterpreter-x64
+
+meterpreter-x64: meterpreter-x64-gen meterpreter-x64-build
+
+meterpreter-x64-gen:
+	cmake -G 'Unix Makefiles' -S workspace -B workspace/build/mingw-x64 -Wno-dev -DBUILD_SNIFFER=NO -DBUILD_ARCH=x64 -DSTATIC_LINKAGE=ON -DUSE_STATIC_MSVC_RUNTIMES=ON -DDBGTRACE=ON
+
+meterpreter-x64-build:
+	cmake --build workspace/build/mingw-x64 --config Release
+
+meterpreter-x64-clean:
+	@rm -rf workspace/build/mingw-x64

c/meterpreter/source/common/common.h

@@ -29,6 +29,18 @@
 #define dwMeterpreterArch PROCESS_ARCH_X86
 #endif
 
+#ifdef __MINGW32__
+#define ERROR_UNSUPPORTED_COMPRESSION    618L
+#define __try
+#define __except(x) if(0)
+
+#undef GetExceptionCode
+#define GetExceptionCode() 0
+
+#undef GetExceptionInformation
+#define GetExceptionInformation() NULL
+#endif
+
 typedef struct __UNICODE_STRING
 {
 	USHORT Length;

c/meterpreter/source/common/common_remote.h

@@ -29,15 +29,15 @@ typedef UINT_PTR(*PTransportGetHandle)(Transport* transport);
 typedef DWORD(*PTransportGetConfigSize)(Transport* transport);
 typedef void(*PTransportSetHandle)(Transport* transport, UINT_PTR handle);
 typedef void(*PTransportReset)(Transport* transport, BOOL shuttingDown);
-typedef BOOL(*PTransportInit)(Transport* transport);
-typedef BOOL(*PTransportDeinit)(Transport* transport);
+typedef DWORD(*PTransportInit)(Transport* transport);
+typedef DWORD(*PTransportDeinit)(Transport* transport);
 typedef void(*PTransportDestroy)(Transport* transport);
 typedef DWORD(*PTransportGetMigrateContext)(Transport* transport, DWORD targetProcessId, HANDLE targetProcessHandle, LPDWORD contextSize, LPBYTE* contextBuffer);
 typedef Transport*(*PTransportCreate)(Remote* remote, MetsrvTransportCommon* config, LPDWORD size);
 typedef void(*PTransportRemove)(Remote* remote, Transport* oldTransport);
 typedef void(*PConfigCreate)(Remote* remote, LPBYTE uuid, MetsrvConfig** config, LPDWORD size);
 
-typedef BOOL(*PServerDispatch)(Remote* remote, THREAD* dispatchThread);
+typedef DWORD(*PServerDispatch)(Remote* remote, THREAD* dispatchThread);
 typedef DWORD(*PPacketTransmit)(Remote* remote, LPBYTE rawPacket, DWORD rawPacketLength);
 
 typedef HANDLE(*PCreateHttpRequest)(HttpTransportContext* ctx, BOOL isGet, const char* direction);

c/meterpreter/source/common/common_thread.h

@@ -13,7 +13,8 @@ typedef struct _EVENT
 
 #define THREADCALL __stdcall
 
-typedef DWORD (THREADCALL * THREADFUNK)(struct _THREAD * thread);
+typedef struct _THREAD THREAD, *LPTHREAD;
+typedef DWORD (THREADCALL * THREADFUNK)(LPTHREAD thread);
 
 struct _THREAD
 {
@@ -26,6 +27,5 @@ struct _THREAD
 	LPVOID parameter3;
 };
 
-typedef struct _THREAD THREAD, * LPTHREAD;
 
 #endif

c/meterpreter/source/jpeg-8/configure

@@ -1,4 +1,4 @@
-#! /bin/sh
+#!/bin/bash
 # Guess values for system-dependent variables and create Makefiles.
 # Generated by GNU Autoconf 2.65 for libjpeg 8.0.
 #

c/meterpreter/source/metsrv/base_dispatch.c

@@ -565,7 +565,7 @@ BOOL remote_request_core_migrate(Remote * remote, Packet * packet, DWORD* pResul
 
 			if (LookupPrivilegeValue(NULL, SE_DEBUG_NAME, &priv.Privileges[0].Luid))
 			{
-				if (AdjustTokenPrivileges(hToken, FALSE, &priv, 0, NULL, NULL));
+				if (AdjustTokenPrivileges(hToken, FALSE, &priv, 0, NULL, NULL))
 				{
 					dprintf("[MIGRATE] Got SeDebugPrivilege!");
 				}

c/meterpreter/source/metsrv/base_inject.c

@@ -2,7 +2,7 @@
 #include "base_inject.h"
 #include "remote_thread.h"
 #include "../../ReflectiveDLLInjection/inject/src/LoadLibraryR.h"
-#include <Tlhelp32.h>
+#include <tlhelp32.h>
 
 // see '/msf3/external/source/shellcode/x86/migrate/executex64.asm'
 // 03.06.2017: fixed an elusive bug on AMD CPUs, http://blog.rewolf.pl/blog/?p=1484
@@ -539,7 +539,7 @@ DWORD inject_dll( DWORD dwPid, LPVOID lpDllBuffer, DWORD dwDllLength, LPCSTR ref
 			BREAK_ON_ERROR( "[INJECT] inject_dll. WriteProcessMemory 2 failed" ); 
 
 		// add the offset to ReflectiveLoader() to the remote library address...
-		lpReflectiveLoader = (LPVOID)( (DWORD)lpRemoteLibraryBuffer + (DWORD)dwReflectiveLoaderOffset );
+		lpReflectiveLoader = (LPVOID)(DWORD_PTR)((DWORD)lpRemoteLibraryBuffer + (DWORD)dwReflectiveLoaderOffset);
 	
 		// First we try to inject by directly creating a remote thread in the target process
 		if( inject_via_remotethread( NULL, NULL, hProcess, dwMeterpreterArch, lpReflectiveLoader, lpRemoteCommandLine ) != ERROR_SUCCESS )

c/meterpreter/source/metsrv/core.c

@@ -83,7 +83,7 @@ VOID core_update_desktop(Remote * remote, DWORD dwSessionID, char * cpStationNam
 		temp_session = remote->curr_sess_id;
 
 		// A session id of -1 resets the state back to the servers real session id
-		if (dwSessionID = -1)
+		if (-1 == dwSessionID)
 		{
 			dwSessionID = remote->orig_sess_id;
 		}

c/meterpreter/source/metsrv/libloader.c

@@ -104,8 +104,8 @@ typedef struct _SHELLCODE_CTX {
 	/* Global offset */
 	DWORD				offset;
 	/* Allocated memory sections */
-	DWORD				file_address;
-	DWORD				mapped_address;
+	DWORD_PTR file_address;
+	DWORD_PTR mapped_address;
 	DWORD				size_map;
 
 	/* Hook stub functions */
@@ -333,7 +333,7 @@ void patch_function(SHELLCODE_CTX *ctx, UINT_PTR address, unsigned char *stub,
 	bytes = 5;
 
 	/* Create the stub */
-	WriteProcessMemory((HANDLE)-1, stub, (char *)address,
+	WriteProcessMemory((HANDLE)-1, stub, (LPVOID)address,
 		bytes, &written);
 	*(PBYTE)(stub + bytes) = 0xE9;
 	*(DWORD *)(stub + bytes + 1) = (DWORD)address - ((DWORD)stub + 5);
@@ -342,7 +342,7 @@ void patch_function(SHELLCODE_CTX *ctx, UINT_PTR address, unsigned char *stub,
 	/* Patch original function */
 
 	/* Fix protection */
-	VirtualQuery((char *)address, &mbi_thunk,
+	VirtualQuery((LPVOID)address, &mbi_thunk,
 		sizeof(MEMORY_BASIC_INFORMATION));
 	VirtualProtect(mbi_thunk.BaseAddress, mbi_thunk.RegionSize,
 		PAGE_EXECUTE_READWRITE, &mbi_thunk.Protect);
@@ -424,7 +424,7 @@ void install_hooks(SHELLCODE_CTX *ctx)
 }
 
 /* Restore given function */
-void restore_function(SHELLCODE_CTX *ctx, DWORD address, unsigned char *stub)
+void restore_function(SHELLCODE_CTX *ctx, DWORD_PTR address, unsigned char *stub)
 {
 	DWORD				protect;
 	ULONG 				bytes;
@@ -436,13 +436,13 @@ void restore_function(SHELLCODE_CTX *ctx, DWORD address, unsigned char *stub)
 	/* Patch original function */
 
 	/* Fix protection */
-	VirtualQuery((char *)address, &mbi_thunk,
+	VirtualQuery((LPVOID)address, &mbi_thunk,
 		sizeof(MEMORY_BASIC_INFORMATION));
 	VirtualProtect(mbi_thunk.BaseAddress, mbi_thunk.RegionSize,
 		PAGE_EXECUTE_READWRITE, &mbi_thunk.Protect);
 
 	/* Copy bytes back to function */
-	WriteProcessMemory((HANDLE)-1, (char *)address, stub,
+	WriteProcessMemory((HANDLE)-1, (LPVOID)address, stub,
 		bytes, &written);
 
 	/* Restore protection */
@@ -477,24 +477,24 @@ void remove_hooks(SHELLCODE_CTX *ctx)
 	lNtClose = (f_NtClose)GetProcAddress(ntdll, "NtClose");
 
 	/* NtMapViewOfSection */
-	restore_function(ctx, (DWORD)lNtMapViewOfSection,
+	restore_function(ctx, (DWORD_PTR)lNtMapViewOfSection,
 		ctx->s_NtMapViewOfSection);
 
 	/* NtQueryAttributesFile */
-	restore_function(ctx, (DWORD)lNtQueryAttributesFile,
+	restore_function(ctx, (DWORD_PTR)lNtQueryAttributesFile,
 		 ctx->s_NtQueryAttributesFile);
 
 	/* NtOpenFile */
-	restore_function(ctx, (DWORD)lNtOpenFile, ctx->s_NtOpenFile);
+	restore_function(ctx, (DWORD_PTR)lNtOpenFile, ctx->s_NtOpenFile);
 
 	/* NtCreateSection */
-	restore_function(ctx, (DWORD)lNtCreateSection, ctx->s_NtCreateSection);
+	restore_function(ctx, (DWORD_PTR)lNtCreateSection, ctx->s_NtCreateSection);
 
 	/* NtOpenSection */
-	restore_function(ctx, (DWORD)lNtOpenSection, ctx->s_NtOpenSection);
+	restore_function(ctx, (DWORD_PTR)lNtOpenSection, ctx->s_NtOpenSection);
 
 	/* NtClose */
-	restore_function(ctx, (DWORD)lNtClose, ctx->s_NtClose);
+	restore_function(ctx, (DWORD_PTR)lNtClose, ctx->s_NtClose);
 }
 
 /* Map file in memory as section */
@@ -593,7 +593,7 @@ HMODULE libloader_load_library(LPCSTR name, PUCHAR buffer, DWORD bufferLength)
 		ctx->liblen = (int)strlen(ctx->libname) + 1;
 
 		// The address of the raw buffer
-		ctx->file_address = (DWORD)buffer;
+		ctx->file_address = (DWORD_PTR)buffer;
 
 		// Map the buffer into memory
 		map_file(ctx);

c/meterpreter/source/metsrv/metsrv.c

@@ -132,5 +132,5 @@ VOID rand_xor_key(BYTE buffer[4])
 
 BOOL is_null_guid(BYTE guid[sizeof(GUID)])
 {
-	return memcmp(guid, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", sizeof(guid)) == 0 ? TRUE : FALSE;
-}
+	return memcmp(guid, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", sizeof(GUID)) == 0 ? TRUE : FALSE;
+}

c/meterpreter/source/metsrv/packet_encryption.h

@@ -1,7 +1,7 @@
 #ifndef _METERPRETER_METSRV_PACKET_ENCRYPTION_H
 #define _METERPRETER_METSRV_PACKET_ENCRYPTION_H
 
-#include <Windows.h>
+#include <windows.h>
 
 #define AES256_BLOCKSIZE 16
 #define ENC_FLAG_NONE   0x0

c/meterpreter/source/metsrv/server_pivot_named_pipe.c

@@ -2,8 +2,8 @@
 #include "server_pivot_named_pipe.h"
 #include "packet_encryption.h"
 
-#include <AccCtrl.h>
-#include <AclApi.h>
+#include <accctrl.h>
+#include <aclapi.h>
 
 #define PIPE_NAME_SIZE 256
 #define PIPE_BUFFER_SIZE 0x10000

c/meterpreter/source/metsrv/server_transport_named_pipe.c

@@ -101,7 +101,7 @@ static DWORD packet_receive_named_pipe(Remote *remote, Packet **packet)
 {
 	DWORD headerBytes = 0, payloadBytesLeft = 0, res;
 	PacketHeader header = { 0 };
-	LONG bytesRead;
+	DWORD bytesRead;
 	BOOL inHeader = TRUE;
 	PUCHAR packetBuffer = NULL;
 	PUCHAR payload = NULL;
@@ -156,7 +156,7 @@ static DWORD packet_receive_named_pipe(Remote *remote, Packet **packet)
 		dprintf("[PIPE] discovered a length header, assuming it's metsrv of length %d", length);
 
 		int bytesToRead = length - sizeof(PacketHeader) + sizeof(DWORD);
-		char* buffer = (char*)malloc(bytesToRead);
+		BYTE* buffer = (BYTE*)malloc(bytesToRead);
 		read_raw_bytes_to_buffer(ctx, buffer, bytesToRead, &bytesRead);
 		free(buffer);
 
@@ -466,7 +466,7 @@ static HANDLE bind_named_pipe(wchar_t *pipe_name, TimeoutSettings *timeouts)
  * @param transport Pointer to the transport instance.
  * @return Indication of success or failure.
  */
-static BOOL configure_named_pipe_connection(Transport* transport)
+static DWORD configure_named_pipe_connection(Transport* transport)
 {
 	DWORD result = ERROR_SUCCESS;
 	wchar_t tempUrl[512];
@@ -545,7 +545,7 @@ static BOOL configure_named_pipe_connection(Transport* transport)
 	if (ctx->pipe == INVALID_HANDLE_VALUE)
 	{
 		dprintf("[SERVER] Something went wrong");
-		return FALSE;
+		return ERROR_INVALID_PARAMETER;
 	}
 
 	dprintf("[SERVER] Looking good, FORWARD!");
@@ -555,7 +555,7 @@ static BOOL configure_named_pipe_connection(Transport* transport)
 
 	transport->comms_last_packet = current_unix_timestamp();
 
-	return TRUE;
+	return result;
 }
 
 /*!

c/meterpreter/source/metsrv/server_transport_tcp.c

@@ -308,7 +308,7 @@ static DWORD packet_receive(Remote *remote, Packet **packet)
 	DWORD headerBytes = 0, payloadBytesLeft = 0, res;
 	Packet *localPacket = NULL;
 	PacketHeader header = { 0 };
-	LONG bytesRead;
+	DWORD bytesRead;
 	BOOL inHeader = TRUE;
 	PUCHAR packetBuffer = NULL;
 	ULONG payloadLength;
@@ -320,7 +320,7 @@ static DWORD packet_receive(Remote *remote, Packet **packet)
 	// Read the packet length
 	while (inHeader)
 	{
-		if ((bytesRead = recv(ctx->fd, ((PUCHAR)&header + headerBytes), sizeof(PacketHeader)-headerBytes, 0)) <= 0)
+		if ((bytesRead = recv(ctx->fd, ((PCHAR)&header + headerBytes), sizeof(PacketHeader)-headerBytes, 0)) <= 0)
 		{
 			SetLastError(ERROR_NOT_FOUND);
 			goto out;
@@ -425,7 +425,7 @@ static DWORD packet_receive(Remote *remote, Packet **packet)
 		// Read the payload
 		while (payloadBytesLeft > 0)
 		{
-			if ((bytesRead = recv(ctx->fd, payload + payloadLength - payloadBytesLeft, payloadBytesLeft, 0)) <= 0)
+			if ((bytesRead = recv(ctx->fd, (PCHAR)(payload + payloadLength - payloadBytesLeft), payloadBytesLeft, 0)) <= 0)
 			{
 
 				if (GetLastError() == WSAEWOULDBLOCK)
@@ -689,7 +689,7 @@ static void transport_reset_tcp(Transport* transport, BOOL shuttingDown)
  * @param transport Pointer to the transport instance.
  * @return Indication of success or failure.
  */
-static BOOL configure_tcp_connection(Transport* transport)
+static DWORD configure_tcp_connection(Transport* transport)
 {
 	DWORD result = ERROR_SUCCESS;
 	size_t charsConverted;
@@ -751,17 +751,18 @@ static BOOL configure_tcp_connection(Transport* transport)
 	if (result != ERROR_SUCCESS)
 	{
 		dprintf("[SERVER] Something went wrong %u", result);
-		return FALSE;
+	}
+  else
+  {
+		dprintf("[SERVER] Looking good, FORWARD!");
+
+		// Do not allow the file descriptor to be inherited by child processes
+		SetHandleInformation((HANDLE)ctx->fd, HANDLE_FLAG_INHERIT, 0);
+
+		transport->comms_last_packet = current_unix_timestamp();
 	}
 
-	dprintf("[SERVER] Looking good, FORWARD!");
-
-	// Do not allow the file descriptor to be inherited by child processes
-	SetHandleInformation((HANDLE)ctx->fd, HANDLE_FLAG_INHERIT, 0);
-
-	transport->comms_last_packet = current_unix_timestamp();
-
-	return TRUE;
+	return result;
 }
 
 /*!
@@ -781,7 +782,7 @@ DWORD packet_transmit_tcp(Remote* remote, LPBYTE rawPacket, DWORD rawPacketLengt
 
 	while (idx < rawPacketLength)
 	{
-		result = send(ctx->fd, rawPacket + idx, rawPacketLength - idx, 0);
+		result = send(ctx->fd, (PCHAR)(rawPacket + idx), rawPacketLength - idx, 0);
 
 		if (result < 0)
 		{

c/meterpreter/source/metsrv/server_transport_winhttp.c

@@ -127,7 +127,7 @@ static HINTERNET get_request_winhttp(HttpTransportContext *ctx, BOOL isGet, cons
 		if (ctx->proxy_user)
 		{
 			dprintf("[%s] Setting proxy username to %S", direction, ctx->proxy_user);
-			if (!WinHttpSetOption(hReq, WINHTTP_OPTION_PROXY_USERNAME, ctx->proxy_user, (DWORD)(wcslen(ctx->proxy_user))));
+			if (!WinHttpSetOption(hReq, WINHTTP_OPTION_PROXY_USERNAME, ctx->proxy_user, (DWORD)(wcslen(ctx->proxy_user))))
 			{
 				dprintf("[%s] Failed to set username %u", direction, GetLastError());
 			}
@@ -135,7 +135,7 @@ static HINTERNET get_request_winhttp(HttpTransportContext *ctx, BOOL isGet, cons
 		if (ctx->proxy_pass)
 		{
 			dprintf("[%s] Setting proxy password to %S", direction, ctx->proxy_pass);
-			if (!WinHttpSetOption(hReq, WINHTTP_OPTION_PROXY_PASSWORD, ctx->proxy_pass, (DWORD)(wcslen(ctx->proxy_pass))));
+			if (!WinHttpSetOption(hReq, WINHTTP_OPTION_PROXY_PASSWORD, ctx->proxy_pass, (DWORD)(wcslen(ctx->proxy_pass))))
 			{
 				dprintf("[%s] Failed to set password %u", direction, GetLastError());
 			}
@@ -336,7 +336,7 @@ static DWORD packet_receive_http(Remote *remote, Packet **packet)
 	DWORD headerBytes = 0, payloadBytesLeft = 0, res;
 	Packet *localPacket = NULL;
 	PacketHeader header;
-	LONG bytesRead;
+	DWORD bytesRead;
 	BOOL inHeader = TRUE;
 	PUCHAR packetBuffer = NULL;
 	ULONG payloadLength;
@@ -541,7 +541,7 @@ out:
  * @param transport Pointer to the transport instance.
  * @return Indication of success or failure.
  */
-static BOOL server_init_winhttp(Transport* transport)
+static DWORD server_init_winhttp(Transport* transport)
 {
 	URL_COMPONENTS bits;
 	wchar_t tmpHostName[URL_SIZE];
@@ -564,7 +564,7 @@ static BOOL server_init_winhttp(Transport* transport)
 	if (!ctx->internet)
 	{
 		dprintf("[DISPATCH] Failed WinHttpOpen: %d", GetLastError());
-		return FALSE;
+		return GetLastError();
 	}
 
 	dprintf("[DISPATCH] Configured hInternet: 0x%.8x", ctx->internet);
@@ -597,12 +597,12 @@ static BOOL server_init_winhttp(Transport* transport)
 	if (!ctx->connection)
 	{
 		dprintf("[DISPATCH] Failed WinHttpConnect: %d", GetLastError());
-		return FALSE;
+		return GetLastError();
 	}
 
 	dprintf("[DISPATCH] Configured hConnection: 0x%.8x", ctx->connection);
 
-	return TRUE;
+	return ERROR_SUCCESS;
 }
 
 /*!

c/meterpreter/source/metsrv/server_transport_wininet.c

@@ -141,7 +141,7 @@ static DWORD validate_response_wininet(HANDLE hReq, HttpTransportContext* ctx)
  * @param transport Pointer to the transport instance.
  * @return Indication of success or failure.
  */
-static BOOL server_init_wininet(Transport* transport)
+static DWORD server_init_wininet(Transport* transport)
 {
 	URL_COMPONENTS bits;
 	wchar_t tmpHostName[URL_SIZE];
@@ -164,7 +164,7 @@ static BOOL server_init_wininet(Transport* transport)
 	if (!ctx->internet)
 	{
 		dprintf("[DISPATCH] Failed InternetOpenW: %d", GetLastError());
-		return FALSE;
+		return GetLastError();
 	}
 
 	dprintf("[DISPATCH] Configured hInternet: 0x%.8x", ctx->internet);
@@ -197,7 +197,7 @@ static BOOL server_init_wininet(Transport* transport)
 	if (!ctx->connection)
 	{
 		dprintf("[DISPATCH] Failed InternetConnect: %d", GetLastError());
-		return FALSE;
+		return GetLastError();
 	}
 
 	if (ctx->proxy)
@@ -214,7 +214,7 @@ static BOOL server_init_wininet(Transport* transport)
 
 	dprintf("[DISPATCH] Configured hConnection: 0x%.8x", ctx->connection);
 
-	return TRUE;
+	return ERROR_SUCCESS;
 }
 
 /*!

c/meterpreter/source/metsrv/thread.c

@@ -195,10 +195,10 @@ void disable_thread_error_reporting()
 	}
 }
 
-static DWORD THREADCALL thread_preamble(THREAD* thread)
+static ULONG THREADCALL thread_preamble(THREAD* thread)
 {
 	disable_thread_error_reporting();
-	return thread->funk(thread);
+	return (ULONG)thread->funk(thread);
 }
 
 /*
@@ -233,7 +233,7 @@ THREAD* thread_create(THREADFUNK funk, LPVOID param1, LPVOID param2, LPVOID para
 	thread->parameter3 = param3;
 	thread->funk = funk;
 
-	thread->handle = CreateThread(NULL, 0, thread_preamble, thread, CREATE_SUSPENDED, &thread->id);
+	thread->handle = CreateThread(NULL, 0, (LPTHREAD_START_ROUTINE)thread_preamble, thread, CREATE_SUSPENDED, &thread->id);
 
 	if (thread->handle == NULL)
 	{

c/meterpreter/workspace/CMakeLists.txt

@@ -2,23 +2,36 @@ cmake_minimum_required(VERSION 3.15.7 FATAL_ERROR)
 
 set(PROJECT_NAME meterpreter)
 
-cmake_policy(SET CMP0091 NEW)
+if(MSVC)
+    cmake_policy(SET CMP0091 NEW)
+else()
+    set(_MSC_VER 1910)
+    include("x86_64-w64-mingw32-clang.cmake")
+endif()
+
 project(${PROJECT_NAME} C CXX)
 
 option(DBGTRACE "Enable debug tracing" OFF)
 option(DBGTRACE_VERBOSE "Enable verbose debug tracing" OFF)
 option(BUILD_SNIFFER "Build the sniffer extension (requires PSSDK)" OFF)
 option(USE_STATIC_MSVC_RUNTIMES "Use /MT instead of /MD in MSVC" ON)
-if( USE_STATIC_MSVC_RUNTIMES )
-    set(CMAKE_MSVC_RUNTIME_LIBRARY "MultiThreaded$<$<CONFIG:Debug>:Debug>")
+
+if(USE_STATIC_MSVC_RUNTIMES)
+    if(MSVC)
+        set(CMAKE_MSVC_RUNTIME_LIBRARY "MultiThreaded$<$<CONFIG:Debug>:Debug>")
+    endif()
 endif()
 
 set(WORKSPACE_ROOT_DIR ${PROJECT_SOURCE_DIR})
-set(MOD_DEF_DIR ${PROJECT_SOURCE_DIR}/../source/def)
-set(BIN_OUTPUT_DIR ${PROJECT_SOURCE_DIR}/../output)
-set(PSSDK_DIR ${PROJECT_SOURCE_DIR}/../../../../pssdk)
+set(MOD_DEF_DIR ${PROJECT_SOURCE_DIR}/../source/def/)
+set(BIN_OUTPUT_DIR ${PROJECT_SOURCE_DIR}/../output/)
+set(PSSDK_DIR ${PROJECT_SOURCE_DIR}/../../../../pssdk/)
 
-if(CMAKE_GENERATOR_PLATFORM MATCHES "Win32")
+if(MSVC)
+    set(BUILD_ARCH ${CMAKE_GENERATOR_PLATFORM})
+endif()
+
+if(BUILD_ARCH MATCHES "Win32")
     set(TARGET_ARCH "x86")
     set(IS_X86 true)
     set(IS_X64 false)
@@ -39,12 +52,14 @@ set(IS_RELEASE true)
 set(IS_DEBUG false)
 
 if(CMAKE_BUILD_TYPE MATCHES "Release")
-    set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} /W3 /WX")
-    set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} /W3 /WX /EHsc")
-    string(REPLACE "O2" "O1" CMAKE_CXX_FLAGS_RELEASE "${CMAKE_CXX_FLAGS_RELEASE}")
-    string(REPLACE "Ob2" "Ob1" CMAKE_CXX_FLAGS_RELEASE "${CMAKE_CXX_FLAGS_RELEASE}")
-    string(REPLACE "O2" "O1" CMAKE_C_FLAGS_RELEASE "${CMAKE_C_FLAGS_RELEASE}")
-    string(REPLACE "Ob2" "Ob1" CMAKE_C_FLAGS_RELEASE "${CMAKE_C_FLAGS_RELEASE}")
+    if(MSVC)
+        set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} /W3 /WX")
+        set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} /W3 /WX /EHsc")
+        string(REPLACE "O2" "O1" CMAKE_CXX_FLAGS_RELEASE "${CMAKE_CXX_FLAGS_RELEASE}")
+        string(REPLACE "Ob2" "Ob1" CMAKE_CXX_FLAGS_RELEASE "${CMAKE_CXX_FLAGS_RELEASE}")
+        string(REPLACE "O2" "O1" CMAKE_C_FLAGS_RELEASE "${CMAKE_C_FLAGS_RELEASE}")
+        string(REPLACE "Ob2" "Ob1" CMAKE_C_FLAGS_RELEASE "${CMAKE_C_FLAGS_RELEASE}")
+    endif()
 else()
     # We only support "Release" or "Debug"
     set(CMAKE_BUILD_TYPE "Debug")
@@ -52,6 +67,10 @@ else()
     set(IS_DEBUG true)
 endif()
 
+set(CMAKE_C_COMPILE_OPTIONS_PIC "")
+set(CMAKE_SHARED_LIBRARY_PREFIX "")
+set(CMAKE_SHARED_LIBRARY_SUFFIX ".dll")
+
 add_definitions(
     -DNDEBUG
     -D_WINDOWS
@@ -110,13 +129,13 @@ set(
 set(
     MET_DLLS
     ${MET_SERVERS}
-    ${MET_PLUGINS}
-    ${MET_EXTENSIONS}
+    #${MET_PLUGINS}
+    #${MET_EXTENSIONS}
 )
 
 set(
     MET_PROJECTS
-    ${MET_LIBS}
+    #${MET_LIBS}
     ${MET_DLLS}
 )
 

c/meterpreter/workspace/CMakeListsFuncs.txt

@@ -1,6 +1,10 @@
 function(editbin)
-    add_custom_command(TARGET ${ARGV0} POST_BUILD
-        COMMAND editbin.exe /NOLOGO /OSVERSION:5.0 /SUBSYSTEM:WINDOWS,${ARGV1} $<TARGET_FILE:${ARGV0}> > NUL)
+    if(MSVC)
+        add_custom_command(TARGET ${ARGV0} POST_BUILD
+            COMMAND editbin.exe /NOLOGO /OSVERSION:5.0 /SUBSYSTEM:WINDOWS,${ARGV1} $<TARGET_FILE:${ARGV0}> > NUL)
+    else()
+    # TODO: add implementation for mingw
+    endif()
 endfunction()
 
 function(copyoutput)

c/meterpreter/workspace/metsrv/CMakeLists.txt

@@ -11,10 +11,12 @@ add_definitions(
     -D_CRT_SECURE_NO_WARNINGS
 )
 
-set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} /MP")
+if(MSVC)
+    set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} /MP")
+endif()
 
 include_directories(../../source/common)
-include_directories(../../source/ReflectiveDllInjection/common)
+include_directories(../../source/ReflectiveDLLInjection/common)
 
 set(SRC_DIR ../../source/metsrv)
 file(GLOB SRC_FILES
@@ -23,15 +25,22 @@ file(GLOB SRC_FILES
 )
 add_library(${PROJECT_NAME} SHARED ${SRC_FILES})
 set_target_properties(${PROJECT_NAME} PROPERTIES OUTPUT_NAME ${PROJECT_NAME}.${TARGET_ARCH})
-set_target_properties(${PROJECT_NAME} PROPERTIES LINK_FLAGS "/DEF:\"${MOD_DEF_DIR}/metsrv.def\"")
-set_source_files_properties(${MOD_DEF_DIR}/metsrv.def PROPERTIES HEADER_FILE_ONLY TRUE)
+if(MSVC)
+    set_target_properties(${PROJECT_NAME} PROPERTIES LINK_FLAGS "/DEF:\"${MOD_DEF_DIR}/metsrv.def\"")
+    set_source_files_properties(${MOD_DEF_DIR}/metsrv.def PROPERTIES HEADER_FILE_ONLY TRUE)
+endif()
 
 set(LINK_LIBS winhttp wininet crypt32)
-target_link_libraries(${PROJECT_NAME} ${LINK_LIBS})
+
 if(MSVC)
     target_link_options(${PROJECT_NAME} PUBLIC "/ignore:4070")
+else()
+  set(LINK_LIBS ${LINK_LIBS} ws2_32)
+  target_link_options(${PROJECT_NAME} PUBLIC -v)
 endif()
 
+target_link_libraries(${PROJECT_NAME} ${LINK_LIBS})
+
 # Post processing (required for all Meterpreter DLLs)
 editbin(${PROJECT_NAME} ${BIN_SUBSYSTEM})
 copyoutput(${PROJECT_NAME} ${BIN_OUTPUT_DIR})

c/meterpreter/workspace/x86_64-w64-mingw32-clang.cmake

@@ -0,0 +1,20 @@
+set(CMAKE_SYSTEM_NAME Windows)
+
+set(CMAKE_TOOLCHAIN_PREFIX "x86_64-w64-mingw32")
+
+find_program(CMAKE_RC_COMPILER  NAMES ${CMAKE_TOOLCHAIN_PREFIX}-windres)
+find_program(CMAKE_C_COMPILER   NAMES ${CMAKE_TOOLCHAIN_PREFIX}-gcc)
+find_program(CMAKE_CXX_COMPILER NAMES ${CMAKE_TOOLCHAIN_PREFIX}-g++)
+find_program(CMAKE_ASM_COMPILER NAMES ${CMAKE_TOOLCHAIN_PREFIX}-as)
+find_program(CMAKE_DLL_TOOL NAMES ${CMAKE_TOOLCHAIN_PREFIX}-dlltool)
+
+set(CMAKE_C_COMPILER_EXTRAS "-target ${CMAKE_TOOLCHAIN_PREFIX} -isystem /usr/${CMAKE_TOOLCHAIN_PREFIX}/include -isystem /usr/local/${CMAKE_TOOLCHAIN_PREFIX}/include -fmsc-version=${_MSC_VER} -fms-extensions -fms-compatibility -fdelayed-template-parsing -Wfatal-errors")
+set(CMAKE_C_COMPILER   "clang"   "${CMAKE_C_COMPILER_EXTRAS}")
+set(CMAKE_CXX_COMPILER "clang++" "${CMAKE_C_COMPILER_EXTRAS} -std=c++14")
+
+set(CMAKE_FIND_ROOT_PATH /usr/${CMAKE_TOOLCHAIN_PREFIX} /usr/local/${CMAKE_TOOLCHAIN_PREFIX})
+
+set(CMAKE_FIND_ROOT_PATH_MODE_PROGRAM NEVER)
+set(CMAKE_FIND_ROOT_PATH_MODE_LIBRARY ONLY)
+set(CMAKE_FIND_ROOT_PATH_MODE_INCLUDE ONLY)
+set(CMAKE_CROSS_COMPILING TRUE)