Fix typo, bomb out on invalid cert

When the server cert checking fails, meterpreter now exits.
2025-03-24 18:16:24 +01:00 · 2015-03-17 14:39:41 +10:00 · 2015-03-17 14:39:41 +10:00 · 46ab7a02e8
commit 46ab7a02e8
parent 0739cbc0f3
3 changed files with 10 additions and 5 deletions
--- a/c/meterpreter/source/common/core.c
+++ b/c/meterpreter/source/common/core.c
@ -1842,7 +1842,7 @@ DWORD packet_receive_http_via_winhttp(Remote *remote, Packet **packet)
 			if (!WinHttpQueryOption(hReq, WINHTTP_OPTION_SERVER_CERT_CONTEXT, &pCertContext, &dwCertContextSize))
 			{
 				vdprintf("[PACKET RECEIVE WINHTTPS] Failed to get the certificate context: %u", GetLastError());
-				SetLastError(ERROR_NOT_FOUND);
+				SetLastError(ERROR_WINHTTP_SECURE_INVALID_CERT);
 				break;
 			}

@ -1851,7 +1851,7 @@ DWORD packet_receive_http_via_winhttp(Remote *remote, Packet **packet)
 			if (!CertGetCertificateContextProperty(pCertContext, CERT_SHA1_HASH_PROP_ID, hash, &dwHashSize))
 			{
 				vdprintf("[PACKET RECEIVE WINHTTPS] Failed to get the certificate hash: %u", GetLastError());
-				SetLastError(ERROR_NOT_FOUND);
+				SetLastError(ERROR_WINHTTP_SECURE_INVALID_CERT);
 				break;
 			}

@ -1862,7 +1862,7 @@ DWORD packet_receive_http_via_winhttp(Remote *remote, Packet **packet)
 			if (memcmp(hash, remote->pCertHash, 20) != 0)
 			{
 				vdprintf("[PACKET RECEIVE WINHTTPS] Certificate hash doesn't match, bailing out");
-				SetLastError(ERROR_NOT_FOUND);
+				SetLastError(ERROR_WINHTTP_SECURE_INVALID_CERT);
 				break;
 			}
 		}
--- a/c/meterpreter/source/server/server_setup.c
+++ b/c/meterpreter/source/server/server_setup.c
@ -744,7 +744,7 @@ DWORD server_setup(SOCKET fd)
 					hash[0], hash[1], hash[2], hash[3], hash[4], hash[5], hash[6], hash[7], hash[8], hash[9], hash[10],
 					hash[11], hash[12], hash[13], hash[14], hash[15], hash[16], hash[17], hash[18], hash[19]);

-				if (strcmp(hash, "METERPETER_SSL_CERT_HASH") != 0)
+				if (strcmp(hash, "METERPRETER_SSL_CERT_HASH") != 0)
 				{
 					pRemote->pCertHash = hash;
 					dprintf("[SERVER] is validating hashes %p", pRemote->pCertHash);
--- a/c/meterpreter/source/server/win/server_setup_winhttp.c
+++ b/c/meterpreter/source/server/win/server_setup_winhttp.c
@ -129,12 +129,17 @@ DWORD server_dispatch_http_winhttp(Remote* remote, THREAD* serverThread, int iEx
 		result = packet_receive_via_http(remote, &packet);
 		if (result != ERROR_SUCCESS)
 		{
-
 			// Update the timestamp for empty replies
 			if (result == ERROR_EMPTY)
 			{
 				remote->comm_last_packet = current_unix_timestamp();
 			}
+			else if (result == ERROR_WINHTTP_SECURE_INVALID_CERT)
+			{
+				// This means that the certificate validation failed, and so
+				// we don't trust who we're connecting with. Bail out.
+				break;
+			}

 			if (ecount < 10)
 			{