github/metasploit-payloads
1
Fork 0
mirror of https://github.com/rapid7/metasploit-payloads synced 2025-04-24 10:09:49 +02:00
Code Releases Activity

Add md5/sha1

Browse Source 
git-svn-id: file:///home/svn/framework3/trunk@13060 4d416f70-5f16-0410-b530-b9f4589650da
This commit is contained in:
HD Moore 2011-06-29 06:12:15 +00:00
parent a9893a8118
commit a2da008614
6 changed files with 141 additions and 5 deletions
c/meterpreter
source/extensions/stdapi/server
fs
file.cfs.hfs_util.c
stdapi.c
workspace
ext_server_stdapi
ext_server_stdapi.vcproj
metsrv
metsrv.vcproj

126
c/meterpreter/source/extensions/stdapi/server/fs/file.c

@ -1,6 +1,9 @@
#include "precomp.h" #include "precomp.h"
#include <sys/stat.h> #include <sys/stat.h>
#include <openssl/md5.h>
#include <openssl/sha.h>
/*************************** /***************************
* File Channel Operations * * File Channel Operations *
***************************/ ***************************/
@ -338,3 +341,126 @@ DWORD request_fs_file_expand_path(Remote *remote, Packet *packet)
return ERROR_SUCCESS; return ERROR_SUCCESS;
} }
/*
* Returns the MD5 hash for a specified file path
*
* TLVs:
*
* req: TLV_TYPE_FILE_PATH - The file path that is to be stat'd
*/
DWORD request_fs_md5(Remote *remote, Packet *packet)
{
Packet *response = packet_create_response(packet);
LPCSTR filePath;
LPSTR expanded = NULL;
DWORD result = ERROR_SUCCESS;
MD5_CTX context;
HANDLE fd;
unsigned char buff[16384];
DWORD bytesRead;
unsigned char hash[128];
filePath = packet_get_tlv_value_string(packet, TLV_TYPE_FILE_PATH);
// Validate parameters
if (!filePath)
result = ERROR_INVALID_PARAMETER;
else if (!(expanded = fs_expand_path(filePath)))
result = ERROR_NOT_ENOUGH_MEMORY;
else
{
do {
MD5_Init(&context);
fd = CreateFile(expanded, GENERIC_READ, FILE_SHARE_READ, NULL, OPEN_EXISTING, FILE_ATTRIBUTE_NORMAL | FILE_FLAG_SEQUENTIAL_SCAN, NULL);
if (! fd) {
result = GetLastError();
break;
}
while (ReadFile(fd, buff, sizeof(buff), &bytesRead, NULL)) {
dprintf("[MD5] READ: %s => %d", expanded, bytesRead);
if (bytesRead == 0) break;
MD5_Update(&context, buff, bytesRead);
}
CloseHandle(fd);
MD5_Final(hash, &context);
// One byte extra for the NULL
packet_add_tlv_raw(response, TLV_TYPE_FILE_NAME, hash, 17);
} while(0);
}
// Set the result and transmit the response
packet_add_tlv_uint(response, TLV_TYPE_RESULT, result);
packet_transmit(remote, response, NULL);
if (expanded)
free(expanded);
return ERROR_SUCCESS;
}
/*
* Returns the SHA1 hash for a specified file path
*
* TLVs:
*
* req: TLV_TYPE_FILE_PATH - The file path that is to be stat'd
*/
DWORD request_fs_sha1(Remote *remote, Packet *packet)
{
Packet *response = packet_create_response(packet);
LPCSTR filePath;
LPSTR expanded = NULL;
DWORD result = ERROR_SUCCESS;
SHA_CTX context;
HANDLE fd;
unsigned char buff[16384];
DWORD bytesRead;
unsigned char hash[128];
filePath = packet_get_tlv_value_string(packet, TLV_TYPE_FILE_PATH);
// Validate parameters
if (!filePath)
result = ERROR_INVALID_PARAMETER;
else if (!(expanded = fs_expand_path(filePath)))
result = ERROR_NOT_ENOUGH_MEMORY;
else
{
do {
SHA1_Init(&context);
fd = CreateFile(expanded, GENERIC_READ, FILE_SHARE_READ, NULL, OPEN_EXISTING, FILE_ATTRIBUTE_NORMAL | FILE_FLAG_SEQUENTIAL_SCAN, NULL);
if (! fd) {
result = GetLastError();
break;
}
while (ReadFile(fd, buff, sizeof(buff), &bytesRead, NULL)) {
dprintf("[SHA1] READ: %s => %d", expanded, bytesRead);
if (bytesRead == 0) break;
SHA1_Update(&context, buff, bytesRead);
}
CloseHandle(fd);
SHA1_Final(hash, &context);
// One byte extra for the NULL
packet_add_tlv_raw(response, TLV_TYPE_FILE_NAME, hash, 21);
} while(0);
}
// Set the result and transmit the response
packet_add_tlv_uint(response, TLV_TYPE_RESULT, result);
packet_transmit(remote, response, NULL);
if (expanded)
free(expanded);
return ERROR_SUCCESS;
}

2
c/meterpreter/source/extensions/stdapi/server/fs/fs.h

@ -15,6 +15,8 @@ DWORD request_fs_delete_file(Remote *remote, Packet *packet);
DWORD request_fs_stat(Remote *remote, Packet *packet); DWORD request_fs_stat(Remote *remote, Packet *packet);
DWORD request_fs_file_expand_path(Remote *remote, Packet *packet); DWORD request_fs_file_expand_path(Remote *remote, Packet *packet);
DWORD request_fs_search( Remote * remote, Packet * packet ); DWORD request_fs_search( Remote * remote, Packet * packet );
DWORD request_fs_md5(Remote *remote, Packet *packet);
DWORD request_fs_sha1(Remote *remote, Packet *packet);
/* /*
* Channel allocation * Channel allocation

2
c/meterpreter/source/extensions/stdapi/server/fs/fs_util.c

@ -37,4 +37,4 @@ LPSTR fs_expand_path(LPCSTR regular)
strcpy(expandedFilePath, regular); strcpy(expandedFilePath, regular);
return expandedFilePath; return expandedFilePath;
#endif #endif
} }

8
c/meterpreter/source/extensions/stdapi/server/stdapi.c

@ -85,6 +85,14 @@ Command customCommands[] =
{ EMPTY_DISPATCH_HANDLER }, { EMPTY_DISPATCH_HANDLER },
}, },
#endif #endif
{ "stdapi_fs_md5",
{ request_fs_md5, { 0 }, 0 },
{ EMPTY_DISPATCH_HANDLER },
},
{ "stdapi_fs_sha1",
{ request_fs_sha1, { 0 }, 0 },
{ EMPTY_DISPATCH_HANDLER },
},
// Process // Process
{ "stdapi_sys_process_attach", { "stdapi_sys_process_attach",

6
c/meterpreter/workspace/ext_server_stdapi/ext_server_stdapi.vcproj

@ -279,7 +279,7 @@
/> />
<Tool <Tool
Name="VCLinkerTool" Name="VCLinkerTool"
AdditionalDependencies="iphlpapi.lib shlwapi.lib ws2_32.lib odbc32.lib odbccp32.lib metsrv.lib jpeg.lib" AdditionalDependencies="iphlpapi.lib shlwapi.lib ws2_32.lib odbc32.lib odbccp32.lib metsrv.lib jpeg.lib ssleay32.lib libeay32.lib"
OutputFile=".\Release\ext_server_stdapi.dll" OutputFile=".\Release\ext_server_stdapi.dll"
LinkIncremental="1" LinkIncremental="1"
SuppressStartupBanner="true" SuppressStartupBanner="true"
@ -381,11 +381,11 @@
/> />
<Tool <Tool
Name="VCLinkerTool" Name="VCLinkerTool"
AdditionalDependencies="iphlpapi.lib shlwapi.lib ws2_32.lib odbc32.lib odbccp32.lib metsrv.lib" AdditionalDependencies="iphlpapi.lib shlwapi.lib ws2_32.lib odbc32.lib odbccp32.lib metsrv.lib ssleay32.lib libeay32.lib"
OutputFile=".\Release\ext_server_stdapi.x64.dll" OutputFile=".\Release\ext_server_stdapi.x64.dll"
LinkIncremental="1" LinkIncremental="1"
SuppressStartupBanner="true" SuppressStartupBanner="true"
AdditionalLibraryDirectories="..\..\source\jpeg-8\lib\win\x64;..\metsrv\Release;..\..\source\openssl\lib\win" AdditionalLibraryDirectories="..\..\source\jpeg-8\lib\win\x64;..\metsrv\Release;..\..\source\openssl\lib\win\x64"
GenerateManifest="false" GenerateManifest="false"
DelayLoadDLLs="metsrv.dll" DelayLoadDLLs="metsrv.dll"
GenerateMapFile="true" GenerateMapFile="true"

2
c/meterpreter/workspace/metsrv/metsrv.vcproj

@ -388,7 +388,7 @@
/> />
<Tool <Tool
Name="VCLinkerTool" Name="VCLinkerTool"
AdditionalDependencies="ws2_32.lib odbc32.lib odbccp32.lib ssleay32.lib wininet.lib libeay32.lib" AdditionalDependencies="ws2_32.lib odbc32.lib odbccp32.lib wininet.lib ssleay32.lib libeay32.lib"
OutputFile=".\Release\metsrv.x64.dll" OutputFile=".\Release\metsrv.x64.dll"
LinkIncremental="1" LinkIncremental="1"
SuppressStartupBanner="true" SuppressStartupBanner="true"