github/metasploit-payloads
1
Fork 0
mirror of https://github.com/rapid7/metasploit-payloads synced 2024-12-21 05:35:54 +01:00
Code Releases Activity

Add a get_routes implementation for Windows XP

Browse Source
This commit is contained in:
Spencer McIntyre 2021-03-17 11:56:43 -04:00
parent 5ca9d02004
commit d3a0840792
1 changed files with 52 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

52
python/meterpreter/ext_server_stdapi.py
View File

@ -247,6 +247,24 @@ if has_ctypes:
("PrefixLength", ctypes.c_uint8) ("PrefixLength", ctypes.c_uint8)
] ]
class MIB_IPFORWARDROW(ctypes.Structure):
_fields_ = [("dwForwardDest", ctypes.c_uint32),
("dwForwardMask", ctypes.c_uint32),
("dwForwardPolicy", ctypes.c_uint32),
("dwForwardNextHop", ctypes.c_uint32),
("dwForwardIfIndex", ctypes.c_uint32),
("dwForwardType", ctypes.c_uint32),
("dwForwardProto", ctypes.c_uint32),
("dwForwardAge", ctypes.c_uint32),
("dwForwardNextHopAS", ctypes.c_uint32),
("dwForwardMetric1", ctypes.c_uint32),
("dwForwardMetric2", ctypes.c_uint32),
("dwForwardMetric3", ctypes.c_uint32),
("dwForwardMetric4", ctypes.c_uint32),
("dwForwardMetric5", ctypes.c_uint32),
]
PMIB_IPFORWARDROW = ctypes.POINTER(MIB_IPFORWARDROW)
class MIB_IPFORWARD_ROW2(ctypes.Structure): class MIB_IPFORWARD_ROW2(ctypes.Structure):
_fields_ = [("InterfaceLuid", ctypes.c_uint64), _fields_ = [("InterfaceLuid", ctypes.c_uint64),
("InterfaceIndex", ctypes.c_uint32), ("InterfaceIndex", ctypes.c_uint32),
@ -266,6 +284,13 @@ if has_ctypes:
] ]
PMIB_IPFORWARD_ROW2 = ctypes.POINTER(MIB_IPFORWARD_ROW2) PMIB_IPFORWARD_ROW2 = ctypes.POINTER(MIB_IPFORWARD_ROW2)
class MIB_IPFORWARDTABLE(ctypes.Structure):
_fields_ = [("dwNumEntries", ctypes.c_uint32),
("table", MIB_IPFORWARDROW * 0)
]
PMIB_IPFORWARDTABLE = ctypes.POINTER(MIB_IPFORWARDTABLE)
class MIB_IPFORWARD_TABLE2(ctypes.Structure): class MIB_IPFORWARD_TABLE2(ctypes.Structure):
_fields_ = [("NumEntries", ctypes.c_uint32), _fields_ = [("NumEntries", ctypes.c_uint32),
("Table", MIB_IPFORWARD_ROW2 * 0) ("Table", MIB_IPFORWARD_ROW2 * 0)
@ -1806,6 +1831,8 @@ def stdapi_net_config_get_routes_via_netlink():
def stdapi_net_config_get_routes_via_windll(): def stdapi_net_config_get_routes_via_windll():
iphlpapi = ctypes.windll.iphlpapi iphlpapi = ctypes.windll.iphlpapi
if not hasattr(iphlpapi, 'GetIpForwardTable2'): # added in Vista / 2008
return stdapi_net_config_get_routes_via_windll2()
routes = [] routes = []
iface_names = {} iface_names = {}
for iface in stdapi_net_config_get_interfaces_via_windll(): for iface in stdapi_net_config_get_interfaces_via_windll():
@ -1835,6 +1862,31 @@ def stdapi_net_config_get_routes_via_windll():
routes.append(route) routes.append(route)
return routes return routes
def stdapi_net_config_get_routes_via_windll2():
iphlpapi = ctypes.windll.iphlpapi
routes = []
iface_names = {}
for iface in stdapi_net_config_get_interfaces_via_windll():
iface_names[iface['index']] = iface['name']
size = ctypes.c_uint32(0)
table = MIB_IPFORWARDTABLE()
iphlpapi.GetIpForwardTable(ctypes.byref(table), ctypes.byref(size), False)
if size.value:
buffer = (ctypes.c_uint8 * size.value)()
table = ctypes.cast(buffer, PMIB_IPFORWARDTABLE).contents
iphlpapi.GetIpForwardTable(ctypes.byref(table), ctypes.byref(size), False)
rows = ctypes.cast(table.table, PMIB_IPFORWARDROW)
for index in range(table.dwNumEntries):
row = rows[index]
routes.append({
'subnet': struct.pack('<I', row.dwForwardDest),
'netmask': struct.pack('<I', row.dwForwardMask),
'gateway': struct.pack('<I', row.dwForwardNextHop),
'metric': row.dwForwardMetric1,
'iface': iface_names.get(row.dwForwardIfIndex, str(row.dwForwardIfIndex))
})
return routes
@register_function_if(has_windll) @register_function_if(has_windll)
def stdapi_net_config_get_proxy(request, response): def stdapi_net_config_get_proxy(request, response):
winhttp = ctypes.windll.winhttp winhttp = ctypes.windll.winhttp