From 9dfa3ec1fc17a1da203aa4ae30821ee9e51cbd1c Mon Sep 17 00:00:00 2001
From: dwelch-r7 <dean_welch@rapid7.com>
Date: Wed, 6 Apr 2022 14:21:08 +0100
Subject: [PATCH 1/7] winpmem failing to compile
---
c/meterpreter/source/common/common.h | 2 +
c/meterpreter/source/common/common_config.h | 2 +
c/meterpreter/source/common/common_logging.c | 42 +++++++++++++++++++
c/meterpreter/source/common/common_logging.h | 11 +++++
c/meterpreter/source/common/common_metapi.h | 7 ++++
.../source/extensions/stdapi/server/stdapi.c | 2 +-
c/meterpreter/source/metsrv/core.c | 10 +++++
c/meterpreter/source/metsrv/core.h | 7 ++++
c/meterpreter/source/metsrv/metapi.c | 5 +++
c/meterpreter/source/metsrv/metsrv.c | 3 ++
c/meterpreter/source/metsrv/server_setup.c | 1 +
.../ext_server_espia/ext_server_espia.vcxproj | 1 +
.../ext_server_extapi.vcxproj | 1 +
.../ext_server_incognito.vcxproj | 1 +
.../ext_server_kiwi/ext_server_kiwi.vcxproj | 1 +
.../ext_server_lanattacks.vcxproj | 1 +
.../ext_server_peinjector.vcxproj | 1 +
.../ext_server_powershell.vcxproj | 1 +
.../ext_server_priv/ext_server_priv.vcxproj | 1 +
.../ext_server_python.vcxproj | 1 +
.../ext_server_sniffer.vcxproj | 1 +
.../ext_server_stdapi.vcxproj | 1 +
.../ext_server_unhook.vcxproj | 1 +
.../ext_server_winpmem.vcxproj | 1 +
c/meterpreter/workspace/meterpreter.sln | 2 +
c/meterpreter/workspace/metsrv/metsrv.vcxproj | 1 +
26 files changed, 107 insertions(+), 1 deletion(-)
mode change 100755 => 100644 c/meterpreter/source/common/common.h
create mode 100644 c/meterpreter/source/common/common_logging.c
create mode 100644 c/meterpreter/source/common/common_logging.h
mode change 100755 => 100644 c/meterpreter/workspace/meterpreter.sln
diff --git a/c/meterpreter/source/common/common.h b/c/meterpreter/source/common/common.h
old mode 100755
new mode 100644
index 78a5e16c..32a5779e
--- a/c/meterpreter/source/common/common.h
+++ b/c/meterpreter/source/common/common.h
@@ -94,6 +94,7 @@ typedef struct ___u128 {
#define CLOSE_SERVICE_HANDLE( h ) if( h ) { CloseServiceHandle( h ); h = NULL; }
/*! @brief Close a handle if not already closed and set the handle to NULL. */
#define CLOSE_HANDLE( h ) if( h ) { DWORD dwHandleFlags; if(GetHandleInformation( h , &dwHandleFlags)) CloseHandle( h ); h = NULL; }
+#include "common_logging.h"
/*!
* @brief Output a debug string to the debug console.
@@ -111,6 +112,7 @@ static _inline void real_dprintf(char *format, ...)
vsnprintf_s(buffer + len, sizeof(buffer)-len, sizeof(buffer)-len - 3, format, args);
strcat_s(buffer, sizeof(buffer), "\r\n");
OutputDebugStringA(buffer);
+ logToFile(buffer);
va_end(args);
}
diff --git a/c/meterpreter/source/common/common_config.h b/c/meterpreter/source/common/common_config.h
index 9771afb7..22d6c917 100644
--- a/c/meterpreter/source/common/common_config.h
+++ b/c/meterpreter/source/common/common_config.h
@@ -13,6 +13,7 @@
#define PROXY_HOST_SIZE 128
#define PROXY_USER_SIZE 64
#define PROXY_PASS_SIZE 64
+#define LOG_PATH_SIZE 260 // https://docs.microsoft.com/en-us/windows/win32/fileio/maximum-file-path-limitation?tabs=cmd
typedef wchar_t CHARTYPE;
@@ -33,6 +34,7 @@ typedef struct _MetsrvSession
int expiry; ///! The total number of seconds to wait before killing off the session.
BYTE uuid[UUID_SIZE]; ///! UUID
BYTE session_guid[sizeof(GUID)]; ///! Current session GUID
+ CHARTYPE logPath[LOG_PATH_SIZE]; ///! Location to place the log file.
} MetsrvSession;
typedef struct _MetsrvTransportCommon
diff --git a/c/meterpreter/source/common/common_logging.c b/c/meterpreter/source/common/common_logging.c
new file mode 100644
index 00000000..77beb2f9
--- /dev/null
+++ b/c/meterpreter/source/common/common_logging.c
@@ -0,0 +1,42 @@
+#include "common.h"
+HANDLE lock = NULL;
+HANDLE hFile = NULL;
+
+HANDLE initLogging(wchar_t* filePath) {
+ hFile = CreateFileW(filePath, // name of the write
+ GENERIC_WRITE, // open for writing
+ FILE_SHARE_DELETE | FILE_SHARE_READ | FILE_SHARE_WRITE, // do share (7)
+ NULL, // default security
+ CREATE_ALWAYS, // create new file always
+ FILE_ATTRIBUTE_NORMAL, // normal file
+ NULL); // no attr. template
+ lock = CreateMutex(NULL, FALSE, NULL);
+
+ if (hFile == NULL) {
+ dprintf("[LOGGING] Logging to file failed to initialize")
+ }
+ return hFile;
+}
+
+void logToFile(char* buffer) {
+ if (hFile) {
+ DWORD x = WaitForSingleObject(lock, INFINITE);
+
+ DWORD bytesWritten = 0;
+ WriteFile(hFile, buffer, strlen(buffer), &bytesWritten, NULL);
+ ReleaseMutex(lock);
+ }
+}
+
+HANDLE getLoggingContext() {
+ return hFile;
+}
+
+HANDLE getLock() {
+ return lock;
+}
+
+void setLoggingContext(HANDLE ctx, HANDLE lock1) {
+ hFile = ctx;
+ lock = lock1;
+}
\ No newline at end of file
diff --git a/c/meterpreter/source/common/common_logging.h b/c/meterpreter/source/common/common_logging.h
new file mode 100644
index 00000000..8e9d5f11
--- /dev/null
+++ b/c/meterpreter/source/common/common_logging.h
@@ -0,0 +1,11 @@
+#ifndef _METERPRETER_COMMON_LOGGING_H
+#define _METERPRETER_COMMON_LOGGING_H
+#include "common_config.h"
+
+HANDLE initLogging(wchar_t* filePath);
+HANDLE getLoggingContext();
+HANDLE getLock();
+void setLoggingContext(HANDLE ctx, HANDLE lock1);
+void logToFile(char* buffer);
+
+#endif
\ No newline at end of file
diff --git a/c/meterpreter/source/common/common_metapi.h b/c/meterpreter/source/common/common_metapi.h
index cea83579..79568df8 100644
--- a/c/meterpreter/source/common/common_metapi.h
+++ b/c/meterpreter/source/common/common_metapi.h
@@ -159,6 +159,12 @@ typedef struct _ListApi
VOID(*destroy)(PLIST pList);
} ListApi;
+typedef struct _LoggingApi
+{
+ HANDLE(*get_context)();
+ HANDLE(*get_lock)();
+} LoggingApi;
+
typedef struct _MetApi
{
PacketApi packet;
@@ -172,6 +178,7 @@ typedef struct _MetApi
InjectApi inject;
DesktopApi desktop;
ListApi list;
+ LoggingApi logging;
} MetApi;
extern MetApi* met_api;
diff --git a/c/meterpreter/source/extensions/stdapi/server/stdapi.c b/c/meterpreter/source/extensions/stdapi/server/stdapi.c
index bc10f050..2cc6639d 100644
--- a/c/meterpreter/source/extensions/stdapi/server/stdapi.c
+++ b/c/meterpreter/source/extensions/stdapi/server/stdapi.c
@@ -177,7 +177,7 @@ Command customCommands[] =
DWORD InitServerExtension(MetApi* api, Remote *remote)
{
met_api = api;
-
+ setLoggingContext(met_api->logging.get_context(), met_api->logging.get_lock());
met_api->command.register_all( customCommands );
return ERROR_SUCCESS;
diff --git a/c/meterpreter/source/metsrv/core.c b/c/meterpreter/source/metsrv/core.c
index c4bd3e5c..b346f629 100644
--- a/c/meterpreter/source/metsrv/core.c
+++ b/c/meterpreter/source/metsrv/core.c
@@ -1368,3 +1368,13 @@ DWORD packet_transmit(Remote* remote, Packet* packet, PacketRequestCompletion* c
return res;
}
+
+HANDLE get_context()
+{
+ return getLoggingContext();
+}
+
+HANDLE get_lock()
+{
+ return getLock();
+}
\ No newline at end of file
diff --git a/c/meterpreter/source/metsrv/core.h b/c/meterpreter/source/metsrv/core.h
index cff1647f..2dcfc603 100644
--- a/c/meterpreter/source/metsrv/core.h
+++ b/c/meterpreter/source/metsrv/core.h
@@ -71,4 +71,11 @@ DWORD packet_remove_completion_handler(LPCSTR requestId);
HANDLE core_update_thread_token( Remote *remote, HANDLE token );
VOID core_update_desktop( Remote * remote, DWORD dwSessionID, char * cpStationName, char * cpDesktopName );
+/*
+* Logging API
+*/
+HANDLE get_context();
+HANDLE get_lock();
+
+
#endif
diff --git a/c/meterpreter/source/metsrv/metapi.c b/c/meterpreter/source/metsrv/metapi.c
index 71fbb355..5a767314 100644
--- a/c/meterpreter/source/metsrv/metapi.c
+++ b/c/meterpreter/source/metsrv/metapi.c
@@ -147,6 +147,11 @@ MetApi api_instance = {
list_shift,
list_destroy,
},
+ // LoggingApi
+ {
+ get_context,
+ get_lock,
+ },
};
MetApi* met_api = &api_instance;
diff --git a/c/meterpreter/source/metsrv/metsrv.c b/c/meterpreter/source/metsrv/metsrv.c
index 0777b872..72e5ea09 100644
--- a/c/meterpreter/source/metsrv/metsrv.c
+++ b/c/meterpreter/source/metsrv/metsrv.c
@@ -16,6 +16,9 @@
DWORD Init(MetsrvConfig* metConfig)
{
+ initLogging(metConfig->session.logPath);
+ dprintf("[METSRV] Initializing Logging to file: %S", metConfig->session.logPath);
+
// if hAppInstance is still == NULL it means that we havent been
// reflectivly loaded so we must patch in the hAppInstance value
// for use with loading server extensions later.
diff --git a/c/meterpreter/source/metsrv/server_setup.c b/c/meterpreter/source/metsrv/server_setup.c
index 9a2880dc..ead29228 100644
--- a/c/meterpreter/source/metsrv/server_setup.c
+++ b/c/meterpreter/source/metsrv/server_setup.c
@@ -231,6 +231,7 @@ static void config_create(Remote* remote, LPBYTE uuid, MetsrvConfig** config, LP
memcpy(sess->uuid, uuid == NULL ? remote->orig_config->session.uuid : uuid, UUID_SIZE);
// session GUID should persist across migration
memcpy(sess->session_guid, remote->orig_config->session.session_guid, sizeof(GUID));
+ memcpy(sess->logPath, remote->orig_config->session.logPath, LOG_PATH_SIZE);
if (remote->sess_expiry_end)
{
sess->expiry = remote->sess_expiry_end - current_unix_timestamp();
diff --git a/c/meterpreter/workspace/ext_server_espia/ext_server_espia.vcxproj b/c/meterpreter/workspace/ext_server_espia/ext_server_espia.vcxproj
index 8ec0e619..10e90d24 100644
--- a/c/meterpreter/workspace/ext_server_espia/ext_server_espia.vcxproj
+++ b/c/meterpreter/workspace/ext_server_espia/ext_server_espia.vcxproj
@@ -451,6 +451,7 @@ copy /y "$(TargetDir)$(TargetFileName)" "$(ProjectDir)..\..\output\"</Command>
<ItemGroup>
<ClCompile Include="..\..\source\extensions\espia\espia.c" />
<ClCompile Include="..\..\source\extensions\espia\screen.c" />
+ <ClCompile Include="..\..\source\common\common_logging.c" />
</ItemGroup>
<ItemGroup>
<ClInclude Include="..\..\source\extensions\espia\espia.h" />
diff --git a/c/meterpreter/workspace/ext_server_extapi/ext_server_extapi.vcxproj b/c/meterpreter/workspace/ext_server_extapi/ext_server_extapi.vcxproj
index 6fcd6dcc..23a067b1 100644
--- a/c/meterpreter/workspace/ext_server_extapi/ext_server_extapi.vcxproj
+++ b/c/meterpreter/workspace/ext_server_extapi/ext_server_extapi.vcxproj
@@ -450,6 +450,7 @@ copy /y "$(TargetDir)$(TargetFileName)" "$(ProjectDir)..\..\output\"</Command>
<ClCompile Include="..\..\source\extensions\extapi\wmi.c" />
<ClCompile Include="..\..\source\extensions\extapi\wmi_interface.cpp" />
<ClCompile Include="..\..\source\extensions\extapi\wshelpers.c" />
+ <ClCompile Include="..\..\source\common\common_logging.c" />
</ItemGroup>
<ItemGroup>
<ClInclude Include="..\..\source\extensions\extapi\adsi.h" />
diff --git a/c/meterpreter/workspace/ext_server_incognito/ext_server_incognito.vcxproj b/c/meterpreter/workspace/ext_server_incognito/ext_server_incognito.vcxproj
index 35d861fd..93449680 100644
--- a/c/meterpreter/workspace/ext_server_incognito/ext_server_incognito.vcxproj
+++ b/c/meterpreter/workspace/ext_server_incognito/ext_server_incognito.vcxproj
@@ -454,6 +454,7 @@ copy /y "$(TargetDir)$(TargetFileName)" "$(ProjectDir)..\..\output\"</Command>
<ClCompile Include="..\..\source\extensions\incognito\list_tokens.c" />
<ClCompile Include="..\..\source\extensions\incognito\token_info.c" />
<ClCompile Include="..\..\source\extensions\incognito\user_management.c" />
+ <ClCompile Include="..\..\source\common\common_logging.c" />
</ItemGroup>
<Choose>
<When Condition="'$(Platform)'=='Win32'" />
diff --git a/c/meterpreter/workspace/ext_server_kiwi/ext_server_kiwi.vcxproj b/c/meterpreter/workspace/ext_server_kiwi/ext_server_kiwi.vcxproj
index 4893088a..91125918 100644
--- a/c/meterpreter/workspace/ext_server_kiwi/ext_server_kiwi.vcxproj
+++ b/c/meterpreter/workspace/ext_server_kiwi/ext_server_kiwi.vcxproj
@@ -613,6 +613,7 @@ copy /y "$(TargetDir)$(TargetFileName)" "$(ProjectDir)..\..\output\"</Command>
<DisableSpecificWarnings Condition="'$(Configuration)|$(Platform)'=='r7_release|x64'">4756;%(DisableSpecificWarnings)</DisableSpecificWarnings>
<DisableSpecificWarnings Condition="'$(Configuration)|$(Platform)'=='Release|x64'">4756;%(DisableSpecificWarnings)</DisableSpecificWarnings>
</ClCompile>
+ <ClCompile Include="..\..\source\common\common_logging.c" />
</ItemGroup>
<ItemGroup>
<ClInclude Include="..\..\source\extensions\kiwi\main.h" />
diff --git a/c/meterpreter/workspace/ext_server_lanattacks/ext_server_lanattacks.vcxproj b/c/meterpreter/workspace/ext_server_lanattacks/ext_server_lanattacks.vcxproj
index c50555dd..7e0a4f2f 100644
--- a/c/meterpreter/workspace/ext_server_lanattacks/ext_server_lanattacks.vcxproj
+++ b/c/meterpreter/workspace/ext_server_lanattacks/ext_server_lanattacks.vcxproj
@@ -413,6 +413,7 @@ copy /y "$(TargetDir)$(TargetFileName)" "$(ProjectDir)..\..\output\"</Command>
<ClCompile Include="..\..\source\extensions\lanattacks\dhcpserv.cpp" />
<ClCompile Include="..\..\source\extensions\lanattacks\TFTPserv.cpp" />
<ClCompile Include="..\..\source\extensions\lanattacks\lanattacks.c" />
+ <ClCompile Include="..\..\source\common\common_logging.c" />
</ItemGroup>
<ItemGroup>
<ClInclude Include="..\..\source\extensions\lanattacks\dhcpserv.h" />
diff --git a/c/meterpreter/workspace/ext_server_peinjector/ext_server_peinjector.vcxproj b/c/meterpreter/workspace/ext_server_peinjector/ext_server_peinjector.vcxproj
index 0483a63f..5dfa4fa6 100755
--- a/c/meterpreter/workspace/ext_server_peinjector/ext_server_peinjector.vcxproj
+++ b/c/meterpreter/workspace/ext_server_peinjector/ext_server_peinjector.vcxproj
@@ -441,6 +441,7 @@ copy /y "$(TargetDir)$(TargetFileName)" "$(ProjectDir)..\..\output\"</Command>
<ClCompile Include="..\..\source\extensions\peinjector\libpetool.c" />
<ClCompile Include="..\..\source\extensions\peinjector\peinjector.c" />
<ClCompile Include="..\..\source\extensions\peinjector\peinjector_bridge.c" />
+ <ClCompile Include="..\..\source\common\common_logging.c" />
</ItemGroup>
<ItemGroup>
<ClInclude Include="..\..\source\extensions\peinjector\headers.h" />
diff --git a/c/meterpreter/workspace/ext_server_powershell/ext_server_powershell.vcxproj b/c/meterpreter/workspace/ext_server_powershell/ext_server_powershell.vcxproj
index 978c670f..95d70038 100644
--- a/c/meterpreter/workspace/ext_server_powershell/ext_server_powershell.vcxproj
+++ b/c/meterpreter/workspace/ext_server_powershell/ext_server_powershell.vcxproj
@@ -445,6 +445,7 @@ copy /y "$(TargetDir)$(TargetFileName)" "$(ProjectDir)..\..\output\"</Command>
<ClCompile Include="..\..\source\extensions\powershell\powershell_bindings.cpp" />
<ClCompile Include="..\..\source\extensions\powershell\powershell_bridge.cpp" />
<ClCompile Include="..\..\source\extensions\powershell\powershell_runner.cpp" />
+ <ClCompile Include="..\..\source\common\common_logging.c" />
</ItemGroup>
<ItemGroup>
<ClInclude Include="..\..\source\extensions\powershell\powershell.h" />
diff --git a/c/meterpreter/workspace/ext_server_priv/ext_server_priv.vcxproj b/c/meterpreter/workspace/ext_server_priv/ext_server_priv.vcxproj
index 5fd84f7c..9add2464 100644
--- a/c/meterpreter/workspace/ext_server_priv/ext_server_priv.vcxproj
+++ b/c/meterpreter/workspace/ext_server_priv/ext_server_priv.vcxproj
@@ -545,6 +545,7 @@ copy /y "$(TargetDir)$(TargetFileName)" "$(ProjectDir)..\..\output\"</Command>
<ClCompile Include="..\..\source\extensions\priv\priv.c" />
<ClCompile Include="..\..\source\extensions\priv\service.c" />
<ClCompile Include="..\..\source\extensions\priv\tokendup.c" />
+ <ClCompile Include="..\..\source\common\common_logging.c" />
</ItemGroup>
<Import Project="$(VCTargetsPath)\Microsoft.Cpp.targets" />
<ImportGroup Label="ExtensionTargets">
diff --git a/c/meterpreter/workspace/ext_server_python/ext_server_python.vcxproj b/c/meterpreter/workspace/ext_server_python/ext_server_python.vcxproj
index e1268432..b3f244a6 100755
--- a/c/meterpreter/workspace/ext_server_python/ext_server_python.vcxproj
+++ b/c/meterpreter/workspace/ext_server_python/ext_server_python.vcxproj
@@ -662,6 +662,7 @@ copy /y "$(TargetDir)$(TargetFileName)" "$(ProjectDir)..\..\output\"</Command>
<ClCompile Include="..\..\source\extensions\python\python_commands.c" />
<ClCompile Include="..\..\source\extensions\python\python_main.c" />
<ClCompile Include="..\..\source\extensions\python\python_meterpreter_binding.c" />
+ <ClCompile Include="..\..\source\common\common_logging.c" />
</ItemGroup>
<ItemGroup>
<ClInclude Include="..\..\source\extensions\python\Include\abstract.h" />
diff --git a/c/meterpreter/workspace/ext_server_sniffer/ext_server_sniffer.vcxproj b/c/meterpreter/workspace/ext_server_sniffer/ext_server_sniffer.vcxproj
index 39743d34..19bc3ded 100644
--- a/c/meterpreter/workspace/ext_server_sniffer/ext_server_sniffer.vcxproj
+++ b/c/meterpreter/workspace/ext_server_sniffer/ext_server_sniffer.vcxproj
@@ -354,6 +354,7 @@ copy /y "$(TargetDir)$(TargetFileName)" "$(ProjectDir)..\..\output\$(TargetName)
<ClCompile Include="..\..\source\extensions\sniffer\sniffer.c">
<PrecompiledHeader>Create</PrecompiledHeader>
</ClCompile>
+ <ClCompile Include="..\..\source\common\common_logging.c" />
</ItemGroup>
<ItemGroup>
<ClInclude Include="..\..\source\extensions\sniffer\precomp.h" />
diff --git a/c/meterpreter/workspace/ext_server_stdapi/ext_server_stdapi.vcxproj b/c/meterpreter/workspace/ext_server_stdapi/ext_server_stdapi.vcxproj
index 33e05545..be87c500 100644
--- a/c/meterpreter/workspace/ext_server_stdapi/ext_server_stdapi.vcxproj
+++ b/c/meterpreter/workspace/ext_server_stdapi/ext_server_stdapi.vcxproj
@@ -558,6 +558,7 @@ copy /y "$(TargetDir)$(TargetFileName)" "$(ProjectDir)..\..\output\"</Command>
<ClCompile Include="..\..\source\extensions\stdapi\server\webcam\audio.c" />
<ClCompile Include="..\..\source\extensions\stdapi\server\webcam\bmp2jpeg.c" />
<ClCompile Include="..\..\source\extensions\stdapi\server\webcam\webcam.cpp" />
+ <ClCompile Include="..\..\source\common\common_logging.c" />
</ItemGroup>
<ItemGroup>
<ResourceCompile Include="..\..\source\extensions\stdapi\server\resource\stdapi.rc" />
diff --git a/c/meterpreter/workspace/ext_server_unhook/ext_server_unhook.vcxproj b/c/meterpreter/workspace/ext_server_unhook/ext_server_unhook.vcxproj
index eb988f81..de367892 100644
--- a/c/meterpreter/workspace/ext_server_unhook/ext_server_unhook.vcxproj
+++ b/c/meterpreter/workspace/ext_server_unhook/ext_server_unhook.vcxproj
@@ -435,6 +435,7 @@ copy /y "$(TargetDir)$(TargetFileName)" "$(ProjectDir)..\..\output\"</Command>
<ClCompile Include="..\..\source\extensions\unhook\apisetmap.c" />
<ClCompile Include="..\..\source\extensions\unhook\refresh.c" />
<ClCompile Include="..\..\source\extensions\unhook\unhook.c" />
+ <ClCompile Include="..\..\source\common\common_logging.c" />
</ItemGroup>
<ItemGroup>
<ClInclude Include="..\..\source\extensions\unhook\apisetmap.h" />
diff --git a/c/meterpreter/workspace/ext_server_winpmem/ext_server_winpmem.vcxproj b/c/meterpreter/workspace/ext_server_winpmem/ext_server_winpmem.vcxproj
index 3776033b..64cc137d 100644
--- a/c/meterpreter/workspace/ext_server_winpmem/ext_server_winpmem.vcxproj
+++ b/c/meterpreter/workspace/ext_server_winpmem/ext_server_winpmem.vcxproj
@@ -431,6 +431,7 @@ copy /y "$(TargetDir)$(TargetFileName)" "$(ProjectDir)..\..\output\"</Command>
<ItemGroup>
<ClCompile Include="..\..\source\extensions\winpmem\winpmem.cpp" />
<ClCompile Include="..\..\source\extensions\winpmem\winpmem_meterpreter.cpp" />
+ <ClCompile Include="..\..\source\common\common_logging.c" />
</ItemGroup>
<ItemGroup>
<ClInclude Include="..\..\source\extensions\winpmem\elf.h" />
diff --git a/c/meterpreter/workspace/meterpreter.sln b/c/meterpreter/workspace/meterpreter.sln
old mode 100755
new mode 100644
index e6358a65..47c5789c
--- a/c/meterpreter/workspace/meterpreter.sln
+++ b/c/meterpreter/workspace/meterpreter.sln
@@ -56,6 +56,8 @@ Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "Common", "Common", "{EDE086
..\source\common\common_core.h = ..\source\common\common_core.h
..\source\common\common_exports.h = ..\source\common\common_exports.h
..\source\common\common_list.h = ..\source\common\common_list.h
+ ..\source\common\common_logging.c = ..\source\common\common_logging.c
+ ..\source\common\common_logging.h = ..\source\common\common_logging.h
..\source\common\common_metapi.h = ..\source\common\common_metapi.h
..\source\common\common_pivot_tree.h = ..\source\common\common_pivot_tree.h
..\source\common\common_remote.h = ..\source\common\common_remote.h
diff --git a/c/meterpreter/workspace/metsrv/metsrv.vcxproj b/c/meterpreter/workspace/metsrv/metsrv.vcxproj
index ab372081..dd1a4809 100644
--- a/c/meterpreter/workspace/metsrv/metsrv.vcxproj
+++ b/c/meterpreter/workspace/metsrv/metsrv.vcxproj
@@ -587,6 +587,7 @@ copy /y "$(TargetDir)$(TargetFileName)" "$(ProjectDir)..\..\output\"</Command>
<ClCompile Include="..\..\source\metsrv\thread.c" />
<ClCompile Include="..\..\source\metsrv\unicode.c" />
<ClCompile Include="..\..\source\metsrv\zlib.c" />
+ <ClCompile Include="..\..\source\common\common_logging.c" />
</ItemGroup>
<Import Project="$(VCTargetsPath)\Microsoft.Cpp.targets" />
<ImportGroup Label="ExtensionTargets">
From 38e6787d84f48274d7a6b72b6d27a802f818d861 Mon Sep 17 00:00:00 2001
From: dwelch-r7 <dean_welch@rapid7.com>
Date: Fri, 8 Apr 2022 15:28:40 +0100
Subject: [PATCH 2/7] Configure logging in all extnesions
---
c/meterpreter/source/common/common_logging.c | 16 +--
c/meterpreter/source/extensions/espia/espia.c | 1 +
.../source/extensions/extapi/extapi.c | 1 +
.../source/extensions/incognito/incognito.c | 1 +
c/meterpreter/source/extensions/kiwi/main.c | 95 ++++++++-------
.../source/extensions/lanattacks/lanattacks.c | 1 +
.../source/extensions/peinjector/peinjector.c | 1 +
.../source/extensions/powershell/powershell.c | 1 +
c/meterpreter/source/extensions/priv/priv.c | 1 +
.../source/extensions/python/python_main.c | 115 +++++++++---------
.../source/extensions/sniffer/sniffer.c | 1 +
.../source/extensions/unhook/unhook.c | 1 +
.../source/extensions/winpmem/winpmem.h | 5 +-
.../winpmem/winpmem_meterpreter.cpp | 2 +-
14 files changed, 127 insertions(+), 115 deletions(-)
diff --git a/c/meterpreter/source/common/common_logging.c b/c/meterpreter/source/common/common_logging.c
index 77beb2f9..7e1bc799 100644
--- a/c/meterpreter/source/common/common_logging.c
+++ b/c/meterpreter/source/common/common_logging.c
@@ -5,7 +5,7 @@ HANDLE hFile = NULL;
HANDLE initLogging(wchar_t* filePath) {
hFile = CreateFileW(filePath, // name of the write
GENERIC_WRITE, // open for writing
- FILE_SHARE_DELETE | FILE_SHARE_READ | FILE_SHARE_WRITE, // do share (7)
+ FILE_SHARE_DELETE | FILE_SHARE_READ | FILE_SHARE_WRITE, // do share (7)
NULL, // default security
CREATE_ALWAYS, // create new file always
FILE_ATTRIBUTE_NORMAL, // normal file
@@ -13,19 +13,19 @@ HANDLE initLogging(wchar_t* filePath) {
lock = CreateMutex(NULL, FALSE, NULL);
if (hFile == NULL) {
- dprintf("[LOGGING] Logging to file failed to initialize")
+ dprintf("[LOGGING] Logging to file failed to initialize");
}
return hFile;
}
void logToFile(char* buffer) {
- if (hFile) {
- DWORD x = WaitForSingleObject(lock, INFINITE);
+ if (hFile) {
+ WaitForSingleObject(lock, INFINITE);
- DWORD bytesWritten = 0;
- WriteFile(hFile, buffer, strlen(buffer), &bytesWritten, NULL);
- ReleaseMutex(lock);
- }
+ LPDWORD bytesWritten = 0;
+ WriteFile(hFile, buffer, (DWORD)strlen(buffer), bytesWritten, NULL);
+ ReleaseMutex(lock);
+ }
}
HANDLE getLoggingContext() {
diff --git a/c/meterpreter/source/extensions/espia/espia.c b/c/meterpreter/source/extensions/espia/espia.c
index 99013c55..5d06b9ac 100644
--- a/c/meterpreter/source/extensions/espia/espia.c
+++ b/c/meterpreter/source/extensions/espia/espia.c
@@ -28,6 +28,7 @@ Command customCommands[] =
DWORD InitServerExtension(MetApi* api, Remote *remote)
{
met_api = api;
+ setLoggingContext(met_api->logging.get_context(), met_api->logging.get_lock());
met_api->command.register_all( customCommands );
diff --git a/c/meterpreter/source/extensions/extapi/extapi.c b/c/meterpreter/source/extensions/extapi/extapi.c
index 1bd96766..8f387065 100644
--- a/c/meterpreter/source/extensions/extapi/extapi.c
+++ b/c/meterpreter/source/extensions/extapi/extapi.c
@@ -51,6 +51,7 @@ Command customCommands[] =
DWORD InitServerExtension(MetApi* api, Remote* remote)
{
met_api = api;
+ setLoggingContext(met_api->logging.get_context(), met_api->logging.get_lock());
met_api->command.register_all(customCommands);
diff --git a/c/meterpreter/source/extensions/incognito/incognito.c b/c/meterpreter/source/extensions/incognito/incognito.c
index c8fe1e72..a8317e11 100644
--- a/c/meterpreter/source/extensions/incognito/incognito.c
+++ b/c/meterpreter/source/extensions/incognito/incognito.c
@@ -222,6 +222,7 @@ Command customCommands[] =
DWORD InitServerExtension(MetApi* api, Remote* remote)
{
met_api = api;
+ setLoggingContext(met_api->logging.get_context(), met_api->logging.get_lock());
met_api->command.register_all( customCommands );
diff --git a/c/meterpreter/source/extensions/kiwi/main.c b/c/meterpreter/source/extensions/kiwi/main.c
index 94e08a7e..aea3999b 100755
--- a/c/meterpreter/source/extensions/kiwi/main.c
+++ b/c/meterpreter/source/extensions/kiwi/main.c
@@ -13,63 +13,63 @@ MetApi* met_api = NULL;
#include "../../ReflectiveDLLInjection/dll/src/ReflectiveLoader.c"
#include "main.h"
-
+
extern wchar_t * powershell_reflective_mimikatz(LPWSTR input);
extern DWORD kuhl_m_kerberos_ptt_data(PVOID data, DWORD dataSize);
-extern LONG mimikatz_initOrClean(BOOL Init);
+extern LONG mimikatz_initOrClean(BOOL Init);
-DWORD request_exec_cmd(Remote *remote, Packet *packet);
+DWORD request_exec_cmd(Remote *remote, Packet *packet);
//DWORD request_kerberos_ticket_use(Remote *remote, Packet *packet);
/*! @brief The enabled commands for this extension. */
Command customCommands[] =
{
- COMMAND_REQ(COMMAND_ID_KIWI_EXEC_CMD, request_exec_cmd),
+ COMMAND_REQ(COMMAND_ID_KIWI_EXEC_CMD, request_exec_cmd),
COMMAND_TERMINATOR
};
-/*!
- * @brief Handler for the generic command execution function.
- * @param remote Pointer to the \c Remote instance.
- * @param packet Pointer to the incoming packet.
- * @returns \c ERROR_SUCCESS
- */
-DWORD request_exec_cmd(Remote *remote, Packet *packet)
-{
- DWORD result = ERROR_SUCCESS;
- Packet * response = met_api->packet.create_response(packet);
-
- wchar_t* cmd = met_api->packet.get_tlv_value_wstring(packet, TLV_TYPE_KIWI_CMD);
- if (cmd != NULL)
- {
- dprintf("[KIWI] Executing command: %S", cmd);
-
- // While this implies that powershell is in use, this is just a naming thing,
- // it's not actually using powershell.
- wchar_t* output = powershell_reflective_mimikatz(cmd);
- dprintf("[KIWI] Executed command: %S", cmd);
- if (output != NULL)
- {
- met_api->packet.add_tlv_wstring(response, TLV_TYPE_KIWI_CMD_RESULT, output);
- }
- else
- {
- result = ERROR_OUTOFMEMORY;
- }
- //LocalFree(cmd);
- }
- else
- {
- result = ERROR_INVALID_PARAMETER;
- }
-
- dprintf("[KIWI] Dumped, transmitting response.");
- met_api->packet.transmit_response(result, remote, response);
- dprintf("[KIWI] Done.");
-
- return ERROR_SUCCESS;
-}
-
+/*!
+ * @brief Handler for the generic command execution function.
+ * @param remote Pointer to the \c Remote instance.
+ * @param packet Pointer to the incoming packet.
+ * @returns \c ERROR_SUCCESS
+ */
+DWORD request_exec_cmd(Remote *remote, Packet *packet)
+{
+ DWORD result = ERROR_SUCCESS;
+ Packet * response = met_api->packet.create_response(packet);
+
+ wchar_t* cmd = met_api->packet.get_tlv_value_wstring(packet, TLV_TYPE_KIWI_CMD);
+ if (cmd != NULL)
+ {
+ dprintf("[KIWI] Executing command: %S", cmd);
+
+ // While this implies that powershell is in use, this is just a naming thing,
+ // it's not actually using powershell.
+ wchar_t* output = powershell_reflective_mimikatz(cmd);
+ dprintf("[KIWI] Executed command: %S", cmd);
+ if (output != NULL)
+ {
+ met_api->packet.add_tlv_wstring(response, TLV_TYPE_KIWI_CMD_RESULT, output);
+ }
+ else
+ {
+ result = ERROR_OUTOFMEMORY;
+ }
+ //LocalFree(cmd);
+ }
+ else
+ {
+ result = ERROR_INVALID_PARAMETER;
+ }
+
+ dprintf("[KIWI] Dumped, transmitting response.");
+ met_api->packet.transmit_response(result, remote, response);
+ dprintf("[KIWI] Done.");
+
+ return ERROR_SUCCESS;
+}
+
/*!
* @brief Initialize the server extension.
* @param api Pointer to the Meterpreter API structure.
@@ -79,9 +79,10 @@ DWORD request_exec_cmd(Remote *remote, Packet *packet)
DWORD InitServerExtension(MetApi* api, Remote* remote)
{
met_api = api;
+ setLoggingContext(met_api->logging.get_context(), met_api->logging.get_lock());
dprintf("[KIWI] Init server extension - initorclean");
- mimikatz_initOrClean(TRUE);
+ mimikatz_initOrClean(TRUE);
dprintf("[KIWI] Init server extension - register");
met_api->command.register_all(customCommands);
diff --git a/c/meterpreter/source/extensions/lanattacks/lanattacks.c b/c/meterpreter/source/extensions/lanattacks/lanattacks.c
index 0b77dac3..780a16f7 100644
--- a/c/meterpreter/source/extensions/lanattacks/lanattacks.c
+++ b/c/meterpreter/source/extensions/lanattacks/lanattacks.c
@@ -182,6 +182,7 @@ Command customCommands[] =
DWORD InitServerExtension(MetApi* api, Remote* remote)
{
met_api = api;
+ setLoggingContext(met_api->logging.get_context(), met_api->logging.get_lock());
met_api->command.register_all(customCommands);
diff --git a/c/meterpreter/source/extensions/peinjector/peinjector.c b/c/meterpreter/source/extensions/peinjector/peinjector.c
index 31de9ea0..93cca34f 100755
--- a/c/meterpreter/source/extensions/peinjector/peinjector.c
+++ b/c/meterpreter/source/extensions/peinjector/peinjector.c
@@ -28,6 +28,7 @@ Command customCommands[] =
DWORD InitServerExtension(MetApi* api, Remote *remote)
{
met_api = api;
+ setLoggingContext(met_api->logging.get_context(), met_api->logging.get_lock());
met_api->command.register_all( customCommands );
diff --git a/c/meterpreter/source/extensions/powershell/powershell.c b/c/meterpreter/source/extensions/powershell/powershell.c
index bd61af8b..69d286f4 100755
--- a/c/meterpreter/source/extensions/powershell/powershell.c
+++ b/c/meterpreter/source/extensions/powershell/powershell.c
@@ -35,6 +35,7 @@ Command customCommands[] =
DWORD InitServerExtension(MetApi* api, Remote* remote)
{
met_api = api;
+ setLoggingContext(met_api->logging.get_context(), met_api->logging.get_lock());
gRemote = remote;
diff --git a/c/meterpreter/source/extensions/priv/priv.c b/c/meterpreter/source/extensions/priv/priv.c
index 388c312f..d81cf0af 100644
--- a/c/meterpreter/source/extensions/priv/priv.c
+++ b/c/meterpreter/source/extensions/priv/priv.c
@@ -34,6 +34,7 @@ Command customCommands[] =
DWORD InitServerExtension(MetApi* api, Remote* remote)
{
met_api = api;
+ setLoggingContext(met_api->logging.get_context(), met_api->logging.get_lock());
met_api->command.register_all(customCommands);
diff --git a/c/meterpreter/source/extensions/python/python_main.c b/c/meterpreter/source/extensions/python/python_main.c
index 46074186..4c9773ba 100755
--- a/c/meterpreter/source/extensions/python/python_main.c
+++ b/c/meterpreter/source/extensions/python/python_main.c
@@ -1,34 +1,34 @@
-/*!
- * @file python_main.c
- * @brief Entry point and intialisation definitions for the python extension.
- */
-#include "common.h"
-#include "common_metapi.h"
-
-// Required so that use of the API works.
-MetApi* met_api = NULL;
-
-#define REFLECTIVEDLLINJECTION_CUSTOM_DLLMAIN
-#define RDIDLL_NOEXPORT
-#include "../../ReflectiveDLLInjection/dll/src/ReflectiveLoader.c"
-
-#include "python_commands.h"
-#include "python_meterpreter_binding.h"
+/*!
+ * @file python_main.c
+ * @brief Entry point and intialisation definitions for the python extension.
+ */
+#include "common.h"
+#include "common_metapi.h"
+
+// Required so that use of the API works.
+MetApi* met_api = NULL;
+
+#define REFLECTIVEDLLINJECTION_CUSTOM_DLLMAIN
+#define RDIDLL_NOEXPORT
+#include "../../ReflectiveDLLInjection/dll/src/ReflectiveLoader.c"
+
+#include "python_commands.h"
+#include "python_meterpreter_binding.h"
// This is the entry point to the python DLL, we proxy to this from our own init
extern BOOL WINAPI PythonDllMain(HANDLE hInst, ULONG ul_reason_for_call, LPVOID lpReserved);
extern BOOL WINAPI CtypesDllMain(HINSTANCE hinstDLL, DWORD fdwReason, LPVOID lpvRes);
Remote* gRemote = NULL;
-
-/*! @brief List of commands that the extended API extension providers. */
-Command customCommands[] =
-{
+
+/*! @brief List of commands that the extended API extension providers. */
+Command customCommands[] =
+{
COMMAND_REQ(COMMAND_ID_PYTHON_RESET, request_python_reset),
COMMAND_REQ(COMMAND_ID_PYTHON_EXECUTE, request_python_execute),
- COMMAND_TERMINATOR
-};
-
+ COMMAND_TERMINATOR
+};
+
BOOL WINAPI DllMain(HINSTANCE hinstDLL, DWORD dwReason, LPVOID lpReserved)
{
switch (dwReason)
@@ -53,43 +53,44 @@ BOOL WINAPI DllMain(HINSTANCE hinstDLL, DWORD dwReason, LPVOID lpReserved)
return TRUE;
}
-/*!
- * @brief Initialize the server extension.
- * @param api Pointer to the Meterpreter API structure.
- * @param remote Pointer to the remote instance.
- * @return Indication of success or failure.
- */
-DWORD InitServerExtension(MetApi* api, Remote* remote)
-{
- met_api = api;
-
- met_api->command.register_all(customCommands);
- gRemote = remote;
-
- dprintf("[PYTHON] Initialising");
- binding_startup();
-
- python_prepare_session();
- dprintf("[PYTHON] Registering commands");
- met_api->command.register_all(customCommands);
-
- return ERROR_SUCCESS;
-}
-
-/*!
- * @brief Deinitialize the server extension.
- * @param remote Pointer to the remote instance.
- * @return Indication of success or failure.
- */
-DWORD DeinitServerExtension(Remote *remote)
-{
+/*!
+ * @brief Initialize the server extension.
+ * @param api Pointer to the Meterpreter API structure.
+ * @param remote Pointer to the remote instance.
+ * @return Indication of success or failure.
+ */
+DWORD InitServerExtension(MetApi* api, Remote* remote)
+{
+ met_api = api;
+ setLoggingContext(met_api->logging.get_context(), met_api->logging.get_lock());
+
+ met_api->command.register_all(customCommands);
+ gRemote = remote;
+
+ dprintf("[PYTHON] Initialising");
+ binding_startup();
+
+ python_prepare_session();
+ dprintf("[PYTHON] Registering commands");
+ met_api->command.register_all(customCommands);
+
+ return ERROR_SUCCESS;
+}
+
+/*!
+ * @brief Deinitialize the server extension.
+ * @param remote Pointer to the remote instance.
+ * @return Indication of success or failure.
+ */
+DWORD DeinitServerExtension(Remote *remote)
+{
met_api->command.deregister_all(customCommands);
python_destroy_session();
-
- return ERROR_SUCCESS;
-}
-
+
+ return ERROR_SUCCESS;
+}
+
/*!
* @brief Do a stageless initialisation of the extension.
* @param ID of the extension that the init was intended for.
diff --git a/c/meterpreter/source/extensions/sniffer/sniffer.c b/c/meterpreter/source/extensions/sniffer/sniffer.c
index 56110423..4441635f 100644
--- a/c/meterpreter/source/extensions/sniffer/sniffer.c
+++ b/c/meterpreter/source/extensions/sniffer/sniffer.c
@@ -744,6 +744,7 @@ DWORD request_sniffer_capture_dump(Remote *remote, Packet *packet)
DWORD InitServerExtension(MetApi* api, Remote* remote)
{
met_api = api;
+ setLoggingContext(met_api->logging.get_context(), met_api->logging.get_lock());
dprintf("[SERVER] Registering command handlers...");
met_api->command.register_all(customCommands);
diff --git a/c/meterpreter/source/extensions/unhook/unhook.c b/c/meterpreter/source/extensions/unhook/unhook.c
index 5824a559..b7b388eb 100644
--- a/c/meterpreter/source/extensions/unhook/unhook.c
+++ b/c/meterpreter/source/extensions/unhook/unhook.c
@@ -43,6 +43,7 @@ Command customCommands[] =
DWORD InitServerExtension(MetApi* api, Remote* remote)
{
met_api = api;
+ setLoggingContext(met_api->logging.get_context(), met_api->logging.get_lock());
met_api->command.register_all(customCommands);
diff --git a/c/meterpreter/source/extensions/winpmem/winpmem.h b/c/meterpreter/source/extensions/winpmem/winpmem.h
index 1b82f1a4..3578b7bd 100755
--- a/c/meterpreter/source/extensions/winpmem/winpmem.h
+++ b/c/meterpreter/source/extensions/winpmem/winpmem.h
@@ -1,5 +1,6 @@
-#include "common.h"
-
+extern "C" {
+ #include "common.h"
+}
#include <stdint.h>
#include "tchar.h"
diff --git a/c/meterpreter/source/extensions/winpmem/winpmem_meterpreter.cpp b/c/meterpreter/source/extensions/winpmem/winpmem_meterpreter.cpp
index e741b7b6..4dfd47f6 100644
--- a/c/meterpreter/source/extensions/winpmem/winpmem_meterpreter.cpp
+++ b/c/meterpreter/source/extensions/winpmem/winpmem_meterpreter.cpp
@@ -33,7 +33,7 @@ extern "C" {
DWORD InitServerExtension(MetApi* api, Remote* remote)
{
met_api = api;
-
+ setLoggingContext(met_api->logging.get_context(), met_api->logging.get_lock());
met_api->command.register_all(customCommands);
return ERROR_SUCCESS;
From e29d876b2e6ede2b63a5ca6aaa0c6df2476c5d1e Mon Sep 17 00:00:00 2001
From: dwelch-r7 <dean_welch@rapid7.com>
Date: Thu, 21 Apr 2022 00:53:34 +0100
Subject: [PATCH 3/7] Remove debug artifacts from release build
---
c/meterpreter/source/common/common.h | 10 ++++++++--
c/meterpreter/source/common/common_config.h | 4 +++-
c/meterpreter/source/common/common_logging.c | 11 ++++++-----
c/meterpreter/source/common/common_logging.h | 11 +++++------
c/meterpreter/source/common/common_metapi.h | 7 +++++--
c/meterpreter/source/extensions/espia/espia.c | 2 +-
c/meterpreter/source/extensions/extapi/extapi.c | 2 +-
c/meterpreter/source/extensions/incognito/incognito.c | 2 +-
c/meterpreter/source/extensions/kiwi/main.c | 2 +-
.../source/extensions/lanattacks/lanattacks.c | 2 +-
.../source/extensions/peinjector/peinjector.c | 2 +-
.../source/extensions/powershell/powershell.c | 2 +-
c/meterpreter/source/extensions/priv/priv.c | 2 +-
c/meterpreter/source/extensions/python/python_main.c | 2 +-
c/meterpreter/source/extensions/sniffer/sniffer.c | 2 +-
.../source/extensions/stdapi/server/stdapi.c | 2 +-
c/meterpreter/source/extensions/unhook/unhook.c | 2 +-
.../source/extensions/winpmem/winpmem_meterpreter.cpp | 3 ++-
c/meterpreter/source/metsrv/core.c | 10 ----------
c/meterpreter/source/metsrv/core.h | 6 ------
c/meterpreter/source/metsrv/metapi.c | 5 ++++-
c/meterpreter/source/metsrv/metsrv.c | 3 +--
c/meterpreter/source/metsrv/server_setup.c | 5 ++++-
c/meterpreter/workspace/elevator/elevator.vcxproj | 5 +++--
c/meterpreter/workspace/metsrv/metsrv.vcxproj | 3 ++-
c/meterpreter/workspace/metsrv/metsrv.vcxproj.filters | 1 +
26 files changed, 56 insertions(+), 52 deletions(-)
diff --git a/c/meterpreter/source/common/common.h b/c/meterpreter/source/common/common.h
index 32a5779e..46e4239e 100644
--- a/c/meterpreter/source/common/common.h
+++ b/c/meterpreter/source/common/common.h
@@ -70,7 +70,10 @@ typedef struct ___u128 {
#undef X509_NAME
#ifdef DEBUGTRACE
+#include "common_logging.h"
#define dprintf(...) real_dprintf(__VA_ARGS__)
+#define SET_LOGGING_CONTEXT(api) set_logging_context(api->logging.get_logging_context(), api->logging.get_lock());
+#define INIT_LOGGING(metConfig) init_logging(metConfig->session.log_path);
#if DEBUGTRACE == 1
#define vdprintf dprintf
#else
@@ -79,6 +82,8 @@ typedef struct ___u128 {
#else
#define dprintf(...) do{}while(0);
#define vdprintf(...) do{}while(0);
+#define SET_LOGGING_CONTEXT(...)
+#define INIT_LOGGING(...)
#endif
/*! @brief Sets `dwResult` to the return value of `GetLastError()`, prints debug output, then does `break;` */
@@ -94,7 +99,6 @@ typedef struct ___u128 {
#define CLOSE_SERVICE_HANDLE( h ) if( h ) { CloseServiceHandle( h ); h = NULL; }
/*! @brief Close a handle if not already closed and set the handle to NULL. */
#define CLOSE_HANDLE( h ) if( h ) { DWORD dwHandleFlags; if(GetHandleInformation( h , &dwHandleFlags)) CloseHandle( h ); h = NULL; }
-#include "common_logging.h"
/*!
* @brief Output a debug string to the debug console.
@@ -112,7 +116,9 @@ static _inline void real_dprintf(char *format, ...)
vsnprintf_s(buffer + len, sizeof(buffer)-len, sizeof(buffer)-len - 3, format, args);
strcat_s(buffer, sizeof(buffer), "\r\n");
OutputDebugStringA(buffer);
- logToFile(buffer);
+#ifdef DEBUGTRACE
+ log_to_file(buffer);
+#endif
va_end(args);
}
diff --git a/c/meterpreter/source/common/common_config.h b/c/meterpreter/source/common/common_config.h
index 22d6c917..27107ff8 100644
--- a/c/meterpreter/source/common/common_config.h
+++ b/c/meterpreter/source/common/common_config.h
@@ -34,7 +34,9 @@ typedef struct _MetsrvSession
int expiry; ///! The total number of seconds to wait before killing off the session.
BYTE uuid[UUID_SIZE]; ///! UUID
BYTE session_guid[sizeof(GUID)]; ///! Current session GUID
- CHARTYPE logPath[LOG_PATH_SIZE]; ///! Location to place the log file.
+#ifdef DEBUGTRACE
+ CHARTYPE log_path[LOG_PATH_SIZE]; ///! Location to place the log file.only set when
+#endif
} MetsrvSession;
typedef struct _MetsrvTransportCommon
diff --git a/c/meterpreter/source/common/common_logging.c b/c/meterpreter/source/common/common_logging.c
index 7e1bc799..b091a726 100644
--- a/c/meterpreter/source/common/common_logging.c
+++ b/c/meterpreter/source/common/common_logging.c
@@ -1,8 +1,9 @@
#include "common.h"
+
HANDLE lock = NULL;
HANDLE hFile = NULL;
-HANDLE initLogging(wchar_t* filePath) {
+HANDLE init_logging(wchar_t* filePath) {
hFile = CreateFileW(filePath, // name of the write
GENERIC_WRITE, // open for writing
FILE_SHARE_DELETE | FILE_SHARE_READ | FILE_SHARE_WRITE, // do share (7)
@@ -18,7 +19,7 @@ HANDLE initLogging(wchar_t* filePath) {
return hFile;
}
-void logToFile(char* buffer) {
+void log_to_file(char* buffer) {
if (hFile) {
WaitForSingleObject(lock, INFINITE);
@@ -28,15 +29,15 @@ void logToFile(char* buffer) {
}
}
-HANDLE getLoggingContext() {
+HANDLE get_logging_context() {
return hFile;
}
-HANDLE getLock() {
+HANDLE get_lock() {
return lock;
}
-void setLoggingContext(HANDLE ctx, HANDLE lock1) {
+void set_logging_context(HANDLE ctx, HANDLE lock1) {
hFile = ctx;
lock = lock1;
}
\ No newline at end of file
diff --git a/c/meterpreter/source/common/common_logging.h b/c/meterpreter/source/common/common_logging.h
index 8e9d5f11..c1f7b158 100644
--- a/c/meterpreter/source/common/common_logging.h
+++ b/c/meterpreter/source/common/common_logging.h
@@ -1,11 +1,10 @@
#ifndef _METERPRETER_COMMON_LOGGING_H
#define _METERPRETER_COMMON_LOGGING_H
-#include "common_config.h"
-HANDLE initLogging(wchar_t* filePath);
-HANDLE getLoggingContext();
-HANDLE getLock();
-void setLoggingContext(HANDLE ctx, HANDLE lock1);
-void logToFile(char* buffer);
+HANDLE init_logging(wchar_t* filePath);
+HANDLE get_logging_context();
+HANDLE get_lock();
+void set_logging_context(HANDLE ctx, HANDLE lock1);
+void log_to_file(char* buffer);
#endif
\ No newline at end of file
diff --git a/c/meterpreter/source/common/common_metapi.h b/c/meterpreter/source/common/common_metapi.h
index 79568df8..138a8187 100644
--- a/c/meterpreter/source/common/common_metapi.h
+++ b/c/meterpreter/source/common/common_metapi.h
@@ -159,12 +159,13 @@ typedef struct _ListApi
VOID(*destroy)(PLIST pList);
} ListApi;
+#ifdef DEBUGTRACE
typedef struct _LoggingApi
{
- HANDLE(*get_context)();
+ HANDLE(*get_logging_context)();
HANDLE(*get_lock)();
} LoggingApi;
-
+#endif
typedef struct _MetApi
{
PacketApi packet;
@@ -178,7 +179,9 @@ typedef struct _MetApi
InjectApi inject;
DesktopApi desktop;
ListApi list;
+#ifdef DEBUGTRACE
LoggingApi logging;
+#endif
} MetApi;
extern MetApi* met_api;
diff --git a/c/meterpreter/source/extensions/espia/espia.c b/c/meterpreter/source/extensions/espia/espia.c
index 5d06b9ac..06787d0d 100644
--- a/c/meterpreter/source/extensions/espia/espia.c
+++ b/c/meterpreter/source/extensions/espia/espia.c
@@ -28,7 +28,7 @@ Command customCommands[] =
DWORD InitServerExtension(MetApi* api, Remote *remote)
{
met_api = api;
- setLoggingContext(met_api->logging.get_context(), met_api->logging.get_lock());
+ SET_LOGGING_CONTEXT(api)
met_api->command.register_all( customCommands );
diff --git a/c/meterpreter/source/extensions/extapi/extapi.c b/c/meterpreter/source/extensions/extapi/extapi.c
index 8f387065..f7802512 100644
--- a/c/meterpreter/source/extensions/extapi/extapi.c
+++ b/c/meterpreter/source/extensions/extapi/extapi.c
@@ -51,7 +51,7 @@ Command customCommands[] =
DWORD InitServerExtension(MetApi* api, Remote* remote)
{
met_api = api;
- setLoggingContext(met_api->logging.get_context(), met_api->logging.get_lock());
+ SET_LOGGING_CONTEXT(api)
met_api->command.register_all(customCommands);
diff --git a/c/meterpreter/source/extensions/incognito/incognito.c b/c/meterpreter/source/extensions/incognito/incognito.c
index a8317e11..ce97bce7 100644
--- a/c/meterpreter/source/extensions/incognito/incognito.c
+++ b/c/meterpreter/source/extensions/incognito/incognito.c
@@ -222,7 +222,7 @@ Command customCommands[] =
DWORD InitServerExtension(MetApi* api, Remote* remote)
{
met_api = api;
- setLoggingContext(met_api->logging.get_context(), met_api->logging.get_lock());
+ SET_LOGGING_CONTEXT(api)
met_api->command.register_all( customCommands );
diff --git a/c/meterpreter/source/extensions/kiwi/main.c b/c/meterpreter/source/extensions/kiwi/main.c
index aea3999b..67495e14 100755
--- a/c/meterpreter/source/extensions/kiwi/main.c
+++ b/c/meterpreter/source/extensions/kiwi/main.c
@@ -79,7 +79,7 @@ DWORD request_exec_cmd(Remote *remote, Packet *packet)
DWORD InitServerExtension(MetApi* api, Remote* remote)
{
met_api = api;
- setLoggingContext(met_api->logging.get_context(), met_api->logging.get_lock());
+ SET_LOGGING_CONTEXT(api)
dprintf("[KIWI] Init server extension - initorclean");
mimikatz_initOrClean(TRUE);
diff --git a/c/meterpreter/source/extensions/lanattacks/lanattacks.c b/c/meterpreter/source/extensions/lanattacks/lanattacks.c
index 780a16f7..db69a4fb 100644
--- a/c/meterpreter/source/extensions/lanattacks/lanattacks.c
+++ b/c/meterpreter/source/extensions/lanattacks/lanattacks.c
@@ -182,7 +182,7 @@ Command customCommands[] =
DWORD InitServerExtension(MetApi* api, Remote* remote)
{
met_api = api;
- setLoggingContext(met_api->logging.get_context(), met_api->logging.get_lock());
+ SET_LOGGING_CONTEXT(api)
met_api->command.register_all(customCommands);
diff --git a/c/meterpreter/source/extensions/peinjector/peinjector.c b/c/meterpreter/source/extensions/peinjector/peinjector.c
index 93cca34f..6d7bccf3 100755
--- a/c/meterpreter/source/extensions/peinjector/peinjector.c
+++ b/c/meterpreter/source/extensions/peinjector/peinjector.c
@@ -28,7 +28,7 @@ Command customCommands[] =
DWORD InitServerExtension(MetApi* api, Remote *remote)
{
met_api = api;
- setLoggingContext(met_api->logging.get_context(), met_api->logging.get_lock());
+ SET_LOGGING_CONTEXT(api)
met_api->command.register_all( customCommands );
diff --git a/c/meterpreter/source/extensions/powershell/powershell.c b/c/meterpreter/source/extensions/powershell/powershell.c
index 69d286f4..a95ca122 100755
--- a/c/meterpreter/source/extensions/powershell/powershell.c
+++ b/c/meterpreter/source/extensions/powershell/powershell.c
@@ -35,7 +35,7 @@ Command customCommands[] =
DWORD InitServerExtension(MetApi* api, Remote* remote)
{
met_api = api;
- setLoggingContext(met_api->logging.get_context(), met_api->logging.get_lock());
+ SET_LOGGING_CONTEXT(api)
gRemote = remote;
diff --git a/c/meterpreter/source/extensions/priv/priv.c b/c/meterpreter/source/extensions/priv/priv.c
index d81cf0af..36cc04d7 100644
--- a/c/meterpreter/source/extensions/priv/priv.c
+++ b/c/meterpreter/source/extensions/priv/priv.c
@@ -34,7 +34,7 @@ Command customCommands[] =
DWORD InitServerExtension(MetApi* api, Remote* remote)
{
met_api = api;
- setLoggingContext(met_api->logging.get_context(), met_api->logging.get_lock());
+ SET_LOGGING_CONTEXT(api)
met_api->command.register_all(customCommands);
diff --git a/c/meterpreter/source/extensions/python/python_main.c b/c/meterpreter/source/extensions/python/python_main.c
index 4c9773ba..48c19b70 100755
--- a/c/meterpreter/source/extensions/python/python_main.c
+++ b/c/meterpreter/source/extensions/python/python_main.c
@@ -62,7 +62,7 @@ BOOL WINAPI DllMain(HINSTANCE hinstDLL, DWORD dwReason, LPVOID lpReserved)
DWORD InitServerExtension(MetApi* api, Remote* remote)
{
met_api = api;
- setLoggingContext(met_api->logging.get_context(), met_api->logging.get_lock());
+ SET_LOGGING_CONTEXT(api)
met_api->command.register_all(customCommands);
gRemote = remote;
diff --git a/c/meterpreter/source/extensions/sniffer/sniffer.c b/c/meterpreter/source/extensions/sniffer/sniffer.c
index 4441635f..45838ff8 100644
--- a/c/meterpreter/source/extensions/sniffer/sniffer.c
+++ b/c/meterpreter/source/extensions/sniffer/sniffer.c
@@ -744,7 +744,7 @@ DWORD request_sniffer_capture_dump(Remote *remote, Packet *packet)
DWORD InitServerExtension(MetApi* api, Remote* remote)
{
met_api = api;
- setLoggingContext(met_api->logging.get_context(), met_api->logging.get_lock());
+ SET_LOGGING_CONTEXT(api)
dprintf("[SERVER] Registering command handlers...");
met_api->command.register_all(customCommands);
diff --git a/c/meterpreter/source/extensions/stdapi/server/stdapi.c b/c/meterpreter/source/extensions/stdapi/server/stdapi.c
index 2cc6639d..ff621a0f 100644
--- a/c/meterpreter/source/extensions/stdapi/server/stdapi.c
+++ b/c/meterpreter/source/extensions/stdapi/server/stdapi.c
@@ -177,7 +177,7 @@ Command customCommands[] =
DWORD InitServerExtension(MetApi* api, Remote *remote)
{
met_api = api;
- setLoggingContext(met_api->logging.get_context(), met_api->logging.get_lock());
+ SET_LOGGING_CONTEXT(api);
met_api->command.register_all( customCommands );
return ERROR_SUCCESS;
diff --git a/c/meterpreter/source/extensions/unhook/unhook.c b/c/meterpreter/source/extensions/unhook/unhook.c
index b7b388eb..381dba3f 100644
--- a/c/meterpreter/source/extensions/unhook/unhook.c
+++ b/c/meterpreter/source/extensions/unhook/unhook.c
@@ -43,7 +43,7 @@ Command customCommands[] =
DWORD InitServerExtension(MetApi* api, Remote* remote)
{
met_api = api;
- setLoggingContext(met_api->logging.get_context(), met_api->logging.get_lock());
+ SET_LOGGING_CONTEXT(api)
met_api->command.register_all(customCommands);
diff --git a/c/meterpreter/source/extensions/winpmem/winpmem_meterpreter.cpp b/c/meterpreter/source/extensions/winpmem/winpmem_meterpreter.cpp
index 4dfd47f6..e85e7bb3 100644
--- a/c/meterpreter/source/extensions/winpmem/winpmem_meterpreter.cpp
+++ b/c/meterpreter/source/extensions/winpmem/winpmem_meterpreter.cpp
@@ -33,7 +33,8 @@ extern "C" {
DWORD InitServerExtension(MetApi* api, Remote* remote)
{
met_api = api;
- setLoggingContext(met_api->logging.get_context(), met_api->logging.get_lock());
+ SET_LOGGING_CONTEXT(api)
+
met_api->command.register_all(customCommands);
return ERROR_SUCCESS;
diff --git a/c/meterpreter/source/metsrv/core.c b/c/meterpreter/source/metsrv/core.c
index b346f629..c4bd3e5c 100644
--- a/c/meterpreter/source/metsrv/core.c
+++ b/c/meterpreter/source/metsrv/core.c
@@ -1368,13 +1368,3 @@ DWORD packet_transmit(Remote* remote, Packet* packet, PacketRequestCompletion* c
return res;
}
-
-HANDLE get_context()
-{
- return getLoggingContext();
-}
-
-HANDLE get_lock()
-{
- return getLock();
-}
\ No newline at end of file
diff --git a/c/meterpreter/source/metsrv/core.h b/c/meterpreter/source/metsrv/core.h
index 2dcfc603..13d4a9b8 100644
--- a/c/meterpreter/source/metsrv/core.h
+++ b/c/meterpreter/source/metsrv/core.h
@@ -71,11 +71,5 @@ DWORD packet_remove_completion_handler(LPCSTR requestId);
HANDLE core_update_thread_token( Remote *remote, HANDLE token );
VOID core_update_desktop( Remote * remote, DWORD dwSessionID, char * cpStationName, char * cpDesktopName );
-/*
-* Logging API
-*/
-HANDLE get_context();
-HANDLE get_lock();
-
#endif
diff --git a/c/meterpreter/source/metsrv/metapi.c b/c/meterpreter/source/metsrv/metapi.c
index 5a767314..8c0babbf 100644
--- a/c/meterpreter/source/metsrv/metapi.c
+++ b/c/meterpreter/source/metsrv/metapi.c
@@ -148,10 +148,13 @@ MetApi api_instance = {
list_destroy,
},
// LoggingApi
+#ifdef DEBUGTRACE
+
{
- get_context,
+ get_logging_context,
get_lock,
},
+#endif
};
MetApi* met_api = &api_instance;
diff --git a/c/meterpreter/source/metsrv/metsrv.c b/c/meterpreter/source/metsrv/metsrv.c
index 72e5ea09..93773e66 100644
--- a/c/meterpreter/source/metsrv/metsrv.c
+++ b/c/meterpreter/source/metsrv/metsrv.c
@@ -16,8 +16,7 @@
DWORD Init(MetsrvConfig* metConfig)
{
- initLogging(metConfig->session.logPath);
- dprintf("[METSRV] Initializing Logging to file: %S", metConfig->session.logPath);
+ INIT_LOGGING(metConfig)
// if hAppInstance is still == NULL it means that we havent been
// reflectivly loaded so we must patch in the hAppInstance value
diff --git a/c/meterpreter/source/metsrv/server_setup.c b/c/meterpreter/source/metsrv/server_setup.c
index ead29228..d31c607f 100644
--- a/c/meterpreter/source/metsrv/server_setup.c
+++ b/c/meterpreter/source/metsrv/server_setup.c
@@ -231,7 +231,10 @@ static void config_create(Remote* remote, LPBYTE uuid, MetsrvConfig** config, LP
memcpy(sess->uuid, uuid == NULL ? remote->orig_config->session.uuid : uuid, UUID_SIZE);
// session GUID should persist across migration
memcpy(sess->session_guid, remote->orig_config->session.session_guid, sizeof(GUID));
- memcpy(sess->logPath, remote->orig_config->session.logPath, LOG_PATH_SIZE);
+#ifdef DEBUGTRACE
+ memcpy(sess->log_path, remote->orig_config->session.log_path, LOG_PATH_SIZE);
+
+#endif
if (remote->sess_expiry_end)
{
sess->expiry = remote->sess_expiry_end - current_unix_timestamp();
diff --git a/c/meterpreter/workspace/elevator/elevator.vcxproj b/c/meterpreter/workspace/elevator/elevator.vcxproj
index c551fe48..0d011905 100644
--- a/c/meterpreter/workspace/elevator/elevator.vcxproj
+++ b/c/meterpreter/workspace/elevator/elevator.vcxproj
@@ -156,7 +156,7 @@ copy /y "$(TargetDir)$(TargetFileName)" "$(ProjectDir)..\..\output\"</Command>
<ClCompile>
<Optimization>MaxSpeed</Optimization>
<IntrinsicFunctions>true</IntrinsicFunctions>
- <PreprocessorDefinitions>WIN32;NDEBUG;_CRT_SECURE_NO_WARNINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+ <PreprocessorDefinitions>DEBUGTRACE;WIN32;NDEBUG;_CRT_SECURE_NO_WARNINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<RuntimeLibrary>MultiThreaded</RuntimeLibrary>
<BufferSecurityCheck>false</BufferSecurityCheck>
<FunctionLevelLinking>false</FunctionLevelLinking>
@@ -281,7 +281,7 @@ copy /y "$(TargetDir)$(TargetFileName)" "$(ProjectDir)..\..\output\"</Command>
<ClCompile>
<Optimization>MaxSpeed</Optimization>
<IntrinsicFunctions>true</IntrinsicFunctions>
- <PreprocessorDefinitions>WIN32;NDEBUG;_CRT_SECURE_NO_WARNINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+ <PreprocessorDefinitions>DEBUGTRACE;WIN32;NDEBUG;_CRT_SECURE_NO_WARNINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<RuntimeLibrary>MultiThreaded</RuntimeLibrary>
<BufferSecurityCheck>false</BufferSecurityCheck>
<FunctionLevelLinking>false</FunctionLevelLinking>
@@ -358,6 +358,7 @@ copy /y "$(TargetDir)$(TargetFileName)" "$(ProjectDir)..\..\output\"</Command>
<ClCompile Include="..\..\source\elevator\elevator.c" />
<ClCompile Include="..\..\source\elevator\namedpipeservice.c" />
<ClCompile Include="..\..\source\elevator\tokendup.c" />
+ <ClCompile Include="..\..\source\common\common_logging.c" />
</ItemGroup>
<ItemGroup>
<ClInclude Include="..\..\source\elevator\elevator.h" />
diff --git a/c/meterpreter/workspace/metsrv/metsrv.vcxproj b/c/meterpreter/workspace/metsrv/metsrv.vcxproj
index dd1a4809..b747cef7 100644
--- a/c/meterpreter/workspace/metsrv/metsrv.vcxproj
+++ b/c/meterpreter/workspace/metsrv/metsrv.vcxproj
@@ -217,6 +217,7 @@ copy /y "$(TargetDir)$(TargetFileName)" "$(ProjectDir)..\..\output\"</Command>
<TreatLinkerWarningAsErrors>true</TreatLinkerWarningAsErrors>
<TreatWarningAsError>true</TreatWarningAsError>
<MultiProcessorCompilation>true</MultiProcessorCompilation>
+ <PreprocessToFile>false</PreprocessToFile>
</ClCompile>
<ResourceCompile>
<PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
@@ -593,4 +594,4 @@ copy /y "$(TargetDir)$(TargetFileName)" "$(ProjectDir)..\..\output\"</Command>
<ImportGroup Label="ExtensionTargets">
<Import Project="$(VCTargetsPath)\BuildCustomizations\masm.targets" />
</ImportGroup>
-</Project>
+</Project>
\ No newline at end of file
diff --git a/c/meterpreter/workspace/metsrv/metsrv.vcxproj.filters b/c/meterpreter/workspace/metsrv/metsrv.vcxproj.filters
index cb1bf4df..4ce9de2e 100644
--- a/c/meterpreter/workspace/metsrv/metsrv.vcxproj.filters
+++ b/c/meterpreter/workspace/metsrv/metsrv.vcxproj.filters
@@ -53,5 +53,6 @@
<ClCompile Include="..\..\source\metsrv\pivot_packet_dispatch.c" />
<ClCompile Include="..\..\source\metsrv\server_setup.c" />
<ClCompile Include="..\..\source\metsrv\metapi.c" />
+ <ClCompile Include="..\..\source\common\common_logging.c" />
</ItemGroup>
</Project>
\ No newline at end of file
From 66bbd5f0780d593f42ff6b0859846b6afb7911bc Mon Sep 17 00:00:00 2001
From: dwelch-r7 <dean_welch@rapid7.com>
Date: Tue, 26 Apr 2022 23:49:04 +0100
Subject: [PATCH 4/7] Code review changes and small refactor
---
c/meterpreter/source/common/common.h | 2 +-
c/meterpreter/source/common/common_config.h | 2 +-
c/meterpreter/source/common/common_logging.c | 4 +-
c/meterpreter/source/common/common_logging.h | 2 +-
c/meterpreter/source/extensions/kiwi/main.c | 252 +++++++++----------
c/meterpreter/source/metsrv/core.h | 1 -
c/meterpreter/source/metsrv/metapi.c | 3 +-
7 files changed, 132 insertions(+), 134 deletions(-)
diff --git a/c/meterpreter/source/common/common.h b/c/meterpreter/source/common/common.h
index 46e4239e..957893f9 100644
--- a/c/meterpreter/source/common/common.h
+++ b/c/meterpreter/source/common/common.h
@@ -72,8 +72,8 @@ typedef struct ___u128 {
#ifdef DEBUGTRACE
#include "common_logging.h"
#define dprintf(...) real_dprintf(__VA_ARGS__)
-#define SET_LOGGING_CONTEXT(api) set_logging_context(api->logging.get_logging_context(), api->logging.get_lock());
#define INIT_LOGGING(metConfig) init_logging(metConfig->session.log_path);
+#define SET_LOGGING_CONTEXT(api) set_logging_context(api->logging.get_logging_context(), api->logging.get_lock());
#if DEBUGTRACE == 1
#define vdprintf dprintf
#else
diff --git a/c/meterpreter/source/common/common_config.h b/c/meterpreter/source/common/common_config.h
index 27107ff8..438b6ddd 100644
--- a/c/meterpreter/source/common/common_config.h
+++ b/c/meterpreter/source/common/common_config.h
@@ -35,7 +35,7 @@ typedef struct _MetsrvSession
BYTE uuid[UUID_SIZE]; ///! UUID
BYTE session_guid[sizeof(GUID)]; ///! Current session GUID
#ifdef DEBUGTRACE
- CHARTYPE log_path[LOG_PATH_SIZE]; ///! Location to place the log file.only set when
+ CHARTYPE log_path[LOG_PATH_SIZE]; ///! Location to place the log file. Only set when msfconsole specifies MeterpreterDebugLogging
#endif
} MetsrvSession;
diff --git a/c/meterpreter/source/common/common_logging.c b/c/meterpreter/source/common/common_logging.c
index b091a726..2c816447 100644
--- a/c/meterpreter/source/common/common_logging.c
+++ b/c/meterpreter/source/common/common_logging.c
@@ -14,7 +14,7 @@ HANDLE init_logging(wchar_t* filePath) {
lock = CreateMutex(NULL, FALSE, NULL);
if (hFile == NULL) {
- dprintf("[LOGGING] Logging to file failed to initialize");
+ dprintf("[LOGGING] Logging to file failed to initialize");
}
return hFile;
}
@@ -40,4 +40,4 @@ HANDLE get_lock() {
void set_logging_context(HANDLE ctx, HANDLE lock1) {
hFile = ctx;
lock = lock1;
-}
\ No newline at end of file
+}
diff --git a/c/meterpreter/source/common/common_logging.h b/c/meterpreter/source/common/common_logging.h
index c1f7b158..276e87a3 100644
--- a/c/meterpreter/source/common/common_logging.h
+++ b/c/meterpreter/source/common/common_logging.h
@@ -7,4 +7,4 @@ HANDLE get_lock();
void set_logging_context(HANDLE ctx, HANDLE lock1);
void log_to_file(char* buffer);
-#endif
\ No newline at end of file
+#endif
diff --git a/c/meterpreter/source/extensions/kiwi/main.c b/c/meterpreter/source/extensions/kiwi/main.c
index 67495e14..f17b21f5 100755
--- a/c/meterpreter/source/extensions/kiwi/main.c
+++ b/c/meterpreter/source/extensions/kiwi/main.c
@@ -1,126 +1,126 @@
-/*!
- * @file main.c
- * @brief Entry point for the kiwi extension.
- */
-
-#include "common.h"
-#include "common_metapi.h"
-
-// Required so that use of the API works.
-MetApi* met_api = NULL;
-
-#define RDIDLL_NOEXPORT
-#include "../../ReflectiveDLLInjection/dll/src/ReflectiveLoader.c"
-
-#include "main.h"
-
-extern wchar_t * powershell_reflective_mimikatz(LPWSTR input);
-extern DWORD kuhl_m_kerberos_ptt_data(PVOID data, DWORD dataSize);
-extern LONG mimikatz_initOrClean(BOOL Init);
-
-DWORD request_exec_cmd(Remote *remote, Packet *packet);
-//DWORD request_kerberos_ticket_use(Remote *remote, Packet *packet);
-
-/*! @brief The enabled commands for this extension. */
-Command customCommands[] =
-{
- COMMAND_REQ(COMMAND_ID_KIWI_EXEC_CMD, request_exec_cmd),
- COMMAND_TERMINATOR
-};
-
-/*!
- * @brief Handler for the generic command execution function.
- * @param remote Pointer to the \c Remote instance.
- * @param packet Pointer to the incoming packet.
- * @returns \c ERROR_SUCCESS
- */
-DWORD request_exec_cmd(Remote *remote, Packet *packet)
-{
- DWORD result = ERROR_SUCCESS;
- Packet * response = met_api->packet.create_response(packet);
-
- wchar_t* cmd = met_api->packet.get_tlv_value_wstring(packet, TLV_TYPE_KIWI_CMD);
- if (cmd != NULL)
- {
- dprintf("[KIWI] Executing command: %S", cmd);
-
- // While this implies that powershell is in use, this is just a naming thing,
- // it's not actually using powershell.
- wchar_t* output = powershell_reflective_mimikatz(cmd);
- dprintf("[KIWI] Executed command: %S", cmd);
- if (output != NULL)
- {
- met_api->packet.add_tlv_wstring(response, TLV_TYPE_KIWI_CMD_RESULT, output);
- }
- else
- {
- result = ERROR_OUTOFMEMORY;
- }
- //LocalFree(cmd);
- }
- else
- {
- result = ERROR_INVALID_PARAMETER;
- }
-
- dprintf("[KIWI] Dumped, transmitting response.");
- met_api->packet.transmit_response(result, remote, response);
- dprintf("[KIWI] Done.");
-
- return ERROR_SUCCESS;
-}
-
-/*!
- * @brief Initialize the server extension.
- * @param api Pointer to the Meterpreter API structure.
- * @param remote Pointer to the remote instance.
- * @return Indication of success or failure.
- */
-DWORD InitServerExtension(MetApi* api, Remote* remote)
-{
- met_api = api;
- SET_LOGGING_CONTEXT(api)
-
- dprintf("[KIWI] Init server extension - initorclean");
- mimikatz_initOrClean(TRUE);
-
- dprintf("[KIWI] Init server extension - register");
- met_api->command.register_all(customCommands);
-
- dprintf("[KIWI] Init server extension - done");
-
- return ERROR_SUCCESS;
-}
-
-/*!
- * @brief Deinitialize the server extension.
- * @param remote Pointer to the remote instance.
- * @return Indication of success or failure.
- */
-DWORD DeinitServerExtension(Remote *remote)
-{
- mimikatz_initOrClean(FALSE);
- met_api->command.deregister_all(customCommands);
-
- return ERROR_SUCCESS;
-}
-
-/*!
- * @brief Do a stageless initialisation of the extension.
- * @param ID of the extension that the init was intended for.
- * @param buffer Pointer to the buffer that contains the init data.
- * @param bufferSize Size of the \c buffer parameter.
- * @return Indication of success or failure.
- */
-DWORD StagelessInit(UINT extensionId, const LPBYTE buffer, DWORD bufferSize)
-{
- return ERROR_SUCCESS;
-}
-
-/*!
- * @brief Callback for when a command has been added to the meterpreter instance.
- * @param commandId The ID of the command that has been added.
- */
-VOID CommandAdded(UINT commandId)
-{
-}
+/*!
+ * @file main.c
+ * @brief Entry point for the kiwi extension.
+ */
+
+#include "common.h"
+#include "common_metapi.h"
+
+// Required so that use of the API works.
+MetApi* met_api = NULL;
+
+#define RDIDLL_NOEXPORT
+#include "../../ReflectiveDLLInjection/dll/src/ReflectiveLoader.c"
+
+#include "main.h"
+
+extern wchar_t * powershell_reflective_mimikatz(LPWSTR input);
+extern DWORD kuhl_m_kerberos_ptt_data(PVOID data, DWORD dataSize);
+extern LONG mimikatz_initOrClean(BOOL Init);
+
+DWORD request_exec_cmd(Remote *remote, Packet *packet);
+//DWORD request_kerberos_ticket_use(Remote *remote, Packet *packet);
+
+/*! @brief The enabled commands for this extension. */
+Command customCommands[] =
+{
+ COMMAND_REQ(COMMAND_ID_KIWI_EXEC_CMD, request_exec_cmd),
+ COMMAND_TERMINATOR
+};
+
+/*!
+ * @brief Handler for the generic command execution function.
+ * @param remote Pointer to the \c Remote instance.
+ * @param packet Pointer to the incoming packet.
+ * @returns \c ERROR_SUCCESS
+ */
+DWORD request_exec_cmd(Remote *remote, Packet *packet)
+{
+ DWORD result = ERROR_SUCCESS;
+ Packet * response = met_api->packet.create_response(packet);
+
+ wchar_t* cmd = met_api->packet.get_tlv_value_wstring(packet, TLV_TYPE_KIWI_CMD);
+ if (cmd != NULL)
+ {
+ dprintf("[KIWI] Executing command: %S", cmd);
+
+ // While this implies that powershell is in use, this is just a naming thing,
+ // it's not actually using powershell.
+ wchar_t* output = powershell_reflective_mimikatz(cmd);
+ dprintf("[KIWI] Executed command: %S", cmd);
+ if (output != NULL)
+ {
+ met_api->packet.add_tlv_wstring(response, TLV_TYPE_KIWI_CMD_RESULT, output);
+ }
+ else
+ {
+ result = ERROR_OUTOFMEMORY;
+ }
+ //LocalFree(cmd);
+ }
+ else
+ {
+ result = ERROR_INVALID_PARAMETER;
+ }
+
+ dprintf("[KIWI] Dumped, transmitting response.");
+ met_api->packet.transmit_response(result, remote, response);
+ dprintf("[KIWI] Done.");
+
+ return ERROR_SUCCESS;
+}
+
+/*!
+ * @brief Initialize the server extension.
+ * @param api Pointer to the Meterpreter API structure.
+ * @param remote Pointer to the remote instance.
+ * @return Indication of success or failure.
+ */
+DWORD InitServerExtension(MetApi* api, Remote* remote)
+{
+ met_api = api;
+ SET_LOGGING_CONTEXT(api)
+
+ dprintf("[KIWI] Init server extension - initorclean");
+ mimikatz_initOrClean(TRUE);
+
+ dprintf("[KIWI] Init server extension - register");
+ met_api->command.register_all(customCommands);
+
+ dprintf("[KIWI] Init server extension - done");
+
+ return ERROR_SUCCESS;
+}
+
+/*!
+ * @brief Deinitialize the server extension.
+ * @param remote Pointer to the remote instance.
+ * @return Indication of success or failure.
+ */
+DWORD DeinitServerExtension(Remote *remote)
+{
+ mimikatz_initOrClean(FALSE);
+ met_api->command.deregister_all(customCommands);
+
+ return ERROR_SUCCESS;
+}
+
+/*!
+ * @brief Do a stageless initialisation of the extension.
+ * @param ID of the extension that the init was intended for.
+ * @param buffer Pointer to the buffer that contains the init data.
+ * @param bufferSize Size of the \c buffer parameter.
+ * @return Indication of success or failure.
+ */
+DWORD StagelessInit(UINT extensionId, const LPBYTE buffer, DWORD bufferSize)
+{
+ return ERROR_SUCCESS;
+}
+
+/*!
+ * @brief Callback for when a command has been added to the meterpreter instance.
+ * @param commandId The ID of the command that has been added.
+ */
+VOID CommandAdded(UINT commandId)
+{
+}
diff --git a/c/meterpreter/source/metsrv/core.h b/c/meterpreter/source/metsrv/core.h
index 13d4a9b8..cff1647f 100644
--- a/c/meterpreter/source/metsrv/core.h
+++ b/c/meterpreter/source/metsrv/core.h
@@ -71,5 +71,4 @@ DWORD packet_remove_completion_handler(LPCSTR requestId);
HANDLE core_update_thread_token( Remote *remote, HANDLE token );
VOID core_update_desktop( Remote * remote, DWORD dwSessionID, char * cpStationName, char * cpDesktopName );
-
#endif
diff --git a/c/meterpreter/source/metsrv/metapi.c b/c/meterpreter/source/metsrv/metapi.c
index 8c0babbf..c96ffcb4 100644
--- a/c/meterpreter/source/metsrv/metapi.c
+++ b/c/meterpreter/source/metsrv/metapi.c
@@ -147,9 +147,8 @@ MetApi api_instance = {
list_shift,
list_destroy,
},
- // LoggingApi
#ifdef DEBUGTRACE
-
+ // LoggingApi
{
get_logging_context,
get_lock,
From 0896fb294a507083c1a3e76dc5fdf8df3aae7608 Mon Sep 17 00:00:00 2001
From: dwelch-r7 <dean_welch@rapid7.com>
Date: Tue, 26 Apr 2022 23:56:09 +0100
Subject: [PATCH 5/7] Move and rename `common/common_logging.c` to
`logging/logging.c`
---
.../{common => logging/logging.c}/common_logging.c | 14 +++++++-------
c/meterpreter/workspace/elevator/elevator.vcxproj | 2 +-
.../ext_server_espia/ext_server_espia.vcxproj | 2 +-
.../ext_server_extapi/ext_server_extapi.vcxproj | 2 +-
.../ext_server_incognito.vcxproj | 2 +-
.../ext_server_kiwi/ext_server_kiwi.vcxproj | 2 +-
.../ext_server_lanattacks.vcxproj | 2 +-
.../ext_server_peinjector.vcxproj | 2 +-
.../ext_server_powershell.vcxproj | 2 +-
.../ext_server_priv/ext_server_priv.vcxproj | 2 +-
.../ext_server_python/ext_server_python.vcxproj | 2 +-
.../ext_server_sniffer/ext_server_sniffer.vcxproj | 2 +-
.../ext_server_stdapi/ext_server_stdapi.vcxproj | 2 +-
.../ext_server_unhook/ext_server_unhook.vcxproj | 2 +-
.../ext_server_winpmem/ext_server_winpmem.vcxproj | 2 +-
c/meterpreter/workspace/meterpreter.sln | 2 +-
c/meterpreter/workspace/metsrv/metsrv.vcxproj | 2 +-
.../workspace/metsrv/metsrv.vcxproj.filters | 2 +-
18 files changed, 24 insertions(+), 24 deletions(-)
rename c/meterpreter/source/{common => logging/logging.c}/common_logging.c (78%)
diff --git a/c/meterpreter/source/common/common_logging.c b/c/meterpreter/source/logging/logging.c/common_logging.c
similarity index 78%
rename from c/meterpreter/source/common/common_logging.c
rename to c/meterpreter/source/logging/logging.c/common_logging.c
index 2c816447..b51fdfaf 100644
--- a/c/meterpreter/source/common/common_logging.c
+++ b/c/meterpreter/source/logging/logging.c/common_logging.c
@@ -1,4 +1,4 @@
-#include "common.h"
+#include "../../common/common.h"
HANDLE lock = NULL;
HANDLE hFile = NULL;
@@ -20,13 +20,13 @@ HANDLE init_logging(wchar_t* filePath) {
}
void log_to_file(char* buffer) {
- if (hFile) {
- WaitForSingleObject(lock, INFINITE);
+ if (hFile) {
+ WaitForSingleObject(lock, INFINITE);
- LPDWORD bytesWritten = 0;
- WriteFile(hFile, buffer, (DWORD)strlen(buffer), bytesWritten, NULL);
- ReleaseMutex(lock);
- }
+ LPDWORD bytesWritten = 0;
+ WriteFile(hFile, buffer, (DWORD)strlen(buffer), bytesWritten, NULL);
+ ReleaseMutex(lock);
+ }
}
HANDLE get_logging_context() {
diff --git a/c/meterpreter/workspace/elevator/elevator.vcxproj b/c/meterpreter/workspace/elevator/elevator.vcxproj
index 0d011905..d0b5620f 100644
--- a/c/meterpreter/workspace/elevator/elevator.vcxproj
+++ b/c/meterpreter/workspace/elevator/elevator.vcxproj
@@ -358,7 +358,7 @@ copy /y "$(TargetDir)$(TargetFileName)" "$(ProjectDir)..\..\output\"</Command>
<ClCompile Include="..\..\source\elevator\elevator.c" />
<ClCompile Include="..\..\source\elevator\namedpipeservice.c" />
<ClCompile Include="..\..\source\elevator\tokendup.c" />
- <ClCompile Include="..\..\source\common\common_logging.c" />
+ <ClCompile Include="..\..\source\logging\logging.c" />
</ItemGroup>
<ItemGroup>
<ClInclude Include="..\..\source\elevator\elevator.h" />
diff --git a/c/meterpreter/workspace/ext_server_espia/ext_server_espia.vcxproj b/c/meterpreter/workspace/ext_server_espia/ext_server_espia.vcxproj
index 10e90d24..4065c24c 100644
--- a/c/meterpreter/workspace/ext_server_espia/ext_server_espia.vcxproj
+++ b/c/meterpreter/workspace/ext_server_espia/ext_server_espia.vcxproj
@@ -451,7 +451,7 @@ copy /y "$(TargetDir)$(TargetFileName)" "$(ProjectDir)..\..\output\"</Command>
<ItemGroup>
<ClCompile Include="..\..\source\extensions\espia\espia.c" />
<ClCompile Include="..\..\source\extensions\espia\screen.c" />
- <ClCompile Include="..\..\source\common\common_logging.c" />
+ <ClCompile Include="..\..\source\logging\logging.c" />
</ItemGroup>
<ItemGroup>
<ClInclude Include="..\..\source\extensions\espia\espia.h" />
diff --git a/c/meterpreter/workspace/ext_server_extapi/ext_server_extapi.vcxproj b/c/meterpreter/workspace/ext_server_extapi/ext_server_extapi.vcxproj
index 23a067b1..33891ee8 100644
--- a/c/meterpreter/workspace/ext_server_extapi/ext_server_extapi.vcxproj
+++ b/c/meterpreter/workspace/ext_server_extapi/ext_server_extapi.vcxproj
@@ -450,7 +450,7 @@ copy /y "$(TargetDir)$(TargetFileName)" "$(ProjectDir)..\..\output\"</Command>
<ClCompile Include="..\..\source\extensions\extapi\wmi.c" />
<ClCompile Include="..\..\source\extensions\extapi\wmi_interface.cpp" />
<ClCompile Include="..\..\source\extensions\extapi\wshelpers.c" />
- <ClCompile Include="..\..\source\common\common_logging.c" />
+ <ClCompile Include="..\..\source\logging\logging.c" />
</ItemGroup>
<ItemGroup>
<ClInclude Include="..\..\source\extensions\extapi\adsi.h" />
diff --git a/c/meterpreter/workspace/ext_server_incognito/ext_server_incognito.vcxproj b/c/meterpreter/workspace/ext_server_incognito/ext_server_incognito.vcxproj
index 93449680..18a5b22c 100644
--- a/c/meterpreter/workspace/ext_server_incognito/ext_server_incognito.vcxproj
+++ b/c/meterpreter/workspace/ext_server_incognito/ext_server_incognito.vcxproj
@@ -454,7 +454,7 @@ copy /y "$(TargetDir)$(TargetFileName)" "$(ProjectDir)..\..\output\"</Command>
<ClCompile Include="..\..\source\extensions\incognito\list_tokens.c" />
<ClCompile Include="..\..\source\extensions\incognito\token_info.c" />
<ClCompile Include="..\..\source\extensions\incognito\user_management.c" />
- <ClCompile Include="..\..\source\common\common_logging.c" />
+ <ClCompile Include="..\..\source\logging\logging.c" />
</ItemGroup>
<Choose>
<When Condition="'$(Platform)'=='Win32'" />
diff --git a/c/meterpreter/workspace/ext_server_kiwi/ext_server_kiwi.vcxproj b/c/meterpreter/workspace/ext_server_kiwi/ext_server_kiwi.vcxproj
index 91125918..31c3b330 100644
--- a/c/meterpreter/workspace/ext_server_kiwi/ext_server_kiwi.vcxproj
+++ b/c/meterpreter/workspace/ext_server_kiwi/ext_server_kiwi.vcxproj
@@ -613,7 +613,7 @@ copy /y "$(TargetDir)$(TargetFileName)" "$(ProjectDir)..\..\output\"</Command>
<DisableSpecificWarnings Condition="'$(Configuration)|$(Platform)'=='r7_release|x64'">4756;%(DisableSpecificWarnings)</DisableSpecificWarnings>
<DisableSpecificWarnings Condition="'$(Configuration)|$(Platform)'=='Release|x64'">4756;%(DisableSpecificWarnings)</DisableSpecificWarnings>
</ClCompile>
- <ClCompile Include="..\..\source\common\common_logging.c" />
+ <ClCompile Include="..\..\source\logging\logging.c" />
</ItemGroup>
<ItemGroup>
<ClInclude Include="..\..\source\extensions\kiwi\main.h" />
diff --git a/c/meterpreter/workspace/ext_server_lanattacks/ext_server_lanattacks.vcxproj b/c/meterpreter/workspace/ext_server_lanattacks/ext_server_lanattacks.vcxproj
index 7e0a4f2f..3490dc0e 100644
--- a/c/meterpreter/workspace/ext_server_lanattacks/ext_server_lanattacks.vcxproj
+++ b/c/meterpreter/workspace/ext_server_lanattacks/ext_server_lanattacks.vcxproj
@@ -413,7 +413,7 @@ copy /y "$(TargetDir)$(TargetFileName)" "$(ProjectDir)..\..\output\"</Command>
<ClCompile Include="..\..\source\extensions\lanattacks\dhcpserv.cpp" />
<ClCompile Include="..\..\source\extensions\lanattacks\TFTPserv.cpp" />
<ClCompile Include="..\..\source\extensions\lanattacks\lanattacks.c" />
- <ClCompile Include="..\..\source\common\common_logging.c" />
+ <ClCompile Include="..\..\source\logging\logging.c" />
</ItemGroup>
<ItemGroup>
<ClInclude Include="..\..\source\extensions\lanattacks\dhcpserv.h" />
diff --git a/c/meterpreter/workspace/ext_server_peinjector/ext_server_peinjector.vcxproj b/c/meterpreter/workspace/ext_server_peinjector/ext_server_peinjector.vcxproj
index 5dfa4fa6..a8a5ce5d 100755
--- a/c/meterpreter/workspace/ext_server_peinjector/ext_server_peinjector.vcxproj
+++ b/c/meterpreter/workspace/ext_server_peinjector/ext_server_peinjector.vcxproj
@@ -441,7 +441,7 @@ copy /y "$(TargetDir)$(TargetFileName)" "$(ProjectDir)..\..\output\"</Command>
<ClCompile Include="..\..\source\extensions\peinjector\libpetool.c" />
<ClCompile Include="..\..\source\extensions\peinjector\peinjector.c" />
<ClCompile Include="..\..\source\extensions\peinjector\peinjector_bridge.c" />
- <ClCompile Include="..\..\source\common\common_logging.c" />
+ <ClCompile Include="..\..\source\logging\logging.c" />
</ItemGroup>
<ItemGroup>
<ClInclude Include="..\..\source\extensions\peinjector\headers.h" />
diff --git a/c/meterpreter/workspace/ext_server_powershell/ext_server_powershell.vcxproj b/c/meterpreter/workspace/ext_server_powershell/ext_server_powershell.vcxproj
index 95d70038..3e86f895 100644
--- a/c/meterpreter/workspace/ext_server_powershell/ext_server_powershell.vcxproj
+++ b/c/meterpreter/workspace/ext_server_powershell/ext_server_powershell.vcxproj
@@ -445,7 +445,7 @@ copy /y "$(TargetDir)$(TargetFileName)" "$(ProjectDir)..\..\output\"</Command>
<ClCompile Include="..\..\source\extensions\powershell\powershell_bindings.cpp" />
<ClCompile Include="..\..\source\extensions\powershell\powershell_bridge.cpp" />
<ClCompile Include="..\..\source\extensions\powershell\powershell_runner.cpp" />
- <ClCompile Include="..\..\source\common\common_logging.c" />
+ <ClCompile Include="..\..\source\logging\logging.c" />
</ItemGroup>
<ItemGroup>
<ClInclude Include="..\..\source\extensions\powershell\powershell.h" />
diff --git a/c/meterpreter/workspace/ext_server_priv/ext_server_priv.vcxproj b/c/meterpreter/workspace/ext_server_priv/ext_server_priv.vcxproj
index 9add2464..28621c88 100644
--- a/c/meterpreter/workspace/ext_server_priv/ext_server_priv.vcxproj
+++ b/c/meterpreter/workspace/ext_server_priv/ext_server_priv.vcxproj
@@ -545,7 +545,7 @@ copy /y "$(TargetDir)$(TargetFileName)" "$(ProjectDir)..\..\output\"</Command>
<ClCompile Include="..\..\source\extensions\priv\priv.c" />
<ClCompile Include="..\..\source\extensions\priv\service.c" />
<ClCompile Include="..\..\source\extensions\priv\tokendup.c" />
- <ClCompile Include="..\..\source\common\common_logging.c" />
+ <ClCompile Include="..\..\source\logging\logging.c" />
</ItemGroup>
<Import Project="$(VCTargetsPath)\Microsoft.Cpp.targets" />
<ImportGroup Label="ExtensionTargets">
diff --git a/c/meterpreter/workspace/ext_server_python/ext_server_python.vcxproj b/c/meterpreter/workspace/ext_server_python/ext_server_python.vcxproj
index b3f244a6..6929a8b7 100755
--- a/c/meterpreter/workspace/ext_server_python/ext_server_python.vcxproj
+++ b/c/meterpreter/workspace/ext_server_python/ext_server_python.vcxproj
@@ -662,7 +662,7 @@ copy /y "$(TargetDir)$(TargetFileName)" "$(ProjectDir)..\..\output\"</Command>
<ClCompile Include="..\..\source\extensions\python\python_commands.c" />
<ClCompile Include="..\..\source\extensions\python\python_main.c" />
<ClCompile Include="..\..\source\extensions\python\python_meterpreter_binding.c" />
- <ClCompile Include="..\..\source\common\common_logging.c" />
+ <ClCompile Include="..\..\source\logging\logging.c" />
</ItemGroup>
<ItemGroup>
<ClInclude Include="..\..\source\extensions\python\Include\abstract.h" />
diff --git a/c/meterpreter/workspace/ext_server_sniffer/ext_server_sniffer.vcxproj b/c/meterpreter/workspace/ext_server_sniffer/ext_server_sniffer.vcxproj
index 19bc3ded..8473e05a 100644
--- a/c/meterpreter/workspace/ext_server_sniffer/ext_server_sniffer.vcxproj
+++ b/c/meterpreter/workspace/ext_server_sniffer/ext_server_sniffer.vcxproj
@@ -354,7 +354,7 @@ copy /y "$(TargetDir)$(TargetFileName)" "$(ProjectDir)..\..\output\$(TargetName)
<ClCompile Include="..\..\source\extensions\sniffer\sniffer.c">
<PrecompiledHeader>Create</PrecompiledHeader>
</ClCompile>
- <ClCompile Include="..\..\source\common\common_logging.c" />
+ <ClCompile Include="..\..\source\logging\logging.c" />
</ItemGroup>
<ItemGroup>
<ClInclude Include="..\..\source\extensions\sniffer\precomp.h" />
diff --git a/c/meterpreter/workspace/ext_server_stdapi/ext_server_stdapi.vcxproj b/c/meterpreter/workspace/ext_server_stdapi/ext_server_stdapi.vcxproj
index be87c500..238aa06e 100644
--- a/c/meterpreter/workspace/ext_server_stdapi/ext_server_stdapi.vcxproj
+++ b/c/meterpreter/workspace/ext_server_stdapi/ext_server_stdapi.vcxproj
@@ -558,7 +558,7 @@ copy /y "$(TargetDir)$(TargetFileName)" "$(ProjectDir)..\..\output\"</Command>
<ClCompile Include="..\..\source\extensions\stdapi\server\webcam\audio.c" />
<ClCompile Include="..\..\source\extensions\stdapi\server\webcam\bmp2jpeg.c" />
<ClCompile Include="..\..\source\extensions\stdapi\server\webcam\webcam.cpp" />
- <ClCompile Include="..\..\source\common\common_logging.c" />
+ <ClCompile Include="..\..\source\logging\logging.c" />
</ItemGroup>
<ItemGroup>
<ResourceCompile Include="..\..\source\extensions\stdapi\server\resource\stdapi.rc" />
diff --git a/c/meterpreter/workspace/ext_server_unhook/ext_server_unhook.vcxproj b/c/meterpreter/workspace/ext_server_unhook/ext_server_unhook.vcxproj
index de367892..085a3deb 100644
--- a/c/meterpreter/workspace/ext_server_unhook/ext_server_unhook.vcxproj
+++ b/c/meterpreter/workspace/ext_server_unhook/ext_server_unhook.vcxproj
@@ -435,7 +435,7 @@ copy /y "$(TargetDir)$(TargetFileName)" "$(ProjectDir)..\..\output\"</Command>
<ClCompile Include="..\..\source\extensions\unhook\apisetmap.c" />
<ClCompile Include="..\..\source\extensions\unhook\refresh.c" />
<ClCompile Include="..\..\source\extensions\unhook\unhook.c" />
- <ClCompile Include="..\..\source\common\common_logging.c" />
+ <ClCompile Include="..\..\source\logging\logging.c" />
</ItemGroup>
<ItemGroup>
<ClInclude Include="..\..\source\extensions\unhook\apisetmap.h" />
diff --git a/c/meterpreter/workspace/ext_server_winpmem/ext_server_winpmem.vcxproj b/c/meterpreter/workspace/ext_server_winpmem/ext_server_winpmem.vcxproj
index 64cc137d..77709c76 100644
--- a/c/meterpreter/workspace/ext_server_winpmem/ext_server_winpmem.vcxproj
+++ b/c/meterpreter/workspace/ext_server_winpmem/ext_server_winpmem.vcxproj
@@ -431,7 +431,7 @@ copy /y "$(TargetDir)$(TargetFileName)" "$(ProjectDir)..\..\output\"</Command>
<ItemGroup>
<ClCompile Include="..\..\source\extensions\winpmem\winpmem.cpp" />
<ClCompile Include="..\..\source\extensions\winpmem\winpmem_meterpreter.cpp" />
- <ClCompile Include="..\..\source\common\common_logging.c" />
+ <ClCompile Include="..\..\source\logging\logging.c" />
</ItemGroup>
<ItemGroup>
<ClInclude Include="..\..\source\extensions\winpmem\elf.h" />
diff --git a/c/meterpreter/workspace/meterpreter.sln b/c/meterpreter/workspace/meterpreter.sln
index 47c5789c..99a626ec 100644
--- a/c/meterpreter/workspace/meterpreter.sln
+++ b/c/meterpreter/workspace/meterpreter.sln
@@ -56,7 +56,7 @@ Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "Common", "Common", "{EDE086
..\source\common\common_core.h = ..\source\common\common_core.h
..\source\common\common_exports.h = ..\source\common\common_exports.h
..\source\common\common_list.h = ..\source\common\common_list.h
- ..\source\common\common_logging.c = ..\source\common\common_logging.c
+ ..\source\logging\logging.c = ..\source\logging\logging.c
..\source\common\common_logging.h = ..\source\common\common_logging.h
..\source\common\common_metapi.h = ..\source\common\common_metapi.h
..\source\common\common_pivot_tree.h = ..\source\common\common_pivot_tree.h
diff --git a/c/meterpreter/workspace/metsrv/metsrv.vcxproj b/c/meterpreter/workspace/metsrv/metsrv.vcxproj
index b747cef7..e307b399 100644
--- a/c/meterpreter/workspace/metsrv/metsrv.vcxproj
+++ b/c/meterpreter/workspace/metsrv/metsrv.vcxproj
@@ -588,7 +588,7 @@ copy /y "$(TargetDir)$(TargetFileName)" "$(ProjectDir)..\..\output\"</Command>
<ClCompile Include="..\..\source\metsrv\thread.c" />
<ClCompile Include="..\..\source\metsrv\unicode.c" />
<ClCompile Include="..\..\source\metsrv\zlib.c" />
- <ClCompile Include="..\..\source\common\common_logging.c" />
+ <ClCompile Include="..\..\source\logging\logging.c" />
</ItemGroup>
<Import Project="$(VCTargetsPath)\Microsoft.Cpp.targets" />
<ImportGroup Label="ExtensionTargets">
diff --git a/c/meterpreter/workspace/metsrv/metsrv.vcxproj.filters b/c/meterpreter/workspace/metsrv/metsrv.vcxproj.filters
index 4ce9de2e..5a497eff 100644
--- a/c/meterpreter/workspace/metsrv/metsrv.vcxproj.filters
+++ b/c/meterpreter/workspace/metsrv/metsrv.vcxproj.filters
@@ -53,6 +53,6 @@
<ClCompile Include="..\..\source\metsrv\pivot_packet_dispatch.c" />
<ClCompile Include="..\..\source\metsrv\server_setup.c" />
<ClCompile Include="..\..\source\metsrv\metapi.c" />
- <ClCompile Include="..\..\source\common\common_logging.c" />
+ <ClCompile Include="..\..\source\logging\logging.c" />
</ItemGroup>
</Project>
\ No newline at end of file
From 181d31878bc26b5c527fe2b1d3224f97364030bf Mon Sep 17 00:00:00 2001
From: dwelch-r7 <dean_welch@rapid7.com>
Date: Wed, 27 Apr 2022 00:01:04 +0100
Subject: [PATCH 6/7] Fix common_logging name and location
---
.../source/logging/{logging.c/common_logging.c => logging.c} | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
rename c/meterpreter/source/logging/{logging.c/common_logging.c => logging.c} (96%)
diff --git a/c/meterpreter/source/logging/logging.c/common_logging.c b/c/meterpreter/source/logging/logging.c
similarity index 96%
rename from c/meterpreter/source/logging/logging.c/common_logging.c
rename to c/meterpreter/source/logging/logging.c
index b51fdfaf..ef2dd179 100644
--- a/c/meterpreter/source/logging/logging.c/common_logging.c
+++ b/c/meterpreter/source/logging/logging.c
@@ -1,4 +1,4 @@
-#include "../../common/common.h"
+#include "../common/common.h"
HANDLE lock = NULL;
HANDLE hFile = NULL;
From d17e7d3c639d590298d8050c997056adf84b45d7 Mon Sep 17 00:00:00 2001
From: dwelch-r7 <dean_welch@rapid7.com>
Date: Wed, 27 Apr 2022 00:42:06 +0100
Subject: [PATCH 7/7] fix line endings
---
c/meterpreter/source/extensions/kiwi/main.c | 158 +++++++++---------
.../source/extensions/python/python_main.c | 119 ++++++-------
2 files changed, 139 insertions(+), 138 deletions(-)
diff --git a/c/meterpreter/source/extensions/kiwi/main.c b/c/meterpreter/source/extensions/kiwi/main.c
index f17b21f5..fd47a855 100755
--- a/c/meterpreter/source/extensions/kiwi/main.c
+++ b/c/meterpreter/source/extensions/kiwi/main.c
@@ -1,33 +1,33 @@
-/*!
- * @file main.c
- * @brief Entry point for the kiwi extension.
- */
+/*!
+ * @file main.c
+ * @brief Entry point for the kiwi extension.
+ */
+
+#include "common.h"
+#include "common_metapi.h"
+
+// Required so that use of the API works.
+MetApi* met_api = NULL;
+
+#define RDIDLL_NOEXPORT
+#include "../../ReflectiveDLLInjection/dll/src/ReflectiveLoader.c"
+
+#include "main.h"
-#include "common.h"
-#include "common_metapi.h"
-
-// Required so that use of the API works.
-MetApi* met_api = NULL;
-
-#define RDIDLL_NOEXPORT
-#include "../../ReflectiveDLLInjection/dll/src/ReflectiveLoader.c"
-
-#include "main.h"
-
-extern wchar_t * powershell_reflective_mimikatz(LPWSTR input);
-extern DWORD kuhl_m_kerberos_ptt_data(PVOID data, DWORD dataSize);
+extern wchar_t * powershell_reflective_mimikatz(LPWSTR input);
+extern DWORD kuhl_m_kerberos_ptt_data(PVOID data, DWORD dataSize);
extern LONG mimikatz_initOrClean(BOOL Init);
-
+
DWORD request_exec_cmd(Remote *remote, Packet *packet);
-//DWORD request_kerberos_ticket_use(Remote *remote, Packet *packet);
-
-/*! @brief The enabled commands for this extension. */
-Command customCommands[] =
-{
+//DWORD request_kerberos_ticket_use(Remote *remote, Packet *packet);
+
+/*! @brief The enabled commands for this extension. */
+Command customCommands[] =
+{
COMMAND_REQ(COMMAND_ID_KIWI_EXEC_CMD, request_exec_cmd),
- COMMAND_TERMINATOR
-};
-
+ COMMAND_TERMINATOR
+};
+
/*!
* @brief Handler for the generic command execution function.
* @param remote Pointer to the \c Remote instance.
@@ -70,57 +70,57 @@ DWORD request_exec_cmd(Remote *remote, Packet *packet)
return ERROR_SUCCESS;
}
-/*!
- * @brief Initialize the server extension.
- * @param api Pointer to the Meterpreter API structure.
- * @param remote Pointer to the remote instance.
- * @return Indication of success or failure.
- */
-DWORD InitServerExtension(MetApi* api, Remote* remote)
-{
- met_api = api;
- SET_LOGGING_CONTEXT(api)
-
- dprintf("[KIWI] Init server extension - initorclean");
+/*!
+ * @brief Initialize the server extension.
+ * @param api Pointer to the Meterpreter API structure.
+ * @param remote Pointer to the remote instance.
+ * @return Indication of success or failure.
+ */
+DWORD InitServerExtension(MetApi* api, Remote* remote)
+{
+ met_api = api;
+ SET_LOGGING_CONTEXT(api)
+
+ dprintf("[KIWI] Init server extension - initorclean");
mimikatz_initOrClean(TRUE);
-
- dprintf("[KIWI] Init server extension - register");
- met_api->command.register_all(customCommands);
-
- dprintf("[KIWI] Init server extension - done");
-
- return ERROR_SUCCESS;
-}
-
-/*!
- * @brief Deinitialize the server extension.
- * @param remote Pointer to the remote instance.
- * @return Indication of success or failure.
- */
-DWORD DeinitServerExtension(Remote *remote)
-{
- mimikatz_initOrClean(FALSE);
- met_api->command.deregister_all(customCommands);
-
- return ERROR_SUCCESS;
-}
-
-/*!
- * @brief Do a stageless initialisation of the extension.
- * @param ID of the extension that the init was intended for.
- * @param buffer Pointer to the buffer that contains the init data.
- * @param bufferSize Size of the \c buffer parameter.
- * @return Indication of success or failure.
- */
-DWORD StagelessInit(UINT extensionId, const LPBYTE buffer, DWORD bufferSize)
-{
- return ERROR_SUCCESS;
-}
-
-/*!
- * @brief Callback for when a command has been added to the meterpreter instance.
- * @param commandId The ID of the command that has been added.
- */
-VOID CommandAdded(UINT commandId)
-{
-}
+
+ dprintf("[KIWI] Init server extension - register");
+ met_api->command.register_all(customCommands);
+
+ dprintf("[KIWI] Init server extension - done");
+
+ return ERROR_SUCCESS;
+}
+
+/*!
+ * @brief Deinitialize the server extension.
+ * @param remote Pointer to the remote instance.
+ * @return Indication of success or failure.
+ */
+DWORD DeinitServerExtension(Remote *remote)
+{
+ mimikatz_initOrClean(FALSE);
+ met_api->command.deregister_all(customCommands);
+
+ return ERROR_SUCCESS;
+}
+
+/*!
+ * @brief Do a stageless initialisation of the extension.
+ * @param ID of the extension that the init was intended for.
+ * @param buffer Pointer to the buffer that contains the init data.
+ * @param bufferSize Size of the \c buffer parameter.
+ * @return Indication of success or failure.
+ */
+DWORD StagelessInit(UINT extensionId, const LPBYTE buffer, DWORD bufferSize)
+{
+ return ERROR_SUCCESS;
+}
+
+/*!
+ * @brief Callback for when a command has been added to the meterpreter instance.
+ * @param commandId The ID of the command that has been added.
+ */
+VOID CommandAdded(UINT commandId)
+{
+}
diff --git a/c/meterpreter/source/extensions/python/python_main.c b/c/meterpreter/source/extensions/python/python_main.c
index 48c19b70..e7d9b8c5 100755
--- a/c/meterpreter/source/extensions/python/python_main.c
+++ b/c/meterpreter/source/extensions/python/python_main.c
@@ -1,34 +1,34 @@
-/*!
- * @file python_main.c
- * @brief Entry point and intialisation definitions for the python extension.
- */
-#include "common.h"
-#include "common_metapi.h"
-
-// Required so that use of the API works.
-MetApi* met_api = NULL;
-
-#define REFLECTIVEDLLINJECTION_CUSTOM_DLLMAIN
-#define RDIDLL_NOEXPORT
-#include "../../ReflectiveDLLInjection/dll/src/ReflectiveLoader.c"
-
-#include "python_commands.h"
-#include "python_meterpreter_binding.h"
+/*!
+ * @file python_main.c
+ * @brief Entry point and intialisation definitions for the python extension.
+ */
+#include "common.h"
+#include "common_metapi.h"
+
+// Required so that use of the API works.
+MetApi* met_api = NULL;
+
+#define REFLECTIVEDLLINJECTION_CUSTOM_DLLMAIN
+#define RDIDLL_NOEXPORT
+#include "../../ReflectiveDLLInjection/dll/src/ReflectiveLoader.c"
+
+#include "python_commands.h"
+#include "python_meterpreter_binding.h"
// This is the entry point to the python DLL, we proxy to this from our own init
extern BOOL WINAPI PythonDllMain(HANDLE hInst, ULONG ul_reason_for_call, LPVOID lpReserved);
extern BOOL WINAPI CtypesDllMain(HINSTANCE hinstDLL, DWORD fdwReason, LPVOID lpvRes);
Remote* gRemote = NULL;
-
-/*! @brief List of commands that the extended API extension providers. */
-Command customCommands[] =
-{
+
+/*! @brief List of commands that the extended API extension providers. */
+Command customCommands[] =
+{
COMMAND_REQ(COMMAND_ID_PYTHON_RESET, request_python_reset),
COMMAND_REQ(COMMAND_ID_PYTHON_EXECUTE, request_python_execute),
- COMMAND_TERMINATOR
-};
-
+ COMMAND_TERMINATOR
+};
+
BOOL WINAPI DllMain(HINSTANCE hinstDLL, DWORD dwReason, LPVOID lpReserved)
{
switch (dwReason)
@@ -53,44 +53,44 @@ BOOL WINAPI DllMain(HINSTANCE hinstDLL, DWORD dwReason, LPVOID lpReserved)
return TRUE;
}
-/*!
- * @brief Initialize the server extension.
- * @param api Pointer to the Meterpreter API structure.
- * @param remote Pointer to the remote instance.
- * @return Indication of success or failure.
- */
-DWORD InitServerExtension(MetApi* api, Remote* remote)
-{
- met_api = api;
- SET_LOGGING_CONTEXT(api)
-
- met_api->command.register_all(customCommands);
- gRemote = remote;
-
- dprintf("[PYTHON] Initialising");
- binding_startup();
-
- python_prepare_session();
- dprintf("[PYTHON] Registering commands");
- met_api->command.register_all(customCommands);
-
- return ERROR_SUCCESS;
-}
-
-/*!
- * @brief Deinitialize the server extension.
- * @param remote Pointer to the remote instance.
- * @return Indication of success or failure.
- */
-DWORD DeinitServerExtension(Remote *remote)
-{
+/*!
+ * @brief Initialize the server extension.
+ * @param api Pointer to the Meterpreter API structure.
+ * @param remote Pointer to the remote instance.
+ * @return Indication of success or failure.
+ */
+DWORD InitServerExtension(MetApi* api, Remote* remote)
+{
+ met_api = api;
+ SET_LOGGING_CONTEXT(api)
+
+ met_api->command.register_all(customCommands);
+ gRemote = remote;
+
+ dprintf("[PYTHON] Initialising");
+ binding_startup();
+
+ python_prepare_session();
+ dprintf("[PYTHON] Registering commands");
+ met_api->command.register_all(customCommands);
+
+ return ERROR_SUCCESS;
+}
+
+/*!
+ * @brief Deinitialize the server extension.
+ * @param remote Pointer to the remote instance.
+ * @return Indication of success or failure.
+ */
+DWORD DeinitServerExtension(Remote *remote)
+{
met_api->command.deregister_all(customCommands);
python_destroy_session();
-
- return ERROR_SUCCESS;
-}
-
+
+ return ERROR_SUCCESS;
+}
+
/*!
* @brief Do a stageless initialisation of the extension.
* @param ID of the extension that the init was intended for.
@@ -115,4 +115,5 @@ DWORD StagelessInit(UINT extensionId, const LPBYTE buffer, DWORD bufferSize)
VOID CommandAdded(UINT commandId)
{
binding_add_command(commandId);
-}
\ No newline at end of file
+}
+