diff --git a/java/meterpreter/meterpreter/src/main/java/com/metasploit/meterpreter/TLVPacket.java b/java/meterpreter/meterpreter/src/main/java/com/metasploit/meterpreter/TLVPacket.java index d5df4ccd..9fbbe172 100644 --- a/java/meterpreter/meterpreter/src/main/java/com/metasploit/meterpreter/TLVPacket.java +++ b/java/meterpreter/meterpreter/src/main/java/com/metasploit/meterpreter/TLVPacket.java @@ -26,6 +26,7 @@ public class TLVPacket { public static final int TLV_META_TYPE_UINT = (1 << 17); public static final int TLV_META_TYPE_RAW = (1 << 18); public static final int TLV_META_TYPE_BOOL = (1 << 19); + public static final int TLV_META_TYPE_QWORD = (1 << 20); public static final int TLV_META_TYPE_COMPRESSED = (1 << 29); public static final int TLV_META_TYPE_GROUP = (1 << 30); public static final int TLV_META_TYPE_COMPLEX = (1 << 31); @@ -85,6 +86,8 @@ public class TLVPacket { if (string.indexOf('\0') != -1) throw new IOException("Embedded null detected: " + string); value = string; + } else if ((type & TLV_META_TYPE_QWORD) != 0 && len == 16) { + value = new Long(in.readLong()); } else if ((type & TLV_META_TYPE_UINT) != 0 && len == 12) { value = new Integer(in.readInt()); } else if ((type & TLV_META_TYPE_BOOL) != 0 && len == 9) { @@ -129,6 +132,13 @@ public class TLVPacket { overflowList.add(value); } + /** + * Add a TLV value to this object. + */ + public void add(int type, long value) throws IOException { + add(type, new Long(value)); + } + /** * Add a TLV value to this object. */ @@ -184,6 +194,13 @@ public class TLVPacket { return (String) getValue(type, defaultValue); } + /** + * Get the value associated to a type as an int. + */ + public long getLongValue(int type) { + return ((Long) getValue(type)).longValue(); + } + /** * Get the value associated to a type as an int. */ @@ -230,6 +247,11 @@ public class TLVPacket { byte[] data; if ((type & TLV_META_TYPE_STRING) != 0) { data = ((String) value + "\0").getBytes("ISO-8859-1"); + } else if ((type & TLV_META_TYPE_QWORD) != 0) { + out.writeInt(16); + out.writeInt(type); + out.writeLong(((Long) value).longValue()); + return; } else if ((type & TLV_META_TYPE_UINT) != 0) { out.writeInt(12); out.writeInt(type); diff --git a/java/meterpreter/meterpreter/src/main/java/com/metasploit/meterpreter/TLVType.java b/java/meterpreter/meterpreter/src/main/java/com/metasploit/meterpreter/TLVType.java index a5bc976c..4f89c068 100644 --- a/java/meterpreter/meterpreter/src/main/java/com/metasploit/meterpreter/TLVType.java +++ b/java/meterpreter/meterpreter/src/main/java/com/metasploit/meterpreter/TLVType.java @@ -47,10 +47,10 @@ public interface TLVType { public static final int TLV_TYPE_CIPHER_PARAMETERS = TLVPacket.TLV_META_TYPE_GROUP | 501; // General - public static final int TLV_TYPE_HANDLE = TLVPacket.TLV_META_TYPE_UINT | 600; + public static final int TLV_TYPE_HANDLE = TLVPacket.TLV_META_TYPE_QWORD | 600; public static final int TLV_TYPE_INHERIT = TLVPacket.TLV_META_TYPE_BOOL | 601; - public static final int TLV_TYPE_PROCESS_HANDLE = TLVPacket.TLV_META_TYPE_UINT | 630; - public static final int TLV_TYPE_THREAD_HANDLE = TLVPacket.TLV_META_TYPE_UINT | 631; + public static final int TLV_TYPE_PROCESS_HANDLE = TLVPacket.TLV_META_TYPE_QWORD | 630; + public static final int TLV_TYPE_THREAD_HANDLE = TLVPacket.TLV_META_TYPE_QWORD | 631; // Fs public static final int TLV_TYPE_DIRECTORY_PATH = TLVPacket.TLV_META_TYPE_STRING | 1200; @@ -91,7 +91,7 @@ public interface TLVType { public static final int TLV_TYPE_SHUTDOWN_HOW = TLVPacket.TLV_META_TYPE_UINT | 1530; // Registry - public static final int TLV_TYPE_HKEY = TLVPacket.TLV_META_TYPE_UINT | 1000; + public static final int TLV_TYPE_HKEY = TLVPacket.TLV_META_TYPE_QWORD | 1000; public static final int TLV_TYPE_ROOT_KEY = TLV_TYPE_HKEY; public static final int TLV_TYPE_BASE_KEY = TLVPacket.TLV_META_TYPE_STRING | 1001; public static final int TLV_TYPE_PERMISSION = TLVPacket.TLV_META_TYPE_UINT | 1002; @@ -106,12 +106,12 @@ public interface TLVType { public static final int TLV_TYPE_USER_NAME = TLVPacket.TLV_META_TYPE_STRING | 1042; // Process - public static final int TLV_TYPE_BASE_ADDRESS = TLVPacket.TLV_META_TYPE_UINT | 2000; + public static final int TLV_TYPE_BASE_ADDRESS = TLVPacket.TLV_META_TYPE_QWORD | 2000; public static final int TLV_TYPE_ALLOCATION_TYPE = TLVPacket.TLV_META_TYPE_UINT | 2001; public static final int TLV_TYPE_PROTECTION = TLVPacket.TLV_META_TYPE_UINT | 2002; public static final int TLV_TYPE_PROCESS_PERMS = TLVPacket.TLV_META_TYPE_UINT | 2003; public static final int TLV_TYPE_PROCESS_MEMORY = TLVPacket.TLV_META_TYPE_RAW | 2004; - public static final int TLV_TYPE_ALLOC_BASE_ADDRESS = TLVPacket.TLV_META_TYPE_UINT | 2005; + public static final int TLV_TYPE_ALLOC_BASE_ADDRESS = TLVPacket.TLV_META_TYPE_QWORD | 2005; public static final int TLV_TYPE_MEMORY_STATE = TLVPacket.TLV_META_TYPE_UINT | 2006; public static final int TLV_TYPE_MEMORY_TYPE = TLVPacket.TLV_META_TYPE_UINT | 2007; public static final int TLV_TYPE_ALLOC_PROTECTION = TLVPacket.TLV_META_TYPE_UINT | 2008; @@ -125,16 +125,16 @@ public interface TLVType { public static final int TLV_TYPE_IMAGE_FILE = TLVPacket.TLV_META_TYPE_STRING | 2400; public static final int TLV_TYPE_IMAGE_FILE_PATH = TLVPacket.TLV_META_TYPE_STRING | 2401; public static final int TLV_TYPE_PROCEDURE_NAME = TLVPacket.TLV_META_TYPE_STRING | 2402; - public static final int TLV_TYPE_PROCEDURE_ADDRESS = TLVPacket.TLV_META_TYPE_UINT | 2403; - public static final int TLV_TYPE_IMAGE_BASE = TLVPacket.TLV_META_TYPE_UINT | 2404; + public static final int TLV_TYPE_PROCEDURE_ADDRESS = TLVPacket.TLV_META_TYPE_QWORD | 2403; + public static final int TLV_TYPE_IMAGE_BASE = TLVPacket.TLV_META_TYPE_QWORD | 2404; public static final int TLV_TYPE_IMAGE_GROUP = TLVPacket.TLV_META_TYPE_GROUP | 2405; public static final int TLV_TYPE_IMAGE_NAME = TLVPacket.TLV_META_TYPE_STRING | 2406; public static final int TLV_TYPE_THREAD_ID = TLVPacket.TLV_META_TYPE_UINT | 2500; public static final int TLV_TYPE_THREAD_PERMS = TLVPacket.TLV_META_TYPE_UINT | 2502; public static final int TLV_TYPE_EXIT_CODE = TLVPacket.TLV_META_TYPE_UINT | 2510; - public static final int TLV_TYPE_ENTRY_POINT = TLVPacket.TLV_META_TYPE_UINT | 2511; - public static final int TLV_TYPE_ENTRY_PARAMETER = TLVPacket.TLV_META_TYPE_UINT | 2512; + public static final int TLV_TYPE_ENTRY_POINT = TLVPacket.TLV_META_TYPE_QWORD | 2511; + public static final int TLV_TYPE_ENTRY_PARAMETER = TLVPacket.TLV_META_TYPE_QWORD | 2512; public static final int TLV_TYPE_CREATION_FLAGS = TLVPacket.TLV_META_TYPE_UINT | 2513; public static final int TLV_TYPE_REGISTER_NAME = TLVPacket.TLV_META_TYPE_STRING | 2540; @@ -149,7 +149,7 @@ public interface TLVType { // Event Log public static final int TLV_TYPE_EVENT_SOURCENAME = TLVPacket.TLV_META_TYPE_STRING | 4000; - public static final int TLV_TYPE_EVENT_HANDLE = TLVPacket.TLV_META_TYPE_UINT | 4001; + public static final int TLV_TYPE_EVENT_HANDLE = TLVPacket.TLV_META_TYPE_QWORD | 4001; public static final int TLV_TYPE_EVENT_NUMRECORDS = TLVPacket.TLV_META_TYPE_UINT | 4002; public static final int TLV_TYPE_EVENT_READFLAGS = TLVPacket.TLV_META_TYPE_UINT | 4003; diff --git a/java/meterpreter/stdapi/src/main/java/com/metasploit/meterpreter/stdapi/stdapi_sys_process_execute.java b/java/meterpreter/stdapi/src/main/java/com/metasploit/meterpreter/stdapi/stdapi_sys_process_execute.java index 0c50d5c1..73dd38ab 100644 --- a/java/meterpreter/stdapi/src/main/java/com/metasploit/meterpreter/stdapi/stdapi_sys_process_execute.java +++ b/java/meterpreter/stdapi/src/main/java/com/metasploit/meterpreter/stdapi/stdapi_sys_process_execute.java @@ -37,7 +37,7 @@ public class stdapi_sys_process_execute implements Command { synchronized (stdapi_sys_process_execute.class) { pid++; response.add(TLVType.TLV_TYPE_PID, pid); - response.add(TLVType.TLV_TYPE_PROCESS_HANDLE, pid); + response.add(TLVType.TLV_TYPE_PROCESS_HANDLE, new Long(pid)); } response.add(TLVType.TLV_TYPE_CHANNEL_ID, channel.getID()); } else {