The transport refactor appears to be working, but the transport swtching
requires more work on the side of stageless posix before it will work.
At the moment, the POSIX implementation of the transport switching is
commented out so that it can't be used or built into the binaries.
This should mean we can move forward on other friends without this
holding us back.
LibreSSL does not yet work well with Windows meterpreter for 2 reasons:
1. because its built with mingw/gcc, it does not have SAFESEH, requiring that
protection to be disabled for the whole stack. It could, it just needs a
way to be built with MSVS instead.
2. OpenSSL 1.0.1 and Libressl both make metsrv about 50% larger.
When transports are more abstracted and LibreSSL can build with MSVS, we will
revisit this.
Switching works, but doesn't do anything nice with session management. Still need to get things wired into posix, and probably rip out the wininet stuff as well given that I probably won't refactor it to support this.
I am working on automating POSIX meterpreter builds, and one step is
removing the requirement to download files from external sites during
the build process. So, this incorporates the latest stable libpcap
source and updates the patches as needed.
The Makefile also moves (@wvu-r7 was amused that Makefile.pcap wasn't
actually a pcap file :) and simplifies a little build foo.
I updated and got the 64-bit kernel + 32-bit userspace TPACKET v1 patch
merged upstream, but its not in a release yet, so the patch is still
needed. See https://github.com/the-tcpdump-group/libpcap/pull/421
* Transports are now defined by a set of callbacks that are bound to the Remote.
* Transport initialisation and dispatching is seprated.
* The context of the transport should be switchable depending on new transport requirements.
More to do, but it has begun.
* Make sure POSIX has the new extension command enumeration function.
* Add support for deinit of extensions.
* Make sure extensions are tracked like they in Windows.
* Fix up a few export definitions.
* Stop using strncpy_s in POSIX code.
* bury common _snprintf that snuck in while testing the Windows version back
into the platform-specific code.
* remove now-unneeded separator defines
* don't free a stack variable on windows
Separate the stdapi handling code from the OS-dependent code. This makes
testing and maintaining the code easier.
This also happens to fix a number of bugs as a side-effect, because it is
clearer what is happening now.
Tweak the SSL implemention so that for https meterpreters the SSL certificate is validated against a hash that is specified in the payload. If the hash isn't specified, then certificate validation isn't attempted.
metsrv now makes use of the METERRPETER_URL for stageless payloads. This value is checked when Meterpreter starts to determine what should be done with communications. If the URL indicates that the payload is stageless, it then establishes communications appropriately, depending on the configuration.
This commit contains a bunch of code tidying (formatting, spaces, naming, etc) as well as new exports for each of the modules so that the extension can be identified. The plan is for the loader to know which modules are loaded so that when stageless meterpreter fires up MSF can query the existing extensions and load the appropriate functionality on the client side.
By making this a static _inline, it is not necessary to guard it, since
an inline is only instantiated if it is used. This also allows adding
one-off debug message for use during debugging sessions, without turning
on DEBUGTRACE all over the place.
Convert a few of the extensions to also do this as well, making them perhaps
slightly smaller.
I am curious why Windows builds define debug this way, vs posix that
just includes it in common.c. Could I just do that instead, assuming
there's no historical reason.
Finally, correct the docs in the posix version of real_dprintf.