* bury common _snprintf that snuck in while testing the Windows version back
into the platform-specific code.
* remove now-unneeded separator defines
* don't free a stack variable on windows
Separate the stdapi handling code from the OS-dependent code. This makes
testing and maintaining the code easier.
This also happens to fix a number of bugs as a side-effect, because it is
clearer what is happening now.
Tweak the SSL implemention so that for https meterpreters the SSL certificate is validated against a hash that is specified in the payload. If the hash isn't specified, then certificate validation isn't attempted.
metsrv now makes use of the METERRPETER_URL for stageless payloads. This value is checked when Meterpreter starts to determine what should be done with communications. If the URL indicates that the payload is stageless, it then establishes communications appropriately, depending on the configuration.
This commit contains a bunch of code tidying (formatting, spaces, naming, etc) as well as new exports for each of the modules so that the extension can be identified. The plan is for the loader to know which modules are loaded so that when stageless meterpreter fires up MSF can query the existing extensions and load the appropriate functionality on the client side.
By making this a static _inline, it is not necessary to guard it, since
an inline is only instantiated if it is used. This also allows adding
one-off debug message for use during debugging sessions, without turning
on DEBUGTRACE all over the place.
Convert a few of the extensions to also do this as well, making them perhaps
slightly smaller.
I am curious why Windows builds define debug this way, vs posix that
just includes it in common.c. Could I just do that instead, assuming
there's no historical reason.
Finally, correct the docs in the posix version of real_dprintf.
If a user attempts to start the clipboard monitor when it is already started then the code path that is taken results in the current clipboard monitor state pointers being lost. The net effect of this is that the existing monitor thread will never be shut down. Not a good thing!
This code fixes that case so that the monitor doesn't create a new monitor thread and doesn't reset important pointers to NULL.
This change also results in a "success" status being returned to the caller. This means it looks like the clipboard monitor has been started even if it was already running. I think this is acceptable and is better than an obscure error.
- try to share some bits between different makefiles, make modifying
global compiler flags not such a huge pain.
- directly specify we should be using the gold rather than bpf linker
- make compiler output largely quiet except where we care - allow
warnings to actually be visible
- don't delete downloaded tarballs with --really-clean
- add missing dependencies between libraries
(--no-add-needed/--no-copy-dt-needed-entries causes lots of trouble)
- update readme to show what to install to build
I made minimal changes to the loader makefile - it breaks easily.
-Os prevents if from being able to load libc, for instance
