This commit just adds the braces around single-line blocks as per our "standard". This is important, especially in the case where those single lines contain macros which could expand to multiple lines.
Also added the use of the group packet functionality to make the search result code a little easier on the eye.
Querying of the status of SSL cert verification is now possible. This commit allows for this to be enabled and disabled on the fly.
Also include some code tidy/refactoring.
Instead of basing everything on URLs, the transport hopping now actually supports the creation of a whole new transport on the fly. The transport instance is stored in the remote as a "next transport" pointer.
This better facilitates the notion of being able to set all of the parameters on the transport when doing the switch, and is a step closer to being able to support chains of transports.
This commit includes code which attempts to bind to both IPv4 and IPv6 addresses so that the attacker can connect on either interface.
In the case of Windows XP, the IPv6 stack doesn't allow modification of the socket options so that both address types can be listened to on the same socket. Rather than create separate sockets for both cases, XP and earlier simply fall back to IPv4 only.
The transport refactor appears to be working, but the transport swtching
requires more work on the side of stageless posix before it will work.
At the moment, the POSIX implementation of the transport switching is
commented out so that it can't be used or built into the binaries.
This should mean we can move forward on other friends without this
holding us back.
This commit includes code which attempts to bind to both IPv4 and IPv6 addresses so that the attacker can connect on either interface.
In the case of Windows XP, the IPv6 stack doesn't allow modification of the socket options so that both address types can be listened to on the same socket. Rather than create separate sockets for both cases, XP and earlier simply fall back to IPv4 only.
LibreSSL does not yet work well with Windows meterpreter for 2 reasons:
1. because its built with mingw/gcc, it does not have SAFESEH, requiring that
protection to be disabled for the whole stack. It could, it just needs a
way to be built with MSVS instead.
2. OpenSSL 1.0.1 and Libressl both make metsrv about 50% larger.
When transports are more abstracted and LibreSSL can build with MSVS, we will
revisit this.
Switching works, but doesn't do anything nice with session management. Still need to get things wired into posix, and probably rip out the wininet stuff as well given that I probably won't refactor it to support this.