Module: Msf::Payload::Windows::ReverseWinHttps

Includes:

TransportConfig, ReverseWinHttp, VerifySsl

Defined in:

lib/msf/core/payload/windows/reverse_winhttps.rb

Overview

Complex payload generation for Windows ARCH_X86 that speak HTTPS using WinHTTP

Constant Summary

Constants included from Rex::Payloads::Meterpreter::UriChecksum

Rex::Payloads::Meterpreter::UriChecksum::URI_CHECKSUM_CONN, Rex::Payloads::Meterpreter::UriChecksum::URI_CHECKSUM_CONN_MAX_LEN, Rex::Payloads::Meterpreter::UriChecksum::URI_CHECKSUM_INITJ, Rex::Payloads::Meterpreter::UriChecksum::URI_CHECKSUM_INITN, Rex::Payloads::Meterpreter::UriChecksum::URI_CHECKSUM_INITP, Rex::Payloads::Meterpreter::UriChecksum::URI_CHECKSUM_INITW, Rex::Payloads::Meterpreter::UriChecksum::URI_CHECKSUM_INIT_CONN, Rex::Payloads::Meterpreter::UriChecksum::URI_CHECKSUM_MIN_LEN, Rex::Payloads::Meterpreter::UriChecksum::URI_CHECKSUM_MODES, Rex::Payloads::Meterpreter::UriChecksum::URI_CHECKSUM_UUID_MIN_LEN

Instance Method Summary

• #generate ⇒ Object

  Generate the first stage.

• #initialize(*args) ⇒ Object

  Register reverse_winhttps specific options.

• #required_space ⇒ Object

  Determine the maximum amount of space required for the features requested.

• #transport_config(opts = {}) ⇒ Object

Methods included from VerifySsl

#get_ssl_cert_hash

Methods included from ReverseWinHttp

#asm_generate_wchar_array, #asm_reverse_winhttp, #generate_reverse_winhttp

Methods included from ReverseHttp

#asm_generate_ascii_array, #asm_reverse_http, #generate_reverse_http, #generate_small_uri, #generate_uri, #get_custom_headers, #stage_over_connection?, #wfs_delay

Methods included from UUID::Options

#generate_payload_uuid, #generate_uri_uuid_mode, #record_payload_uuid, #record_payload_uuid_url

Methods included from Rex::Payloads::Meterpreter::UriChecksum

#generate_uri_checksum, #generate_uri_uuid, #process_uri_resource, #uri_checksum_lookup

Methods included from Exitfunk

#asm_exitfunk

Methods included from BlockApi

#asm_block_api

Methods included from Msf::Payload::Windows

#apply_prepends, exit_types, #handle_intermediate_stage, #include_send_uuid, #replace_var

Methods included from PrependMigrate

#apply_prepend_migrate, #prepend_migrate, #prepend_migrate?, #prepend_migrate_64

Methods included from TransportConfig

#transport_config_bind_named_pipe, #transport_config_bind_tcp, #transport_config_reverse_http, #transport_config_reverse_https, #transport_config_reverse_ipv6_tcp, #transport_config_reverse_named_pipe, #transport_config_reverse_tcp, #transport_config_reverse_udp, #transport_uri_components

Instance Method Details

#generate ⇒ Object

Generate the first stage

# File 'lib/msf/core/payload/windows/reverse_winhttps.rb', line 37

def generate

  verify_cert_hash = get_ssl_cert_hash(datastore['StagerVerifySSLCert'],
                                       datastore['HandlerSSLCert'])

  super(
    ssl:              true,
    verify_cert_hash: verify_cert_hash
  )
end

#initialize(*args) ⇒ Object

Register reverse_winhttps specific options

# File 'lib/msf/core/payload/windows/reverse_winhttps.rb', line 26

def initialize(*args)
  super

  register_advanced_options([
      OptBool.new('StagerVerifySSLCert', [false, 'Whether to verify the SSL certificate hash in the handler', false])
    ], self.class)
end

#required_space ⇒ Object

Determine the maximum amount of space required for the features requested

# File 'lib/msf/core/payload/windows/reverse_winhttps.rb', line 55

def required_space
  space = super

  # SSL support adds 20 bytes
  space += 20

  # SSL verification adds 120 bytes
  if datastore['StagerVerifySSLCert']
    space += 120
  end

  space
end

#transport_config(opts = {}) ⇒ Object

# File 'lib/msf/core/payload/windows/reverse_winhttps.rb', line 48

def transport_config(opts={})
  transport_config_reverse_https(opts)
end