Module: Msf::Payload::Windows::ReverseWinHttps_x64

Includes:
ReverseWinHttp_x64, VerifySsl
Defined in:
lib/msf/core/payload/windows/x64/reverse_winhttps.rb

Overview

Complex payload generation for Windows ARCH_X64 that speak HTTPS using WinHTTP

Constant Summary

Constants included from Rex::Payloads::Meterpreter::UriChecksum

Rex::Payloads::Meterpreter::UriChecksum::URI_CHECKSUM_CONN, Rex::Payloads::Meterpreter::UriChecksum::URI_CHECKSUM_CONN_MAX_LEN, Rex::Payloads::Meterpreter::UriChecksum::URI_CHECKSUM_INITJ, Rex::Payloads::Meterpreter::UriChecksum::URI_CHECKSUM_INITN, Rex::Payloads::Meterpreter::UriChecksum::URI_CHECKSUM_INITP, Rex::Payloads::Meterpreter::UriChecksum::URI_CHECKSUM_INITW, Rex::Payloads::Meterpreter::UriChecksum::URI_CHECKSUM_INIT_CONN, Rex::Payloads::Meterpreter::UriChecksum::URI_CHECKSUM_MIN_LEN, Rex::Payloads::Meterpreter::UriChecksum::URI_CHECKSUM_MODES, Rex::Payloads::Meterpreter::UriChecksum::URI_CHECKSUM_UUID_MIN_LEN

Instance Method Summary collapse

Methods included from VerifySsl

#get_ssl_cert_hash

Methods included from ReverseWinHttp_x64

#asm_generate_wchar_array, #asm_reverse_winhttp, #generate_reverse_winhttp

Methods included from ReverseHttp_x64

#asm_generate_ascii_array, #asm_reverse_http, #generate_reverse_http, #generate_small_uri, #generate_uri, #get_custom_headers, #stage_over_connection?, #wfs_delay

Methods included from UUID::Options

#generate_payload_uuid, #generate_uri_uuid_mode, #record_payload_uuid, #record_payload_uuid_url

Methods included from Rex::Payloads::Meterpreter::UriChecksum

#generate_uri_checksum, #generate_uri_uuid, #process_uri_resource, #uri_checksum_lookup

Methods included from Exitfunk_x64

#asm_exitfunk

Methods included from BlockApi_x64

#asm_block_api

Methods included from Msf::Payload::Windows

#apply_prepends, exit_types, #handle_intermediate_stage, #include_send_uuid, #replace_var

Methods included from PrependMigrate

#apply_prepend_migrate, #prepend_migrate, #prepend_migrate?, #prepend_migrate_64

Methods included from TransportConfig

#transport_config_bind_named_pipe, #transport_config_bind_tcp, #transport_config_reverse_http, #transport_config_reverse_https, #transport_config_reverse_ipv6_tcp, #transport_config_reverse_named_pipe, #transport_config_reverse_tcp, #transport_config_reverse_udp, #transport_uri_components

Instance Method Details

#generateObject

Generate the first stage


35
36
37
38
39
40
41
42
43
44
# File 'lib/msf/core/payload/windows/x64/reverse_winhttps.rb', line 35

def generate

  verify_cert_hash = get_ssl_cert_hash(datastore['StagerVerifySSLCert'],
                                       datastore['HandlerSSLCert'])

  super(
    ssl:              true,
    verify_cert_hash: verify_cert_hash
  )
end

#initialize(*args) ⇒ Object

Register reverse_winhttps specific options


24
25
26
27
28
29
30
# File 'lib/msf/core/payload/windows/x64/reverse_winhttps.rb', line 24

def initialize(*args)
  super

  register_advanced_options([
      OptBool.new('StagerVerifySSLCert', [false, 'Whether to verify the SSL certificate hash in the handler', false])
    ], self.class)
end

#required_spaceObject

Determine the maximum amount of space required for the features requested


53
54
55
56
57
58
59
60
61
62
63
64
65
# File 'lib/msf/core/payload/windows/x64/reverse_winhttps.rb', line 53

def required_space
  space = super

  # SSL support adds 20 bytes
  space += 20

  # SSL verification adds 120 bytes
  if datastore['StagerVerifySSLCert']
    space += 120
  end

  space
end

#transport_config(opts = {}) ⇒ Object


46
47
48
# File 'lib/msf/core/payload/windows/x64/reverse_winhttps.rb', line 46

def transport_config(opts={})
  transport_config_reverse_https(opts)
end