Module: Msf::Payload::Android::ReverseHttp

Includes:
Msf::Payload::Android, PayloadOptions, TransportConfig, UUID::Options
Included in:
ReverseHttps
Defined in:
lib/msf/core/payload/android/reverse_http.rb

Overview

Complex payload generation for Android that speaks HTTP(S)

Constant Summary

Constants included from Rex::Payloads::Meterpreter::UriChecksum

Rex::Payloads::Meterpreter::UriChecksum::URI_CHECKSUM_CONN, Rex::Payloads::Meterpreter::UriChecksum::URI_CHECKSUM_CONN_MAX_LEN, Rex::Payloads::Meterpreter::UriChecksum::URI_CHECKSUM_INITJ, Rex::Payloads::Meterpreter::UriChecksum::URI_CHECKSUM_INITN, Rex::Payloads::Meterpreter::UriChecksum::URI_CHECKSUM_INITP, Rex::Payloads::Meterpreter::UriChecksum::URI_CHECKSUM_INITW, Rex::Payloads::Meterpreter::UriChecksum::URI_CHECKSUM_INIT_CONN, Rex::Payloads::Meterpreter::UriChecksum::URI_CHECKSUM_MIN_LEN, Rex::Payloads::Meterpreter::UriChecksum::URI_CHECKSUM_MODES, Rex::Payloads::Meterpreter::UriChecksum::URI_CHECKSUM_UUID_MIN_LEN

Instance Method Summary collapse

Methods included from UUID::Options

#generate_payload_uuid, #generate_uri_uuid_mode, #record_payload_uuid, #record_payload_uuid_url

Methods included from Rex::Payloads::Meterpreter::UriChecksum

#generate_uri_checksum, #generate_uri_uuid, #process_uri_resource, #uri_checksum_lookup

Methods included from Msf::Payload::Android

#fix_dex_header, #generate, #generate_default_stage, #generate_jar, #generate_stage, #java_string, #sign_jar, #signing_key

Methods included from TransportConfig

#transport_config_bind_named_pipe, #transport_config_bind_tcp, #transport_config_reverse_http, #transport_config_reverse_https, #transport_config_reverse_ipv6_tcp, #transport_config_reverse_named_pipe, #transport_config_reverse_tcp, #transport_config_reverse_udp, #transport_uri_components

Instance Method Details

#generate_config(opts = {}) ⇒ Object



33
34
35
36
37
# File 'lib/msf/core/payload/android/reverse_http.rb', line 33

def generate_config(opts={})
  opts[:uuid] ||= generate_payload_uuid
  opts[:uri] ||= luri + generate_uri(opts)
  super(opts)
end

#generate_uri(opts = {}) ⇒ Object

Generate the URI for the initial stager



42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
# File 'lib/msf/core/payload/android/reverse_http.rb', line 42

def generate_uri(opts={})
  ds = opts[:datastore] || datastore
  uri_req_len = ds['StagerURILength'].to_i

  # Choose a random URI length between 30 and 255 bytes
  if uri_req_len == 0
    uri_req_len = 30 + luri.length + rand(256 - (30 + luri.length))
  end

  if uri_req_len < 5
    raise ArgumentError, "Minimum StagerURILength is 5"
  end

  generate_uri_uuid_mode(:init_java, uri_req_len, uuid: opts[:uuid])
end

#initialize(*args) ⇒ Object

Register reverse_http specific options



21
22
23
24
# File 'lib/msf/core/payload/android/reverse_http.rb', line 21

def initialize(*args)
  super
  register_advanced_options(Msf::Opt::http_header_options)
end

#transport_config(opts = {}) ⇒ Object

Generate the transport-specific configuration



29
30
31
# File 'lib/msf/core/payload/android/reverse_http.rb', line 29

def transport_config(opts={})
  transport_config_reverse_http(opts)
end

#wfs_delayObject

Always wait at least 20 seconds for this payload (due to staging delays)



61
62
63
# File 'lib/msf/core/payload/android/reverse_http.rb', line 61

def wfs_delay
  20
end