Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

meterpreter-https module broken since ~2017 #47

Open
egg82 opened this issue Oct 23, 2022 · 0 comments
Open

meterpreter-https module broken since ~2017 #47

egg82 opened this issue Oct 23, 2022 · 0 comments

Comments

@egg82
Copy link

egg82 commented Oct 23, 2022

Using the Python payload on modern installations of metaploit will send a compressed payload to the LAN turtle. It is expected that the payload with be un-base64'd and then Python's zlib module used to decompress the payload before executing (see rapid7/metasploit-framework#8387)

The Python zlib module doesn't work on the LAN turtle (missing ctypes module, see https://gist.github.com/colinmarc/2152055)

The workaround, currently, is to generate a mipsbe payload (payloads/linux/mipsbe/meterpreter_reverse_https) and replace /etc/turtle/meterpreter/met-https-shell with it. The sshfs module helps with this process.

Furthermore, the command ps | grep -w -q [/]etc/turtle/meterpreter/met-https-worker found here will always return false and replacing it with "met-https-worker" will also return false as the output of ps will truncate to {met-https-worke}. This causes the turtle module to think that it was never started, which means stopping the module needs to happen manually by running kill $(pgrep -f met-https-worker) in the shell.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

1 participant