Implement the getsid command

rapid7 / meterpreter

THIS REPO IS OBSOLETE. USE https://github.com/rapid7/metasploit-payloads INSTEAD

Other

328 stars 143 forks source link

Implement the getsid command #102

Closed OJ closed 9 years ago

OJ commented 9 years ago

After a bit of back and forth over https://github.com/rapid7/metasploit-framework/issues/3787 I decided to go implement the getsid command that @Meatballs1 suggested.

This PR contains a single commit which has the following changes:

Addition of stdapi_sys_config_getsid.
Slight refactor of code that determined the user name (it was duplicated in a couple of spots). This is now in a single spot and called from a few different locations.
Clean up of the TLV declarations (they were an unreadable mess). I'll be doing more on this later, but that can be in another PR.
Added some code comments and stuff.

In order to test this you'll need to work the MSF PR located here: https://github.com/rapid7/metasploit-framework/pull/4150

Meatballs1 commented 9 years ago

Cool nice one :D

Wonder what the state of this code is in other meterpreters, notably python @zeroSteiner?

I don't really expect Linux, Java or PHP to support getting the username but they may do. Changing the metasploit code base would then potentially break some functionality for those.

zeroSteiner commented 9 years ago

The python meterpreter does support stdapi_sys_config_getuid right now, it just thinly wraps getpass.getuser(). To more closely replicate the Windows meterpreter I should switch it to use the WinAPI via windll.

OJ commented 9 years ago

I'm happy to help with this @zeroSteiner

Meatballs1 commented 9 years ago

This should be ok to progress though as it is additional existing functionality and I don't think incognito can be loaded into python meterpreter?

TBH I haven't looked at all what python does about extensions (or have forgotten!)

OJ commented 9 years ago

Python only supports stdapi at the moment as far as I know. I didn't worry about any other instances of meterpreter for that reason.

I know Spencer is looking into supporting getsid, but we should be able to move on without issue.

zeroSteiner commented 9 years ago

Python support for stdapi_sys_config_getsid is in rapid7/metasploit-framework#4157

kernelsmith commented 9 years ago

Ok, stupid question. Meterpreter builds just fine, but I'm not entirely clear where to put the binaries in my metasploit-framework repo

OJ commented 9 years ago

Test binaries always go where they used to, in data/meterpreter. Any binaries in there take precedence over the gem. Be sure to delete them when you're done :)

kernelsmith commented 9 years ago

Thought so, but my tiny brain was self.confused. Will take care of this within an hour or two. Bedtime for kids

-Josh

On Nov 9, 2014, at 17:53, OJ Reeves notifications@github.com wrote:

Test binaries always go where they used to, in data/meterpreter. Any binaries in there take precedence over the gem. Be sure to delete them when you're done :)

— Reply to this email directly or view it on GitHub.

OJ commented 9 years ago

Thanks @kernelsmith. I'll get a PR together for meterpreter binaries shortly.