Transport and pivot fixes for Meterpreter #13130
Conversation
| @@ -10,7 +10,7 @@ | |||
|
|
|||
| module MetasploitModule | |||
|
|
|||
| CachedSize = 1102904 | |||
| CachedSize = 1102952 | |||
There was a problem hiding this comment.
Just for visibility, is there any documentation on what this number is / where it comes from?
There was a problem hiding this comment.
Sure, it's part of the payload landing process, 5th step:
https://github.com/rapid7/metasploit-payloads/wiki
There was a problem hiding this comment.
What that does is cache payload sizes so that when Metasploit needs to see if a payload would work with a given exploit module, it has a quick way to do that comparison. Prior to this attribute existing, payloads were always generated on msfconsole bootup, and those sizes were cached. As the cost of doing this increased (more complex payloads were added, and more of them as well), this mechanism was built to make msfconsole start faster.
There was a problem hiding this comment.
That only these values changed due to code changes in the source gem (in this case, mettle's) is a function of how much code changed (in this case, very little), and specifics about how some cpu architectures work overall.
There was a problem hiding this comment.
The original PR that added this was #4894
Release NotesThis fix addresses issues in OSX where the reverse_tcp handler doesn't distinguish between stager and Meterpreter connections, as well as issues with pivoting SOCKS5 traffic over reverse_http(s) connections. |
This incorporates the fix for #12841 (which also fixes some fundamental crash bugs in Mettle payloads, rapid7/mettle#194) and rapid7/rex-socket#23, which fixes issues pivoting SOCKS5 traffic over reverse_http(s) connections.
Fixes already tested in their respective PRs.