Skip to content

Commit 0fc4587

Browse files
bdamelebdamele
committed
Added support for reflective meterpreter by default when the target OS
is Windows and minor layout fix
1 parent ba2e009 commit 0fc4587

File tree

1 file changed

+9
-7
lines changed

1 file changed

+9
-7
lines changed

lib/takeover/metasploit.py

Lines changed: 9 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -80,9 +80,11 @@ def __initVars(self):
8080

8181
self.__msfPayloadsList = {
8282
"windows": {
83-
1: ( "Meterpreter (default)", "windows/meterpreter" ),
84-
2: ( "Shell", "windows/shell" ),
85-
3: ( "VNC", "windows/vncinject" ),
83+
1: ( "Reflective Meterpreter (default)", "windows/reflectivemeterpreter" ),
84+
2: ( "Meterpreter", "windows/meterpreter" ),
85+
3: ( "Shell", "windows/shell" ),
86+
4: ( "Reflective VNC", "windows/reflectivevncinject" ),
87+
5: ( "VNC", "windows/vncinject" ),
8688
},
8789
"linux": {
8890
1: ( "Shell", "linux/x86/shell" ),
@@ -196,7 +198,7 @@ def __selectPayload(self, askChurrasco=True):
196198
infoMsg += "'incognito' extension to privilege escalate"
197199
logger.info(infoMsg)
198200

199-
__payloadStr = "windows/meterpreter"
201+
__payloadStr = "windows/reflectivemeterpreter"
200202

201203
else:
202204
__payloadStr = self.__skeletonSelection("payload", self.__msfPayloadsList)
@@ -230,14 +232,14 @@ def __selectPayload(self, askChurrasco=True):
230232
if choose == True:
231233
message = "what do you want to do?\n"
232234
message += "[1] Give it a try anyway\n"
233-
message += "[2] Fall back to Meterpreter payload (default)\n"
235+
message += "[2] Fall back to reflective Meterpreter payload (default)\n"
234236
message += "[3] Fall back to Shell payload"
235237

236238
while True:
237239
choice = readInput(message, default="2")
238240

239241
if not choice or choice == "2":
240-
__payloadStr = "windows/meterpreter"
242+
__payloadStr = "windows/reflectivemeterpreter"
241243

242244
break
243245

@@ -622,7 +624,7 @@ def createMsfPayloadStager(self, initialize=True):
622624
packedSize = upx.pack(self.exeFilePathLocal)
623625
debugMsg = "the encoded payload size is %s bytes, " % payloadSize
624626

625-
if packedSize:
627+
if packedSize and packedSize != exeSize:
626628
debugMsg += "as a compressed portable executable its size "
627629
debugMsg += "is %d bytes, decompressed it " % packedSize
628630
debugMsg += "was %s bytes large" % exeSize

0 commit comments

Comments
 (0)