Add proxy authentication support to the Python Meterpreter #13978
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Release NotesAdds proxy support to the python meterpreter and removes the |
adfoster-r7
reviewed
Aug 11, 2022
| @@ -15,6 +15,7 @@ def initialize(info = {}) | |||
| Msf::Opt::http_header_options + | |||
| Msf::Opt::http_proxy_options | |||
| ) | |||
| deregister_options('HttpProxyType') | |||
There was a problem hiding this comment.
Was this meant to also impact python/meterpreter_reverse_http? 👀
That payload seems to include this base mixin:
but it also re-registers the same options again later:
Which makes the option appear again:
msf6 payload(python/meterpreter_reverse_http) > advanced
... etc ...
HttpProxyType HTTP yes The type of HTTP proxy (Accepted: HTTP, SOCKS)
There was a problem hiding this comment.
Bit of a drive-by-comment, I'll likely look at this with fresh eyes tomorrow and see what I've missed 😄
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This adds support to the Python Meterpreter for using HTTP Proxies that require authentication by honoring the
HttpProxyUserandHttpProxyPassoptions (at least one of the two must be set to a non-empty string). This also deregisters theHttpProxyTypeoption because HTTP is the only one that is supported.I also updated the meterpreter stage description to note that it's compatible with versions 2.5-2.7 and 3.1+ to imply that it does in fact work with Python 3.7, 3.8 etc.
This addresses rapid7/metasploit-payloads#386 and requires the changes in rapid7/metasploit-payloads#427.
Verification
I used proxy.py as my proxy for testing and I highly recommend for the following reasons:
pip install proxy.py--basic-authflagpip install proxy.pyproxy --hostname 0.0.0.0 --basic-auth user:passmsfconsoleuse payload/python/meterpreter/reverse_httpsLHOSTandLPORToptions per usualHttpProxyHostandHttpProxyPortoptions to whatever system is running your proxy instanceHttpProxyUserandHttpProxyPassoptions to "user" and "pass" respectivelyto_handler