Skip to content

[WIP] Split Stdapi #19975

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Draft
wants to merge 7 commits into
base: master
Choose a base branch
from
Draft

[WIP] Split Stdapi #19975

wants to merge 7 commits into from

Conversation

dledda-r7
Copy link
Contributor

@dledda-r7 dledda-r7 commented Mar 20, 2025
edited
Loading

WORK IN PROGRESS

#20012 NEEDS TO BE LANDED FIRST

Framework side PR for rapid7/metasploit-payloads#744

This PR allows to load portion of stdapi by using namespace-specific dlls.

msf6 payload(cmd/windows/http/x64/meterpreter/reverse_tcp) > sessions -i -1
[*] Starting interaction with 1...

meterpreter > help

Core Commands
=============

    Command                   Description
    -------                   -----------
    ?                         Help menu
    background                Backgrounds the current session
    bg                        Alias for background
    bgkill                    Kills a background meterpreter script
    bglist                    Lists running background scripts
    bgrun                     Executes a meterpreter script as a background thread
    channel                   Displays information or control active channels
    close                     Closes a channel
    detach                    Detach the meterpreter session (for http/https)
    disable_unicode_encoding  Disables encoding of unicode strings
    enable_unicode_encoding   Enables encoding of unicode strings
    exit                      Terminate the meterpreter session
    get_timeouts              Get the current session timeout values
    guid                      Get the session GUID
    help                      Help menu
    info                      Displays information about a Post module
    irb                       Open an interactive Ruby shell on the current session
    load                      Load one or more meterpreter extensions
    machine_id                Get the MSF ID of the machine attached to the session
    migrate                   Migrate the server to another process
    pivot                     Manage pivot listeners
    pry                       Open the Pry debugger on the current session
    quit                      Terminate the meterpreter session
    read                      Reads data from a channel
    resource                  Run the commands stored in a file
    run                       Executes a meterpreter script or Post module
    secure                    (Re)Negotiate TLV packet encryption on the session
    sessions                  Quickly switch to another session
    set_timeouts              Set the current session timeout values
    sleep                     Force Meterpreter to go quiet, then re-establish session
    ssl_verify                Modify the SSL certificate verification setting
    transport                 Manage the transport mechanisms
    use                       Deprecated alias for "load"
    uuid                      Get the UUID for the current session
    write                     Writes data to a channel

For more info on a specific command, use <command> -h or help <command>.

meterpreter > ls
[-] The "ls" command requires the "stdapi_fs" extension to be loaded (run: `load stdapi_fs`)
meterpreter > load stdapi_fs
Loading extension stdapi_fs...WARNING: Local file /home/kali/Documents/github/metasploit-framework/data/meterpreter/ext_server_stdapi_fs.x64.dll is being used
Success.
meterpreter > help

Core Commands
=============

    Command                   Description
    -------                   -----------
    ?                         Help menu
    background                Backgrounds the current session
    bg                        Alias for background
    ...
    write                     Writes data to a channel


Stdapi: File system Commands
============================

    Command                   Description
    -------                   -----------
    cat                       Read the contents of a file to the screen
    cd                        Change directory
    checksum                  Retrieve the checksum of a file
    cp                        Copy source to destination
    del                       Delete the specified file
    dir                       List files (alias for ls)
    download                  Download a file or directory
    edit                      Edit a file
    getlwd                    Print local working directory (alias for lpwd)
    getwd                     Print working directory
    lcat                      Read the contents of a local file to the screen
    lcd                       Change local working directory
    ldir                      List local files (alias for lls)
    lls                       List local files
    lmkdir                    Create new directory on local machine
    lpwd                      Print local working directory
    ls                        List files
    mkdir                     Make directory
    mv                        Move source to destination
    pwd                       Print working directory
    rm                        Delete the specified file
    rmdir                     Remove directory
    search                    Search for files
    show_mount                List all mount points/logical drives
    upload                    Upload a file or directory

For more info on a specific command, use <command> -h or help <command>.

meterpreter > sysinfo
[-] The "sysinfo" command requires the "stdapi_sys" extension to be loaded (run: `load stdapi_sys`)
meterpreter > load stdapi_sys
Loading extension stdapi_sys...WARNING: Local file /home/kali/Documents/github/metasploit-framework/data/meterpreter/ext_server_stdapi_sys.x64.dll is being used
Success.
meterpreter > help

Core Commands
=============

    Command                   Description
    -------                   -----------
    ?                         Help menu
    background                Backgrounds the current session
    bg                        Alias for background
    ....
    write                     Writes data to a channel


Stdapi: File system Commands
============================

    Command                   Description
    -------                   -----------
    cat                       Read the contents of a file to the screen
    cd                        Change directory
    ...
    upload                    Upload a file or directory


Stdapi: System Commands
=======================

    Command                   Description
    -------                   -----------
    clearev                   Clear the event log
    drop_token                Relinquishes any active impersonation token.
    execute                   Execute a command
    getenv                    Get one or more environment variable values
    getpid                    Get the current process identifier
    getprivs                  Attempt to enable all privileges available to the current process
    getsid                    Get the SID of the user that the server is running as
    getuid                    Get the user that the server is running as
    kill                      Terminate a process
    localtime                 Displays the target system local date and time
    pgrep                     Filter processes by name
    pkill                     Terminate processes by name
    ps                        List running processes
    reboot                    Reboots the remote computer
    reg                       Modify and interact with the remote registry
    rev2self                  Calls RevertToSelf() on the remote machine
    shell                     Drop into a system command shell
    shutdown                  Shuts down the remote computer
    steal_token               Attempts to steal an impersonation token from the target process
    suspend                   Suspends or resumes a list of processes
    sysinfo                   Gets information about the remote system, such as OS

For more info on a specific command, use <command> -h or help <command>.

meterpreter > arp
[-] The "arp" command requires the "stdapi_net" extension to be loaded (run: `load stdapi_net`)
meterpreter > load stdapi_net
Loading extension stdapi_net...WARNING: Local file /home/kali/Documents/github/metasploit-framework/data/meterpreter/ext_server_stdapi_net.x64.dll is being used
Success.
meterpreter > help

Core Commands
=============

    Command                   Description
    -------                   -----------
    ?                         Help menu
    background                Backgrounds the current session
    bg                        Alias for background
    ...
    write                     Writes data to a channel


Stdapi: File system Commands
============================

    Command                   Description
    -------                   -----------
    cat                       Read the contents of a file to the screen
    cd                        Change directory
    ...
    upload                    Upload a file or directory


Stdapi: System Commands
=======================

    Command                   Description
    -------                   -----------
    clearev                   Clear the event log
    drop_token                Relinquishes any active impersonation token.
    ...
    sysinfo                   Gets information about the remote system, such as OS


Stdapi: Networking Commands
===========================

    Command                   Description
    -------                   -----------
    arp                       Display the host ARP cache
    getproxy                  Display the current proxy configuration
    ifconfig                  Display interfaces
    ipconfig                  Display interfaces
    netstat                   Display the network connections
    portfwd                   Forward a local port to a remote service
    resolve                   Resolve a set of host names on the target
    route                     View and modify the routing table

For more info on a specific command, use <command> -h or help <command>.

meterpreter > ls
Listing: C:\Users\User
======================

Mode              Size     Type  Last modified              Name
----              ----     ----  -------------              ----
040777/rwxrwxrwx  0        dir   2024-09-10 04:48:08 -0400  .chocolatey
100666/rw-rw-rw-  20       fil   2025-03-11 10:59:44 -0400  .lesshst
040777/rwxrwxrwx  0        dir   2024-09-23 06:11:45 -0400  .ssh
040777/rwxrwxrwx  0        dir   2024-09-19 09:00:41 -0400  .vscode
040777/rwxrwxrwx  0        dir   2024-09-06 09:11:30 -0400  AppData
040777/rwxrwxrwx  0        dir   2024-09-06 09:11:30 -0400  Application Data
040555/r-xr-xr-x  0        dir   2024-09-06 09:22:22 -0400  Contacts
040777/rwxrwxrwx  0        dir   2024-09-06 09:11:30 -0400  Cookies
040555/r-xr-xr-x  4096     dir   2025-02-20 09:09:11 -0500  Desktop
040555/r-xr-xr-x  4096     dir   2024-09-24 08:33:33 -0400  Documents
040555/r-xr-xr-x  4096     dir   2025-02-18 06:38:23 -0500  Downloads
040555/r-xr-xr-x  0        dir   2024-09-06 09:22:22 -0400  Favorites
040555/r-xr-xr-x  0        dir   2024-09-06 09:22:22 -0400  Links
040777/rwxrwxrwx  0        dir   2024-09-06 09:11:30 -0400  Local Settings
040555/r-xr-xr-x  0        dir   2024-09-06 09:22:22 -0400  Music
040777/rwxrwxrwx  0        dir   2024-09-06 09:11:30 -0400  My Documents
.....
040777/rwxrwxrwx  0        dir   2024-09-11 08:13:29 -0400  source

meterpreter > sysinfo
Computer        : WINVM01
OS              : Windows 11 (10.0 Build 22631).
Architecture    : x64
System Language : en_US
Domain          : WORKGROUP
Logged On Users : 2
Meterpreter     : x64/windows
meterpreter > arp

ARP cache
=========

    IP address       MAC address        Interface
    ----------       -----------        ---------
    224.0.0.22       00:00:00:00:00:00  Software Loopback Interface 1
    239.255.255.250  00:00:00:00:00:00  Software Loopback Interface 1
    ....
    255.255.255.255  ff:ff:ff:ff:ff:ff  Microsoft Hyper-V Network Adapter

meterpreter >

@dledda-r7 dledda-r7 mentioned this pull request Apr 8, 2025
Open
11 tasks
@dledda-r7 dledda-r7 added payload rn-payload-enhancement release notes for enhanced payloads blocked Blocked by one or more additional tasks labels Apr 9, 2025
@dledda-r7 dledda-r7 moved this from Todo to In Progress in Metasploit Kanban Apr 9, 2025
@dledda-r7 dledda-r7 self-assigned this Apr 9, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees

@dledda-r7 dledda-r7

Labels
blocked Blocked by one or more additional tasks payload rn-payload-enhancement release notes for enhanced payloads
Projects
Metasploit Kanban
Status: In Progress
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@dledda-r7