ChopperCharles Posted February 14, 2012 Share Posted February 14, 2012 Right now I'm using MPGRPC to communicate with metasploit. Previously I was using XMLRPC. Both of these RPCs are extremely limited. My big problem is, when I send a "pwd" using a meterpreter_write, I then have to issue a meterpreter_read to get the response. Well, the response may not be on the console yet, so i have to keep polling for the result until it shows up. This is all well and good, except for say the "cd" command. If successful there is no result from a CD. If it fails there is an error condition, but if i'm attempting to cd into a directory tree until I find a directory in the tree that does not exist, well then the problem arises thus: path "/cheeze/whiz/taco" exists. cd cheeze <-- this doesn't complete before the next line is called. cd whiz <-- this is attempting to change to /whiz, because the cd above has not completed yet. I currently get around this by issuing a pwd command and then waiting for that result in between each Cd command. But that does slow things down. The other problem is the RPC makes the cat command entirely useless. I can poll forever, and never know when a cat has completed. When polling the session, I can't just wait for 0 bytes returned and say I'm done, because network conditions and metasploit server load can easily cause some meterpreter_reads to come back with zero bytes, even though the cat has not finished outputting to the console. What's more, if there are two concurrent users of the session, their data can get interspersed with mine. What I want is a way to execute and wait for a command to finish. Is this possible using some other RPC? Thanks. Charles. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.