diff --git a/.github/workflows/shared_meterpreter_acceptance.yml b/.github/workflows/shared_meterpreter_acceptance.yml index e595308e2652d..80b54899d5a42 100644 --- a/.github/workflows/shared_meterpreter_acceptance.yml +++ b/.github/workflows/shared_meterpreter_acceptance.yml @@ -33,8 +33,32 @@ jobs: # Compile Java Meterpreter via docker if required, we can't always do this on the # host environment (i.e. for macos). So it instead gets compiled first on a linux # host, then the artifacts are copied back to the host later - java_meterpreter_compilation: - name: Compile Java Meterpreter +# java_meterpreter_compilation: +# name: Compile Java Meterpreter +# runs-on: ubuntu-latest +# if: ${{ inputs.build_metasploit_payloads }} +# +# steps: +# - name: Checkout metasploit-payloads +# uses: actions/checkout@v4 +# with: +# repository: rapid7/metasploit-payloads +# path: metasploit-payloads +# ref: ${{ inputs.metasploit_payloads_commit }} +# +# - name: Build Java and Android payloads +# run: | +# mkdir $(pwd)/java-artifacts +# docker run --rm -w "$(pwd)" -v "$(pwd):$(pwd)" rapid7/msf-ubuntu-x64-meterpreter:latest /bin/bash -c "set -x && cd metasploit-payloads/java && mvn package -Dandroid.sdk.path=/usr/local/android-sdk -Dandroid.release=true -Ddeploy.path=../../java-artifacts -Dmaven.test.skip=true -P deploy && mvn -Dmaven.test.skip=true -Ddeploy.path=../../java-artifacts -P deploy package" +# +# - name: Store Java artifacts +# uses: actions/upload-artifact@v4 +# with: +# name: java-artifacts +# path: java-artifacts + + meterpreter_compilation: + name: Compile Meterpreter runs-on: ubuntu-latest if: ${{ inputs.build_metasploit_payloads }} @@ -46,21 +70,35 @@ jobs: path: metasploit-payloads ref: ${{ inputs.metasploit_payloads_commit }} - - name: Build Java and Android payloads + - name: Get metasploit-payloads version + if: ${{ inputs.build_metasploit_payloads && matrix.meterpreter.name != 'mettle' }} + shell: bash + run: echo "METASPLOIT_PAYLOADS_VERSION=$(ruby -ne "puts Regexp.last_match(1) if /VERSION\s+=\s+'([^']+)'/" gem/lib/metasploit-payloads/version.rb)" | tee -a $GITHUB_ENV + working-directory: metasploit-payloads + + - name: Build Python, PHP and Windows payloads run: | - mkdir $(pwd)/java-artifacts - docker run --rm -w "$(pwd)" -v "$(pwd):$(pwd)" rapid7/msf-ubuntu-x64-meterpreter:latest /bin/bash -c "set -x && cd metasploit-payloads/java && mvn package -Dandroid.sdk.path=/usr/local/android-sdk -Dandroid.release=true -Ddeploy.path=../../java-artifacts -Dmaven.test.skip=true -P deploy && mvn -Dmaven.test.skip=true -Ddeploy.path=../../java-artifacts -P deploy package" + mkdir $(pwd)/python_php_windows-artifacts + pwd + cd .. + docker run --rm -w $(pwd) -v $(pwd):$(pwd) rapid7/msf-ubuntu-x64-meterpreter:latest /bin/bash -c "cd metasploit-payloads/gem; rake create_dir; rake win_copy; rake php_prep; rake java_prep; rake python_prep; rake --tasks --all | grep -q create_manifest 2>/dev/null && rake create_manifest; rake build" + cd - + cp $(pwd)/gem/pkg/metasploit-payloads-${{ env.METASPLOIT_PAYLOADS_VERSION }}.gem $(pwd)/python_php_windows-artifacts + working-directory: metasploit-payloads - - name: Store Java artifacts + - name: Store Python, PHP and Windows artifacts uses: actions/upload-artifact@v4 with: - name: java-artifacts - path: java-artifacts + name: python_php_windows-artifacts + path: /home/runner/work/metasploit-framework/metasploit-framework/metasploit-payloads/python_php_windows-artifacts + # Run all test individually, note there is a separate final job for aggregating the test results test: - needs: java_meterpreter_compilation - if: always() && (needs.java_meterpreter_compilation.result == 'success' || needs.java_meterpreter_compilation.result == 'skipped') +# needs: [java_meterpreter_compilation, meterpreter_compilation] + needs: meterpreter_compilation +# if: (always() && (needs.java_meterpreter_compilation.result == 'success' || needs.java_meterpreter_compilation.result == 'skipped')) && (always() && (needs.meterpreter_compilation.result == 'success' || needs.meterpreter_compilation.result == 'skipped')) + if: always() && (needs.meterpreter_compilation.result == 'success' || needs.meterpreter_compilation.result == 'skipped') strategy: fail-fast: false @@ -185,9 +223,9 @@ jobs: - name: Checkout metasploit-framework commit uses: actions/checkout@v4 with: - repository: rapid7/metasploit-framework + repository: cgranleese-r7/metasploit-framework path: metasploit-framework - ref: ${{ inputs.metasploit_framework_commit }} + ref: meterpreter-resolve-multiple-hosts - name: Setup Ruby env: @@ -215,21 +253,45 @@ jobs: # Note: Not specifying a name will download all artifacts from the previous workflow jobs path: raw-data - - name: Extract Java Meterpreter (Unix) - if: ${{ matrix.meterpreter.name == 'java' && runner.os != 'Windows' && inputs.build_metasploit_payloads }} + - uses: actions/download-artifact@v4 + name: Download Meterpreter + id: download_meterpreter + if: ${{ ( matrix.meterpreter.name == 'php'|| matrix.meterpreter.name == 'windows_meterpreter' || matrix.meterpreter.name == 'python' || matrix.meterpreter.name == 'java' ) && inputs.build_metasploit_payloads }} + with: + # Note: Not specifying a name will download all artifacts from the previous workflow jobs + path: raw-data + +# - name: Extract Java Meterpreter (Unix) +# if: ${{ matrix.meterpreter.name == 'java' && runner.os != 'Windows' && inputs.build_metasploit_payloads }} +# shell: bash +# run: | +# set -x +# download_path=${{steps.download_java_meterpreter.outputs.download-path}} +# cp -r $download_path/java-artifacts/data/* ./metasploit-framework/data +# +# - name: Extract Java Meterpreter (Windows) +# if: ${{ matrix.meterpreter.name == 'java' && runner.os == 'Windows' && inputs.build_metasploit_payloads }} +# shell: bash +# run: | +# set -x +# download_path=$(cygpath -u '${{steps.download_java_meterpreter.outputs.download-path}}') +# cp -r $download_path/java-artifacts/data/* ./metasploit-framework/data + + - name: Extract Meterpreter (Unix) + if: ${{ ( matrix.meterpreter.name == 'php'|| matrix.meterpreter.name == 'windows_meterpreter' || matrix.meterpreter.name == 'python' || matrix.meterpreter.name == 'java' ) && runner.os != 'Windows' && inputs.build_metasploit_payloads }} shell: bash run: | set -x - download_path=${{steps.download_java_meterpreter.outputs.download-path}} - cp -r $download_path/java-artifacts/data/* ./metasploit-framework/data + download_path=${{steps.download_meterpreter.outputs.download-path}} + cp -r $download_path/python_php_windows-artifacts/* ./metasploit-framework - - name: Extract Java Meterpreter (Windows) - if: ${{ matrix.meterpreter.name == 'java' && runner.os == 'Windows' && inputs.build_metasploit_payloads }} + - name: Extract Meterpreter (Windows) + if: ${{ ( matrix.meterpreter.name == 'php'|| matrix.meterpreter.name == 'windows_meterpreter' || matrix.meterpreter.name == 'python' || matrix.meterpreter.name == 'java' ) && runner.os == 'Windows' && inputs.build_metasploit_payloads }} shell: bash run: | set -x - download_path=$(cygpath -u '${{steps.download_java_meterpreter.outputs.download-path}}') - cp -r $download_path/java-artifacts/data/* ./metasploit-framework/data + download_path=$(cygpath -u '${{steps.download_meterpreter.outputs.download-path}}') + cp -r $download_path/python_php_windows-artifacts/* ./metasploit-framework - name: Install mettle gem if: ${{ matrix.meterpreter.name == 'mettle' && inputs.build_mettle }} @@ -246,9 +308,9 @@ jobs: if: ${{ inputs.build_metasploit_payloads && matrix.meterpreter.name != 'mettle' }} uses: actions/checkout@v4 with: - repository: rapid7/metasploit-payloads + repository: cgranleese-r7/metasploit-payloads path: metasploit-payloads - ref: ${{ inputs.metasploit_payloads_commit }} + ref: meterpreter-resolve-multiple-hosts - name: Get metasploit-payloads version if: ${{ inputs.build_metasploit_payloads && matrix.meterpreter.name != 'mettle' }} @@ -256,49 +318,45 @@ jobs: run: echo "METASPLOIT_PAYLOADS_VERSION=$(ruby -ne "puts Regexp.last_match(1) if /VERSION\s+=\s+'([^']+)'/" gem/lib/metasploit-payloads/version.rb)" | tee -a $GITHUB_ENV working-directory: metasploit-payloads - - name: Build metasploit-payloads gem - if: ${{ inputs.build_metasploit_payloads && matrix.meterpreter.name != 'mettle' }} - run: gem build ./gem/metasploit-payloads.gemspec - working-directory: metasploit-payloads - - - name: Copy metasploit-payloads gem into metasploit-framework - if: ${{ inputs.build_metasploit_payloads && matrix.meterpreter.name != 'mettle' }} - shell: bash - run: cp ../metasploit-payloads/metasploit-payloads-${{ env.METASPLOIT_PAYLOADS_VERSION }}.gem . - working-directory: metasploit-framework +# - name: Copy metasploit-payloads gem into metasploit-framework +# if: ${{ inputs.build_metasploit_payloads && matrix.meterpreter.name != 'mettle' }} +# shell: bash +# run: cp ../metasploit-payloads/gem/pkg/metasploit-payloads-${{ env.METASPLOIT_PAYLOADS_VERSION }}.gem . +# working-directory: metasploit-framework - name: Install metasploit-payloads gem if: ${{ inputs.build_metasploit_payloads && matrix.meterpreter.name != 'mettle' }} run: | bundle exec gem install metasploit-payloads-${{ env.METASPLOIT_PAYLOADS_VERSION }}.gem + ruby -pi.bak -e "gsub(/'metasploit-payloads', '.*'/, '\'metasploit-payloads\'')" metasploit-framework.gemspec bundle config unset deployment bundle update metasploit-payloads bundle install working-directory: metasploit-framework - - name: Build Windows payloads via Visual Studio 2019 Build (Windows) - shell: cmd - if: ${{ matrix.meterpreter.name == 'windows_meterpreter' && matrix.os == 'windows-2019' && inputs.build_metasploit_payloads }} - run: | - cd c/meterpreter - git submodule init && git submodule update - "C:\Program Files (x86)\Microsoft Visual Studio\2019\Enterprise\Common7\Tools\VsDevCmd.bat" && make.bat - working-directory: metasploit-payloads - - - name: Build Windows payloads via Visual Studio 2022 Build (Windows) - shell: cmd - if: ${{ matrix.meterpreter.name == 'windows_meterpreter' && matrix.os == 'windows-2022' && inputs.build_metasploit_payloads }} - run: | - cd c/meterpreter - git submodule init && git submodule update - make.bat - working-directory: metasploit-payloads - - - name: Build PHP, Python and Windows payloads - if: ${{ (matrix.meterpreter.name == 'php' || matrix.meterpreter.name == 'python' || runner.os == 'Windows') && inputs.build_metasploit_payloads }} - run: | - make install-php install-python install-windows - working-directory: metasploit-payloads +# - name: Build Windows payloads via Visual Studio 2019 Build (Windows) +# shell: cmd +# if: ${{ matrix.meterpreter.name == 'windows_meterpreter' && matrix.os == 'windows-2019' && inputs.build_metasploit_payloads }} +# run: | +# cd c/meterpreter +# git submodule init && git submodule update +# "C:\Program Files (x86)\Microsoft Visual Studio\2019\Enterprise\Common7\Tools\VsDevCmd.bat" && make.bat +# working-directory: metasploit-payloads +# +# - name: Build Windows payloads via Visual Studio 2022 Build (Windows) +# shell: cmd +# if: ${{ matrix.meterpreter.name == 'windows_meterpreter' && matrix.os == 'windows-2022' && inputs.build_metasploit_payloads }} +# run: | +# cd c/meterpreter +# git submodule init && git submodule update +# make.bat +# working-directory: metasploit-payloads + +# - name: Build PHP, Python and Windows payloads +# if: ${{ (matrix.meterpreter.name == 'php' || matrix.meterpreter.name == 'python' || runner.os == 'Windows') && inputs.build_metasploit_payloads }} +# run: | +# make install-php install-python install-windows +# working-directory: metasploit-payloads - name: Acceptance env: