From f1fcfd617601fbaf6d8f820e12b2319ffde3d62d Mon Sep 17 00:00:00 2001 From: Ashley Donaldson Date: Wed, 16 Oct 2024 17:29:41 +1100 Subject: [PATCH] Handle discrepance of process launching on Windows between different versions of Java --- .../stdapi/stdapi_sys_process_execute.java | 123 ++++++++++-------- 1 file changed, 68 insertions(+), 55 deletions(-) diff --git a/java/meterpreter/stdapi/src/main/java/com/metasploit/meterpreter/stdapi/stdapi_sys_process_execute.java b/java/meterpreter/stdapi/src/main/java/com/metasploit/meterpreter/stdapi/stdapi_sys_process_execute.java index 4bec2f964..016f51210 100644 --- a/java/meterpreter/stdapi/src/main/java/com/metasploit/meterpreter/stdapi/stdapi_sys_process_execute.java +++ b/java/meterpreter/stdapi/src/main/java/com/metasploit/meterpreter/stdapi/stdapi_sys_process_execute.java @@ -67,70 +67,83 @@ public int execute(Meterpreter meterpreter, TLVPacket request, TLVPacket respons // On Windows, Java quote-escapes _some_ arguments (like those with spaces), but doesn't deal correctly with some // edge cases; e.g. empty strings, strings that already have quotes. - protected String escapeArg(String arg) { + protected String escapeArgWindows(String arg) { if (arg == null) { return null; } - String osName = System.getProperty("os.name"); - if (osName != null && osName.toLowerCase().contains("windows")) { - if (arg.equals("")) { - return "\"\""; - } else { - StringBuilder sb = new StringBuilder(); - int numBackslashes = 0; - boolean needsQuoting = false; - for (int i = 0; i < arg.length(); i++) { - char c = arg.charAt(i); - switch (c) { - case '"': { - for (int nb = 0; nb < numBackslashes; nb++) { - sb.append('\\'); - } - numBackslashes = 0; - sb.append('\\'); - break; - } - case '\\': { - numBackslashes++; - break; - } - case ' ': - case '\t': - case (char)11: - { - needsQuoting = true; - numBackslashes = 0; - break; - } - default: { - numBackslashes = 0; - break; - } - } - sb.append(c); - } - if (needsQuoting) { - for (int nb = 0; nb < numBackslashes; nb++) { - sb.append('\\'); - } - return "\"" + sb.toString() + "\""; - } - return sb.toString(); + if (arg.equals("")) { + return "\"\""; + } else { + StringBuilder sb = new StringBuilder(); + int numBackslashes = 0; + boolean needsQuoting = false; + for (int i = 0; i < arg.length(); i++) { + char c = arg.charAt(i); + switch (c) { + case '"': { + for (int nb = 0; nb < numBackslashes; nb++) { + sb.append('\\'); + } + numBackslashes = 0; + sb.append('\\'); + break; + } + case '\\': { + numBackslashes++; + break; + } + case ' ': + case '\t': + case (char)11: + { + needsQuoting = true; + numBackslashes = 0; + break; + } + default: { + numBackslashes = 0; + break; + } + } + sb.append(c); + } + if (needsQuoting) { + for (int nb = 0; nb < numBackslashes; nb++) { + sb.append('\\'); + } + return "\"" + sb.toString() + "\""; + } + return sb.toString(); + } + } + + protected Process executeWindows(String cmd, ArrayList args) throws IOException { + StringBuilder cmdString = new StringBuilder(); + cmdString.append(cmd); + if (args.size() > 0) { + for (String arg : args) { + cmdString.append(" "); + cmdString.append(escapeArgWindows(arg)); } - } else { - return arg; } + + return execute(cmdString.toString()); } protected Process execute(String cmd, ArrayList args) throws IOException { - ArrayList cmdAndArgs = new ArrayList(); - cmdAndArgs.add(cmd); - for (String arg : args) { - cmdAndArgs.add(escapeArg(arg)); + String osName = System.getProperty("os.name"); + if (osName != null && osName.toLowerCase().contains("windows")) { + return executeWindows(cmd, args); + } else { + ArrayList cmdAndArgs = new ArrayList(); + cmdAndArgs.add(cmd); + for (String arg : args) { + cmdAndArgs.add(arg); + } + ProcessBuilder builder = new ProcessBuilder(cmdAndArgs); + builder.directory(Loader.getCWD()); + return builder.start(); } - ProcessBuilder builder = new ProcessBuilder(cmdAndArgs); - builder.directory(Loader.getCWD()); - return builder.start(); } protected Process execute(String cmdstr) throws IOException {