metasploit-framework
metasploit-framework copied to clipboard
rapid7
get_env("TEMP") gives wrong results
Steps to reproduce
How'd you do it?
- get a meterpreter shell on Windows 7 (6.1 Build 7601, Service Pack 1).
- run
getenv TEMP.
Expected behavior
The TEMP variable should be like C:\Users\xxx\AppData\Local\Temp.
Current behavior
It gives a wrong result, which can fail modules that rely on get_env("TEMP").
Other environment variables are correct.
Metasploit version
6.2.29-dev-
Additional Information
meterpreter > getenv TEMP
SEND: #<Rex::Post::Meterpreter::Packet type=Request tlvs=[
#<Rex::Post::Meterpreter::Tlv type=COMMAND_ID meta=INT value=1052 command=stdapi_sys_config_getenv>
#<Rex::Post::Meterpreter::Tlv type=REQUEST_ID meta=STRING value="08428365247265091434294048599538">
#<Rex::Post::Meterpreter::Tlv type=ENV_VARIABLE meta=STRING value="TEMP">
]>
RECV: #<Rex::Post::Meterpreter::Packet type=Response tlvs=[
#<Rex::Post::Meterpreter::Tlv type=COMMAND_ID meta=INT value=1052 command=stdapi_sys_config_getenv>
#<Rex::Post::Meterpreter::Tlv type=REQUEST_ID meta=STRING value="08428365247265091434294048599538">
#<Rex::Post::Meterpreter::GroupTlv type=ENV_GROUP tlvs=[
#<Rex::Post::Meterpreter::Tlv type=ENV_VARIABLE meta=STRING value="TEMP">
#<Rex::Post::Meterpreter::Tlv type=ENV_VALUE meta=STRING value="\x18\xE7\x81\xA1\xE6\xA9\xA7s\xE1\xA5\xB4\xE3\x97 ...">
]>
#<Rex::Post::Meterpreter::Tlv type=RESULT meta=INT value=0>
#<Rex::Post::Meterpreter::Tlv type=UUID meta=RAW value="\x94A\xFAt\xE8\x1D\xDD\x8B\xB0\xCB\xB1\xC9\xD3i~\ ...">
]>
Environment Variables
=====================
Variable Value
-------- -----
TEMP ������s�������������
meterpreter >
Looks like an issue when the environment variable doesn't exist. Was able to reproduce this on Server 2019.
[*] Meterpreter session 1 opened (192.168.250.134:4444 -> 192.168.250.237:59454) at 2023-01-09 08:57:49 -0500
meterpreter > getenv TEMP
Environment Variables
=====================
Variable Value
-------- -----
TEMP C:\Windows\TEMP
meterpreter > getenv FOOBAR
Environment Variables
=====================
Variable Value
-------- -----
FOOBAR �����������������������������������������������������S���������������������������������������������������
meterpreter >
@prabhatjoshi321 No need to ask, feel free to just say you would like to take it and put up a PR anytime 👍 We're always happy to accept contributions for issues. I've assigned you in the meantime.
Note that if someone is assigned alright you'll see it in the top right of the issue under assignees. In that case reach out to the person assigned and mention your interested; in most cases they might already be working on a solution but sometimes they may need some extra insights or could use the extra hand.
We typically assign ourselves to issues we are personally working on or want to reserve to work on next. We also do this with popular bugs to let people know we are working on a solution in house so that multiple people aren't trying to contribute a module at the same time.
Hope that helps clear things up a bit but let me know if anything is confusing or seems to be insufficiently explained on my part and I'll be happy to assist; I know sometimes my wording isn't the best 😄
Thanks a lot for the explanation @gwillcox-r7. That cleared my doubts for the contribution part.
@prabhatjoshi321 It looks like this will need a code change in the C Meterpreter implementation, is this an issue you wanted to continue working on? No worries if not
Sorry, got busy with some tasks and so couldn't continue with this. It'll take some time for me to start collaborating again, so you can unassign me from this task for now.