Skip to content

Commit 94c1167

Browse files
adfoster-r7adfoster-r7
authored
Merge pull request rapid7#19829 from cgranleese-r7/updates-meterpeter-pipeline-to-build-payloads-gem
Updates `shared_meterpreter_acceptance.yml` pipeline to build the metasploit-payloads gem
2 parents cddfb49 + 1b50e60 commit 94c1167

File tree

2 files changed

+60
-58
lines changed

2 files changed

+60
-58
lines changed

.github/workflows/shared_meterpreter_acceptance.yml

Lines changed: 54 additions & 52 deletions
Original file line numberDiff line numberDiff line change
@@ -30,11 +30,11 @@ on:
3030
type: boolean
3131

3232
jobs:
33-
# Compile Java Meterpreter via docker if required, we can't always do this on the
33+
# Compile the Meterpreter payloads via docker if required, we can't always do this on the
3434
# host environment (i.e. for macos). So it instead gets compiled first on a linux
3535
# host, then the artifacts are copied back to the host later
36-
java_meterpreter_compilation:
37-
name: Compile Java Meterpreter
36+
meterpreter_compilation:
37+
name: Compile Meterpreter
3838
runs-on: ubuntu-latest
3939
if: ${{ inputs.build_metasploit_payloads }}
4040

@@ -46,21 +46,22 @@ jobs:
4646
path: metasploit-payloads
4747
ref: ${{ inputs.metasploit_payloads_commit }}
4848

49-
- name: Build Java and Android payloads
49+
- name: Build Meterpreter payloads
5050
run: |
51-
mkdir $(pwd)/java-artifacts
52-
docker run --rm -w "$(pwd)" -v "$(pwd):$(pwd)" rapid7/msf-ubuntu-x64-meterpreter:latest /bin/bash -c "set -x && cd metasploit-payloads/java && mvn package -Dandroid.sdk.path=/usr/local/android-sdk -Dandroid.release=true -Ddeploy.path=../../java-artifacts -Dmaven.test.skip=true -P deploy && mvn -Dmaven.test.skip=true -Ddeploy.path=../../java-artifacts -P deploy package"
51+
mkdir $(pwd)/meterpreter-artifacts
52+
docker run --rm -w $(pwd) -v $(pwd):$(pwd) rapid7/msf-ubuntu-x64-meterpreter:latest /bin/bash -c "cd metasploit-payloads/gem && rake create_dir && rake win_copy && rake php_prep && rake java_prep && rake python_prep && rake create_manifest && rake build"
53+
cp $(pwd)/metasploit-payloads/gem/pkg/metasploit-payloads-* $(pwd)/meterpreter-artifacts
5354
54-
- name: Store Java artifacts
55+
- name: Store Meterpreter artifacts
5556
uses: actions/upload-artifact@v4
5657
with:
57-
name: java-artifacts
58-
path: java-artifacts
58+
name: meterpreter-artifacts
59+
path: meterpreter-artifacts
5960

6061
# Run all test individually, note there is a separate final job for aggregating the test results
6162
test:
62-
needs: java_meterpreter_compilation
63-
if: always() && (needs.java_meterpreter_compilation.result == 'success' || needs.java_meterpreter_compilation.result == 'skipped')
63+
needs: meterpreter_compilation
64+
if: always() && (needs.meterpreter_compilation.result == 'success' || needs.meterpreter_compilation.result == 'skipped')
6465

6566
strategy:
6667
fail-fast: false
@@ -208,28 +209,28 @@ jobs:
208209
working-directory: metasploit-framework
209210

210211
- uses: actions/download-artifact@v4
211-
name: Download Java meterpreter
212-
id: download_java_meterpreter
213-
if: ${{ matrix.meterpreter.name == 'java' && inputs.build_metasploit_payloads }}
212+
name: Download Meterpreter
213+
id: download_meterpreter
214+
if: ${{ matrix.meterpreter.name != 'mettle' && inputs.build_metasploit_payloads }}
214215
with:
215216
# Note: Not specifying a name will download all artifacts from the previous workflow jobs
216217
path: raw-data
217218

218-
- name: Extract Java Meterpreter (Unix)
219-
if: ${{ matrix.meterpreter.name == 'java' && runner.os != 'Windows' && inputs.build_metasploit_payloads }}
219+
- name: Extract Meterpreter (Unix)
220+
if: ${{ matrix.meterpreter.name != 'mettle' && runner.os != 'Windows' && inputs.build_metasploit_payloads }}
220221
shell: bash
221222
run: |
222223
set -x
223-
download_path=${{steps.download_java_meterpreter.outputs.download-path}}
224-
cp -r $download_path/java-artifacts/data/* ./metasploit-framework/data
224+
download_path=${{steps.download_meterpreter.outputs.download-path}}
225+
cp -r $download_path/meterpreter-artifacts/* ./metasploit-framework
225226
226-
- name: Extract Java Meterpreter (Windows)
227-
if: ${{ matrix.meterpreter.name == 'java' && runner.os == 'Windows' && inputs.build_metasploit_payloads }}
227+
- name: Extract Meterpreter (Windows)
228+
if: ${{ matrix.meterpreter.name != 'mettle' && runner.os == 'Windows' && inputs.build_metasploit_payloads }}
228229
shell: bash
229230
run: |
230231
set -x
231-
download_path=$(cygpath -u '${{steps.download_java_meterpreter.outputs.download-path}}')
232-
cp -r $download_path/java-artifacts/data/* ./metasploit-framework/data
232+
download_path=$(cygpath -u '${{steps.download_meterpreter.outputs.download-path}}')
233+
cp -r $download_path/meterpreter-artifacts/* ./metasploit-framework
233234
234235
- name: Install mettle gem
235236
if: ${{ matrix.meterpreter.name == 'mettle' && inputs.build_mettle }}
@@ -250,32 +251,6 @@ jobs:
250251
path: metasploit-payloads
251252
ref: ${{ inputs.metasploit_payloads_commit }}
252253

253-
- name: Get metasploit-payloads version
254-
if: ${{ inputs.build_metasploit_payloads && matrix.meterpreter.name != 'mettle' }}
255-
shell: bash
256-
run: echo "METASPLOIT_PAYLOADS_VERSION=$(ruby -ne "puts Regexp.last_match(1) if /VERSION\s+=\s+'([^']+)'/" gem/lib/metasploit-payloads/version.rb)" | tee -a $GITHUB_ENV
257-
working-directory: metasploit-payloads
258-
259-
- name: Build metasploit-payloads gem
260-
if: ${{ inputs.build_metasploit_payloads && matrix.meterpreter.name != 'mettle' }}
261-
run: gem build ./gem/metasploit-payloads.gemspec
262-
working-directory: metasploit-payloads
263-
264-
- name: Copy metasploit-payloads gem into metasploit-framework
265-
if: ${{ inputs.build_metasploit_payloads && matrix.meterpreter.name != 'mettle' }}
266-
shell: bash
267-
run: cp ../metasploit-payloads/metasploit-payloads-${{ env.METASPLOIT_PAYLOADS_VERSION }}.gem .
268-
working-directory: metasploit-framework
269-
270-
- name: Install metasploit-payloads gem
271-
if: ${{ inputs.build_metasploit_payloads && matrix.meterpreter.name != 'mettle' }}
272-
run: |
273-
bundle exec gem install metasploit-payloads-${{ env.METASPLOIT_PAYLOADS_VERSION }}.gem
274-
bundle config unset deployment
275-
bundle update metasploit-payloads
276-
bundle install
277-
working-directory: metasploit-framework
278-
279254
- name: Build Windows payloads via Visual Studio 2019 Build (Windows)
280255
shell: cmd
281256
if: ${{ matrix.meterpreter.name == 'windows_meterpreter' && matrix.os == 'windows-2019' && inputs.build_metasploit_payloads }}
@@ -294,12 +269,39 @@ jobs:
294269
make.bat
295270
working-directory: metasploit-payloads
296271

297-
- name: Build PHP, Python and Windows payloads
298-
if: ${{ (matrix.meterpreter.name == 'php' || matrix.meterpreter.name == 'python' || runner.os == 'Windows') && inputs.build_metasploit_payloads }}
299-
run: |
300-
make install-php install-python install-windows
272+
- name: Get metasploit-payloads version
273+
if: ${{ inputs.build_metasploit_payloads && matrix.meterpreter.name != 'mettle' }}
274+
shell: bash
275+
run: echo "METASPLOIT_PAYLOADS_VERSION=$(ruby -ne "puts Regexp.last_match(1) if /VERSION\s+=\s+'([^']+)'/" gem/lib/metasploit-payloads/version.rb)" | tee -a $GITHUB_ENV
301276
working-directory: metasploit-payloads
302277

278+
- name: Install metasploit-payloads gem
279+
if: ${{ inputs.build_metasploit_payloads && matrix.meterpreter.name != 'mettle' }}
280+
run: |
281+
bundle exec gem install metasploit-payloads-${{ env.METASPLOIT_PAYLOADS_VERSION }}.gem
282+
working-directory: metasploit-framework
283+
284+
- name: Remove metasploit-payloads version from metasploit-framework.gemspec
285+
if: ${{ inputs.build_metasploit_payloads && matrix.meterpreter.name != 'mettle' && runner.os != 'Windows' }}
286+
run: |
287+
ruby -pi -e "gsub(/metasploit-payloads', '\d+.\d+.\d+/, 'metasploit-payloads')" metasploit-framework.gemspec
288+
working-directory: metasploit-framework
289+
290+
- name: Remove metasploit-payloads version from metasploit-framework.gemspec (Windows)
291+
if: ${{ inputs.build_metasploit_payloads && (runner.os == 'Windows' && matrix.meterpreter.name != 'windows_meterpreter') && matrix.meterpreter.name != 'mettle' }}
292+
shell: cmd
293+
run: |
294+
ruby -pi.bak -e "gsub(/metasploit-payloads', '\d+.\d+.\d+/, 'metasploit-payloads')" metasploit-framework.gemspec
295+
working-directory: metasploit-framework
296+
297+
- name: Bundle update/install metasploit-payloads gem
298+
if: ${{ inputs.build_metasploit_payloads && matrix.meterpreter.name != 'mettle' }}
299+
run: |
300+
bundle config unset deployment
301+
bundle update metasploit-payloads
302+
bundle install
303+
working-directory: metasploit-framework
304+
303305
- name: Acceptance
304306
env:
305307
SPEC_HELPER_LOAD_METASPLOIT: false

docs/metasploit-framework.wiki/Payload-Testing.md

Lines changed: 6 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -15,27 +15,27 @@ Once the appropriate repository label is added, you will need to edit the GitHub
1515
repository and branch you want to test. Below I will outline some changes that are required to make this work, update
1616
the following lines like so:
1717

18-
1. Point at your forked repository - [line to update](https://github.com/rapid7/metasploit-framework/blob/2355ab546d02bfee99183083b12c6953836c12a1/.github/workflows/shared_meterpreter_acceptance.yml#L188):
18+
1. Point at your forked repository - [line to update](https://github.com/rapid7/metasploit-framework/blob/2355ab546d02bfee99183083b12c6953836c12a1/.github/workflows/shared_meterpreter_acceptance.yml#L189):
1919
```yaml
2020
repository: foo-r7/metasploit-framework
2121
```
2222
23-
2. Point at your forked repository branch - [line to update](https://github.com/rapid7/metasploit-framework/blob/2355ab546d02bfee99183083b12c6953836c12a1/.github/workflows/shared_meterpreter_acceptance.yml#L190):
23+
2. Point at your forked repository branch - [line to update](https://github.com/rapid7/metasploit-framework/blob/2355ab546d02bfee99183083b12c6953836c12a1/.github/workflows/shared_meterpreter_acceptance.yml#L191):
2424
```yaml
2525
ref: fixes-all-the-bugs
2626
```
2727
28-
3. Point at your forked repository that contains the payload changes you'd like to test - [line to update](https://github.com/rapid7/metasploit-framework/blob/2355ab546d02bfee99183083b12c6953836c12a1/.github/workflows/shared_meterpreter_acceptance.yml#L249)
28+
3. Point at your forked repository that contains the payload changes you'd like to test - update lines [45](https://github.com/rapid7/metasploit-framework/blob/2355ab546d02bfee99183083b12c6953836c12a1/.github/workflows/shared_meterpreter_acceptance.yml#L45) and [250](https://github.com/rapid7/metasploit-framework/blob/2355ab546d02bfee99183083b12c6953836c12a1/.github/workflows/shared_meterpreter_acceptance.yml#L250):
2929
```yaml
3030
repository: foo-r7/metasploit-payloads
3131
```
3232
33-
4. Point at your forked repository branch that contains the payload changes you'd like to test - [line to update](https://github.com/rapid7/metasploit-framework/blob/2355ab546d02bfee99183083b12c6953836c12a1/.github/workflows/shared_meterpreter_acceptance.yml#L251):
33+
4. Point at your forked repository branch that contains the payload changes you'd like to test - update lines [47](https://github.com/rapid7/metasploit-framework/blob/2355ab546d02bfee99183083b12c6953836c12a1/.github/workflows/shared_meterpreter_acceptance.yml#L47) and [252](https://github.com/rapid7/metasploit-framework/blob/2355ab546d02bfee99183083b12c6953836c12a1/.github/workflows/shared_meterpreter_acceptance.yml#L252):
3434
```yaml
3535
ref: fixes-all-the-payload-bugs
3636
```
3737
3838
Steps 3 and 4 outline the steps required when steps testing metasploit-payloads. The same steps apply for Mettle, the
3939
following lines would need updated:
40-
- Point at your forked repository that contain the payload changes you'd like to test - [line](https://github.com/rapid7/metasploit-framework/blob/2355ab546d02bfee99183083b12c6953836c12a1/.github/workflows/shared_meterpreter_acceptance.yml#L155).
41-
- Point at your forked repository branch that contains the payload changes you'd like to test - [line](https://github.com/rapid7/metasploit-framework/blob/2355ab546d02bfee99183083b12c6953836c12a1/.github/workflows/shared_meterpreter_acceptance.yml#L157).
40+
- Point at your forked repository that contain the payload changes you'd like to test - [line](https://github.com/rapid7/metasploit-framework/blob/2355ab546d02bfee99183083b12c6953836c12a1/.github/workflows/shared_meterpreter_acceptance.yml#L156).
41+
- Point at your forked repository branch that contains the payload changes you'd like to test - [line](https://github.com/rapid7/metasploit-framework/blob/2355ab546d02bfee99183083b12c6953836c12a1/.github/workflows/shared_meterpreter_acceptance.yml#L158).

0 commit comments

Comments
 (0)