Skip to content

Add Windows x64 acceptance testing support..... maybe? #20543

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
wants to merge 6 commits into from
Closed

Add Windows x64 acceptance testing support..... maybe? #20543

wants to merge 6 commits into from
+19 −1

Conversation

bwatters-r7
Copy link
Contributor

I'm hoping this adds tests for x64 Windows Meterpreters?
image

dledda-r7
dledda-r7 reviewed Sep 15, 2025
View reviewed changes
spec/support/acceptance/session/windows_meterpreter.rb Outdated
module: {
# Not supported by Windows Meterpreter
# MeterpreterTryToFork: false,
MeterpreterDebugBuild: true
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think we should extend the testing of both Debug and Relese binaries for all architecture we support.

@bwatters-r7
Copy link
Contributor Author

@diego, agreed, but I want to verify with people that made this. I don't know what the thought process is.
That said, this appears to look good?
image

@smcintyre-r7
Copy link
Contributor

I tracked down the PR in which this was initially added in to #18210. It doesn't mention any reason for omitting x64. It may not have been considered necessary at the time.

I think in order to get these tests running so they can be confirmed before we merge this, we need to go through the Payload Testing steps to update the references to point to this branch. With that and the label in place, the new changes should run so we can get this approved and merged. We'll just want to revert the changes back after the new tests have run.

@bwatters-r7
Copy link
Contributor Author

The tests appear to run in the checks for this PR under the build/windows_meterpreter Windows 2022 acceptance tests.

@dledda-r7
Copy link
Contributor

rapid7/metasploit-payloads#771

@bwatters-r7
Add payloads for testing:
820d128 
x64/meterpreter_reverse_tcp
x64/meterpreter/reverse_https
x64/meterpreter_reverse_http
x64/meterpreter/bind_tcp
meterpreter_bind_tcp
@bwatters-r7
Remove a few tests to see what happens
5ae2b98
@bwatters-r7
Re-add http
7b374b7
@bwatters-r7
try bind
39ba572
@bwatters-r7
Copy link
Contributor Author

bwatters-r7 commented Sep 16, 2025
edited
Loading

Some observations. For currently unknown reasons, http[s] payloads do not work. For known reasons, bind payloads do not work:

��msf�� payload(����windows/x64/meterpreter_bind_tcp��) ��> 
[write] generate -o D:/a/_temp/child-process-rb-windows-x---meterpreter-bind-tcp20250916-6588-qhxsq0.exe -f exe AutoVerifySessionTimeout=30 lport=6001 lhost=127.0.0.1 MeterpreterDebugLogging=rpath:D:/a/_temp/windowsx64meterpreter_bind_tcp_debug_log20250916-6588-26vaz1txt MeterpreterDebugBuild=true

Note we assign lhost, even though this is a bind payload.
This is defined here:

metasploit-framework/spec/acceptance/meterpreter_spec.rb

Line 98 in 99c24c3

let(:default_module_datastore) do

As such, I just added the x64 meterpreter back and will leave just those 2 payloads for now. I'll likely close this PR and put up a new one, as there's no reason to cloud up the commit history on upstream, but having a history of this for breadcrumbs might be useful.

@bwatters-r7 bwatters-r7 mentioned this pull request Sep 17, 2025
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@dledda-r7 dledda-r7 dledda-r7 left review comments

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@bwatters-r7 @smcintyre-r7 @dledda-r7