Meterpreter's sniffer extension freezes 64-bit systems

bdamele · bdamele · commit d6b52242c7dd · 2011-07-20T13:50:02.000Z
Meterpreter's priv extension is loaded by default since Metasploit 3.5 or so.
There is no shellcodeexec 64-bit yet, anyway as the Metasploit payload is encoded with a 32-bit encoded (alphanumeric), it's all fine.
diff --git a/lib/takeover/metasploit.py b/lib/takeover/metasploit.py
@@ -414,8 +414,8 @@ def __loadMetExtensions(self, proc, metSess):
 
         proc.stdin.write("use espia\n")
         proc.stdin.write("use incognito\n")
-        proc.stdin.write("use priv\n")
-        proc.stdin.write("use sniffer\n")
+        # NOTE: this extension freezes the connection on 64-bit systems
+        #proc.stdin.write("use sniffer\n")
         proc.stdin.write("sysinfo\n")
         proc.stdin.write("getuid\n")
 
@@ -540,7 +540,7 @@ def uploadShellcodeexec(self, web=False):
         self.shellcodeexecLocal = paths.SQLMAP_SEXEC_PATH
 
         if Backend.isOs(OS.WINDOWS):
-            self.shellcodeexecLocal += "/windows/shellcodeexec.x%s.exe" % Backend.getArch()
+            self.shellcodeexecLocal += "/windows/shellcodeexec.x%s.exe" % "32"
         else:
             self.shellcodeexecLocal += "/linux/shellcodeexec.x%s" % Backend.getArch()
 
