Metasploit-framework: Update PHP Meterpreter SSL Support Code

I am interested to work on this issue .
I am new to git community kindly help to work on it .

1.The PHP code is already present in the new repository at rapid7/metasploit-payloads. Do we have to move something else too?

1. I am unable to 'make install-php' payloads in the repo metasploit-payloads after cloning it.
2. Regarding the merging the functionality portion, How do I test whether it works or not in metasploit-payloads, is there 'rake spec' there too?

@busterb

Please look at the original PR carefully. It adds a file called data/meterpreter/meterpreter_ssl.php, the contents of which should be inside if metasploit-payloads now.

If your install works correctly, you should see something like this:

~/projects/metasploit-payloads$ make install-php
Installing PHP payloads

To test this, you would of course check out the original PR, and devise a test plan for starting the payload, ensuring it works in different environments. You might ping @bwatters-r7 to facilitate some automatic testing of PHP payloads.

I wrote the SSL code a long time ago and dumped it into the framework PR queue just to have it on the record. The proper way (IMO) to do this is to have the php code compose the meterpreter to be used on the fly including only the requisite transport pieces to reduce size and increase on the wire entropy.

Essentially an ERB template which conditionally interpolates the needed code segments and values while leaving out other pieces which aren't used yet. We also need to add client cert and validation. This was originally written along with the bare SSL shells, without any intelligence in handling the TLS context - its only maintains secrecy when passive sniffing without the TLS materiel is a concern, and performs no identity verification.

Thanks for taking this on by the way.

Where is the file 'reverse_tcp.php'?? Are we supposed to write it down?? @sempervictus @busterb

Sorry man, question does not compute.

@itsmeroy2012 Do you mean: https://github.com/rapid7/metasploit-framework/blob/master/modules/payloads/stagers/php/reverse_tcp.rb ?

Apologies, I should have been more detailed. @timwr @busterb
While studying the five files that @sempervictus created here https://github.com/rapid7/metasploit-framework/pull/7669/files . There is one particular file metasploit-framework/modules/payloads/stagers/php/reverse_tcp_ssl.rb . Which is uploaded below. In that file check Line 39. It reads from another file reverse_tcp.php . I'm uploading the file as .txt as github doesn't support .rb:

File: reverse_tcp_ssl.txt

As mentioned in the first sentence of this issue "The original PR was based on an older layout of the Metasploit repository and no longer applies cleanly." In other words, that file has since been renamed and moved since the original PR. You can use git to dredge it up from history if you like (please don't ask me how, that's left as an exercise to the reader).

I suggest just looking at what the code in the original PR does and, using it as a _guide_, reimplement the functionality using @sempervictus 's suggestions above and on the original PR.