Metasploit Framework

So what we have now is TLSv1, with the first encrypted request going from client to server with the contents of a GET request. Once this is received by the server, communication is established and modules are loaded. With the exception of the staging code (sending metsrv.dll down), the communication protocol already mimics HTTPs. In order to remove the staging code, a standalone executable would need to be built with the metsrv.dll code already included.

Is this feature request for implementing a stager over SSL, making a standalone payload with the staging process omitted, or actually changing the protocol used by Meterpreter to closely match HTTPS?

Just an update to note that Meterpreter is now SSLv3 vs TLSv1

In binary form reverse_https could benefit from a few advantages of being non-staged. First, the binary could talk full SSL for the entire life of the connection. Second it could solve the tunneling problem where multi/handler passes it's LHOST instead of using the LHOST built into the binary. Third, possibly down the road, an Pre-run meterpreter script might be able to be pushed into the binary.

I understand the size issue but bandwith is rapidly increasing across the board and having a MB vice a 73k one might not be such a big deal, depending on the situation.

One way we could implement this in the short-term; generate a payload that is a reverse_tcp_dns stub, but instead of reading the stage from the network, configures the socket in the appropriate register and continues execution into the reflective stub. This only tricky thing about this is we would be treating the entire metsrv.dll binary as a payload, so we will hit space limitations with our current template. The "right" way would be to build a metsvc exe that did the connect first, however the #1 request we would receive is how to encode it...