One balmy Texas winter’s eve, having closed the pull request tab for the night, I lie in bed poking at my computer, pondering the next thing to do. As the clock strikes midnight, I see a popup in my notifications: “Tonight, you will be visited by three spirits: the ghosts of HaXmas past!” A chill runs down my spine. Recharging in my fading battery and memory, I brace for the coming trip through the memories past promises and eternal optimism that HaXmas brings out this time of year.
‘12 Days of HaXmas: Does It Blend Like a Duck?’ (2014)
First to visit, “12 Days of HaXmas: Does It Blend Like a Duck?” rattled its chains out of the blog archives and onto my screen. At the time of writing in 2014, I had only been with Rapid7 for a couple of weeks, and obviously I didn’t know what I was doing! So in sticking with what I did know, I just described general experiences making a cryptography library work on various operating systems. Along the way, I make a prediction we would incorporate it into Meterpreter someday as well:
“My eventual goal is to incorporate this work into Meterpreter, updating the aging, yet nicely Heartbleed-free, OpenSSL 0.9.8 that it currently uses.”
Fast-forward a few years later, and what really happened? For a while, I looked at incorporating the new code, but it was really a lot larger than desired, the features were overkill. It turned out to be a lot easier to add native obfuscation and encryption into Meterpreter itself, removing the need to embed an SSL library entirely. This also reduced the siz ..
Support the originator by clicking the read the rest link below.
