From d6b52242c7ddabcdc16b53faabf84a41cce0babc Mon Sep 17 00:00:00 2001
From: Bernardo Damele <bernardo.damele@gmail.com>
Date: Wed, 20 Jul 2011 13:50:02 +0000
Subject: [PATCH] Meterpreter's sniffer extension freezes 64-bit systems
 Meterpreter's priv extension is loaded by default since Metasploit 3.5 or so.
 There is no shellcodeexec 64-bit yet, anyway as the Metasploit payload is
 encoded with a 32-bit encoded (alphanumeric), it's all fine.

---
 lib/takeover/metasploit.py | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/lib/takeover/metasploit.py b/lib/takeover/metasploit.py
index 9ec4e00db..63d1d5946 100644
--- a/lib/takeover/metasploit.py
+++ b/lib/takeover/metasploit.py
@@ -414,8 +414,8 @@ class Metasploit:
 
         proc.stdin.write("use espia\n")
         proc.stdin.write("use incognito\n")
-        proc.stdin.write("use priv\n")
-        proc.stdin.write("use sniffer\n")
+        # NOTE: this extension freezes the connection on 64-bit systems
+        #proc.stdin.write("use sniffer\n")
         proc.stdin.write("sysinfo\n")
         proc.stdin.write("getuid\n")
 
@@ -540,7 +540,7 @@ class Metasploit:
         self.shellcodeexecLocal = paths.SQLMAP_SEXEC_PATH
 
         if Backend.isOs(OS.WINDOWS):
-            self.shellcodeexecLocal += "/windows/shellcodeexec.x%s.exe" % Backend.getArch()
+            self.shellcodeexecLocal += "/windows/shellcodeexec.x%s.exe" % "32"
         else:
             self.shellcodeexecLocal += "/linux/shellcodeexec.x%s" % Backend.getArch()