rapid7 · msutovsky-r7 · Aug 7, 2025 · Apr 8, 2025 · Apr 9, 2025 · Jun 2, 2025
diff --git a/lib/msf/base/sessions/meterpreter.rb b/lib/msf/base/sessions/meterpreter.rb
@@ -180,32 +180,30 @@ def bootstrap(datastore = {}, handler = nil)
       print_warning('Meterpreter start up operations have been aborted. Use the session at your own risk.')
       return nil
     end
-    # Unhook the process prior to loading stdapi to reduce logging/inspection by any AV/PSP
-    if datastore['AutoUnhookProcess'] == true
-      console.run_single('load unhook')
-      console.run_single('unhook_pe')
-    end
-
-    unless datastore['AutoLoadStdapi'] == false
-
-      session.load_stdapi
-
-      unless datastore['AutoSystemInfo'] == false
-        session.load_session_info
-      end
-
-      # only load priv on native windows
-      # TODO: abstract this too, to remove windows stuff
-      if session.platform == 'windows' && [ARCH_X86, ARCH_X64].include?(session.arch)
-        session.load_priv rescue nil
-      end
-    end
-
+    extensions = datastore['AutoLoadExtensions']&.delete(' ').split(',') || []
+
+    # BEGIN: This should be removed on MSF 7
+    # Unhook the process prior to loading stdapi to reduce logging/inspection by any AV/PSP (by default unhook is first, see meterpreter_options/windows.rb)
+    extensions.push('unhook') if datastore['AutoUnhookProcess'] && session.platform == 'windows'
+    extensions.push('stdapi') if datastore['AutoLoadStdapi']
+    extensions.push('priv') if datastore['AutoLoadStdapi'] && session.platform == 'windows'
+    extensions.push('android') if session.platform == 'android'
+    extensions = extensions.uniq
+    # END
+    original = console.disable_output
+    console.disable_output = true
     # TODO: abstract this a little, perhaps a "post load" function that removes
     # platform-specific stuff?
-    if session.platform == 'android'
-      session.load_android
+    extensions.each do |extension|
+      begin
+        console.run_single("load #{extension}")
+        console.run_single('unhook_pe') if extension == 'unhook'
+        session.load_session_info if extension == 'stdapi' && datastore['AutoSystemInfo']
+      rescue => e
+        print_warning("Failed loading extension #{extension}")
+      end
     end
+    console.disable_output = original
 
     ['InitialAutoRunScript', 'AutoRunScript'].each do |key|
       unless datastore[key].nil? || datastore[key].empty?

diff --git a/lib/msf/base/sessions/meterpreter_options/android.rb b/lib/msf/base/sessions/meterpreter_options/android.rb
@@ -0,0 +1,27 @@
+# -*- coding: binary -*-
+
+require 'shellwords'
+
+module Msf
+  module Sessions
+    #
+    # Defines common options across all Meterpreter implementations
+    #
+    module MeterpreterOptions::Android
+      include Msf::Sessions::MeterpreterOptions::Common
+      def initialize(info = {})
+        super(info)
+
+        register_advanced_options(
+          [
+            OptString.new(
+              'AutoLoadExtensions',
+              [true, "Automatically load extensions on bootstrap, comma separated.", 'stdapi,android']
+            ),
+          ],
+          self.class
+        )
+      end
+    end
+  end
+end
diff --git a/lib/msf/base/sessions/meterpreter_options/apple_ios.rb b/lib/msf/base/sessions/meterpreter_options/apple_ios.rb
@@ -0,0 +1,31 @@
+# -*- coding: binary -*-
+
+require 'shellwords'
+
+module Msf
+  module Sessions
+    #
+    # Defines common options across all Meterpreter implementations
+    #
+    module MeterpreterOptions::AppleIos
+      include Msf::Sessions::MeterpreterOptions::Common
+      def initialize(info = {})
+        super(info)
+
+        register_advanced_options(
+          [
+            OptString.new(
+              'AutoLoadExtensions',
+              [true, "Automatically load extensions on bootstrap, comma separated.", 'stdapi']
+            ),
+            OptString.new(
+              'PayloadProcessCommandLine',
+              [ false, 'The displayed command line that will be used by the payload', '']
+            ),
+          ],
+          self.class
+        )
+      end
+    end
+  end
+end
diff --git a/lib/msf/base/sessions/meterpreter_options/bsd.rb b/lib/msf/base/sessions/meterpreter_options/bsd.rb
@@ -0,0 +1,27 @@
+# -*- coding: binary -*-
+
+require 'shellwords'
+
+module Msf
+  module Sessions
+    #
+    # Defines common options across all Meterpreter implementations
+    #
+    module MeterpreterOptions::Bsd
+      include Msf::Sessions::MeterpreterOptions::Common
+      def initialize(info = {})
+        super(info)
+
+        register_advanced_options(
+          [
+            OptString.new(
+              'AutoLoadExtensions',
+              [true, "Automatically load extensions on bootstrap, comma separated.", 'stdapi']
+            ),
+          ],
+          self.class
+        )
+      end
+    end
+  end
+end
diff --git a/lib/msf/base/sessions/meterpreter_options.rb → ...se/sessions/meterpreter_options/common.rb b/lib/msf/base/sessions/meterpreter_options.rb → ...se/sessions/meterpreter_options/common.rb
@@ -7,7 +7,7 @@ module Sessions
     #
     # Defines common options across all Meterpreter implementations
     #
-    module MeterpreterOptions
+    module MeterpreterOptions::Common
 
       TIMEOUT_SESSION = 24 * 3600 * 7  # 1 week
       TIMEOUT_COMMS = 300              # 5 minutes
@@ -63,14 +63,6 @@ def initialize(info = {})
               'SessionCommunicationTimeout',
               [ false, 'The number of seconds of no activity before this session should be killed', TIMEOUT_COMMS]
             ),
-            OptString.new(
-              'PayloadProcessCommandLine',
-              [ false, 'The displayed command line that will be used by the payload', '']
-            ),
-            OptBool.new(
-              'AutoUnhookProcess',
-              [true, "Automatically load the unhook extension and unhook the process", false]
-            ),
             OptBool.new(
               'MeterpreterDebugBuild',
               [false, 'Use a debug version of Meterpreter']

diff --git a/lib/msf/base/sessions/meterpreter_options/java.rb b/lib/msf/base/sessions/meterpreter_options/java.rb
@@ -0,0 +1,27 @@
+# -*- coding: binary -*-
+
+require 'shellwords'
+
+module Msf
+  module Sessions
+    #
+    # Defines common options across all Meterpreter implementations
+    #
+    module MeterpreterOptions::Java
+      include Msf::Sessions::MeterpreterOptions::Common
+      def initialize(info = {})
+        super(info)
+
+        register_advanced_options(
+          [
+            OptString.new(
+              'AutoLoadExtensions',
+              [true, "Automatically load extensions on bootstrap, comma separated.", 'stdapi']
+            ),
+          ],
+          self.class
+        )
+      end
+    end
+  end
+end
diff --git a/lib/msf/base/sessions/meterpreter_options/linux.rb b/lib/msf/base/sessions/meterpreter_options/linux.rb
@@ -0,0 +1,31 @@
+# -*- coding: binary -*-
+
+require 'shellwords'
+
+module Msf
+  module Sessions
+    #
+    # Defines common options across all Meterpreter implementations
+    #
+    module MeterpreterOptions::Linux
+      include Msf::Sessions::MeterpreterOptions::Common
+      def initialize(info = {})
+        super(info)
+
+        register_advanced_options(
+          [
+            OptString.new(
+              'AutoLoadExtensions',
+              [true, "Automatically load extensions on bootstrap, comma separated.", 'stdapi']
+            ),
+            OptString.new(
+              'PayloadProcessCommandLine',
+              [ false, 'The displayed command line that will be used by the payload', '']
+            ),
+          ],
+          self.class
+        )
+      end
+    end
+  end
+end
diff --git a/lib/msf/base/sessions/meterpreter_options/osx.rb b/lib/msf/base/sessions/meterpreter_options/osx.rb
@@ -0,0 +1,31 @@
+# -*- coding: binary -*-
+
+require 'shellwords'
+
+module Msf
+  module Sessions
+    #
+    # Defines common options across all Meterpreter implementations
+    #
+    module MeterpreterOptions::OSX
+      include Msf::Sessions::MeterpreterOptions::Common
+      def initialize(info = {})
+        super(info)
+
+        register_advanced_options(
+          [
+            OptString.new(
+              'AutoLoadExtensions',
+              [true, 'Automatically load extensions on bootstrap, comma separated.', 'stdapi']
+            ),
+            OptString.new(
+              'PayloadProcessCommandLine',
+              [ false, 'The displayed command line that will be used by the payload', '']
+            ),
+          ],
+          self.class
+        )
+      end
+    end
+  end
+end
diff --git a/lib/msf/base/sessions/meterpreter_options/php.rb b/lib/msf/base/sessions/meterpreter_options/php.rb
@@ -0,0 +1,27 @@
+# -*- coding: binary -*-
+
+require 'shellwords'
+
+module Msf
+  module Sessions
+    #
+    # Defines common options across all Meterpreter implementations
+    #
+    module MeterpreterOptions::Php
+      include Msf::Sessions::MeterpreterOptions::Common
+      def initialize(info = {})
+        super(info)
+
+        register_advanced_options(
+          [
+            OptString.new(
+              'AutoLoadExtensions',
+              [true, "Automatically load extensions on bootstrap, comma separated.", 'stdapi']
+            ),
+          ],
+          self.class
+        )
+      end
+    end
+  end
+end
diff --git a/lib/msf/base/sessions/meterpreter_options/python.rb b/lib/msf/base/sessions/meterpreter_options/python.rb
@@ -0,0 +1,27 @@
+# -*- coding: binary -*-
+
+require 'shellwords'
+
+module Msf
+  module Sessions
+    #
+    # Defines common options across all Meterpreter implementations
+    #
+    module MeterpreterOptions::Python
+      include Msf::Sessions::MeterpreterOptions::Common
+      def initialize(info = {})
+        super(info)
+
+        register_advanced_options(
+          [
+            OptString.new(
+              'AutoLoadExtensions',
+              [true, "Automatically load extensions on bootstrap, comma separated.", 'stdapi']
+            ),
+          ],
+          self.class
+        )
+      end
+    end
+  end
+end
diff --git a/lib/msf/base/sessions/meterpreter_options/windows.rb b/lib/msf/base/sessions/meterpreter_options/windows.rb
@@ -0,0 +1,31 @@
+# -*- coding: binary -*-
+
+require 'shellwords'
+
+module Msf
+  module Sessions
+    #
+    # Defines common options across all Meterpreter implementations
+    #
+    module MeterpreterOptions::Windows
+      include Msf::Sessions::MeterpreterOptions::Common
+      def initialize(info = {})
+        super(info)
+
+        register_advanced_options(
+          [
+            OptString.new(
+              'AutoLoadExtensions',
+              [true, "Automatically load extensions on bootstrap, comma separated.", 'unhook,priv,stdapi']
+            ),
+            OptBool.new(
+              'AutoUnhookProcess',
+              [true, "Automatically load the unhook extension and unhook the process", false]
+            ),
+          ],
+          self.class
+        )
+      end
+    end
+  end
+end
diff --git a/lib/msf/core/payload/android/meterpreter_loader.rb b/lib/msf/core/payload/android/meterpreter_loader.rb
@@ -13,7 +13,7 @@ module Payload::Android::MeterpreterLoader
 
   include Msf::Payload::Android
   include Msf::Payload::UUID::Options
-  include Msf::Sessions::MeterpreterOptions
+  include Msf::Sessions::MeterpreterOptions::Android
 
   def initialize(info={})
     super(update_info(info,

diff --git a/lib/msf/core/payload/java/meterpreter_loader.rb b/lib/msf/core/payload/java/meterpreter_loader.rb
@@ -13,7 +13,7 @@ module Payload::Java::MeterpreterLoader
 
   include Msf::Payload::Java
   include Msf::Payload::UUID::Options
-  include Msf::Sessions::MeterpreterOptions
+  include Msf::Sessions::MeterpreterOptions::Java
 
   def initialize(info = {})
     super(update_info(info,

diff --git a/lib/msf/core/payload/python/meterpreter_loader.rb b/lib/msf/core/payload/python/meterpreter_loader.rb
@@ -14,7 +14,7 @@ module Payload::Python::MeterpreterLoader
   include Msf::Payload::Python
   include Msf::Payload::UUID::Options
   include Msf::Payload::TransportConfig
-  include Msf::Sessions::MeterpreterOptions
+  include Msf::Sessions::MeterpreterOptions::Python
 
   def initialize(info = {})
     super(update_info(info,

diff --git a/lib/rex/post/meterpreter/pivot.rb b/lib/rex/post/meterpreter/pivot.rb
@@ -85,11 +85,11 @@ def Pivot.create_named_pipe_listener(client, opts={})
     c = Class.new(::Msf::Payload)
     c.include(::Msf::Payload::Stager)
     c.include(::Msf::Payload::TransportConfig)
-    c.include(::Msf::Sessions::MeterpreterOptions)
 
     # TODO: add more platforms
     case opts[:platform]
     when 'windows'
+      c.include(::Msf::Sessions::MeterpreterOptions::Windows) # Moved to be platform-specific
       # Include the appropriate reflective dll injection module for the target process architecture...
       if opts[:arch] == ARCH_X86
         c.include(::Msf::Payload::Windows::MeterpreterLoader)

diff --git a/modules/payloads/singles/android/meterpreter_reverse_http.rb b/modules/payloads/singles/android/meterpreter_reverse_http.rb
@@ -10,7 +10,7 @@ module MetasploitModule
   include Msf::Payload::Single
   include Msf::Payload::Android
   include Msf::Payload::UUID::Options
-  include Msf::Sessions::MeterpreterOptions
+  include Msf::Sessions::MeterpreterOptions::Android
 
   def initialize(info = {})
     super(