2005-07-13 21:47:01 +00:00
|
|
|
X - switch to x86 from ia32
|
2005-07-17 00:52:47 +00:00
|
|
|
X - exploit kick-off
|
2005-07-13 18:06:12 +00:00
|
|
|
X - payload generation
|
|
|
|
|
X - generate payload for target
|
|
|
|
|
X - encoder payload for target
|
|
|
|
|
X - loop encoders on failure
|
|
|
|
|
X - pad nops
|
2005-07-17 00:52:47 +00:00
|
|
|
X - handler init
|
|
|
|
|
X - setup handler
|
|
|
|
|
X - start handler
|
|
|
|
|
X - exploit
|
|
|
|
|
X - call exploit
|
|
|
|
|
X ... wait for session ...
|
|
|
|
|
X - handler cleanup
|
|
|
|
|
X - stop handler
|
|
|
|
|
X - cleanup handler
|
2005-07-15 22:30:04 +00:00
|
|
|
|
2005-07-18 23:32:34 +00:00
|
|
|
-
|
|
|
|
|
|
2005-07-15 22:30:04 +00:00
|
|
|
- add the concept of services to framework:
|
2005-07-18 23:32:34 +00:00
|
|
|
- instead, just make it a singleton, doesn't belong on framework
|
|
|
|
|
- add port forward service
|
2005-07-15 22:30:04 +00:00
|
|
|
|
|
|
|
|
# first parameter is class that must inherit from Rex::Proto so that it has .alias
|
|
|
|
|
service = framework.services.start(Rex::Proto::HTTP::Server, 'Port' => 80, 'Host' => '127.0.0.1')
|
|
|
|
|
service = framework.services['HTTP Server']
|
|
|
|
|
|
|
|
|
|
overrides any existing resource handler with this name:
|
|
|
|
|
service.create_resource("/uri", Proc.new { |conn, request|
|
|
|
|
|
})
|
|
|
|
|
|
|
|
|
|
service.remove_resource("/uri")
|
|
|
|
|
service.shutdown
|
|
|
|
|
^- reference counted, only terminates when reference count drops to zero
|
2005-07-18 23:32:34 +00:00
|
|
|
|
|
|
|
|
- exploit mixins
|
|
|
|
|
- Http
|
|
|
|
|
- Http::Client
|
|
|
|
|
connect
|
|
|
|
|
create_request
|
|
|
|
|
send_request
|
|
|
|
|
handler
|
|
|
|
|
- Http::Server
|
|
|
|
|
handle_request(req)
|
|
|
|
|
create_response
|
|
|
|
|
send_response
|
2005-07-22 00:30:13 +00:00
|
|
|
X- findsock payloads
|
|
|
|
|
X - findsock handler
|
2005-07-18 23:32:34 +00:00
|
|
|
- meterpreter
|
2005-07-26 02:01:27 +00:00
|
|
|
X - more ui wrapping
|
|
|
|
|
X - fix route addition/removal in stdapi server dll (mib structure issue)
|
2005-07-26 04:08:01 +00:00
|
|
|
X - fix interactive stream pool channels
|
2005-07-26 05:01:39 +00:00
|
|
|
X - make migrate on server not open with PROCESS_ALL_ACCESS
|
2005-07-24 20:53:54 +00:00
|
|
|
- dupe input instance when passing to sessions
|
2005-07-26 05:01:39 +00:00
|
|
|
- add module meta-info
|
|
|
|
|
- payloads
|
|
|
|
|
- calling convention (staged shell is incompat with ord stagers)
|
|
|
|
|
- stack requirements
|
|
|
|
|
- etc
|
2005-08-12 14:45:54 +00:00
|
|
|
- fix module loading order
|
|
|
|
|
- problems with dllinject getting loaded after meterpreter due to dependencies
|
|
|
|
|
- fix default handle inheritance in meterp process execution
|
