49c9c02b53
Hide the dropped osx app.
2015-02-12 23:08:46 -06:00
33560a2657
Refactor Msf::Exploit::Powershell to Rex::Powershell to allow for
...
msfvenom usage.
2015-02-10 20:53:46 +00:00
c2bcde24ef
Land #4377 , Support DYNAMIC_BASE templates - resolves #4366
2014-12-23 11:57:33 +00:00
d3050de862
Remove references to Redmine in code
...
See #4400 . This should be all of them, except for, of course, the module
that targets Redmine itself.
Note that this also updates the README.md with more current information
as well.
2014-12-19 17:27:08 -06:00
985245e8a1
Document method
...
Fix #4366 (support dynamic_base templates)
2014-12-12 01:22:32 -06:00
b8e58d0f04
Support 32 and 64-bit for exe-only, and fix -k
2014-12-12 01:13:09 -06:00
d311059e75
Fix DYNAMIC_BASE templates
2014-12-11 20:44:03 -06:00
333d420c94
Fix refactoring bug from 23 october in util/exe
...
23 October, {} instead of #{} totally break windows service generation
f19b093529 (diff-0f5729034d8b0b321e738f2fc047854fL578)
2014-11-04 11:59:36 +01:00
a9e52437f0
fixes inverted EICAR corruption logic
2014-10-24 10:27:13 -05:00
3b8067e9a2
fixes refactor error in msf/util/exe
2014-10-23 22:15:19 -05:00
bf63d85e5c
fixes merge conflicts msfpayload & exe
2014-10-23 21:43:46 -05:00
f19b093529
cleans & DRYs exploit/exe & util/exe & msfpayload
2014-10-23 01:10:38 -05:00
5f19af67a8
amateur hour, forgot the X on ARCH_X64
2014-06-19 14:24:28 -05:00
fe49393cf1
added ARCH_x64 case for Msf::Util::EXE.to_executable_fmt - failed CI #8173
2014-06-19 14:12:22 -05:00
ccf967fdfe
added support to msfpayload to use elf so payload target
2014-06-19 00:59:49 -05:00
897ad6f963
Some service yarddoc
2014-06-07 13:27:32 +01:00
808f87d213
SERVICE_DESCRIPTION doesn't concern this PR
2014-05-13 16:04:39 +02:00
bb4e9e2d4d
correct error in block service_change_description
2014-05-13 16:04:39 +02:00
6332957bd2
Try to add SERVICE_DESCRIPTION options to psexec, but it doesn't seem to work...
2014-05-13 16:04:39 +02:00
bdbb70ab71
up block_service_stopped.asm
2014-05-13 16:04:39 +02:00
94f97ab963
Prevent import table overwritting by shifting entry point
2014-05-13 16:04:39 +02:00
e269c1e4f1
Improve service_block with service_stopped block to cleanly terminate service
2014-05-13 16:04:38 +02:00
c43e3cf581
Improve block_create_remote_process to point on shellcode everytime
2014-05-13 16:04:38 +02:00
25d48b7300
Add create_remote_process block, now used in exe_service generation
2014-05-13 16:04:38 +02:00
5ecebc3427
Add options `SERVICE_NAME` and `SERVICE_DISPLAYNAME` to psexec and correct service payload generation
2014-05-13 16:04:37 +02:00
0b462ceea6
refactor `to_winpe_only` code to be used by `to_win32pe_service`
2014-05-13 16:04:37 +02:00
914d15c285
fix typo
2014-05-13 16:04:37 +02:00
ca7a2c7a36
Add string_to_pushes to use non fixed size service_name
2014-05-13 16:04:37 +02:00
b3fd21b98d
Change to try to follow ruby guidelines
2014-05-13 16:04:37 +02:00
72a3e49fbb
fix typo
2014-05-13 16:04:36 +02:00
513f3de0f8
new service exe creation refreshed
2014-05-13 16:04:36 +02:00
ac63e84d02
Fix little bug when using msfencode and exe-only
...
When arch is not defined, arch is null so it crashs.
It should be 'x86' by default
2014-04-14 01:02:31 +02:00
c76a1ab9f4
Land #3065 - Safari User-Assisted Download & Run Attack
2014-03-07 10:29:56 -06:00
38a2e6e436
Minor fixes.
2014-03-05 19:03:54 -06:00
12cf5a5138
Add BES, change extra_plist -> plist_extra.
2014-03-05 18:51:42 -06:00
cd3c2f9979
Move osx-app format to EXE.
2014-03-04 22:54:00 -06:00
a1aef92652
Land #2431 - In-memory bypass uac
2014-03-05 11:15:54 +10:00
1a0f77edb2
Land #2739 , DLL injection in msfvenom
...
lands Meatballs PR to fix dll injection
in Msfvenom. Test to ensure it still works
in the new MsfVenom
2014-02-28 14:22:17 -06:00
9e355e1265
Merge branch 'master' into dll_inject
2014-02-28 14:20:46 -06:00
6c490af75e
Add randomization to Rex::Zip::Jar and java_signed_applet
2014-02-27 12:38:52 -06:00
2a6258be15
Merge remote-tracking branch 'upstream/master' into bypassuac_redo
...
Conflicts:
external/source/exploits/make.bat
2014-02-28 20:26:24 +00:00
8bdb22aeb9
Merge remote-tracking branch 'upstream/master' into bypassuac_redo
...
Conflicts:
lib/msf/core/post/windows.rb
2014-02-25 22:15:05 +00:00
7f9b4a4bf4
Land #2655 , Re-do exe-small for scripting payloads.
2014-02-17 15:56:23 -05:00
3299b68adf
Landing #2767 , @Meatballs1 Powershell Reflective Payload
2014-02-14 16:12:46 -05:00
f112e78de9
Fixes .war file creation
2013-12-22 20:58:21 +00:00
0c5ac0176f
Undo psh net change
2013-12-16 13:43:40 +00:00
dd5b66f827
Undo psh net change
2013-12-16 13:42:37 +00:00
14c0096115
Update template
...
Use Copy instead of memset
Remove | Out-Null
2013-12-16 13:38:14 +00:00
8dfcc8aa77
WaitForThread
2013-12-16 12:44:58 +00:00
637be1bdfa
Should use RIG
2013-12-16 09:19:17 +00:00
0a29176855
Update psh_web_delivery for reflection
2013-12-16 09:08:01 +00:00
7cc99d76ad
Merge remote-tracking branch 'upstream/master' into powershell_auto_arch
...
Conflicts:
lib/msf/util/exe.rb
2013-12-16 09:07:08 +00:00
28f8ac322f
Enable inject
2013-12-14 21:30:52 +00:00
7347cb170c
Revert "Enable DLL injection in msfvenom"
...
This reverts commit 64e6531bbc
2013-12-14 21:26:13 +00:00
bc0c080947
Indentation
2013-12-08 18:18:44 +00:00
64e6531bbc
Enable DLL injection in msfvenom
2013-12-08 18:16:23 +00:00
f4636c46a6
Removing unused endjunk, sections_end, cert_entry
2013-12-07 20:55:51 -06:00
8d33138489
Support silent shellcode injection into DLLs
...
Only run code on DLL_PROCESS_ATTACH, preventing infinite loop otherwise:
Added code would create thread -> calls DLL entry point -> calling added code...
2013-12-07 19:44:17 -06:00
1e60ff91ea
Move ExitThread patching to Msf::Util::EXE
2013-12-05 17:16:14 +00:00
474a03475f
sorted out the sorts without .sort
2013-12-02 11:57:52 +01:00
66edfe968d
Sorting output
2013-11-21 00:57:08 +01:00
a327321558
Re-do 'exe-small' for scripting payloads.
...
Fall back to default x64 exe for ARCH_X86_64
2013-11-19 21:19:12 +00:00
8c1d7d936b
Revert "Fix conflcit lib/msf/util/exe.rb"
...
This was causing build failures:
https://travis-ci.org/rapid7/metasploit-framework/builds/13816889
It looks like there were a whole bunch of changes that weren't intended.
This reverts commit 3996557ec662102dd1f9
2013-11-11 13:48:39 -06:00
3996557ec6
Fix conflcit lib/msf/util/exe.rb
...
Conflicts:
lib/msf/util/exe.rb
2013-11-11 11:43:09 -06:00
62102dd1f9
Land #2544 - Vbs minimize
2013-11-11 11:14:56 -06:00
33f65dd611
Land #2577 - Use base64 to reduce psh-net payload size
2013-11-11 10:21:20 -06:00
f5d1d8eace
chmod -x .rb files without #! in modules and lib
...
It wasn't just cmdstager_printf.rb. :/
2013-10-30 19:51:25 -05:00
e18dd3ec0b
Use base64 to reduce size
2013-10-25 01:19:43 +01:00
58a82f0518
Update exe.rb
...
Rename values
2013-10-21 13:50:07 +01:00
2ef89eaf35
Randomize exe name
2013-10-18 19:01:28 +01:00
56aa9ab01c
Reduce size
2013-10-18 18:59:30 +01:00
29a7059eb4
Update AlwaysInstallElevated to use a generated MSI file
...
Fixes bugs with MSI::UAC option, invalid logic and typo...
2013-09-29 17:09:03 +01:00
8aeb134581
Retab...
2013-09-27 20:40:16 +01:00
6ca01adf1d
Merge branch 'master' into msi_payload
...
Conflicts:
lib/msf/util/exe.rb
2013-09-27 20:37:40 +01:00
34c443f346
Forgot msi-nouac
2013-09-27 20:36:00 +01:00
8a9843cca6
Merge upstream/master
2013-09-27 20:02:23 +01:00
c94e8a616f
Retabbed to catch new bad tabs
2013-09-27 13:34:13 -05:00
695fdf836c
Generate NonUAC MSIs
2013-09-21 13:13:18 +01:00
85ea9ca05a
Merge branch 'master' of github.com:rapid7/metasploit-framework into msi_payload
2013-09-21 12:49:38 +01:00
3dd75db584
Address feedback
2013-09-20 17:20:42 +01:00
11bdf5d332
New pull
2013-09-19 19:57:38 +01:00
34e5f69fbf
fix merge conflict
2013-09-12 13:56:08 -05:00
2bd1fb451b
Retab changes for PR #1569
2013-09-05 16:16:05 -05:00
48cf2af685
Merge for retab
2013-09-05 16:16:00 -05:00
0d884ebbab
Retab changes for PR #2278
2013-09-05 14:08:14 -05:00
63612a64e9
Merge for retab
2013-09-05 14:08:09 -05:00
7e00e2aaba
Retab changes for PR #2307
2013-09-05 13:37:58 -05:00
76c98cb610
Merge for retab
2013-09-05 13:37:55 -05:00
d0a3ea6156
Retab changes for PR #2320
2013-09-05 13:27:47 -05:00
bff7d0e6ae
Merge for retab
2013-09-05 13:27:09 -05:00
4c9e6a865a
Default to exe-small
2013-09-03 00:01:20 +01:00
7e5e0f7fc8
Retab lib
2013-08-30 16:28:33 -05:00
53c3f6b2db
Deconflict
2013-08-30 10:52:42 +01:00
345bc7da03
New Reflection Powershell Payload
...
Adds Powershell payload which, unlike existing payloads does not
drop any temporary files onto the target's computer. All needed
methods are dynamically loaded via reflection.
2013-08-29 19:11:29 -07:00
eba6762977
Land #2270 , Util::EXE refactor
...
With a minor rebase to fix a commit message
[Closes #2270 ]
Conflicts:
spec/support/shared/contexts/msf/util/exe.rb
2013-08-28 21:49:59 -05:00
ee9b1ef8e0
Greatly shortened to_mem_old.ps1.template by using [Math]::max.
...
Added necessary end of line conversion in lib/msf/util/exe.rb so
that Powershell will parse multiline strings.
2013-08-28 21:39:42 -05:00
96c093dce0
Fix Exploit::Exe
2013-08-25 19:56:29 +01:00
66ee15f461
Merge and deconflict
2013-08-25 19:14:15 +01:00
5e5f5acf19
plug in 64bit injector
...
64 bit exe generation only had subsitution method
add the x64 injector in there too.
2013-08-25 12:19:57 -05:00
19e47d5e82
Really fix war
2013-08-25 00:06:31 +01:00
4c57af051a
Revert "'remove unused framework references"
...
This reverts commit 98a09b9f5c
2013-08-24 17:52:57 -05:00
98a09b9f5c
'remove unused framework references
...
passing around framework references that are never used
removing these whever possible
2013-08-24 16:59:29 -05:00
bd5f184e2b
Dry up the exe subsitution stuff
...
6 different methods were doing essentially
the same exact thing. DRY it up a bit
2013-08-24 16:50:45 -05:00
d38117a521
replace old inject method
...
replacing jsut the win32 inject method this time
with out new injector method.
2013-08-24 16:30:47 -05:00
9786f84a6e
Service exes
2013-08-24 03:45:07 +01:00
9ea17ef1e1
Merge upstream
2013-08-24 03:34:02 +01:00
3fae6c51c8
Initial exe-service
2013-08-24 03:28:47 +01:00
f50ede1993
Remove redundant methods
2013-08-23 23:28:13 +01:00
4c4fe0b110
Fix x64 exe droppers
2013-08-23 23:21:31 +01:00
cf5ddfeebf
Some war fixes
2013-08-23 18:59:48 +01:00
dfc606fe56
Slightly saner filenames
2013-08-23 18:06:48 +01:00
41b1b30438
vba transform
2013-08-23 18:00:19 +01:00
4d21b06f4f
Aspx uses transform
2013-08-23 17:22:33 +01:00
1cb1afa50a
Fix aspx
2013-08-23 17:09:51 +01:00
dd13a7e48f
Working .asp
2013-08-23 16:55:07 +01:00
7370fc3f4e
vbs transform
2013-08-23 16:26:03 +01:00
5040347521
Fix psh and add powershell transform
2013-08-23 15:59:19 +01:00
418505adc9
Fix psh-net
2013-08-23 15:21:26 +01:00
12b5dbedae
Initialize the hash_sub
2013-08-23 14:58:14 +01:00
cfd6c66ffd
Fix VBS
2013-08-23 14:35:19 +01:00
23a067aab7
Refactor reading of script files and substitution
2013-08-23 13:51:10 +01:00
a6e5e9c61d
Updated using limhof-r7 advice
2013-08-21 16:43:10 -07:00
86a83391fd
Merge remote-tracking branch 'upstream/master'
2013-08-21 16:16:20 -07:00
97933c4954
Moving meterpreter scripts out of exe.rb into a templates folder.
2013-08-20 16:49:48 -07:00
92d57ef37d
Fix merge conflict
...
Conflicts:
msfvenom
2013-08-13 00:00:16 -05:00
ab976ddf8f
Fix genarate command in msfconsole
...
Thanks @Meatballs1 for spotting
2013-08-06 14:46:53 -05:00
214f337f58
Fix indentation
2013-07-24 16:55:01 -05:00
c221360cc1
Retab
2013-07-24 22:16:41 +01:00
edc297756b
Tabs
2013-07-24 19:14:11 +01:00
4b84b49674
Fix payload corruption
2013-07-24 19:08:02 +01:00
00c7581099
Fix constant names and 'exe-only'
...
That'll teach me to commit before the specs finish.
Really [FixRM #8149 ]
2013-07-06 12:39:15 -05:00
1b504197be
Check equality instead of regex
...
Thanks, @Meatballs1 for finding the cause of this bug!
[FixRM #8149 ]
2013-07-06 12:29:37 -05:00
e330916744
Pull out common stuff in Util::EXE/MsfVenom tests
2013-07-03 12:25:15 -05:00
1466609c86
Add more supported formats to exe generation
...
- Already supported, just added calls to the the right methods in
the .to_executable_fmt method:
- Linux armle, mipsle, and mipsbe
- Mac arm, ppc
- makes the two (!?) copies of block_api for windows match more closely
with the source used elsewhere. This is still needs to be refactored
to get rid of the duplication.
- Get rid of some of the logic in msfvenom duplicated from Util::EXE
2013-07-01 17:36:58 -05:00
e48cfcae8e
delete a debug puts
2013-05-19 19:21:10 +02:00
e844247163
Little change in exe-only to work with x64 arch.
2013-05-19 19:01:03 +02:00
2a9dbb2654
msfvenom and exe-small fmt bug fix
2013-05-16 21:13:45 +01:00
79a72a18a9
Merge branch 'exe_only_patch' of git://github.com/agix/metasploit-framework
2013-03-27 18:30:07 -05:00
a644ceb016
Added support for mipsbe elf
2013-03-26 17:20:43 +01:00
4fff624632
added initial support for ELF misple
2013-03-26 01:08:31 +01:00
bf85545b4d
Fix egypt's typo
2013-03-20 17:15:14 -05:00
1873053a34
Restore win32pe as the default (not _only)
2013-03-18 15:55:01 -05:00
3a183ffa94
Retabbed for consistent whitespace
2013-03-18 15:40:26 -05:00
418a373f6c
Avoid merge conflict over Id SVN tag
2013-03-18 15:39:16 -05:00
b6da5f84bb
Refactor
2013-03-17 14:09:00 -04:00
3acb2f561a
Retab
2013-03-09 17:59:20 +00:00
465c00c5ff
Msftidy msi sections
2013-03-09 17:25:59 +00:00
f37d9c2834
Initial commit
2013-03-09 17:24:03 +00:00
3fc9b5d636
Doc cleanup
2013-01-28 00:01:45 -06:00
3d3799d38d
Ok... even more explicit
2013-01-05 13:39:31 -06:00
joev
Meatballs
Tod Beardsley
sinn3r
agix
Joshua Smith
navs
Florian Gaultier
OJ
David Maloney
jvazquez-r7
Spencer McIntyre
scriptjunkie
corelanc0d3r
William Vu
Meatballs1
Tab Assassin
shellster
James Lee
jvazquez-r7
agix
Alexandre Maloteaux
Tod Beardsley
sinn3r