jvazquez-r7
8937fbb2f5
Fix email format
2014-07-11 12:45:23 -05:00
Sagi Shahar
8c4b663643
Fix payloads to bypass Perl's Taint mode.
2014-03-02 18:39:05 +02:00
William Vu
2c485c509e
Fix caps on module titles (first pass)
2013-11-15 00:03:42 -06:00
Tod Beardsley
bce8d9a90f
Update license comments with resplat.
2013-10-21 13:36:15 -05:00
Tod Beardsley
c070108da6
Release-related updates
...
* Lua is not an acronym
* Adds an OSVDB ref
* credit @jvazquez-r7, not HD, for the Windows CMD thing
2013-10-21 13:33:00 -05:00
William Vu
5a0b8095c0
Land #2382 , Lua bind and reverse shells
2013-10-18 17:11:37 -05:00
Tod Beardsley
c83262f4bd
Resplat another common boilerplate.
2013-10-15 14:07:48 -05:00
Tod Beardsley
23d058067a
Redo the boilerplate / splat
...
[SeeRM #8496 ]
2013-10-15 13:51:57 -05:00
joev
6440a26f04
Move shared Node.js payload logic to mixin.
...
- this fixes the recursive loading issue when creating a payload
inside the cmd payload
- also dries up some of the node cmd invocation logic.
2013-10-12 03:19:06 -05:00
joev
da48565093
Add more payloads for nodejs.
...
* Adds a reverse and bind CMD payload
* Adds a bind payload (no bind_ssl for now).
2013-10-07 06:09:21 -05:00
xistence
41e1a3d05b
removed shell prompt in lua bind/reverse shells
2013-09-22 14:53:59 +07:00
xistence
79e08c1560
added LUA bind/reverse shells
2013-09-16 17:02:08 +07:00
Tab Assassin
41e4375e43
Retab modules
2013-08-30 16:28:54 -05:00
Tod Beardsley
7e539332db
Reverting disaster merge to 593363c5f
with diff
...
There was a disaster of a merge at 6f37cf22eb
that is particularly
difficult to untangle (it was a bad merge from a long-running local
branch).
What this commit does is simulate a hard reset, by doing thing:
git checkout -b reset-hard-ohmu
git reset --hard 593363c5f9
git checkout upstream-master
git checkout -b revert-via-diff
git diff --no-prefix upstream-master..reset-hard-ohmy > patch
patch -p0 < patch
Since there was one binary change, also did this:
git checkout upstream-master data/exploits/CVE-2012-1535/Main.swf
Now we have one commit that puts everything back. It screws up
file-level history a little, but it's at least at a point where we can
move on with our lives. Sorry.
2013-07-29 21:47:52 -05:00
jvazquez-r7
785639148c
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-06-20 17:18:42 -05:00
William Vu
589b4be384
Land #1999 , zsh bind shell
2013-06-20 13:51:48 -05:00
sinn3r
86fc101c1f
Add payload module bind zsh
...
For #1984
2013-06-20 13:45:02 -05:00
sinn3r
660c97f512
Add module for reverse zsh payload
...
For #1985
2013-06-20 13:40:17 -05:00
jvazquez-r7
b20a38add4
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-06-10 12:22:52 -05:00
Tod Beardsley
f58e279066
Cleanup on module names, descriptions.
2013-06-10 10:52:22 -05:00
jvazquez-r7
e5a17ba227
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-06-05 09:41:23 -05:00
William Vu
1596fb478a
Land #1886 , awk bind shell
2013-06-05 09:05:37 -05:00
Roberto Soares Espreto
f6977c41c3
Modifications done in each PR.
2013-06-05 07:55:05 -03:00
Roberto Soares Espreto
b20401ca8c
Modifications done in each PR.
2013-06-05 07:51:10 -03:00
Roberto Soares Espreto
34243165c5
Some changes with improvements.
2013-06-04 21:22:10 -03:00
Roberto Soares Espreto
e2988727fb
Some changes with improvements.
2013-06-04 21:10:51 -03:00
Roberto Soares Espreto
d9609fb03e
Was breaking with repeated commands
2013-05-31 18:44:48 -03:00
Roberto Soares Espreto
00debd01c6
Listen for a connection and spawn a command shell via AWK
2013-05-29 21:22:49 -03:00
Roberto Soares Espreto
d4a864c29f
Creates an interactive shell via AWK (reverse)
2013-05-29 21:19:08 -03:00
jvazquez-r7
6603dcd652
up to date
2013-03-12 17:04:13 +01:00
jvazquez-r7
627e7f6277
avoiding grouping options
2013-03-11 18:26:03 +01:00
jvazquez-r7
f0cee29100
modified CommandDispatcher::Exploit to have the change into account
2013-03-11 18:08:46 +01:00
jvazquez-r7
c9268c3d54
original modules renamed
2013-03-11 18:04:22 +01:00
James Lee
2160718250
Fix file header comment
...
[See #1555 ]
2013-03-07 17:53:19 -06:00
RageLtMan
7f80692457
everyone will comply, resistance is futile
2013-03-06 18:38:14 -05:00
HD Moore
47f3c09616
Fix typo that snuck in during merge
2013-02-03 17:38:19 -06:00
HD Moore
5be4d41420
This is redundant/less-reliable than reverse_openssl
2013-02-03 17:35:14 -06:00
RageLtMan
ffb88baf4a
initial module import from SV rev_ssl branch
2013-02-03 15:06:24 -05:00
HD Moore
c3801ad083
This adds an openssl CMD payload and handler
2013-02-03 04:44:25 -06:00
Christian Mehlmauer
8f2dd8e2ce
msftidy: Remove $Revision$
2013-01-04 00:48:10 +01:00
Christian Mehlmauer
25aaf7a676
msftidy: Remove $Id$
2013-01-04 00:41:44 +01:00
sinn3r
b46fb260a6
Comply with msftidy
...
*Knock, knock!* Who's there? Me, the msftidy nazi!
2012-08-07 15:59:01 -05:00
bcoles
8d3700cc3c
Add Zenoss <= 3.2.1 exploit and Python payload
...
- modules/exploits/linux/http/zenoss_3.2.1_showdaemonxmlconfig_exec.rb
- modules/payloads/singles/cmd/unix/reverse_python.rb
2012-07-30 01:24:27 +09:30
HD Moore
ceb4888772
Fix up the boilerplate comment to use a better url
2012-02-20 19:40:50 -06:00
HD Moore
8dc85f1cc5
Fix up some nascent typos
2011-12-14 00:30:31 -06:00
HD Moore
866e2b6bf3
Additional IPv6 payload support
2011-12-14 00:27:38 -06:00
Joshua Drake
b391abd32d
adds scripting for command shell sessions
...
1. InitialAutoRunScript and AutoRunScript vars work
2. scripts/shells was created to hold them
3. *_shell methods were renamed shell_*
4. added "shell_command" method to command shell sessions
5. converted all uses of *_shell to shell_*
6. all payloads that produce command shell sessions include Msf::Sessions::CommandShellOptions
git-svn-id: file:///home/svn/framework3/trunk@8615 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-24 01:19:59 +00:00
HD Moore
831833667a
Minor tweak (run inside of sh -c '')
...
git-svn-id: file:///home/svn/framework3/trunk@8107 4d416f70-5f16-0410-b530-b9f4589650da
2010-01-13 20:19:51 +00:00
James Lee
5ddfffc94f
only accept one connection for bind_perl shells. fixes 669
...
git-svn-id: file:///home/svn/framework3/trunk@7790 4d416f70-5f16-0410-b530-b9f4589650da
2009-12-09 23:49:50 +00:00
HD Moore
e70ac6cc19
Added a new set of match flags for cmd injection exploits (RequiredCmds). This reduces the number of 'bad' payloads listed for explot modules. A good example is disabling the netcat -e payloads for old Solaris exploits
...
git-svn-id: file:///home/svn/framework3/trunk@6854 4d416f70-5f16-0410-b530-b9f4589650da
2009-07-21 15:20:35 +00:00