a773979992
Java config wiring, tweak to include block counts
...
This commit adjusts the way that the config block is set for java and
android because behind the scenes the stageless connect-backs need to
know what to discard. as a result of connecting back to staged listeners
we need to be able to discard a number of bytes/blocks before we can
continue process (at least in the case of TCP).
2015-06-26 13:59:09 +10:00
15f9fc5d8f
Land #5599 , YARD for fuzzer.rb
2015-06-25 14:37:55 -05:00
31c35715fc
YARD Documentation for file_info.rb
2015-06-25 11:08:35 -05:00
98156ec944
Add user agent to the transport config
...
Why this was missing I will never know :)
2015-06-25 14:51:06 +10:00
d9b6e46685
Merge branch 'upstream/master' into android-java-transport-refactor
2015-06-25 09:50:42 +10:00
e0c52730a0
YARD Documentation for Fuzzer.rb
2015-06-24 13:38:11 -05:00
a8c20496be
Remove unused code from the java http stager
2015-06-24 22:37:40 +10:00
c305348a3b
Fix the mixin to work in the exploit again.
2015-06-24 02:19:09 -05:00
8b6fba4988
Tweak and fix some things in Safari file URL module.
2015-06-24 02:08:06 -05:00
e796e56c6c
Modify the staging process
2015-06-24 13:22:33 +10:00
18a9585f7a
Add safari module for CVE-2015-1155
2015-06-23 16:15:50 -05:00
4e3a2b2b35
Upstream merge
2015-06-23 14:11:28 -05:00
e696d2f3dc
Merge branch 'master' into land-5348-ntds
2015-06-22 17:18:13 -05:00
d53067b0b7
Fix ctype handling for body-less pages
...
#5515
2015-06-22 14:17:29 -05:00
ef57afbfcf
Explain about performance problems
2015-06-19 13:35:14 -05:00
9da99a8265
Merge branch 'upstream-master' into bapv2
2015-06-19 11:36:27 -05:00
ce9481d2b7
Inconstancy - If datastore['VERBOSE'] vs vprint
2015-06-18 09:27:01 +01:00
e549580ad2
Linux doesn't like the uppercase
2015-06-18 00:40:47 -05:00
5fa864b097
done with rspec
2015-06-17 16:23:39 -05:00
3410782fe9
Capitalized 'Accepted'
2015-06-16 19:42:32 +01:00
8d640a0c8f
Land #5527 , multi/handler -> exploit/multi/handler
2015-06-15 10:23:26 -05:00
ab6f3a7373
Fix #5531 , the ```stage_payload``` method does not take arguments.
2015-06-13 18:26:56 -05:00
6dcc9b7dab
More inconsistencies
2015-06-12 21:59:15 +01:00
6eb25743e3
Merge branch 'upstream-master' into bapv2
2015-06-09 10:10:00 -05:00
07d1282afb
Correct file naming for better Ruby coding style
2015-06-08 12:17:49 -05:00
2a474c8375
Merge branch 'master' into feature/MSP-12358/ntds-dump-module
2015-06-08 11:42:03 -05:00
1f11cd5470
Lands #5446 , support for 64-bit native powershell payloads
2015-06-07 14:16:19 -05:00
20b605e7cb
Remove duplicate exec
2015-06-07 18:11:11 +01:00
a46510465d
Fix older Windows payloads to not require UUID
...
Default Windows payload to not include_send_uuid for compatibility.
2015-06-07 02:58:31 -04:00
4b6dcbb9d9
remove junk method
2015-06-05 22:03:56 -05:00
7ca15f1ae1
Update select_payload doc
2015-06-05 21:06:20 -05:00
4e058c942e
Fix typo
2015-06-05 21:04:22 -05:00
a7fa434e89
If exploit list is empty, have the option to return content
2015-06-05 21:03:24 -05:00
fb8abe54fc
This will continue loading the rest of the exploits
2015-06-05 17:52:40 -05:00
188b15b17f
Fix the symbol vs string prob
2015-06-05 16:18:56 -05:00
e1c30e973d
Fix SRVHOST
2015-06-05 12:14:43 -05:00
f8c5e5a70a
Don't show "Server stopped"
2015-06-05 11:16:43 -05:00
ecdeeea5c6
Make sure super is called
2015-06-05 11:11:40 -05:00
be60f964c6
Call super for cleanup
2015-06-05 10:50:52 -05:00
69968fc9f1
Merge branch 'upstream-master' into bapv2
2015-06-04 23:36:24 -05:00
910ae8a480
Fix #5461 , actually stop a job from the RPC service
...
Fix #5461 . The RPC service is incorrectly using the wrong method to
stop a job, this patch should fix that.
2015-06-04 23:09:55 -05:00
7de78c1d69
Land #5447 , more info about using the deprecated report_auth_info
2015-06-04 12:37:22 -05:00
be709ba370
Merge branch 'upstream-master' into bapv2
2015-06-04 10:33:07 -05:00
d22dda2bab
Provide more context and references
2015-06-01 10:33:40 -05:00
9d1a7cead4
New modules to support 64bit process powershell.
2015-06-01 16:11:23 +01:00
64e86165ef
remove android meterpreter bins, update to payloads 1.0.2
...
This switches us to using the Android payload files from the
metasploit-payloads gem
2015-06-01 09:14:31 -05:00
70ef1b83f9
Merge branch 'master' into land-5366-android
2015-06-01 09:07:55 -05:00
5c890004b8
Do stop_service in cleanup
2015-05-29 18:32:57 -05:00
28d35a5bf4
Update doc
2015-05-29 18:03:56 -05:00
58c5767330
Don't need stderr.puts
2015-05-29 17:41:29 -05:00
0384b115e9
Fix reload bug
2015-05-29 17:41:02 -05:00
3dd3ef5edb
Merge branch 'upstrea/master' into winhttp-ie-proxy
2015-05-30 08:03:43 +10:00
af326a4f88
Use compatible_payloads instead of copy and paste
2015-05-29 16:55:19 -05:00
6d488c63d4
php UUIDOptions->UUID::Options
2015-05-29 16:33:03 -05:00
b8a8e65c2c
Merge branch 'master' into land-5394-uuid-tracker
2015-05-29 16:22:45 -05:00
7b0006a1b2
Merge branch 'master' into land-5394-uuid-tracker
2015-05-29 15:41:31 -05:00
defda01d87
Some doc
2015-05-29 15:09:29 -05:00
b33ace2f44
Put is_payload_compatible? in exploit.rb
2015-05-29 15:07:59 -05:00
13779adab4
Merge branch 'upstream-master' into bapv2
2015-05-29 14:59:04 -05:00
6be363d82a
Merge branch 'upstream-master' into bapv2
2015-05-29 14:58:38 -05:00
340792aae4
don't jump past the uuid sender on win32/tcp connect
2015-05-29 14:34:27 -05:00
dab9a66ea3
Use current ruby hash syntax
2015-05-29 13:43:20 -05:00
7d5af66fa0
Merge branch 'master' into land-5367-uuid-stagers
2015-05-29 13:00:35 -05:00
8f747d2541
Land #5382 , add meterpreter session reconnect RPC call
2015-05-29 12:53:15 -05:00
24b4dacec5
Land #5408 , @g0tmi1k fixes verbiage and whitespace
2015-05-27 21:02:02 -04:00
5d0053e4ef
Move iframe instead of hiding, which seems to improve Flash reliability
2015-05-27 00:43:47 -05:00
60cdf71e6c
Merge branch 'upstream-master' into bapv2
2015-05-26 15:56:48 -05:00
d76a9c6565
Land #5409 , update cmd stager documentation.
...
Merge remote-tracking branch 'upstream/pr/5409' into upstream-master
2015-05-26 10:34:03 -05:00
3102741157
Don't need print_line
2015-05-25 11:54:58 -05:00
3d5248f023
This is better
2015-05-25 11:46:18 -05:00
307dcd09dd
Update payload cache sizes again
2015-05-25 20:12:20 +10:00
87bc198c82
x64 winhttp ie proxy support, autoconfig ignore
2015-05-25 20:01:37 +10:00
db09b9846c
I think I found the speed back
2015-05-25 02:44:57 -05:00
72112317cc
Update
2015-05-25 01:58:34 -05:00
3efe22d5e2
This seems better, slower though
2015-05-25 01:42:34 -05:00
78176c4335
First pass of IE proxy support for winhttp x86
2015-05-25 15:44:35 +10:00
43f7054a5c
Refactor base64 stub into base module
...
As per @zeroSteiner's suggestion.
2015-05-25 11:51:01 +10:00
9e50114082
Merge branch 'upstream/master' into uuid-stagers
2015-05-25 11:22:35 +10:00
9042f141ff
Implement the IPv6 UUID bind stagers
2015-05-25 11:21:28 +10:00
7089bd945a
This payload handling looks much better
2015-05-24 12:47:20 -05:00
6fb2da4f62
Fix #5391 , cmd stager documentation fixes
2015-05-23 13:56:49 -04:00
a376464710
It kind of blew up
2015-05-23 05:26:13 -05:00
f378b45408
bug fixes, sorta
2015-05-23 05:06:15 -05:00
7f4b51f0ff
Fix nil bug
2015-05-23 02:08:51 -05:00
60b0be8e3f
Fix a lot of bugs
2015-05-23 01:59:29 -05:00
916b7b83be
Change how we load payload handlers
2015-05-22 20:35:43 -05:00
d10b20b7a3
Land #5251 , @hmoore-r7's second opportunity to Oracle connect
...
SYSTEM shouldn't have SYSDBA privileges by default anymore
2015-05-22 17:47:41 -05:00
41a86b2e9b
add vprint_status
2015-05-22 17:46:56 -05:00
6de75ffd9f
Merge branch 'upstream-master' into bapv2
2015-05-22 17:11:03 -05:00
c201955fdf
Land #5387 , @wchen-r7's user-configurable HTTP timeout
...
Fixes #5219 , Add connection timeout and response timeout for HttpClient
2015-05-22 15:36:11 -05:00
e0d9ee062f
Use HttpClientTimeout
2015-05-22 13:35:37 -05:00
8fd468a89f
Get the dry-run feature right this time
2015-05-22 13:07:30 -05:00
905fe73d78
Track clicks
2015-05-22 12:57:06 -05:00
e8a32bdd10
Make MaxSessions/RealList/Custom404 work better
2015-05-22 12:40:56 -05:00
2bb6f390c0
Add session limiter and fix a race bug in notes removal
2015-05-22 12:22:41 -05:00
078438f66e
Update UUIDOptions -> UUID::Options
2015-05-22 00:30:05 -05:00
c17ee64d81
Merge branch 'master' into feature/uuid-registration
2015-05-22 00:29:16 -05:00
c07ff70f19
Add check for UUID payloads
...
Thankfully those payloads already had a flag that could be reused.
2015-05-22 15:11:12 +10:00
9ce669f878
Land #5328 : reworked x64 http/https stagers
2015-05-21 23:26:34 -05:00
10bd75348c
Merge branch 'upstream/master' into uuid-stagers
2015-05-22 13:07:25 +10:00
a6a274d3a3
Merge recent stager changes
2015-05-22 13:01:45 +10:00
c29bb35e28
Change datastore name
2015-05-21 10:15:03 -05:00
356f361b40
add sid to the the yard docs
...
you win this round OJ ;)
MSP-12722
2015-05-21 09:30:09 -05:00
3ee02d3626
Hmm bug
2015-05-21 00:36:40 -05:00
4622fa60eb
Register the init_* URLs and whitelist these
2015-05-21 00:22:41 -05:00
31c60b48c8
Don't forget to doc
2015-05-21 00:08:04 -05:00
6e8ee2f3ba
Add whitelist feature
2015-05-21 00:05:14 -05:00
27406204ed
Disable payload UUID registration by default
2015-05-20 23:56:15 -05:00
bdf30dd383
Land #5374 , --smallest option in msfvenom
2015-05-20 21:06:10 -05:00
a8d111ce89
Merge branch 'master' into feature/uuid-registration
2015-05-20 19:48:39 -05:00
ac0004ea0a
Implement IgnoreUnknownPayloads
2015-05-20 19:47:17 -05:00
93900087c7
Resolve #5219 , user-configurable HTTP timeout
...
Resolve #5219
2015-05-20 13:30:45 -05:00
44f8cf4124
Add more size to stagers, adjust psexec payloads
...
This psexec payload size should be evaluated to make sure I'm not doing
anything stupid. i can't see a reason why increasing these sizes would
be bad. They seem to work fine.
2015-05-20 17:07:56 +10:00
5963a5833a
Fix up php stageless payload includes
2015-05-20 16:50:00 +10:00
d0a5b803e8
Use generate_payload_uuid instead of manual obj creation
2015-05-20 16:25:52 +10:00
818d8b186c
Implement tracking
2015-05-20 01:10:19 -05:00
289873c25f
Merge all the stager changes
2015-05-20 16:02:37 +10:00
6859b24c1c
Fix missing label, update payload sizes
2015-05-20 15:42:31 +10:00
d43e11f5af
WinHTTP rework with proxy support, and SSL verification
...
This commit fixes up the winhttps stuff properly too. PHEW!
2015-05-20 15:32:34 +10:00
513a81e340
Add framework.uuid_db as a JSONHashFile
2015-05-20 00:28:32 -05:00
fd2534914d
Small tweaks to reverse_http
2015-05-20 12:15:38 +10:00
48c50a897c
add rpc call to change meterp transport
...
this rpc method allows the user to change transport
on an existing meterp session. if it's successful
it will close the old 'session' tied to the rpevious transport
MSP-12722
2015-05-19 14:43:25 -05:00
046003acb4
Increase REXML expansion text limit
...
MSP-9532
* Increase to reasonable size to handle larger xml file expansion on import
* Prevents the 'RuntimeError entity expansion has grown too large' error that prevents import
2015-05-19 12:47:19 -05:00
c1b8cee315
Land #5369 , @dmaloney-r7's snmp_login fixes
2015-05-19 10:39:03 -05:00
e7c8a3b56c
add support for SessionRetryTotal and SessionRetryWait on Android
2015-05-19 16:16:04 +01:00
9fddc21cf3
Shaved another sneaky byte off the payload
2015-05-19 21:21:07 +10:00
6e96e6d118
Shellcode golf to make the payload smaller
...
Tried to implement some more of the stuff that egypt suggested, managed
to get some in, but not others. Ultimately, its smaller than it was, and
I'm sure there are ways to make it better as well.
2015-05-19 21:17:42 +10:00
62720ab357
Fix the wininet stager for http/s
...
For some reason this was only working on Windows7/2008, yet when tired
on Windows 2012 it was resulting in crashes. It was also stopping
working in exploits such as psexec_psh.
Went back to the beginning and started again. With this in place, we can
now do a bit of shellcode golf to make it a bit smaller.
Adjusted payload sizes as well.
2015-05-19 20:03:22 +10:00
9d7e54f360
Add the UUID subdirectory, including initial DB class
2015-05-18 23:41:22 -05:00
c7932855f2
Move UUIDOptions to UUID::Options
2015-05-18 23:35:18 -05:00
46f389fecd
Documentation
2015-05-18 18:41:37 -05:00
fbbd25f4bc
I never use this thing
2015-05-18 17:56:17 -05:00
89be3fc1f2
Do global requirement comparison in BAP
2015-05-18 16:27:18 -05:00
9dd82d94ae
Exclude Manual ranked encoders from automatic selection, these can still be specified with -e
2015-05-18 15:47:15 -05:00
71eab7a236
Implements msfvenom --smallest, still some blockers
2015-05-18 15:24:59 -05:00
a82168d7bb
Fixes #5361 by adding --encoder-space to msfvenom
2015-05-18 14:27:52 -05:00
ea8e62f0fb
Add #file_dropper_file_exist?
2015-05-18 14:13:12 -05:00
7376d4d94e
account for public only credentials in #to_s
...
SNMP in particular will only have a public, so we need
to account for this so we don't output poorly formed text
with a trailing ':' char
5266
2015-05-18 13:42:15 -05:00
c69b6b2b8b
only issue db warning once
...
cache the fact that we have issued the db warning
so we do not issue it for every credential attempt
on the module run.
5266
2015-05-18 13:41:18 -05:00
129ed7fb7a
Add yard documentation
2015-05-18 10:27:04 -05:00
e7f80042d4
Finalise work on the bind_ipv6_tcp stager for UUID support
2015-05-18 21:19:04 +10:00
593f6e5fc4
Fix issue with bind UUID
2015-05-18 20:25:15 +10:00
9296a024e2
PHP meterpreter refactoring in prep for uuid work
2015-05-18 17:40:48 +10:00
27cdc588c8
Merge module include fix from stager update
2015-05-18 15:00:05 +10:00
677acb22a4
Fix up module include in x64 winhttp
2015-05-18 14:59:49 +10:00
4488a5e634
Add uuid support to python, and rework stages/stagers
2015-05-18 14:33:35 +10:00
0d56b3ee66
Stage UUIDs, generation options, php and python meterp uuid
2015-05-18 13:29:46 +10:00
bf2b113abb
Merge branch 'upstream/master' into update-x64-stagers
2015-05-18 13:28:36 +10:00
8b2e5c88d9
Adjust transport config fallback to include https
2015-05-18 10:16:09 +10:00
11e715ae46
Configure transport from stager mixin
...
Transport configuration for basic session types can be performed
by the stager mixin.
Add a default transport_config method to Msf::Payload::Stager by
mixing in Msf::Payload::TransportConfig and attempting to guess
the default tranport and direction types from the currently loaded
module's (MSF module) refname.
Users with custom payloads will no longer need to update them with
transport_config methods unless they use a non standard transport,
direction, or other innovation which affects the default approach.
Testing:
Tested with payloads lacking transport_config methods or access
to the TransportConfig module (Ruby) namespace. This also resolves
problems with the RC4 payloads in upstream as they can't currently
generate stagers for meterpreter.
2015-05-17 03:03:17 -04:00
OJ
Tod Beardsley
Mo Sadek
joev
Trevor Rosen
Brent Cook
wchen-r7
g0tmi1k
William Vu
HD Moore
David Maloney
benpturner
RageLtMan
jvazquez-r7
Spencer McIntyre
Christian Catalan
Tim