Commit Graph

809 Commits (271822da311eebf7298fe01c716ff7bed78d4f7a)

Author SHA1 Message Date
HD Moore 35568b570a Demo code added for MS06-035, mailslot write added to client.rb
git-svn-id: file:///home/svn/framework3/trunk@3740 4d416f70-5f16-0410-b530-b9f4589650da
2006-07-11 20:02:45 +00:00
HD Moore 5b47ff422f Putting non-modules into the module tree will cause them to execute on Framework load!
git-svn-id: file:///home/svn/framework3/trunk@3733 4d416f70-5f16-0410-b530-b9f4589650da
2006-06-28 00:33:34 +00:00
pusscat 4e99e7aafb Add PoC for no-user-action-necessary Outlook vuln - 0day
git-svn-id: file:///home/svn/framework3/trunk@3725 4d416f70-5f16-0410-b530-b9f4589650da
2006-06-23 19:03:09 +00:00
HD Moore 29389ad2dc Adding a README
git-svn-id: file:///home/svn/framework3/trunk@3724 4d416f70-5f16-0410-b530-b9f4589650da
2006-06-23 18:46:24 +00:00
HD Moore 1de5abe8e8 Hurray, it now drops a shell! :)
git-svn-id: file:///home/svn/framework3/trunk@3723 4d416f70-5f16-0410-b530-b9f4589650da
2006-06-23 06:21:10 +00:00
pusscat 56b15b1f3f EIP and RegCloseKey handle offsets correct now
git-svn-id: file:///home/svn/framework3/trunk@3721 4d416f70-5f16-0410-b530-b9f4589650da
2006-06-22 21:06:22 +00:00
HD Moore 0468c771b8 Added credit
git-svn-id: file:///home/svn/framework3/trunk@3720 4d416f70-5f16-0410-b530-b9f4589650da
2006-06-21 23:41:28 +00:00
HD Moore b7b5bf56d8 Cosmetic
git-svn-id: file:///home/svn/framework3/trunk@3717 4d416f70-5f16-0410-b530-b9f4589650da
2006-06-21 21:48:50 +00:00
HD Moore fdd7f4fd74 MC asked us to place his code under MSF license
git-svn-id: file:///home/svn/framework3/trunk@3714 4d416f70-5f16-0410-b530-b9f4589650da
2006-06-21 18:38:40 +00:00
HD Moore bb0def749f Closer...
git-svn-id: file:///home/svn/framework3/trunk@3713 4d416f70-5f16-0410-b530-b9f4589650da
2006-06-20 20:45:50 +00:00
HD Moore 0cf2909fda Updted
git-svn-id: file:///home/svn/framework3/trunk@3712 4d416f70-5f16-0410-b530-b9f4589650da
2006-06-20 19:28:13 +00:00
pusscat 08b268aa65 updated for hd
git-svn-id: file:///home/svn/framework3/trunk@3710 4d416f70-5f16-0410-b530-b9f4589650da
2006-06-20 14:35:55 +00:00
HD Moore 0633be5a93 Better error handling for patched systems
git-svn-id: file:///home/svn/framework3/trunk@3708 4d416f70-5f16-0410-b530-b9f4589650da
2006-06-19 16:16:50 +00:00
pusscat 3027e76384 Add non-working (bad stub) start for rasmans.dll registry corruption - correct function (I think ;)
git-svn-id: file:///home/svn/framework3/trunk@3707 4d416f70-5f16-0410-b530-b9f4589650da
2006-06-19 13:54:21 +00:00
HD Moore 14dabc399e Added DOS aux modules
Temporarily added RRAS_MAGIC


git-svn-id: file:///home/svn/incoming/trunk@3666 4d416f70-5f16-0410-b530-b9f4589650da
2006-06-15 15:52:01 +00:00
HD Moore 93eefee44f Consistency and cosmetics..
git-svn-id: file:///home/svn/incoming/trunk@3665 4d416f70-5f16-0410-b530-b9f4589650da
2006-06-15 15:31:56 +00:00
HD Moore 1e5745ecd4 Added support for Windows XP SP1
git-svn-id: file:///home/svn/incoming/trunk@3664 4d416f70-5f16-0410-b530-b9f4589650da
2006-06-15 15:30:46 +00:00
HD Moore 7a3bfce2b0 Straight port from anonymous
git-svn-id: file:///home/svn/incoming/trunk@3662 4d416f70-5f16-0410-b530-b9f4589650da
2006-06-14 21:26:43 +00:00
HD Moore 372edb7957 Wee
git-svn-id: file:///home/svn/incoming/trunk@3661 4d416f70-5f16-0410-b530-b9f4589650da
2006-06-14 20:39:16 +00:00
HD Moore a53bdd04e2 Removed debug
git-svn-id: file:///home/svn/incoming/trunk@3655 4d416f70-5f16-0410-b530-b9f4589650da
2006-06-08 20:59:33 +00:00
HD Moore a8050a09ff Exploit from MC
git-svn-id: file:///home/svn/incoming/trunk@3653 4d416f70-5f16-0410-b530-b9f4589650da
2006-06-08 19:19:22 +00:00
HD Moore eb93375277 Remove debugging statement
git-svn-id: file:///home/svn/incoming/trunk@3647 4d416f70-5f16-0410-b530-b9f4589650da
2006-05-30 16:11:35 +00:00
HD Moore dd20a7a633 Exploit order change to get correct default options
git-svn-id: file:///home/svn/incoming/trunk@3644 4d416f70-5f16-0410-b530-b9f4589650da
2006-05-30 15:44:33 +00:00
pusscat c02749067f Add nonupper encoder, like nonalpha, but with badchar support instead of lowercase char range
git-svn-id: file:///home/svn/incoming/trunk@3641 4d416f70-5f16-0410-b530-b9f4589650da
2006-05-08 15:04:50 +00:00
HD Moore 615104b6ab Other licensing updates (MSF->BSD) and minor cleanups
git-svn-id: file:///home/svn/incoming/trunk@3637 4d416f70-5f16-0410-b530-b9f4589650da
2006-05-06 16:43:45 +00:00
HD Moore d086a1bedf BSD license the default for non-msfdev created modules.
git-svn-id: file:///home/svn/incoming/trunk@3636 4d416f70-5f16-0410-b530-b9f4589650da
2006-05-06 16:34:39 +00:00
HD Moore 1a54cc810a Fixed numerous issues involving smb/dcerpc interaction
Fixed 'bad' use of method definition (space after method name, will be depreciated soon)


git-svn-id: file:///home/svn/incoming/trunk@3626 4d416f70-5f16-0410-b530-b9f4589650da
2006-04-30 19:49:27 +00:00
HD Moore f9b23371b8 aux -> auxiliary to fix a windows isue
git-svn-id: file:///home/svn/incoming/trunk@3624 4d416f70-5f16-0410-b530-b9f4589650da
2006-04-27 05:16:03 +00:00
HD Moore 42bc7496cf All sorts of fun changes to smb/dcerpc, the basics are:
1) Clean up SMB constants, add new ones, define which ones are supported by dialect
2) DCERPC over SMB uses a 'OpenPipe' class, not an 'OpenFile'
3) A new DCERPC option called 'smb_pipeio' allows the user to switch between Read/Write and TransactNamedPipe()


git-svn-id: file:///home/svn/incoming/trunk@3622 4d416f70-5f16-0410-b530-b9f4589650da
2006-04-26 16:59:44 +00:00
HD Moore 07e157efdf Working on encoder fixes
git-svn-id: file:///home/svn/incoming/trunk@3618 4d416f70-5f16-0410-b530-b9f4589650da
2006-04-26 05:14:55 +00:00
pusscat bc9cc35f3e Fix offset for table
git-svn-id: file:///home/svn/incoming/trunk@3613 4d416f70-5f16-0410-b530-b9f4589650da
2006-04-24 15:42:05 +00:00
pusscat 003c3444eb Change to reflect lib change
git-svn-id: file:///home/svn/incoming/trunk@3612 4d416f70-5f16-0410-b530-b9f4589650da
2006-04-24 15:01:53 +00:00
pusscat f678425f07 Add non-alpha encoder (not quite done, but passes tests with \xcc)
git-svn-id: file:///home/svn/incoming/trunk@3604 4d416f70-5f16-0410-b530-b9f4589650da
2006-04-20 21:11:33 +00:00
HD Moore 7e0f539b12 Updated
git-svn-id: file:///home/svn/incoming/trunk@3601 4d416f70-5f16-0410-b530-b9f4589650da
2006-04-16 06:29:44 +00:00
HD Moore bf6ac76cd7 new code, needs encoders
git-svn-id: file:///home/svn/incoming/trunk@3597 4d416f70-5f16-0410-b530-b9f4589650da
2006-04-14 20:22:15 +00:00
HD Moore ca72b7e2ed Woops, tenable-license check blob
git-svn-id: file:///home/svn/incoming/trunk@3595 4d416f70-5f16-0410-b530-b9f4589650da
2006-04-13 16:13:48 +00:00
HD Moore 86671cef89 PeerCast exploits
git-svn-id: file:///home/svn/incoming/trunk@3583 4d416f70-5f16-0410-b530-b9f4589650da
2006-03-30 21:05:42 +00:00
HD Moore 46709d6222 cosmetic
git-svn-id: file:///home/svn/incoming/trunk@3581 4d416f70-5f16-0410-b530-b9f4589650da
2006-03-30 15:06:41 +00:00
HD Moore bd862a5049 Mods
git-svn-id: file:///home/svn/incoming/trunk@3570 4d416f70-5f16-0410-b530-b9f4589650da
2006-03-12 02:06:57 +00:00
HD Moore f82decbb74 Added
git-svn-id: file:///home/svn/incoming/trunk@3569 4d416f70-5f16-0410-b530-b9f4589650da
2006-03-10 22:33:24 +00:00
HD Moore 5d284866d9 Fixed
git-svn-id: file:///home/svn/incoming/trunk@3568 4d416f70-5f16-0410-b530-b9f4589650da
2006-03-10 08:03:14 +00:00
HD Moore 05bda2529a More aux, first hack on multi-target firefox exploit
git-svn-id: file:///home/svn/incoming/trunk@3565 4d416f70-5f16-0410-b530-b9f4589650da
2006-03-09 17:32:53 +00:00
bmc 9eaa03d43b * uniq exploit class name
git-svn-id: file:///home/svn/incoming/trunk@3540 4d416f70-5f16-0410-b530-b9f4589650da
2006-02-22 20:34:43 +00:00
bmc 5916642428 * using command paylods give a pipe error, so trap that exception
git-svn-id: file:///home/svn/incoming/trunk@3536 4d416f70-5f16-0410-b530-b9f4589650da
2006-02-21 16:18:38 +00:00
bmc 5699f17499 * add platform
git-svn-id: file:///home/svn/incoming/trunk@3535 4d416f70-5f16-0410-b530-b9f4589650da
2006-02-21 14:27:28 +00:00
Matt Miller 3a37749de6 support for demand-loading of modules to improve load speed, expect problems
git-svn-id: file:///home/svn/incoming/trunk@3534 4d416f70-5f16-0410-b530-b9f4589650da
2006-02-21 03:10:58 +00:00
bmc f6c6c9669c add Platform
git-svn-id: file:///home/svn/incoming/trunk@3533 4d416f70-5f16-0410-b530-b9f4589650da
2006-02-19 04:18:21 +00:00
bmc b99a9e5075 * a few updates to make it a bit more like reality, still doesn't work though
git-svn-id: file:///home/svn/incoming/trunk@3518 4d416f70-5f16-0410-b530-b9f4589650da
2006-02-07 15:23:54 +00:00
bmc 16156c8aea * the XML isn't required, random shit works just fine
* only normalizing of the stuff that SHOULD be normalizes works for shit with this exploit


git-svn-id: file:///home/svn/incoming/trunk@3515 4d416f70-5f16-0410-b530-b9f4589650da
2006-02-06 22:47:06 +00:00
bmc 1c35f492a8 * turn into an HTTP client request
git-svn-id: file:///home/svn/incoming/trunk@3514 4d416f70-5f16-0410-b530-b9f4589650da
2006-02-06 21:12:37 +00:00
bmc d14646e084 * remove redundant stringification
git-svn-id: file:///home/svn/incoming/trunk@3510 4d416f70-5f16-0410-b530-b9f4589650da
2006-02-06 15:15:41 +00:00
vlad902 b158ccb973 Initial commit
git-svn-id: file:///home/svn/incoming/trunk@3509 4d416f70-5f16-0410-b530-b9f4589650da
2006-02-05 22:05:01 +00:00
HD Moore 5b497d5e4d Added Irix platform
Tweaked reverse.rb to use a subshell and background it
Added Irix lpdexec


git-svn-id: file:///home/svn/incoming/trunk@3505 4d416f70-5f16-0410-b530-b9f4589650da
2006-02-05 18:10:08 +00:00
HD Moore 868d7bf561 Working findtag + samba
Removed call to evasions that didnt have corresponding definition


git-svn-id: file:///home/svn/incoming/trunk@3501 4d416f70-5f16-0410-b530-b9f4589650da
2006-02-04 21:04:50 +00:00
HD Moore 2290b14c7d PPC fixes
git-svn-id: file:///home/svn/incoming/trunk@3500 4d416f70-5f16-0410-b530-b9f4589650da
2006-02-04 20:40:25 +00:00
bmc d7e2e99cef * display something when the exploit is sent so the user has some indication of status
git-svn-id: file:///home/svn/incoming/trunk@3499 4d416f70-5f16-0410-b530-b9f4589650da
2006-02-03 19:57:28 +00:00
bmc fe608d1676 general cleanups
add space evasions to the playlist


git-svn-id: file:///home/svn/incoming/trunk@3495 4d416f70-5f16-0410-b530-b9f4589650da
2006-02-03 18:28:13 +00:00
HD Moore 792b3a8ad4 Ported, tested, and stuff.
git-svn-id: file:///home/svn/incoming/trunk@3494 4d416f70-5f16-0410-b530-b9f4589650da
2006-02-03 03:31:41 +00:00
HD Moore 83be4703d6 modules/
git-svn-id: file:///home/svn/incoming/trunk@3493 4d416f70-5f16-0410-b530-b9f4589650da
2006-02-02 20:43:55 +00:00
HD Moore 3a69fe2fae More features
git-svn-id: file:///home/svn/incoming/trunk@3492 4d416f70-5f16-0410-b530-b9f4589650da
2006-02-02 05:54:06 +00:00
bmc 7bb13e2706 port from vlad, with a few cleanups
git-svn-id: file:///home/svn/incoming/trunk@3491 4d416f70-5f16-0410-b530-b9f4589650da
2006-02-01 22:35:36 +00:00
bmc 9096ecf8e7 * EVASION!
git-svn-id: file:///home/svn/incoming/trunk@3486 4d416f70-5f16-0410-b530-b9f4589650da
2006-01-31 22:41:10 +00:00
bmc 7f270f55b0 its really an html exploit...
git-svn-id: file:///home/svn/incoming/trunk@3484 4d416f70-5f16-0410-b530-b9f4589650da
2006-01-30 22:12:17 +00:00
HD Moore 7ee4d05bec Woo, neat krad winamp exploit :)
git-svn-id: file:///home/svn/incoming/trunk@3479 4d416f70-5f16-0410-b530-b9f4589650da
2006-01-30 19:28:19 +00:00
HD Moore c1b9129bca A couple more assertions in the tcp_server test suite.
Added template for the winamp pls overflow (unc computer name)


git-svn-id: file:///home/svn/incoming/trunk@3474 4d416f70-5f16-0410-b530-b9f4589650da
2006-01-30 17:25:44 +00:00
HD Moore 04341837f7 Bug fix to msfencode when invalid -e is specified
Small tweaks to type77, mostly for print_status and -find
Fixed busted payload port in shell_reverse_tcp


git-svn-id: file:///home/svn/incoming/trunk@3469 4d416f70-5f16-0410-b530-b9f4589650da
2006-01-29 21:47:51 +00:00
bmc f1e0f7bcc9 * use zlib
git-svn-id: file:///home/svn/incoming/trunk@3460 4d416f70-5f16-0410-b530-b9f4589650da
2006-01-27 22:06:06 +00:00
bmc 9996207faf * make me an HTML exploit
git-svn-id: file:///home/svn/incoming/trunk@3459 4d416f70-5f16-0410-b530-b9f4589650da
2006-01-27 22:04:28 +00:00
bmc 5be5aa0033 * less fingerprintable
* less ugly

instead of blobs of hex for ...
    nops, use make_nops
    short jumps, use jmp_short
    unicode strings, use to_unicode
    math.to_s, use #{math}
    random junk, use rand_text with payload_badchars


git-svn-id: file:///home/svn/incoming/trunk@3456 4d416f70-5f16-0410-b530-b9f4589650da
2006-01-27 21:18:52 +00:00
bmc 4d432875d0 via perl...
git-svn-id: file:///home/svn/incoming/trunk@3454 4d416f70-5f16-0410-b530-b9f4589650da
2006-01-27 15:11:16 +00:00
HD Moore e249d9ebe5 Massive update to tab indentation (used ./dev/tabify.rb)
git-svn-id: file:///home/svn/incoming/trunk@3450 4d416f70-5f16-0410-b530-b9f4589650da
2006-01-27 05:00:35 +00:00
bmc 6ab42be37d * wee, more php bullshit
git-svn-id: file:///home/svn/incoming/trunk@3448 4d416f70-5f16-0410-b530-b9f4589650da
2006-01-26 02:07:59 +00:00
bmc 6b1e9648be * blobs of hex strings suck.
git-svn-id: file:///home/svn/incoming/trunk@3444 4d416f70-5f16-0410-b530-b9f4589650da
2006-01-25 21:23:26 +00:00
bmc 7cedfcc828 * connectback perl payload
git-svn-id: file:///home/svn/incoming/trunk@3435 4d416f70-5f16-0410-b530-b9f4589650da
2006-01-23 17:14:33 +00:00
HD Moore 8ca5e60c88 Removed and replaced by Aux
git-svn-id: file:///home/svn/incoming/trunk@3432 4d416f70-5f16-0410-b530-b9f4589650da
2006-01-23 02:29:18 +00:00
HD Moore ec46bc70fd Typo
git-svn-id: file:///home/svn/incoming/trunk@3431 4d416f70-5f16-0410-b530-b9f4589650da
2006-01-22 20:01:38 +00:00
HD Moore f485585e7c License information displayed by info
git-svn-id: file:///home/svn/incoming/trunk@3428 4d416f70-5f16-0410-b530-b9f4589650da
2006-01-22 19:25:55 +00:00
HD Moore 1bffccf605 New licensing terms, revision bump to v3
git-svn-id: file:///home/svn/incoming/trunk@3425 4d416f70-5f16-0410-b530-b9f4589650da
2006-01-21 22:10:20 +00:00
HD Moore c18e5a10a9 distcc
git-svn-id: file:///home/svn/incoming/trunk@3423 4d416f70-5f16-0410-b530-b9f4589650da
2006-01-21 05:05:19 +00:00
HD Moore 7e7fd98927 prevented it frmo loading
git-svn-id: file:///home/svn/incoming/trunk@3418 4d416f70-5f16-0410-b530-b9f4589650da
2006-01-21 02:21:54 +00:00
bmc 49016b9d99 * perl bind shell
git-svn-id: file:///home/svn/incoming/trunk@3417 4d416f70-5f16-0410-b530-b9f4589650da
2006-01-20 22:31:58 +00:00
bmc eeca3cb4bc * fix exploit name
git-svn-id: file:///home/svn/incoming/trunk@3416 4d416f70-5f16-0410-b530-b9f4589650da
2006-01-20 21:11:38 +00:00
bmc 164520753c * kill the debugging info
git-svn-id: file:///home/svn/incoming/trunk@3415 4d416f70-5f16-0410-b530-b9f4589650da
2006-01-20 20:25:07 +00:00
bmc d6608d4dd5 * xmlrpc vuln
git-svn-id: file:///home/svn/incoming/trunk@3414 4d416f70-5f16-0410-b530-b9f4589650da
2006-01-20 20:18:55 +00:00
Matt Miller d07e5fd330 patch from bmc
git-svn-id: file:///home/svn/incoming/trunk@3410 4d416f70-5f16-0410-b530-b9f4589650da
2006-01-19 17:03:55 +00:00
HD Moore 2bd530b8e0 Fix
git-svn-id: file:///home/svn/incoming/trunk@3407 4d416f70-5f16-0410-b530-b9f4589650da
2006-01-19 06:20:33 +00:00
Matt Miller 5cee818623 poly encoder fixes
git-svn-id: file:///home/svn/incoming/trunk@3406 4d416f70-5f16-0410-b530-b9f4589650da
2006-01-18 15:43:48 +00:00
Matt Miller 423b023de8 patch for badchar stuff
git-svn-id: file:///home/svn/incoming/trunk@3404 4d416f70-5f16-0410-b530-b9f4589650da
2006-01-18 15:21:41 +00:00
HD Moore b9bdd96f97 typo
git-svn-id: file:///home/svn/incoming/trunk@3398 4d416f70-5f16-0410-b530-b9f4589650da
2006-01-17 01:11:10 +00:00
HD Moore ae8bb233e3 Rename
git-svn-id: file:///home/svn/incoming/trunk@3386 4d416f70-5f16-0410-b530-b9f4589650da
2006-01-16 04:24:22 +00:00
HD Moore 8c1194eccd Another port
git-svn-id: file:///home/svn/incoming/trunk@3383 4d416f70-5f16-0410-b530-b9f4589650da
2006-01-16 04:02:38 +00:00
Matt Miller 68a8a5262b change unknown license to GPL
git-svn-id: file:///home/svn/incoming/trunk@3379 4d416f70-5f16-0410-b530-b9f4589650da
2006-01-16 03:48:36 +00:00
Matt Miller 2e19a86843 added license to all modules
git-svn-id: file:///home/svn/incoming/trunk@3377 4d416f70-5f16-0410-b530-b9f4589650da
2006-01-16 02:59:47 +00:00
HD Moore 4a14fa7e02 Merged them into one
git-svn-id: file:///home/svn/incoming/trunk@3376 4d416f70-5f16-0410-b530-b9f4589650da
2006-01-16 02:32:30 +00:00
HD Moore 9c5f4776b8 Some generic encoders for commands
git-svn-id: file:///home/svn/incoming/trunk@3375 4d416f70-5f16-0410-b530-b9f4589650da
2006-01-15 22:43:44 +00:00
HD Moore 04f13dc167 Rename
git-svn-id: file:///home/svn/incoming/trunk@3374 4d416f70-5f16-0410-b530-b9f4589650da
2006-01-15 21:26:20 +00:00
HD Moore 75a0aa2e76 Bind added, reverse fixed module name
git-svn-id: file:///home/svn/incoming/trunk@3373 4d416f70-5f16-0410-b530-b9f4589650da
2006-01-15 21:13:41 +00:00
HD Moore 884fffa28c Ported the unix revers command payloads and handler
git-svn-id: file:///home/svn/incoming/trunk@3372 4d416f70-5f16-0410-b530-b9f4589650da
2006-01-14 20:12:53 +00:00
vlad902 eccdce049c Fixed attribution to reference spoonm
git-svn-id: file:///home/svn/incoming/trunk@3357 4d416f70-5f16-0410-b530-b9f4589650da
2006-01-09 02:09:40 +00:00
Matt Miller 3b72122932 remove superfluous unit test
git-svn-id: file:///home/svn/incoming/trunk@3350 4d416f70-5f16-0410-b530-b9f4589650da
2006-01-08 20:23:11 +00:00
HD Moore 3783e27fc7 Fixed handler/disconnect order in FTP, fixes to metafile
git-svn-id: file:///home/svn/incoming/trunk@3348 4d416f70-5f16-0410-b530-b9f4589650da
2006-01-08 14:27:59 +00:00
Matt Miller e4556d2688 fix syntax errors
git-svn-id: file:///home/svn/incoming/trunk@3347 4d416f70-5f16-0410-b530-b9f4589650da
2006-01-08 10:38:35 +00:00
HD Moore b0aeeb47aa Code from MC
git-svn-id: file:///home/svn/incoming/trunk@3346 4d416f70-5f16-0410-b530-b9f4589650da
2006-01-08 06:26:30 +00:00
vlad902 c5993b7b9b Is now smaller and deletes the file after execution
git-svn-id: file:///home/svn/incoming/trunk@3345 4d416f70-5f16-0410-b530-b9f4589650da
2006-01-08 06:08:43 +00:00
vlad902 b011d080b3 No stagers can use this
git-svn-id: file:///home/svn/incoming/trunk@3344 4d416f70-5f16-0410-b530-b9f4589650da
2006-01-08 03:26:41 +00:00
vlad902 b2d307beb2 Minor changes
git-svn-id: file:///home/svn/incoming/trunk@3342 4d416f70-5f16-0410-b530-b9f4589650da
2006-01-08 02:42:52 +00:00
vlad902 ed5323e72b Smaller stager
git-svn-id: file:///home/svn/incoming/trunk@3341 4d416f70-5f16-0410-b530-b9f4589650da
2006-01-08 02:23:49 +00:00
vlad902 443a34da7a Smaller stager, that also does closesocket so you can use it on the same port repeatdly.
git-svn-id: file:///home/svn/incoming/trunk@3340 4d416f70-5f16-0410-b530-b9f4589650da
2006-01-08 02:23:36 +00:00
vlad902 d0a00445d7 Clear space for variables
git-svn-id: file:///home/svn/incoming/trunk@3339 4d416f70-5f16-0410-b530-b9f4589650da
2006-01-08 01:47:23 +00:00
Matt Miller 4434198b02 rename block
git-svn-id: file:///home/svn/incoming/trunk@3338 4d416f70-5f16-0410-b530-b9f4589650da
2006-01-08 01:17:06 +00:00
Matt Miller 9fda1582f8 rename block
git-svn-id: file:///home/svn/incoming/trunk@3337 4d416f70-5f16-0410-b530-b9f4589650da
2006-01-08 01:16:49 +00:00
Matt Miller 1eead1a5e9 increase ranking
git-svn-id: file:///home/svn/incoming/trunk@3336 4d416f70-5f16-0410-b530-b9f4589650da
2006-01-08 01:12:34 +00:00
Matt Miller 43495bd398 more poly
git-svn-id: file:///home/svn/incoming/trunk@3334 4d416f70-5f16-0410-b530-b9f4589650da
2006-01-08 01:10:45 +00:00
vlad902 d7813bf8c7 My version of upexec,doesn't depend on hd's EBP shellcode structure
git-svn-id: file:///home/svn/incoming/trunk@3333 4d416f70-5f16-0410-b530-b9f4589650da
2006-01-07 23:58:59 +00:00
Matt Miller c35e687659 jmp/call additive is no polyified
git-svn-id: file:///home/svn/incoming/trunk@3332 4d416f70-5f16-0410-b530-b9f4589650da
2006-01-07 23:38:55 +00:00
Matt Miller 2f4467ebcd stupid cvs
git-svn-id: file:///home/svn/incoming/trunk@3330 4d416f70-5f16-0410-b530-b9f4589650da
2006-01-07 19:41:31 +00:00
Matt Miller b5cb5e913c change name
git-svn-id: file:///home/svn/incoming/trunk@3329 4d416f70-5f16-0410-b530-b9f4589650da
2006-01-07 19:39:53 +00:00
vlad902 45bfed8935 17 bytes smaller.
git-svn-id: file:///home/svn/incoming/trunk@3328 4d416f70-5f16-0410-b530-b9f4589650da
2006-01-07 19:31:24 +00:00
vlad902 a6d4abb4cd My shell stage
git-svn-id: file:///home/svn/incoming/trunk@3327 4d416f70-5f16-0410-b530-b9f4589650da
2006-01-07 19:26:09 +00:00
Matt Miller ab05f41a40 remove pipe shell
git-svn-id: file:///home/svn/incoming/trunk@3326 4d416f70-5f16-0410-b530-b9f4589650da
2006-01-07 19:26:00 +00:00
Matt Miller 4934bd7709 rename pipe shell to shell and shell to shell_revert
git-svn-id: file:///home/svn/incoming/trunk@3325 4d416f70-5f16-0410-b530-b9f4589650da
2006-01-07 19:25:18 +00:00
Matt Miller ae5c816e85 various enhancements to support passivex, seems to be functional, somewhat
git-svn-id: file:///home/svn/incoming/trunk@3322 4d416f70-5f16-0410-b530-b9f4589650da
2006-01-07 10:04:30 +00:00
Matt Miller b5b9e2ac1f added to_native for unicode
git-svn-id: file:///home/svn/incoming/trunk@3319 4d416f70-5f16-0410-b530-b9f4589650da
2006-01-06 15:34:51 +00:00
Matt Miller 90175dd5ce minor fixup
git-svn-id: file:///home/svn/incoming/trunk@3317 4d416f70-5f16-0410-b530-b9f4589650da
2006-01-06 09:03:34 +00:00
Matt Miller cd4d7a6ff8 updates to alpha/unicode encoders
git-svn-id: file:///home/svn/incoming/trunk@3314 4d416f70-5f16-0410-b530-b9f4589650da
2006-01-06 02:25:23 +00:00
Matt Miller f9d058887b initial import of alpha2 from pusscat
git-svn-id: file:///home/svn/incoming/trunk@3313 4d416f70-5f16-0410-b530-b9f4589650da
2006-01-06 00:57:14 +00:00
HD Moore 4148a17b19 Committed new name
git-svn-id: file:///home/svn/incoming/trunk@3312 4d416f70-5f16-0410-b530-b9f4589650da
2006-01-05 22:48:19 +00:00
HD Moore 5550a72d1f rename, tweak
git-svn-id: file:///home/svn/incoming/trunk@3311 4d416f70-5f16-0410-b530-b9f4589650da
2006-01-05 22:27:52 +00:00
HD Moore 8049b32cbc Patches from <anon>
git-svn-id: file:///home/svn/incoming/trunk@3310 4d416f70-5f16-0410-b530-b9f4589650da
2006-01-05 22:20:28 +00:00
HD Moore 46a1ce0721 More tweaks
git-svn-id: file:///home/svn/incoming/trunk@3308 4d416f70-5f16-0410-b530-b9f4589650da
2006-01-05 03:56:20 +00:00
Matt Miller a77bdaa93c rename author to jt, fix bug in html escape in payloads section of msfweb
git-svn-id: file:///home/svn/incoming/trunk@3306 4d416f70-5f16-0410-b530-b9f4589650da
2006-01-05 02:04:04 +00:00
Matt Miller e63ba080a8 added support for use_gzip
git-svn-id: file:///home/svn/incoming/trunk@3303 4d416f70-5f16-0410-b530-b9f4589650da
2006-01-03 04:24:03 +00:00
HD Moore 9452249c09 Updated
git-svn-id: file:///home/svn/incoming/trunk@3301 4d416f70-5f16-0410-b530-b9f4589650da
2006-01-03 04:06:03 +00:00
HD Moore 96d4591b87 Updates to httpserver mixin, gzip encoding added to text, bugfix to wordstar, added metafile exploit, will rename and make it nice later
git-svn-id: file:///home/svn/incoming/trunk@3299 4d416f70-5f16-0410-b530-b9f4589650da
2006-01-02 07:49:52 +00:00
Matt Miller 76549787e5 fix response for 404
git-svn-id: file:///home/svn/incoming/trunk@3298 4d416f70-5f16-0410-b530-b9f4589650da
2006-01-02 04:07:28 +00:00
HD Moore 9fc93bbe56 Miscellaneous fixes, changes to CMD payloads
git-svn-id: file:///home/svn/incoming/trunk@3296 4d416f70-5f16-0410-b530-b9f4589650da
2006-01-02 01:12:36 +00:00
HD Moore 63683ab45f Renamed
git-svn-id: file:///home/svn/incoming/trunk@3294 4d416f70-5f16-0410-b530-b9f4589650da
2005-12-31 22:58:57 +00:00
HD Moore 8de634c25f timing fixes
git-svn-id: file:///home/svn/incoming/trunk@3292 4d416f70-5f16-0410-b530-b9f4589650da
2005-12-31 19:49:12 +00:00
HD Moore 2bcfd6f0e5 Bug fixen
git-svn-id: file:///home/svn/incoming/trunk@3291 4d416f70-5f16-0410-b530-b9f4589650da
2005-12-31 19:21:39 +00:00
HD Moore d3208c97aa Finally
git-svn-id: file:///home/svn/incoming/trunk@3287 4d416f70-5f16-0410-b530-b9f4589650da
2005-12-31 18:07:12 +00:00
HD Moore f468b10cff Tweaks
git-svn-id: file:///home/svn/incoming/trunk@3286 4d416f70-5f16-0410-b530-b9f4589650da
2005-12-31 18:03:02 +00:00
vlad902 e9b4f0d9f1 Fix a small bug and fix some comments
git-svn-id: file:///home/svn/incoming/trunk@3284 4d416f70-5f16-0410-b530-b9f4589650da
2005-12-30 21:10:05 +00:00
vlad902 3234172a41 Fix payload (missing +)
git-svn-id: file:///home/svn/incoming/trunk@3283 4d416f70-5f16-0410-b530-b9f4589650da
2005-12-30 21:07:47 +00:00
vlad902 076442ceda Add assembly comments
git-svn-id: file:///home/svn/incoming/trunk@3282 4d416f70-5f16-0410-b530-b9f4589650da
2005-12-30 20:38:13 +00:00
HD Moore 4b92b6aa48 Mostly working, shellcode/encoder/nops may be busted
git-svn-id: file:///home/svn/incoming/trunk@3275 4d416f70-5f16-0410-b530-b9f4589650da
2005-12-30 06:17:48 +00:00
HD Moore f7e0579a3c Updates to sparc/ppc encoders, added find_key_verify()
git-svn-id: file:///home/svn/incoming/trunk@3274 4d416f70-5f16-0410-b530-b9f4589650da
2005-12-30 06:05:23 +00:00
Matt Miller da914742fc nop test
git-svn-id: file:///home/svn/incoming/trunk@3273 4d416f70-5f16-0410-b530-b9f4589650da
2005-12-30 05:09:45 +00:00
Matt Miller 504168eda9 disable unsafe fpu instruction
git-svn-id: file:///home/svn/incoming/trunk@3272 4d416f70-5f16-0410-b530-b9f4589650da
2005-12-30 05:00:19 +00:00
Matt Miller 537d0b0418 execution time encoder testing
git-svn-id: file:///home/svn/incoming/trunk@3270 4d416f70-5f16-0410-b530-b9f4589650da
2005-12-30 04:57:52 +00:00
HD Moore a96cfa6b78 PPC and Sparc nop generators
git-svn-id: file:///home/svn/incoming/trunk@3269 4d416f70-5f16-0410-b530-b9f4589650da
2005-12-30 04:06:41 +00:00
Matt Miller e537fadb05 shikata ga nai
git-svn-id: file:///home/svn/incoming/trunk@3266 4d416f70-5f16-0410-b530-b9f4589650da
2005-12-30 01:14:56 +00:00
HD Moore 595a2e1bba Bug fixes, still not 100% working
git-svn-id: file:///home/svn/incoming/trunk@3262 4d416f70-5f16-0410-b530-b9f4589650da
2005-12-27 06:15:46 +00:00
HD Moore 87f23247a5 Moved. Changed. Woop. Not tested
git-svn-id: file:///home/svn/incoming/trunk@3261 4d416f70-5f16-0410-b530-b9f4589650da
2005-12-27 05:47:03 +00:00
HD Moore 7e14163849 Fixy
git-svn-id: file:///home/svn/incoming/trunk@3260 4d416f70-5f16-0410-b530-b9f4589650da
2005-12-27 05:03:08 +00:00
HD Moore 3fa5d999a2 No more select(nil, nil, nil, X)
git-svn-id: file:///home/svn/incoming/trunk@3259 4d416f70-5f16-0410-b530-b9f4589650da
2005-12-27 04:40:06 +00:00
HD Moore c8d273cec0 Wee, works
git-svn-id: file:///home/svn/incoming/trunk@3258 4d416f70-5f16-0410-b530-b9f4589650da
2005-12-27 04:16:23 +00:00
HD Moore 93c3178732 No so worky
git-svn-id: file:///home/svn/incoming/trunk@3257 4d416f70-5f16-0410-b530-b9f4589650da
2005-12-27 03:07:46 +00:00
HD Moore 53a49f55d4 Removing dupes
git-svn-id: file:///home/svn/incoming/trunk@3255 4d416f70-5f16-0410-b530-b9f4589650da
2005-12-26 14:36:25 +00:00
HD Moore 97129d0303 New modules, module renames
git-svn-id: file:///home/svn/incoming/trunk@3254 4d416f70-5f16-0410-b530-b9f4589650da
2005-12-26 14:34:22 +00:00
HD Moore 412629e5c3 Stuff.. more changes to come
git-svn-id: file:///home/svn/incoming/trunk@3253 4d416f70-5f16-0410-b530-b9f4589650da
2005-12-25 22:47:38 +00:00
HD Moore 219fbc90d9 Still mostly broken, but oh well
git-svn-id: file:///home/svn/incoming/trunk@3247 4d416f70-5f16-0410-b530-b9f4589650da
2005-12-18 08:05:12 +00:00
HD Moore ca3fe88c87 Snort exploit
git-svn-id: file:///home/svn/incoming/trunk@3246 4d416f70-5f16-0410-b530-b9f4589650da
2005-12-18 07:59:00 +00:00
HD Moore c30d4403b8 Wewp
git-svn-id: file:///home/svn/incoming/trunk@3245 4d416f70-5f16-0410-b530-b9f4589650da
2005-12-18 07:50:48 +00:00
HD Moore 88658064df /usr/bin/ruby vs /usr/bin/env ruby
git-svn-id: file:///home/svn/incoming/trunk@3242 4d416f70-5f16-0410-b530-b9f4589650da
2005-12-17 06:46:23 +00:00
Matt Miller 410770bae6 fixes for some socket association stuff
git-svn-id: file:///home/svn/incoming/trunk@3233 4d416f70-5f16-0410-b530-b9f4589650da
2005-12-15 04:46:52 +00:00
HD Moore ad6d2f3f9d wtf
git-svn-id: file:///home/svn/incoming/trunk@3230 4d416f70-5f16-0410-b530-b9f4589650da
2005-12-15 04:20:28 +00:00
HD Moore 3d2bfd521c Fixed options() problem in the mixin, minor tweak in remote_agent
git-svn-id: file:///home/svn/incoming/trunk@3229 4d416f70-5f16-0410-b530-b9f4589650da
2005-12-15 04:16:30 +00:00
HD Moore 18122316e4 This might work :-)
git-svn-id: file:///home/svn/incoming/trunk@3224 4d416f70-5f16-0410-b530-b9f4589650da
2005-12-14 03:15:04 +00:00
HD Moore 2ecec3db87 More
git-svn-id: file:///home/svn/incoming/trunk@3223 4d416f70-5f16-0410-b530-b9f4589650da
2005-12-14 03:14:51 +00:00
HD Moore b8ac1a993e Latest - demo it
git-svn-id: file:///home/svn/incoming/trunk@3220 4d416f70-5f16-0410-b530-b9f4589650da
2005-12-14 00:36:28 +00:00
HD Moore e79c9f8658 Something is still breaking, use w3who, show payloads, exploit, breaks
git-svn-id: file:///home/svn/incoming/trunk@3218 4d416f70-5f16-0410-b530-b9f4589650da
2005-12-14 00:21:23 +00:00
HD Moore 557153e01c Code from Brian Caswell
git-svn-id: file:///home/svn/incoming/trunk@3210 4d416f70-5f16-0410-b530-b9f4589650da
2005-12-13 06:08:40 +00:00
Matt Miller 51ed1b3eca fixed up vncinject a bit
git-svn-id: file:///home/svn/incoming/trunk@3206 4d416f70-5f16-0410-b530-b9f4589650da
2005-12-13 03:48:33 +00:00
Matt Miller bbb94762b2 support for disabling the courtesy shell
git-svn-id: file:///home/svn/incoming/trunk@3205 4d416f70-5f16-0410-b530-b9f4589650da
2005-12-13 03:43:17 +00:00
HD Moore e591af64bd Added default target 0
git-svn-id: file:///home/svn/incoming/trunk@3202 4d416f70-5f16-0410-b530-b9f4589650da
2005-12-12 20:05:32 +00:00
Matt Miller 22278ce458 vncinject payload
git-svn-id: file:///home/svn/incoming/trunk@3201 4d416f70-5f16-0410-b530-b9f4589650da
2005-12-12 07:07:19 +00:00
HD Moore 6c2da4d313 Imap exploits
Addition of MC as a common author
Added the IMAP mixin
Fixed bug in base64


git-svn-id: file:///home/svn/incoming/trunk@3172 4d416f70-5f16-0410-b530-b9f4589650da
2005-12-05 05:00:27 +00:00
HD Moore 86c5cf44c3 Renamed
git-svn-id: file:///home/svn/incoming/trunk@3171 4d416f70-5f16-0410-b530-b9f4589650da
2005-12-05 04:57:41 +00:00
Matt Miller 5c18ee59ac fix unit test
git-svn-id: file:///home/svn/incoming/trunk@3170 4d416f70-5f16-0410-b530-b9f4589650da
2005-12-04 10:36:26 +00:00
HD Moore 9b977bee1b Fixed some authors
git-svn-id: file:///home/svn/incoming/trunk@3163 4d416f70-5f16-0410-b530-b9f4589650da
2005-12-02 01:18:51 +00:00
HD Moore b931b02c14 Changes from Brian Caswell
git-svn-id: file:///home/svn/incoming/trunk@3161 4d416f70-5f16-0410-b530-b9f4589650da
2005-11-30 19:42:19 +00:00
HD Moore 4d43e8f482 mnor
git-svn-id: file:///home/svn/incoming/trunk@3159 4d416f70-5f16-0410-b530-b9f4589650da
2005-11-29 02:57:04 +00:00
HD Moore 19563a62b2 Wee, portr
git-svn-id: file:///home/svn/incoming/trunk@3138 4d416f70-5f16-0410-b530-b9f4589650da
2005-11-27 19:08:44 +00:00
HD Moore 9340ecdeab IIS exploits ported
Added on_new_session callback and session_created? flag to exploit
Fixed socket fd leak in Comm::Local


git-svn-id: file:///home/svn/incoming/trunk@3135 4d416f70-5f16-0410-b530-b9f4589650da
2005-11-27 18:42:44 +00:00
HD Moore 53425595e7 Ported
git-svn-id: file:///home/svn/incoming/trunk@3133 4d416f70-5f16-0410-b530-b9f4589650da
2005-11-27 07:26:58 +00:00
HD Moore 7624b4d78a Bug fixes for alphanum vs alphanumeric
Added some target print code to the brightstor explotis
Added the backupexec epxloits


git-svn-id: file:///home/svn/incoming/trunk@3132 4d416f70-5f16-0410-b530-b9f4589650da
2005-11-27 01:51:50 +00:00
HD Moore 1ca0837a3b Brightstor exploits
git-svn-id: file:///home/svn/incoming/trunk@3130 4d416f70-5f16-0410-b530-b9f4589650da
2005-11-26 22:12:54 +00:00
HD Moore 40aa62968f Arkeia exploits added
git-svn-id: file:///home/svn/incoming/trunk@3129 4d416f70-5f16-0410-b530-b9f4589650da
2005-11-26 19:56:03 +00:00
HD Moore a990e20067 Woops
git-svn-id: file:///home/svn/incoming/trunk@3128 4d416f70-5f16-0410-b530-b9f4589650da
2005-11-26 16:46:49 +00:00
HD Moore e2ab431a57 Ported
git-svn-id: file:///home/svn/incoming/trunk@3126 4d416f70-5f16-0410-b530-b9f4589650da
2005-11-26 16:42:22 +00:00
HD Moore 7403e8bf23 Mssql code!
git-svn-id: file:///home/svn/incoming/trunk@3122 4d416f70-5f16-0410-b530-b9f4589650da
2005-11-26 11:16:36 +00:00
HD Moore b30dd91e82 Woop
git-svn-id: file:///home/svn/incoming/trunk@3116 4d416f70-5f16-0410-b530-b9f4589650da
2005-11-26 04:04:49 +00:00
HD Moore 0902ca6962 Reorganization, adding asn1, pnp, and msmq.
git-svn-id: file:///home/svn/incoming/trunk@3113 4d416f70-5f16-0410-b530-b9f4589650da
2005-11-26 02:33:39 +00:00
HD Moore fb8b56f55f Changed up the way mixins are handled, all exploits just require 'msf/core' and
all current mixins will be loaded. Egghunter was moved to a mixin and generates
based on target arch and platform.


git-svn-id: file:///home/svn/incoming/trunk@3111 4d416f70-5f16-0410-b530-b9f4589650da
2005-11-26 00:04:26 +00:00
HD Moore c2856b34fb Fixed namespace foo
git-svn-id: file:///home/svn/incoming/trunk@3105 4d416f70-5f16-0410-b530-b9f4589650da
2005-11-25 20:33:54 +00:00
HD Moore 9aa8854566 Relocated to subdirs, added webstar
git-svn-id: file:///home/svn/incoming/trunk@3104 4d416f70-5f16-0410-b530-b9f4589650da
2005-11-25 20:31:34 +00:00
HD Moore fb47661a8f Serv-U exploit working, depends on searcher() in x86, many fixes to FTP mixin
git-svn-id: file:///home/svn/incoming/trunk@3103 4d416f70-5f16-0410-b530-b9f4589650da
2005-11-25 20:02:21 +00:00
HD Moore 7679d8e891 Dun dun dun.. da dun!
git-svn-id: file:///home/svn/incoming/trunk@3096 4d416f70-5f16-0410-b530-b9f4589650da
2005-11-25 04:36:56 +00:00
HD Moore cd8b9849ce Many fixes/updates/new ftp modules
Fixed the tab completion hackery - moved from driver to dispatcher_shell


git-svn-id: file:///home/svn/incoming/trunk@3094 4d416f70-5f16-0410-b530-b9f4589650da
2005-11-25 04:11:22 +00:00
Matt Miller ca149ac9fa fix for meterp hang
git-svn-id: file:///home/svn/incoming/trunk@3090 4d416f70-5f16-0410-b530-b9f4589650da
2005-11-24 20:46:38 +00:00
HD Moore fac9fff4bb Comimtting
git-svn-id: file:///home/svn/incoming/trunk@3087 4d416f70-5f16-0410-b530-b9f4589650da
2005-11-24 19:45:46 +00:00
HD Moore 08e3078d47 more ftp`
git-svn-id: file:///home/svn/incoming/trunk@3085 4d416f70-5f16-0410-b530-b9f4589650da
2005-11-24 19:28:47 +00:00
HD Moore 7ae0c3555b 3com now tries to read a reply from the server
git-svn-id: file:///home/svn/incoming/trunk@3083 4d416f70-5f16-0410-b530-b9f4589650da
2005-11-24 19:04:37 +00:00
Matt Miller 96d75dcbb4 support for aborting sockets once a remote, non-find exploit succeeds
git-svn-id: file:///home/svn/incoming/trunk@3082 4d416f70-5f16-0410-b530-b9f4589650da
2005-11-24 18:50:33 +00:00
HD Moore 81a1de755b SEH frame stuff integrated into ftp modules, added generate_seh_payload
git-svn-id: file:///home/svn/incoming/trunk@3081 4d416f70-5f16-0410-b530-b9f4589650da
2005-11-24 18:30:56 +00:00
HD Moore 32d83b8cf4 tweaky
git-svn-id: file:///home/svn/incoming/trunk@3079 4d416f70-5f16-0410-b530-b9f4589650da
2005-11-24 17:41:32 +00:00
HD Moore a2acc04831 crash fix boom
git-svn-id: file:///home/svn/incoming/trunk@3075 4d416f70-5f16-0410-b530-b9f4589650da
2005-11-24 04:05:48 +00:00
HD Moore f6649e54c5 Fix a crash on load
git-svn-id: file:///home/svn/incoming/trunk@3074 4d416f70-5f16-0410-b530-b9f4589650da
2005-11-24 03:53:45 +00:00
HD Moore 6e2391b667 Ported
git-svn-id: file:///home/svn/incoming/trunk@3072 4d416f70-5f16-0410-b530-b9f4589650da
2005-11-24 03:48:16 +00:00
HD Moore 10a95de4da Fixed
git-svn-id: file:///home/svn/incoming/trunk@3071 4d416f70-5f16-0410-b530-b9f4589650da
2005-11-24 03:48:06 +00:00
HD Moore 4d76fb868c Fixed bad target foo in ftp exploits
Added TODO item about native packign


git-svn-id: file:///home/svn/incoming/trunk@3070 4d416f70-5f16-0410-b530-b9f4589650da
2005-11-24 03:46:53 +00:00
HD Moore def6c64abf Tweak
git-svn-id: file:///home/svn/incoming/trunk@3068 4d416f70-5f16-0410-b530-b9f4589650da
2005-11-24 03:16:10 +00:00
HD Moore f054bda992 picky picky
git-svn-id: file:///home/svn/incoming/trunk@3067 4d416f70-5f16-0410-b530-b9f4589650da
2005-11-24 03:01:27 +00:00
HD Moore 55fcb7fca9 Namespace
git-svn-id: file:///home/svn/incoming/trunk@3066 4d416f70-5f16-0410-b530-b9f4589650da
2005-11-24 03:00:37 +00:00
HD Moore 973e7d16e8 Added subdir for protocol ftp
git-svn-id: file:///home/svn/incoming/trunk@3065 4d416f70-5f16-0410-b530-b9f4589650da
2005-11-24 02:58:58 +00:00
Matt Miller 0e9c5bab5b logging fix, meterpreter multi-load fixed, advanced option display, meterpreter optino to autoload stdapi
git-svn-id: file:///home/svn/incoming/trunk@3052 4d416f70-5f16-0410-b530-b9f4589650da
2005-11-19 15:09:41 +00:00
HD Moore 4edf57d731 ms04_011 works perfectly
updated smb, evasion can be set via SMBEvasion datastore (temporary)
added the first osx exploit, cant test for a week or so


git-svn-id: file:///home/svn/incoming/trunk@3044 4d416f70-5f16-0410-b530-b9f4589650da
2005-11-17 19:41:54 +00:00
HD Moore 16c5e232f5 Addition of get_once() in io::stream, rewritten recv code for smb/dcerpc, error handling in exploit mixins
git-svn-id: file:///home/svn/incoming/trunk@3042 4d416f70-5f16-0410-b530-b9f4589650da
2005-11-16 17:56:07 +00:00
HD Moore 3150bd2f3a SMB mixin is mostly working now
git-svn-id: file:///home/svn/incoming/trunk@3037 4d416f70-5f16-0410-b530-b9f4589650da
2005-11-15 23:02:17 +00:00
Matt Miller 9fde9ef296 extraneouslyness
git-svn-id: file:///home/svn/incoming/trunk@3027 4d416f70-5f16-0410-b530-b9f4589650da
2005-11-13 18:35:44 +00:00
Matt Miller 6cd930492f remove superfluous default
git-svn-id: file:///home/svn/incoming/trunk@3024 4d416f70-5f16-0410-b530-b9f4589650da
2005-11-11 01:50:05 +00:00
Matt Miller 05a84cc7da bug fixes in x86 asm, jmp call additive, payload generation, and new exploit
git-svn-id: file:///home/svn/incoming/trunk@3021 4d416f70-5f16-0410-b530-b9f4589650da
2005-11-11 01:22:03 +00:00
Matt Miller 15ce3c424b added is_usable check
git-svn-id: file:///home/svn/incoming/trunk@3003 4d416f70-5f16-0410-b530-b9f4589650da
2005-11-02 14:18:50 +00:00
Matt Miller 1605e575cd implemented some unit tests for modules
git-svn-id: file:///home/svn/incoming/trunk@2998 4d416f70-5f16-0410-b530-b9f4589650da
2005-11-01 00:48:40 +00:00
Matt Miller efa51ca309 unit tests for encoders
git-svn-id: file:///home/svn/incoming/trunk@2997 4d416f70-5f16-0410-b530-b9f4589650da
2005-11-01 00:30:20 +00:00
Matt Miller b779965e81 ppc encoders (untested)
git-svn-id: file:///home/svn/incoming/trunk@2995 4d416f70-5f16-0410-b530-b9f4589650da
2005-10-31 19:37:25 +00:00
Matt Miller 5846ae1529 normalize
git-svn-id: file:///home/svn/incoming/trunk@2994 4d416f70-5f16-0410-b530-b9f4589650da
2005-10-31 19:16:10 +00:00
Matt Miller b4b88c7213 none encoder
git-svn-id: file:///home/svn/incoming/trunk@2993 4d416f70-5f16-0410-b530-b9f4589650da
2005-10-31 19:15:21 +00:00
Matt Miller 8d4d812df2 normalization
git-svn-id: file:///home/svn/incoming/trunk@2992 4d416f70-5f16-0410-b530-b9f4589650da
2005-10-31 18:56:55 +00:00
Matt Miller d5810669b0 copy/paste error fix
git-svn-id: file:///home/svn/incoming/trunk@2991 4d416f70-5f16-0410-b530-b9f4589650da
2005-10-31 18:54:39 +00:00
Matt Miller 876118a28d vlad's countdown encoder
git-svn-id: file:///home/svn/incoming/trunk@2990 4d416f70-5f16-0410-b530-b9f4589650da
2005-10-31 18:50:58 +00:00
Matt Miller c06b52b39a port another encoder
git-svn-id: file:///home/svn/incoming/trunk@2989 4d416f70-5f16-0410-b530-b9f4589650da
2005-10-31 18:27:35 +00:00
Matt Miller d76e3723bb comments
git-svn-id: file:///home/svn/incoming/trunk@2988 4d416f70-5f16-0410-b530-b9f4589650da
2005-10-31 16:10:36 +00:00
Matt Miller 27b8f880ff basic workings of auto-recon
git-svn-id: file:///home/svn/incoming/trunk@2987 4d416f70-5f16-0410-b530-b9f4589650da
2005-10-31 15:56:59 +00:00
Matt Miller 9fee6fe983 copy/paste prob
git-svn-id: file:///home/svn/incoming/trunk@2983 4d416f70-5f16-0410-b530-b9f4589650da
2005-10-30 23:10:58 +00:00
Matt Miller 204a215bc7 corrected some stuff
git-svn-id: file:///home/svn/incoming/trunk@2982 4d416f70-5f16-0410-b530-b9f4589650da
2005-10-30 22:45:29 +00:00
Matt Miller 2e7a7dbe8d fixed up contextual recon event notifications
git-svn-id: file:///home/svn/incoming/trunk@2981 4d416f70-5f16-0410-b530-b9f4589650da
2005-10-30 22:35:32 +00:00
Matt Miller 1fc49df4d2 more recon work, starting to become functional
git-svn-id: file:///home/svn/incoming/trunk@2979 4d416f70-5f16-0410-b530-b9f4589650da
2005-10-29 13:47:07 +00:00
Matt Miller b06a2ca030 initial support for compat filtering, may be buggy
git-svn-id: file:///home/svn/incoming/trunk@2971 4d416f70-5f16-0410-b530-b9f4589650da
2005-10-19 01:48:10 +00:00
Matt Miller 95d77b761a solaris singles
git-svn-id: file:///home/svn/incoming/trunk@2966 4d416f70-5f16-0410-b530-b9f4589650da
2005-10-16 01:31:59 +00:00
Matt Miller acd28ca7b5 solaris x86 singles
git-svn-id: file:///home/svn/incoming/trunk@2965 4d416f70-5f16-0410-b530-b9f4589650da
2005-10-16 01:24:20 +00:00
Matt Miller 9b9e13be5b some of the osx payloads
git-svn-id: file:///home/svn/incoming/trunk@2964 4d416f70-5f16-0410-b530-b9f4589650da
2005-10-12 05:44:15 +00:00
Matt Miller efc02cfd89 sparc payloads, untested
git-svn-id: file:///home/svn/incoming/trunk@2963 4d416f70-5f16-0410-b530-b9f4589650da
2005-10-11 22:37:41 +00:00
Matt Miller 49788fe34a bsdi payloads
git-svn-id: file:///home/svn/incoming/trunk@2960 4d416f70-5f16-0410-b530-b9f4589650da
2005-10-11 07:40:59 +00:00
Matt Miller b66a1dae2d bsdi singles
git-svn-id: file:///home/svn/incoming/trunk@2959 4d416f70-5f16-0410-b530-b9f4589650da
2005-10-11 07:37:10 +00:00
Matt Miller 28785b573b bsd payloads
git-svn-id: file:///home/svn/incoming/trunk@2958 4d416f70-5f16-0410-b530-b9f4589650da
2005-10-11 07:32:21 +00:00
Matt Miller 5d4e95c94f bsd single payloads
git-svn-id: file:///home/svn/incoming/trunk@2957 4d416f70-5f16-0410-b530-b9f4589650da
2005-10-11 07:22:38 +00:00
HD Moore a5cde85299 More SMB
git-svn-id: file:///home/svn/incoming/trunk@2954 4d416f70-5f16-0410-b530-b9f4589650da
2005-10-03 13:51:05 +00:00
Matt Miller be79a295b7 opty2 ported
git-svn-id: file:///home/svn/incoming/trunk@2952 4d416f70-5f16-0410-b530-b9f4589650da
2005-10-02 19:32:52 +00:00
HD Moore 43192bdf23 Renamed
git-svn-id: file:///home/svn/incoming/trunk@2949 4d416f70-5f16-0410-b530-b9f4589650da
2005-10-02 08:47:58 +00:00
Matt Miller 55a27a01f6 updated convention on some payload stagers
git-svn-id: file:///home/svn/incoming/trunk@2927 4d416f70-5f16-0410-b530-b9f4589650da
2005-10-01 06:22:25 +00:00
Matt Miller 550080bcfb refactored socket api a bit, expect bugs
git-svn-id: file:///home/svn/incoming/trunk@2915 4d416f70-5f16-0410-b530-b9f4589650da
2005-09-27 05:31:48 +00:00
Matt Miller 4d7a03e919 use send_html_response
git-svn-id: file:///home/svn/incoming/trunk@2900 4d416f70-5f16-0410-b530-b9f4589650da
2005-09-25 23:51:41 +00:00
Matt Miller 9cccd6ee1d smaller
git-svn-id: file:///home/svn/incoming/trunk@2899 4d416f70-5f16-0410-b530-b9f4589650da
2005-09-25 19:48:03 +00:00
Matt Miller 109aa7f63b smaller
git-svn-id: file:///home/svn/incoming/trunk@2898 4d416f70-5f16-0410-b530-b9f4589650da
2005-09-25 19:47:48 +00:00
Matt Miller b49241c90a switched ie object type to use Egghunter class
git-svn-id: file:///home/svn/incoming/trunk@2897 4d416f70-5f16-0410-b530-b9f4589650da
2005-09-25 19:42:29 +00:00
Matt Miller 8090968279 add regenerate_payload
git-svn-id: file:///home/svn/incoming/trunk@2891 4d416f70-5f16-0410-b530-b9f4589650da
2005-09-24 19:37:27 +00:00
Matt Miller 501d7da9f9 aim goaway exploit ported, fixed a few bugs in sled gen
git-svn-id: file:///home/svn/incoming/trunk@2888 4d416f70-5f16-0410-b530-b9f4589650da
2005-09-24 19:17:07 +00:00
Matt Miller 3116a654d4 enhanced logging a bit, added a few badchars to ie obj type, improving job support
git-svn-id: file:///home/svn/incoming/trunk@2868 4d416f70-5f16-0410-b530-b9f4589650da
2005-09-23 05:51:09 +00:00
Matt Miller 579a3db148 random egg
git-svn-id: file:///home/svn/incoming/trunk@2862 4d416f70-5f16-0410-b530-b9f4589650da
2005-09-22 03:37:26 +00:00
Matt Miller fe0a151d7e ported ie object type, more work on http stuff
git-svn-id: file:///home/svn/incoming/trunk@2861 4d416f70-5f16-0410-b530-b9f4589650da
2005-09-22 03:24:32 +00:00
HD Moore 5e5f7eed24 DCERPC foo
git-svn-id: file:///home/svn/incoming/trunk@2852 4d416f70-5f16-0410-b530-b9f4589650da
2005-09-16 03:29:27 +00:00
Matt Miller f07ae8dcb0 more foo
git-svn-id: file:///home/svn/incoming/trunk@2832 4d416f70-5f16-0410-b530-b9f4589650da
2005-07-26 02:01:27 +00:00
HD Moore 897e69a972 Changed to match the new API
git-svn-id: file:///home/svn/incoming/trunk@2831 4d416f70-5f16-0410-b530-b9f4589650da
2005-07-25 09:47:49 +00:00
Matt Miller c494a71957 find port/tag stagers
git-svn-id: file:///home/svn/incoming/trunk@2799 4d416f70-5f16-0410-b530-b9f4589650da
2005-07-19 14:33:25 +00:00
Matt Miller 203f185ad7 rockin 32 windows payloads, fixed some bugs, other cool shit, OptInt, what what what
git-svn-id: file:///home/svn/incoming/trunk@2796 4d416f70-5f16-0410-b530-b9f4589650da
2005-07-18 23:32:34 +00:00
HD Moore 429041cf7f Usable now
git-svn-id: file:///home/svn/incoming/trunk@2794 4d416f70-5f16-0410-b530-b9f4589650da
2005-07-18 08:35:51 +00:00
Matt Miller 4679586c49 more meterp action
git-svn-id: file:///home/svn/incoming/trunk@2791 4d416f70-5f16-0410-b530-b9f4589650da
2005-07-18 05:13:21 +00:00
Matt Miller 7f8db62b9c workin on integrating meterp client
git-svn-id: file:///home/svn/incoming/trunk@2790 4d416f70-5f16-0410-b530-b9f4589650da
2005-07-18 04:07:56 +00:00
HD Moore 98244e5000 Bugfix to x86
More tweaks to dcerpc
Fixed up dcom


git-svn-id: file:///home/svn/incoming/trunk@2789 4d416f70-5f16-0410-b530-b9f4589650da
2005-07-18 03:58:29 +00:00
Matt Miller 577a5c3095 dll injection working, had to fix nop stack alignment crap
git-svn-id: file:///home/svn/incoming/trunk@2788 4d416f70-5f16-0410-b530-b9f4589650da
2005-07-18 02:01:36 +00:00
HD Moore 649a5038d8 This might actually work
git-svn-id: file:///home/svn/incoming/trunk@2787 4d416f70-5f16-0410-b530-b9f4589650da
2005-07-18 01:47:28 +00:00
Matt Miller cc32a21386 bind tcp stager/inline for linux
git-svn-id: file:///home/svn/incoming/trunk@2776 4d416f70-5f16-0410-b530-b9f4589650da
2005-07-17 07:43:24 +00:00
Matt Miller 46c2cd2ac1 added ui subscriber stuff
git-svn-id: file:///home/svn/incoming/trunk@2775 4d416f70-5f16-0410-b530-b9f4589650da
2005-07-17 07:06:05 +00:00
Matt Miller 11724ac797 fixed stager merging, made things a bit more pimply
git-svn-id: file:///home/svn/incoming/trunk@2774 4d416f70-5f16-0410-b530-b9f4589650da
2005-07-17 06:01:11 +00:00
Matt Miller 2f2363d141 it lives, major changes, fixed bugs, exploiting works with the test exploit
git-svn-id: file:///home/svn/incoming/trunk@2763 4d416f70-5f16-0410-b530-b9f4589650da
2005-07-16 07:32:11 +00:00
Matt Miller be2414a8b2 exploitation progress
git-svn-id: file:///home/svn/incoming/trunk@2762 4d416f70-5f16-0410-b530-b9f4589650da
2005-07-15 23:46:05 +00:00
Matt Miller 645725a3b5 config file parsing, datastore persistence, shared data stores, save in the ui
git-svn-id: file:///home/svn/incoming/trunk@2761 4d416f70-5f16-0410-b530-b9f4589650da
2005-07-15 22:30:04 +00:00
Matt Miller 17b00814c6 added check
git-svn-id: file:///home/svn/incoming/trunk@2756 4d416f70-5f16-0410-b530-b9f4589650da
2005-07-14 20:36:34 +00:00
Matt Miller 55516ba790 more pimpage, added an internal test exploit
git-svn-id: file:///home/svn/incoming/trunk@2752 4d416f70-5f16-0410-b530-b9f4589650da
2005-07-14 07:32:11 +00:00
Matt Miller d62566a68f lots of changes, making the simple wrapper better, lots of improvements
git-svn-id: file:///home/svn/incoming/trunk@2750 4d416f70-5f16-0410-b530-b9f4589650da
2005-07-14 06:34:58 +00:00
Matt Miller d4f569dddf switched to x86 from ia32
git-svn-id: file:///home/svn/incoming/trunk@2745 4d416f70-5f16-0410-b530-b9f4589650da
2005-07-13 18:54:41 +00:00
Matt Miller f1691c5470 worked on payload encoding, exploit driver wrapper, platforms updates, spoon would probably hate it
git-svn-id: file:///home/svn/incoming/trunk@2744 4d416f70-5f16-0410-b530-b9f4589650da
2005-07-13 18:06:12 +00:00
Matt Miller 9e48b1393e changed payload names around so little spoony can get his way
git-svn-id: file:///home/svn/incoming/trunk@2734 4d416f70-5f16-0410-b530-b9f4589650da
2005-07-11 22:51:25 +00:00
Matt Miller 86d519f447 fixed up references
git-svn-id: file:///home/svn/incoming/trunk@2730 4d416f70-5f16-0410-b530-b9f4589650da
2005-07-11 16:46:47 +00:00
Matt Miller 0e357337a5 started working on exploit stuff, changed aliases a bit for windows payloads, pimped targets to the max, added wrappers to exploit for payload stuff
git-svn-id: file:///home/svn/incoming/trunk@2729 4d416f70-5f16-0410-b530-b9f4589650da
2005-07-11 15:34:31 +00:00
Matt Miller 543dce4684 added option deregistration, kinda lame, need to think of a better way
git-svn-id: file:///home/svn/incoming/trunk@2723 4d416f70-5f16-0410-b530-b9f4589650da
2005-07-11 05:21:19 +00:00
Matt Miller 1237b31617 win32 add user, need a way to hide options
git-svn-id: file:///home/svn/incoming/trunk@2722 4d416f70-5f16-0410-b530-b9f4589650da
2005-07-11 05:15:30 +00:00
Matt Miller 1be7b9337e implemented a single payload for grins, spoon will hate it
git-svn-id: file:///home/svn/incoming/trunk@2721 4d416f70-5f16-0410-b530-b9f4589650da
2005-07-11 04:24:11 +00:00
Matt Miller f1aba8e7ba introducing handlers to the mix
git-svn-id: file:///home/svn/incoming/trunk@2719 4d416f70-5f16-0410-b530-b9f4589650da
2005-07-11 04:07:52 +00:00
Matt Miller 5d6c67ee69 started working on handlers
git-svn-id: file:///home/svn/incoming/trunk@2718 4d416f70-5f16-0410-b530-b9f4589650da
2005-07-11 02:03:48 +00:00
Matt Miller 0ecb59bca1 removed -c on nop generation
git-svn-id: file:///home/svn/incoming/trunk@2715 4d416f70-5f16-0410-b530-b9f4589650da
2005-07-10 23:19:59 +00:00
Matt Miller 9fe92b5347 added another encoder, fixed up some encoding stuff
git-svn-id: file:///home/svn/incoming/trunk@2713 4d416f70-5f16-0410-b530-b9f4589650da
2005-07-10 20:49:13 +00:00
Matt Miller 62c50e6b04 yea, stuff
git-svn-id: file:///home/svn/incoming/trunk@2701 4d416f70-5f16-0410-b530-b9f4589650da
2005-07-10 04:56:33 +00:00
Matt Miller 558b6300b1 fixed the module loader a bit, still needs more work
git-svn-id: file:///home/svn/incoming/trunk@2698 4d416f70-5f16-0410-b530-b9f4589650da
2005-07-09 23:48:41 +00:00
Spoon M 55f8cdb41a motisha4lif
git-svn-id: file:///home/svn/incoming/trunk@2691 4d416f70-5f16-0410-b530-b9f4589650da
2005-07-09 21:22:32 +00:00
Matt Miller 21f440028c stuff
git-svn-id: file:///home/svn/incoming/trunk@2683 4d416f70-5f16-0410-b530-b9f4589650da
2005-07-09 19:35:29 +00:00
Matt Miller 5f18b24e8b added windows payload for exitfunc substitution
git-svn-id: file:///home/svn/incoming/trunk@2680 4d416f70-5f16-0410-b530-b9f4589650da
2005-07-09 01:03:11 +00:00
Matt Miller 40e36360a1 started hacking on payload stuff
git-svn-id: file:///home/svn/incoming/trunk@2679 4d416f70-5f16-0410-b530-b9f4589650da
2005-07-09 00:24:02 +00:00
Matt Miller 832a97d3e3 making things better
git-svn-id: file:///home/svn/incoming/trunk@2669 4d416f70-5f16-0410-b530-b9f4589650da
2005-07-07 23:11:03 +00:00
Matt Miller b5bd0b22aa yoyoyoyoyoy
git-svn-id: file:///home/svn/incoming/trunk@2580 4d416f70-5f16-0410-b530-b9f4589650da
2005-06-05 18:03:56 +00:00
Matt Miller 1e6e29ad6d can I get a woot woot
git-svn-id: file:///home/svn/incoming/trunk@2576 4d416f70-5f16-0410-b530-b9f4589650da
2005-06-05 05:42:14 +00:00
Matt Miller 04a9cbd7ad moved
git-svn-id: file:///home/svn/incoming/trunk@2575 4d416f70-5f16-0410-b530-b9f4589650da
2005-06-05 04:37:48 +00:00
Matt Miller 85dedb7acd module loading crap, logging updates, other shit
git-svn-id: file:///home/svn/incoming/trunk@2501 4d416f70-5f16-0410-b530-b9f4589650da
2005-05-22 07:14:16 +00:00
Matt Miller e78604b603 spruced things up a bit
git-svn-id: file:///home/svn/incoming/trunk@2499 4d416f70-5f16-0410-b530-b9f4589650da
2005-05-21 18:27:24 +00:00
Matt Miller cd01083c14 moved shit around
git-svn-id: file:///home/svn/incoming/trunk@2497 4d416f70-5f16-0410-b530-b9f4589650da
2005-05-21 17:06:19 +00:00
Matt Miller c3939483b7 move encoders
git-svn-id: file:///home/svn/incoming/trunk@2495 4d416f70-5f16-0410-b530-b9f4589650da
2005-05-18 06:28:12 +00:00
Matt Miller 71ad34928b basic nop crap
git-svn-id: file:///home/svn/incoming/trunk@2493 4d416f70-5f16-0410-b530-b9f4589650da
2005-05-18 04:42:56 +00:00
Matt Miller bdda20cb14 my prototype shit so far
git-svn-id: file:///home/svn/incoming/trunk@2490 4d416f70-5f16-0410-b530-b9f4589650da
2005-05-15 21:32:55 +00:00