b89dee03c6
Add PreAuthEncTimeStamp#encode support
2014-12-10 19:30:21 -06:00
3accdb705b
Add support for PreAuthPacRequest#encode
2014-12-10 19:18:19 -06:00
96c1370334
Add EncryptedData#encode support
2014-12-10 19:12:24 -06:00
543ec35a01
Refactor PrincipalName#encode
2014-12-10 18:57:23 -06:00
5d2ff5982e
Add support for PreAuthEncTimeStamp decoding/decrypting
2014-12-10 18:33:46 -06:00
0eea9a02a1
Land #3144 , psexec refactoring
2014-12-10 17:30:39 -06:00
785ff60d8e
Add inital support for PreAuthEncTimeStamp
2014-12-10 11:25:48 -06:00
8ec403af89
Add support for PA-PAC-REQUEST
2014-12-10 10:51:37 -06:00
6ebfbe7271
Prefix coding
2014-12-10 09:54:57 -06:00
11acba3324
Prefix coding
2014-12-10 09:52:23 -06:00
6653502e68
Support pa_data parsing on kdc_request
2014-12-10 09:47:31 -06:00
cc909ba402
Add documentation for PreAuthData
2014-12-09 19:57:16 -06:00
18819ad6b9
Prefix Rex
2014-12-09 19:37:42 -06:00
0a6e42968b
Add inital support for padata
2014-12-09 19:28:40 -06:00
e62628f1cc
Make specs pass
2014-12-09 18:52:42 -06:00
2557780e7c
Add initial support to decode kdc requests
2014-12-09 18:48:08 -06:00
bed1e06d13
Mark EncryptedData encode as unsupported atm
2014-12-09 17:06:51 -06:00
82549315ff
Mark KdcRequestBody encode as unsupported atm
2014-12-09 17:05:20 -06:00
b84840a596
Add support to decode TGS_REQ body
2014-12-09 16:51:34 -06:00
f236438290
Add initial support for EncryptedData
2014-12-09 16:40:44 -06:00
2725235bc1
Add require for EncryptedData
2014-12-09 16:28:37 -06:00
c5865c6fec
Add initial design draft
2014-12-09 15:53:29 -06:00
5f730277cf
Fix prompt coloring on Windows
...
MSP-11669
Set output stream for RbReadline (rl_outstream) to the
Rex::Ui::Text::Output::Stdio, which will use translate the ANSI color
escapes to set_color calls in Windows.
2014-12-08 14:31:00 -06:00
564da4446e
Add print friendly to_s
2014-12-07 17:52:09 -06:00
2c290e2004
Use classes short name
2014-12-05 20:16:50 -06:00
8f403f3eea
Update documentation
2014-12-05 20:11:45 -06:00
03740df931
Support serialization
2014-12-05 19:55:52 -06:00
785006b684
Use references
2014-12-05 19:12:05 -06:00
ae608b1311
Add references to stream when possible
2014-12-05 17:35:38 -06:00
13d8058fe5
Fill stream attribute
2014-12-05 17:14:37 -06:00
ca164cd99f
Support the stream attribute
2014-12-05 16:52:59 -06:00
90e2bbbff5
Refactor Contents
2014-12-05 16:05:35 -06:00
2241653cb6
Delete self.stream initialization
2014-12-05 12:44:04 -06:00
f5a19b9b41
Add support to decode TC_REFERENCE
2014-12-05 12:42:27 -06:00
1653101da4
Add support for Arrays of Objects
2014-12-04 20:31:38 -06:00
8e5dc27546
Support Objects with super classes
2014-12-04 19:19:42 -06:00
4b8bdad44b
Refactor contents serialization
2014-12-04 18:28:25 -06:00
08f69da41a
Undo to_s methods
2014-12-04 12:48:05 -06:00
b80f6c34c0
Add tool to deserialize streams from files
2014-12-04 12:47:02 -06:00
08fe467452
Add Stream specs
2014-12-03 19:31:46 -06:00
2c8f66bba2
Add support for Reset
2014-12-03 18:50:56 -06:00
fb246ac943
Add support for (de)serialization of contents
2014-12-03 18:50:31 -06:00
3e8b8390dd
Add support for Java Streams
2014-12-03 17:59:00 -06:00
6cb6252914
Add YARD documentation for NewObject
2014-12-03 17:34:12 -06:00
d0fcbf2cdb
Add support for simple Objects really
2014-12-03 17:22:23 -06:00
2b91d5013e
Add support for simple Objects
2014-12-03 17:21:11 -06:00
fbea369043
Check nils before encoding
2014-12-03 15:06:28 -06:00
0560cc2fe9
Fix typos
2014-12-03 14:59:38 -06:00
268157d42f
Add support for Java Enums
2014-12-03 14:50:03 -06:00
f0139d6aad
Fix some docu typos
2014-12-03 14:34:17 -06:00
0cd51553ed
Raise error on unsupported ClassDesc
2014-12-03 14:00:10 -06:00
6deb88af6b
Add support for arrays
2014-12-03 13:55:12 -06:00
b9023e8fcc
Split ClassDescription into ClassDesc and NewClassDesc
2014-12-03 00:38:27 -06:00
db45f4c620
Delete ClassDescription
2014-12-02 23:56:55 -06:00
1f535a41ca
Move types to the Serialization module
2014-12-02 20:02:42 -06:00
2c070c450b
Add support for ClassDescription
2014-12-02 17:31:53 -06:00
e9e584e107
Raise exceptions when unserialization isn't possible
2014-12-02 15:31:31 -06:00
fc96d011ab
Python reverse_http stager, lands #4225
2014-12-02 11:47:31 -06:00
622a18bc22
Add support for annotations
2014-12-02 11:42:41 -06:00
a68540cfa2
Add support for Data Block Long
2014-12-02 10:49:15 -06:00
9c5d7e66d4
Add block data support
2014-12-02 10:46:29 -06:00
8923b87def
Don't redefine the static decode method
2014-12-02 09:02:24 -06:00
ef2bf5b935
Add support for long-utf
2014-12-01 19:50:33 -06:00
705cd4c308
Add initial requiring file
2014-12-01 19:08:16 -06:00
5f11c70d7f
Add initial support for Java serialization
2014-12-01 19:07:45 -06:00
335d1ef287
Only cache auto-generated certificates
2014-11-26 21:23:08 -06:00
c0dab54925
Add minor missing doc
2014-11-25 07:37:49 -08:00
bedf7ed44b
Doc cleanup
2014-11-24 14:34:20 -08:00
0ed356f71c
Move Kademlia stuff to a more OO model, etc, per reviews
...
All of the work is done in rex. The msf mixin just prevents the
desire to call rex directly from the module
2014-11-24 14:03:43 -08:00
8becf417a7
Qualify ::File to prevent a stacktrace
2014-11-22 17:16:13 -06:00
673e21cfaf
Rework meterpreter SSL & pass datastore to handle_connection()
...
This allows HandlerSSLCert to be used to pass a SSL certificate into the Meterpreter handler. The datastore has to be passed into handle_connection() for this to work, as SSL needs to be initialized on Session.new. This still doesn't pass the datastore into Meterpreter directly, but allows the Session::Meterpreter code to extract and pass down the :ssl_cert option if it was specified. This also fixes SSL certificate caching by expiring the cached cert from the class variables if the configuration has changed. A final change is to create a new SSL SessionID for each connection versus reusing the SSL context, which is incorrect and may lead to problems in the future (if not already).
2014-11-22 15:35:00 -06:00
ba9c763f7e
Auto-generated SSL certs now match "snakeoil" defaults
...
This change emulates the auto-generated snakeoil certificate from Ubuntu 14.04. The main changes including moving to 2048-bit RSA, SHA256, a single name CN for subject/issuer, and the removal of most certificate extensions.
2014-11-21 18:25:04 -06:00
90ae9a3ff8
Land #4173 , @wchen-r7's fix for SMB find_first
...
* Fixes #4119 , SMB find_first("\\*") does not return accurate results
* It missed initialization of sid
2014-11-21 09:51:57 -06:00
e255db9429
Partial commit
2014-11-20 13:49:36 -08:00
5d2c02f402
Initial commit of more OO version of Rex/Aux Kademlia support
2014-11-20 13:28:01 -08:00
94e5ba13a4
YARD and spec cleanup
2014-11-20 13:28:01 -08:00
df36ac910d
Mostly complete Kademlia PING / BOOTSTRAP scanner
2014-11-20 13:28:01 -08:00
f5aa3ecb57
Add proper peer decoding
2014-11-20 13:28:01 -08:00
ab49d01a1b
Add beginnings of Kademlia gather module and protocol support
2014-11-20 13:28:00 -08:00
d530046164
Bugfix. Chrome is a liar (chain certs properly)
2014-11-19 16:08:03 -06:00
0d091f1c03
Support SSL intermediate certs, closes #4238
...
Note that this does not apply to reverse_tcp meterpreter clients yet, as
they do not allow certificates to be supplied. I abstracted out the SSL
certificate generation and parsing methods so that we can address this
next.
2014-11-19 15:56:49 -06:00
7004c501f8
Merge remote-tracking branch 'upstream/master' into psexec_refactor_round2
...
Conflicts:
modules/exploits/windows/smb/psexec.rb
2014-11-19 14:40:50 +00:00
2b36c1bb43
Fix pymeterp bugs from testing in osx and python3
2014-11-17 14:04:30 -05:00
7098d89058
Introduce new ::Rex::Proto::SunRPC::RPCError, making run_host cleaner
2014-11-17 10:41:17 -08:00
a521d469ed
Land #4194 , Quake protocol support
2014-11-15 17:44:19 -06:00
57aef9a6f5
Land #4177 , @hmoore-r7's fix for #4169
2014-11-13 18:29:57 -08:00
ebf6fe4e56
Minor style cleanup
2014-11-12 16:44:43 -08:00
f658efe144
Add the ability to specify mode in Rex output file
...
* Because sometimes you might want to append
* Preserves original hardcoded 'wb' as default
* http://pubs.opengroup.org/onlinepubs/009695399/functions/fopen.html
2014-11-12 16:08:03 -06:00
07a1653e57
Add gather module for Quake servers
2014-11-12 13:32:56 -08:00
6b4eb9a8e2
Differentiate failed binds from connects, closes #4169
...
This change adds two new Rex exceptions and changes the local comm to raise the right one depending on the circumstances. The problem with the existing model is
that failed binds and failed connections both raised the same exception. This change is backwards compatible with modules that rescue Rex::AddressInUse in additi
on to Rex::ConnectionError. There were two corner cases that rescued Rex::AddressInUse specifically:
1. The 'r'-services mixin and modules caught the old exception when handling bind errors. These have been updated to use BindFailed
2. The meterpreter client had a catch for the old exception when the socket reports a bad destination (usually a network connection dropped). This has been updat
ed to use InvalidDestination as that was the intention prior to this change.
Since AddressInUse was part of ConnectionError, modules and mixins which caught both in the same rescue have been updated to just catch ConnectionError.
2014-11-11 14:59:41 -06:00
719db5d2b1
Fix #4119 - SMB lost search ID (sid) in find_first method
...
This will fix issue #4119 . A bug in the find_first method in rex
SMB.
When the SMB client requests a TRANS2_FIND_FIRST2 for retriving
information about what items a directory has, the server returns
a response that contains an SID - a search identifier for the
transaction. If the SMB client wants more data, it must send a
TRANS2_FIND_NEXT2 request with the same SID. And then the server
will continue sending more until it runs out.
The root cause of this bug is that after the TRANS2_FIND_FIRST2
request is sent, our SMB's find_first method forgets the SID at
the end of the loop (out of scope).
2014-11-11 12:35:07 -06:00
03a988b5dc
Land #4150 , adds getsid command
...
Fixes #3787
2014-11-09 22:10:22 -06:00
eb830cb361
Idiomaticise the rubies
2014-11-10 07:44:36 +10:00
8f3b1e71b3
Fix #4156 - NoMethodError undefined method `stop'
...
This will fix #4156 . It also fixes NoMethodError payload_exe
when I was trying to fix the undef 'stop' one
2014-11-09 14:07:02 -06:00
cd0dbc0e24
Missed another
2014-11-09 14:06:39 -06:00
e54442af36
Fix #4089 - undefined method `downcase' for nil:NilClass
2014-11-07 02:45:22 -06:00
709ff1bbdb
touch up lib/rex/mime/message.rb
2014-11-06 22:48:34 -06:00
08e707225c
Add support for the getsid command
...
There has been Meterpreter work done as well to support this. But this
commit allows for a new 'getsid' command which tells you the sid of the
current process/thread. This can be used for things like determining
whether the current process is running as system. It could also be used
for golden ticket creation, among other things.
2014-11-07 10:38:22 +10:00
741f99f118
Delete starting empty line
...
When header is empty it shouldn't add an starting empty
new line
2014-11-05 11:42:42 -06:00
41800163dd
Fix recursive call to find_by_sid
2014-11-03 14:25:29 -06:00
0199e4d658
Land #3770 , resolve random stager bugs
2014-11-03 14:15:14 -06:00
867329d4b3
Fix readline by mucking with load path
2014-10-29 22:14:49 -05:00
4f61710c9a
Merge remote-tracking branch 'upstream/master' into psexec_refactor_round2
2014-10-28 20:26:44 +00:00
22fc6496ac
Merge branch 'pr/3401' into landing-3401
2014-10-22 19:23:01 +01:00
7b33ff1363
Land #3767 , @jvazquez-r7's specs for Rex::Encoder::XDR
2014-10-22 09:22:53 -07:00
79d393c5aa
Resolve merge conflicts
...
Conflicts:
lib/msf/core/exploit/smb.rb
lib/msf/core/exploit/tcp.rb
modules/auxiliary/scanner/http/axis_login.rb
2014-10-21 13:06:35 -05:00
52cbbe3677
Add some documentation to the ADSI functions
2014-10-21 10:34:47 +10:00
8329a15cb0
Merge branch 'upstream/master' into group_tlv_refactors
2014-10-21 09:54:55 +10:00
82de2eb1f3
Fix Rex::Encoder::XDR.decode_int! to properly handle short data
2014-10-20 11:30:13 -07:00
935a23296d
Updates to NAT-PMP, lands #4041
2014-10-20 11:26:26 -05:00
6498ed0dc8
Report the actual host that failed to connect
...
Instead of the eventual target where our proxy chain will connect. In
the usual case (no Proxies set), this will be the same output as before.
When proxies are given, the user will see that the first proxy
connection is actually what failed.
2014-10-17 17:37:04 -05:00
d5a0b81680
Land #4024 , auto-negotiate SSL versions
...
Thanks @hmoore-r7!
2014-10-15 16:04:38 -05:00
fcd9b4b293
Allow non-SSLv3 Meterpreters (auto-negotiate)
2014-10-15 13:57:51 -05:00
cb3a4afac5
Typo: request -> requested in message
2014-10-15 13:48:22 -05:00
7516512650
Raise an ArgumentError vs RuntimeError for backwards compatibility
2014-10-15 13:30:38 -05:00
a762d871bf
Autonegotiate SSL/TLS versions when not explicit
2014-10-15 13:26:40 -05:00
c4d1a4c7dc
Revert #4022 , as the solution is incomplete
...
Revert "Land 4022, datastore should default TLS1 vs SSL3"
This reverts commit 4c8662c6c10937f32ff9
2014-10-15 12:32:08 -05:00
1754b23ffb
Datastore options should default to TLS1, not SSL3
...
Otherwise, we risk getting our connections killed by particularly
aggressive DPI devices (IPS, firewalls, etc)
Squashed commit of the following:
commit 5e203851d5c9dce1fe984b106ce3031a3653e54b
Author: Tod Beardsley <tod_beardsley@rapid7.com>
Date: Wed Oct 15 10:19:04 2014 -0500
Whoops missed one
commit 477b15a08e06e74d725f1c45486b37e4b403e3c2
Author: Tod Beardsley <tod_beardsley@rapid7.com>
Date: Wed Oct 15 10:16:59 2014 -0500
Other datastore options also want TLS1 as default
commit 8d397bd9b500ff6a8462170b4c39849228494795
Author: Tod Beardsley <tod_beardsley@rapid7.com>
Date: Wed Oct 15 10:12:06 2014 -0500
TCP datastore opts default to TLS1
Old encryption is old. See also: POODLE
2014-10-15 10:28:53 -05:00
ea6824c46f
WIP of NAT-PMP rework
2014-10-14 14:20:24 -07:00
a65ee6cf30
Land #3373 , recog
...
Conflicts:
Gemfile
Gemfile.lock
data/js/detect/os.js
lib/msf/core/exploit/remote/browser_exploit_server.rb
modules/exploits/android/browser/webview_addjavascriptinterface.rb
2014-10-03 18:05:58 -05:00
0dfd8e25b8
Land #3846 , Rex::ImageSource specs
2014-10-02 12:33:56 -05:00
e1f00a83bc
Fix Rex because domainname and domain_name were duplicated
2014-09-26 13:40:52 -05:00
a31b4ecad9
Merge branch 'review_3893' into test_land_3893
2014-09-26 08:41:43 -05:00
86f85a356d
Add DHCP server module for CVE-2014-6271
2014-09-26 01:24:42 -05:00
5dde73bb51
Add domain name and url options to DHCP server
2014-09-25 19:58:42 -03:00
a677749f5b
Add specs for #read_asciiz and fix bugs there
2014-09-22 12:14:21 -05:00
8e1b00ce95
Adds JSObfu.disabled for spec stubbing, fixes BES specs.
2014-09-19 20:42:05 -05:00
0f4be63903
Move JSObfu a gem then pull it into the Rex namespace.
2014-09-19 19:10:39 -05:00
4bd14ed5ea
Uses a hash for options as opposed to numerous methods on blob
2014-09-17 14:11:37 -04:00
3c11251432
Mitigates excessive use of lookup operator (hopefully adds clarity)
2014-09-15 17:05:54 -04:00
e55dab3914
Refactored expiration and timeout logic in client_core.rb
2014-09-15 01:01:23 -04:00
6bd3675f03
Land #3680 , add specs for Rex::MIME
2014-09-13 00:34:39 -05:00
6a2a85d2c4
Land #3789 , adds specs for Rex::Proto::Http::Packet::Header
...
orts
2014-09-13 00:21:43 -05:00
f68628c487
Add minimal specs for rex/proto/http/packet/header
2014-09-12 14:30:27 -05:00
12e3cb3c6a
Land #3764 - Add specs for Rex::Encoder::NonAlpha
2014-09-12 12:09:55 -05:00
be0c68d8bb
BUGFIX: wrong imagebase used
2014-09-11 12:33:09 +02:00
88cacd000e
flags for phdr.p_flags added
2014-09-11 12:31:44 +02:00
71228b48a0
Update 3 more encoders to be StageEncoder compatible
...
This could probably use some DRY love via a mixin
2014-09-10 20:21:35 -05:00
1b4ceec4f9
Land #3743 - Add specs for Rex::Arch::X86
2014-09-09 17:24:08 -05:00
11ca383d4f
Add specs for .encode_byte
2014-09-08 14:24:03 -05:00
ae5a8f449c
Land #3691 , gdbserver hax
2014-09-08 11:48:39 -05:00
af24e30ae9
Return instead of crashing if no challenge is received
2014-09-06 15:51:50 -05:00
a1823b6c1e
Add more specs for Rex::Arch::X86
2014-09-02 18:17:14 -05:00
ba1f7c3bf6
Land #3687 , reworks the nat-pmp portscanner
2014-08-26 14:34:46 -05:00
5ad090e833
Add unit test for and correct parsing of NAT-PMP port map responses
2014-08-26 10:49:53 -07:00
32a14cfc43
Missed the file...
2014-08-26 10:49:53 -07:00
bfa89bb3a5
Enforce binary encoding on non-modules, no encoding on modules
2014-08-25 13:12:29 -07:00
6185721a61
Address @hmoore-r7's feedback regarding binary encoding
2014-08-25 13:11:22 -07:00
637f86f37d
Gut SIP UDP stuff, use Msf::Auxiliary::UDPScanner
2014-08-25 13:11:21 -07:00
c2e70446ed
Move SIP module stuff to Msf::Exploit::Remote::SIP
2014-08-25 13:11:21 -07:00
jvazquez-r7
Tod Beardsley
Luke Imhoff
HD Moore
Jon Hart
Meatballs
Spencer McIntyre
William Vu
Trevor Rosen
sinn3r
Joshua Smith
OJ
James Lee
Tim Wright
Samuel Huckins
Ramon de C Valle
Joe Vennix
Sean Verity
Sascha Schirra