df2346d9e0
Implement RC4 metasm payloads for tcp bind and rev
...
Convert reverse_tcp_rc4 and bind_tcp_rc4 from static shellcode
substitution payloads to metasm compiled assembly approach.
Splits up metasm methods for bind_tcp and reverse_tcp into socket
creation and block_recv to allow for reuse of the socket methods
with the RC4 payloads, while substituting the block_recv methods
for those carrying the appropriate decryptor stubs.
Creates a new rc4 module carrying the bulk of the decryptor and
adjacent convenince methods for standard payload generation.
Testing:
Tested against Win2k8r2, Win7x64, and WinXPx86
ToDo:
Ensure all the methods around payload sizing, UUIDs, and other
new functionality, the semantics of which i do not yet fully
understand, are appropriate and do not introduce breakage.
2016-05-23 14:27:11 -05:00
7e34d1e1cf
Land #6897 , use sendall python rtcp shell with ssl
2016-05-21 16:51:10 -04:00
6581fbd294
Add note about "mf" malware
...
This is the malware I found upon shelling my friend's device.
2016-05-20 23:09:10 -05:00
9fc07eeb99
Land #6902 , Respect SSLCipher in server mixins
2016-05-20 17:34:38 -05:00
fda4c62c1f
Respect SSLCipher in server mixins
...
This allows us to set a sane cipher spec for SSL-enabled server modules.
2016-05-20 16:59:36 -05:00
b613dfefb4
Land #6896 , fix spelling in caidao_bruteforce_login
2016-05-19 21:54:06 -05:00
a71e853c2a
Fixed cache size for python/shell_reverse_tcp_ssl
2016-05-20 02:32:37 +00:00
87398d5195
Fixed python reverse shell ssl send for EOF occurred in violation of protocol error
2016-05-20 01:49:04 +00:00
506356e15d
Land #6889 , check #nil? and #empty? instead of #empty?
2016-05-19 19:23:04 -05:00
99a573a013
Do unless instead "if !" to follow the Ruby guideline
2016-05-19 19:21:45 -05:00
706d51389e
spelling fix
2016-05-19 19:30:18 -04:00
a16f4b5167
Return nil properly in rescue
...
Missed this because I copypasta'd myself.
2016-05-19 15:35:38 -05:00
d018bba301
Store SSH key as a note
...
I know, I know, it should use the creds model. >:[
2016-05-19 15:12:58 -05:00
9f738c3e41
Add note about overwritten files
2016-05-19 15:07:27 -05:00
8fccb26446
Add Ubiquiti airOS exploit
...
Thanks to my friend wolf359 for providing a test device!
2016-05-19 14:50:20 -05:00
31bbcfca49
Fix ms13_081_track_popup_menu
2016-05-19 17:22:47 +09:00
c621f689b2
more descriptive note per @sempervictus
2016-05-18 19:08:01 -04:00
100300c819
Bump version of framework to 4.12.4
2016-05-18 07:04:09 -07:00
34d0fc07bc
Merge pull request #6891 from bcook-r7/prod-rails-app-boot
...
only set log_level in the Metasploit Framework context
2016-05-18 08:55:29 -05:00
39cc1fee1c
only set log_level in the Metasploit Framework context
...
when including framework as a gem, this app is undefined
MS-1518
2016-05-18 08:42:32 -05:00
b5284375a7
osb_uname_jlist - NoMethodError undefined method 'empty?' for nil:NilClass
2016-05-18 00:16:53 -05:00
11fedd7353
ca_totaldefense_regeneratereports - NoMethodError undefined method 'empty?' for nil:NilClass
2016-05-18 00:15:28 -05:00
a6405beeda
ams_hndlrsvc - NoMethodError undefined method 'empty?' for nil:NilClass
2016-05-18 00:13:40 -05:00
41bcdcce61
fix struts_code_exec_exception_delegator - NoMethodError undefined method 'empty?' for nil:NilClass
2016-05-18 00:11:57 -05:00
bc257ea628
fix struts_code_exec - NoMethodError undefined method 'empty?' for nil:NilClass
2016-05-18 00:10:32 -05:00
68b83c6e3a
datastore['CMD'].blank?
2016-05-17 23:56:59 -05:00
815a2600a8
additional description
2016-05-17 22:07:33 -04:00
640e0b9ff7
working ready for pr
2016-05-17 21:58:32 -04:00
a4e7e373f3
fix ams_xfr.rb - NoMethodError undefined method 'empty?' for nil:NilClass
2016-05-17 17:55:18 -05:00
6a4a9742e8
handle bad user
2016-05-17 17:24:46 -05:00
c6db5bf34a
add a missing postgresql 9.4.1-5 matching case
2016-05-17 17:12:47 -05:00
c9dd863085
Bump version of framework to 4.12.3
2016-05-17 10:18:08 -07:00
bfdda5421d
Land #6886 , add tzinfo-data to the gemspec
2016-05-17 11:57:48 -05:00
771171cbe1
adding tzinfo-data to the gemspec
...
this should fix windows.
2016-05-17 11:40:25 -05:00
36a9ef83ab
Added phoenix_command.rb
2016-05-17 15:45:45 +02:00
e8ac568352
doesn't look like we're using the tcp mixin
2016-05-17 03:15:26 -05:00
08394765df
Fix #6879 , REXML::ParseException No close tag for /div
2016-05-17 03:14:00 -05:00
fda4eb4cdf
Fix #6612 , syntax fixes for fortinet_backdoor
2016-05-17 02:51:40 -05:00
9c61490676
Fix some inconsistencies
...
Failed to catch these while editing. :(
2016-05-17 02:50:12 -05:00
92d07f74ff
Remove unnecessary double expand_path
2016-05-16 17:34:12 -07:00
8bccfef571
Fix merge conflict
2016-05-16 17:29:45 -07:00
cf0176e68b
Land #6867 , Add Dell SonicWALL Scrutinizer 11.0.1 MethodDetail SQL Injection
2016-05-16 19:00:10 -05:00
95db3a0307
Land #6878 , beholder: auto keystroke, screenshot, and webcam captures
2016-05-16 18:12:10 -05:00
04d70640b1
Land #6868 , Add axis2 payload generator for msfvenom
2016-05-16 17:48:50 -05:00
c40b8ea3fb
Land #6864 , Meterp Suspend
2016-05-16 11:13:43 -05:00
3ea2f62376
Land #6875 , update description for auxiliary/spoof/nbns/nbns_response
2016-05-15 12:34:53 -05:00
8e85e8f9d7
Land #6859 , Add TP-Link sc2020n Module
2016-05-15 12:33:54 -05:00
7f6237582e
Remove idle from usage, will implement in the future if needed
2016-05-15 12:32:05 -05:00
8e2c59c852
Disable webcam by default, webcam_stop can crash sessions
2016-05-15 11:49:22 -05:00
00a253ca60
Whitespace cleanup
2016-05-15 01:35:05 -05:00
RageLtMan
Spencer McIntyre
William Vu
Brent Cook
Adam Cammack
root
wchen-r7
h00die
ssyy201506
Metasploit
Chris Doughty
Vex Woo
Jenkins
darkbushido
Tijl Deneut
Jon Hart
David Maloney
HD Moore