Commit Graph

178 Commits (52f56527d80b1435c85d832f559d967417c6d007)

Author SHA1 Message Date
Patrick Webster 2f6da89674 Change author name to nick. 2017-11-09 03:00:24 +11:00
Jeffrey Martin cd755b05d5
update powershell specs for rex-powershell 0.1.77 2017-10-26 15:03:10 -05:00
itsmeroy2012 9afc8b589c Updating the payload sizes 2017-10-14 11:05:44 +05:30
itsmeroy2012 a0abffb6c4 Adding functionality of StagerRetryWait and StagerRetryCount 2017-10-12 22:25:00 +05:30
itsmeroy2012 374c139d33 Increasing the functionality of the nodejs shell_reverse_tcp payload 2017-10-12 19:05:59 +05:30
Jeffrey Martin b76c1f3647
remove invalid 'client' object reference in nodejs
fix #9063 by removing invalid object reference introduced in PR #8825
2017-10-11 11:09:28 -05:00
bwatters-r7 f996597bcf update cached payload sizes 2017-10-06 13:19:00 -05:00
Brent Cook c701a53def
Land #9018, Add Bind Shell JCL Payload for z/OS 2017-10-05 17:24:50 -05:00
bigendiansmalls 8af2e5a7ee
Cleanup revshell for zos
remove unused code, extra comments
align code, etc. no functionality changes
2017-09-29 18:27:29 -05:00
bigendiansmalls 9ae8bdda1c
Added Bind Shell JCL Payload for mainframe
The bind shell is the companion payload to the reverse_shell_jcl
payload for the mainframe platform.
2017-09-29 16:52:36 -05:00
h00die c90f885938 Finished spelling issues 2017-09-17 16:00:04 -04:00
Jeffrey Martin a58552daad
Land #8825, Handle missing util.pump in nodejs shell payloads 2017-09-11 15:32:21 -05:00
Brent Cook 15ec40f5c6 update R cached sizes 2017-08-28 05:31:42 -05:00
Jeffrey Martin cba4d36df2
provide missing bits for R platform 2017-08-23 16:58:48 -05:00
Brent Cook 031f48725f
add missing quotes 2017-08-21 16:16:03 -05:00
RageLtMan 2873a899db Address msftidy complaint 2017-08-21 03:39:03 -04:00
RageLtMan 7ab097a784 Unix cmd versions of R payloads
Use R to connect back from a unix shell.

Notes:
  We need to DRY this up - tons of copy pasta here, when we should
  really be instantiating the language specific payloads and just
  wrapping them with CLI execution strings.

Testing:
  None, yet, just did the quick port to wrap this and push to CI
  now that rex-arch #4 is in.
2017-08-20 21:25:57 -04:00
Patrick Thomas 25764397ba Update CachedSizes for changed nodejs payloads
Fixes test failures
2017-08-12 23:21:54 -07:00
Brent Cook 6300758c46 use https for metaploit.com links 2017-07-24 06:26:21 -07:00
g0tmi1k b8d80d87f1 Remove last newline after class - Make @wvu-r7 happy 2017-07-19 11:19:49 +01:00
g0tmi1k 3d4feffc62 OCD - Spaces & headings 2017-07-19 11:04:15 +01:00
g0tmi1k a008f8e795 BruteForce - > Brute Force 2017-07-19 10:39:58 +01:00
Brent Cook cf487cc90c reverse_ncat_ssl is stable 2017-05-08 17:43:34 -05:00
William Vu 64452de06d Fix msf/core and self.class msftidy warnings
Also fixed rex requires.
2017-05-03 15:44:51 -05:00
C_Sto 772a16f4cd fix style 2017-05-02 00:55:57 +08:00
C_Sto 9e06c3f07e fix argument arrangement 2017-05-02 00:39:00 +08:00
C_Sto 5a2afbc364 Tidy payload 2017-05-01 21:38:34 +08:00
C_Sto cfa204b8e8 add reverse ncat ssl 2017-05-01 06:57:28 +08:00
bigendiansmalls fa8011fd07 New mainframe privesc payload for z/OS
This module performs a privilege escaltion on mainframe systems
runing z/OS and using RACF for their security manager.  A user
with any non-privileged credentials and the ability to write to
an apf authorized library can use this payload to add "root level"
privileges (e.g. SPECIAL / BPX.SUPERUSER) to their profile.
2017-04-11 15:04:44 -05:00
bigendiansmalls 27a7b279f5
Major rewrite and cleanup of reverse shell jcl
The shell does exactly the same as the previous, just made the code read much
better so as to not severely anger the gray beards and other lesser
mainframe deities.  The only architectural change is the payload uses the
spawn system call vs exec - this provides for a cleaner exit in some cases.
2017-02-22 17:17:27 -06:00
OJ 7895ba810d
Update payload cached size for the powershell payload 2016-11-03 02:50:13 +10:00
OJ e4b4264d79
Fix psh template to avoid 100% cpu spike on CTRL+C
Fixes #7293
2016-11-02 05:19:52 +10:00
bigendian smalls 05278c868e
Updated JCL cmd payloads to use PR7007 format
PR7007 centralized JCL job card for any JCL cmd payload.  This PR simply
uses that new format for existing JCL cmd payloads.  No functionality
for these payloads was changed, added or deleted.
2016-08-31 14:39:01 -05:00
William Vu 74e5772bbf Replace mknod with mkfifo for portability
Works on BSD and OS X now. This has been bugging me for a while.
2016-05-04 02:32:37 -05:00
Brent Cook d86174c3bf style fixes 2016-04-23 12:18:28 -04:00
Brent Cook 4250725b13 fix incorrect hex port conversion 2016-04-23 12:18:28 -04:00
Brent Cook 7ff5a5fd7e switch mainframe payloads to fixed size 2016-04-23 11:40:05 -04:00
Brent Cook 6ce7055130
Land #6737, Added reverse shell JCL payload for z/OS 2016-04-13 22:19:15 -05:00
Bigendian Smalls 6a4d7e3b58
Revshell cmd JCL payload for z/OS
Added a JCL-based reverse shell.  Uses the same source code as the
shellcode version does.  Source code is in
external/source/shellcode/mainframe/shell_reverse_tcp.s
2016-03-31 20:42:42 -05:00
Bigendian Smalls a6518b5273
Add generic JCL cmd payload for z/OS (mainframe)
This payload does nothing but return successfully.  It can be used to
test exploits and as a basis for other JCL cmd payloads.
2016-03-28 21:01:39 -05:00
Christian Mehlmauer 3123175ac7
use MetasploitModule as a class name 2016-03-08 14:02:44 +01:00
Brent Cook 6b1e911041 Instantiate payload modules so parameter validation occurs
Calling .new on payload modules does not perform parameter validation, leading
to a number cached sizes based on invalid parameters. Most notably,
normalization does not occur either, which makes all OptBool params default to
true.
2015-08-14 11:35:39 -05:00
OJ 7b2aee2a60
Merge branch 'upstream/master' into update-x64-stagers 2015-05-15 12:27:40 +10:00
OJ 83fbd41970 Merge branch 'upstream/master' into multi-transport-support
Conflicts:
	Gemfile.lock
	modules/payloads/singles/cmd/windows/powershell_bind_tcp.rb
2015-05-14 14:50:25 +10:00
benpturner 36aa136091 missing require 2015-05-13 17:36:45 +01:00
benpturner 1f294eac0b Updated to remove dup code 2015-05-13 17:26:21 +01:00
benpturner a97f24a12d Update payload cached sizes 2015-05-11 10:00:14 +01:00
OJ d9068b7719 Fix up payload cache sizes, and powershell include 2015-05-11 17:43:51 +10:00
benpturner c0388a770e Update cached sizes 2015-05-10 22:01:30 +01:00
benpturner c916021fc5 SSL Support for Powershell Payloads 2015-05-10 21:45:59 +01:00