Commit Graph

1442 Commits (597eb56dcf98a97b9fb41f1e7087fc0d45a14ec3)

Author SHA1 Message Date
OJ 715fdc05ec
Updated meterpreter binaries
Includes the following changes:

* Security cleanup - remove use of insecure functions
* Windows 8/8.1/2012 R2 support to sysinfo
* VS 2013 upgrade
* Command dispatcher refactor
* Getproxy command added (needs MSF side too)
2013-11-07 14:31:54 +10:00
joev 4425cf1dc1 Add support for firefox 25.
Also replaces a bunch of missing semicolons.
2013-10-30 12:19:22 -05:00
jvazquez-r7 2b5e2df94e
Land #2568, @h0ng10's update of SAP url's wordlist 2013-10-28 09:01:33 -05:00
jvazquez-r7 e88e523eaa Delete newline 2013-10-28 09:01:00 -05:00
Tod Beardsley 27739a0351
Meterpreter bins after Meterpreter PR 32
Protects against potential BOFs due to strcpy usage.

These binaries were built against meterpreter master after
https://github.com/rapid7/meterpreter/pull/32 landed.

The CI tests can be seen here:

https://ci.metasploit.com/view/Meterpreter/job/MeterpreterWin/75/

Note, this commit is signed. Your merge commit should be signed, too, so
people can be assured that nobody is backdooring Meterpreter on the sly.
2013-10-24 15:15:49 -05:00
Tod Beardsley b5f26455a3
Land #2545, javascript library overhaul 2013-10-23 16:12:49 -05:00
h0ng10 a834fec889 Added URL for PT-2013-13/SAP Note 1820894 2013-10-23 21:20:18 +02:00
h0ng10 e02bf0cce6 Added /AdapterFramework/version/version.jsp 2013-10-23 21:09:19 +02:00
sinn3r 19615ac4b7 Apparently I missed a lot of stuff 2013-10-21 21:02:01 -05:00
Tod Beardsley 824dd84982 Merge remote-tracking branch 'upstream/pr/2500' into temp 2013-10-21 14:26:05 -05:00
sinn3r 8a94df7dcd Change category name for base64 2013-10-18 21:20:16 -05:00
sinn3r 62dadc80d3 Make sure the data type for the return value is a string 2013-10-18 21:08:46 -05:00
sinn3r 711399bb34 Update property_spray.js 2013-10-18 20:56:00 -05:00
sinn3r e1ca2d2730 Fix mstime_malloc.js 2013-10-18 20:49:33 -05:00
sinn3r 298f23c91c Fix extra slashes that cause browser autopwn to fail. 2013-10-18 20:43:39 -05:00
OJ 827bf23979
Updated binaries with railgun crash fixes 2013-10-18 19:43:17 +10:00
sinn3r c926fa710b Move all exploitation-related JavaScript to their new home 2013-10-17 16:43:29 -05:00
Tod Beardsley bd405277d9
Add a default Samsung community string
See http://www.kb.cert.org/vuls/id/281284

and

http://www.h-online.com/security/news/item/Samsung-network-printer-vulnerability-discovered-Update-2-1757967.html
2013-10-17 10:35:59 -05:00
Spencer McIntyre 6f23e95c14 Fix an endianess issue in pymeterpreter registry_query_value. 2013-10-12 23:39:22 +01:00
Meatballs 378f403fab
Land #2453, Add stdapi_net_resolve_host(s) to Python Meterpreter.
Moves resolve_host post module to multi and depreciates Windows module.
Resolve will now return nil for failed lookups instead of an empty
string.
2013-10-10 20:13:06 +01:00
g0tmi1k 6b004086ea Removed SVN from msfupdate 2013-10-10 12:25:00 +00:00
OJ b477ae369b
Updated stdapi binaries with railgun fix
Changes are from https://github.com/rapid7/meterpreter/pull/28
2013-10-10 16:03:38 +10:00
OJ 0a194b203d
Updated sniffer binaries
These updated binaries include a packet-sniffer fix which results in
sniffing working on x86 builds of Windows 8 and Windows 8.1.
2013-10-09 07:38:54 +10:00
Spencer McIntyre 7414dff958 Add fault tolerance for resolve_hosts. 2013-10-04 08:51:13 -04:00
sinn3r bc8604f151 Use safe_negate_size for hxds 2013-10-03 23:15:29 -05:00
sinn3r 63d7b8c309 Use safe_negate_size for java 2013-10-03 23:13:57 -05:00
sinn3r ab62af220b Use safe_negate_size key for msvcrt (XP) 2013-10-03 23:12:58 -05:00
jvazquez-r7 9df676ca7e
Land #2447, @wchen-r7's new msvcrt ROP chains without nulls 2013-10-03 22:38:29 -05:00
Spencer McIntyre ecf286a8c4 Add support for stdapi_net_resolve_host. 2013-10-03 10:31:54 -04:00
James Lee 56b6f0be02 Add bins for #2443
See #740 and meterpreter#26
2013-10-01 23:47:24 -05:00
sinn3r cd1f023f72 Update msvcrt.dll ROP chain for Windows Server 2003 2013-10-01 16:18:57 -05:00
sinn3r 14d99ffbdb Update Win XP msvcrt.dll ROP
This updated ROP chain for msvcrt.dll does not have any null bytes.
2013-10-01 15:00:43 -05:00
sinn3r 7c6c8291e2 Add ROP chains for Office 2007 and Office 2010 (hxds.dll)
This adds two ROP chains for Office 2007 and Office 2010 based on
hxds.dll.
2013-10-01 01:33:35 -05:00
Tab Assassin 2e8d19edcf Retab all the things (except external/) 2013-09-30 13:47:53 -05:00
Meatballs e806047411
Add MSI bins 2013-09-27 20:03:19 +01:00
Meatballs 8a9843cca6
Merge upstream/master 2013-09-27 20:02:23 +01:00
Meatballs 9fde8bee2b Merge branch 'master' of github.com:rapid7/metasploit-framework into upstream-master 2013-09-27 18:12:17 +01:00
Tod Beardsley 869c10af04
Land #2396, aspx-exe shellcode generator
Looks good to me, specs are all happy (also added a #to_h spec)
2013-09-27 11:42:16 -05:00
OJ c38f3b4a56 New meterpreter binaries
New binaries contain fixes for:

* kitrap0d crashing during `getsystem` calls.
    * https://github.com/rapid7/meterpreter/pull/23
* Meterpreter crashing on XP SP0 in certain scenarios.
    * https://github.com/rapid7/meterpreter/pull/21
2013-09-27 09:31:53 +10:00
Meatballs 079eec0aea Compile.bat and gitignore 2013-09-21 13:14:01 +01:00
Meatballs 85ea9ca05a Merge branch 'master' of github.com:rapid7/metasploit-framework into msi_payload 2013-09-21 12:49:38 +01:00
Meatballs 1bd1c3587d No UAC prompt MSI 2013-09-21 12:47:58 +01:00
OJ 3cdddb8ff3
New meterpreter binaries for ip resolv feature
* New meterpreter binaries that include the IP resolve feature.
* Updated .gitignore to correctly match pivot file name.
2013-09-21 07:12:40 +10:00
Meatballs 11bdf5d332 New pull 2013-09-19 19:57:38 +01:00
James Lee dc9246a770 New compiled bins for shiny vs2012 build
* Fixes x64 sniffer [FixRM #8364]
2013-09-17 18:11:13 -05:00
James Lee 21055f6856 Add x86 to meterpreter's binary suffix
This makes x86 more consistent with x64.

Also replaces a bunch of instances of:
  File.join(Msf::Config.install_root, 'data', ...)
with the simpler
  File.join(Msf::Config.data_directory, ...)

[See rapid7/meterpreter#19]
2013-09-16 21:52:04 -05:00
jvazquez-r7 299860b09d Land #2329, @kaospunk auxiliary module to enumerate ntlm info 2013-09-16 08:16:30 -05:00
James Lee 705e262061 Non-broken compiled bins for meterpreter/#14
Somehow built bins with fatal linker errors last time. These seem to be
solid.

[SeeRM #8361]
2013-09-12 23:36:05 -05:00
James Lee 9dae838422 New compiled bins for meterpreter/#14
Should fix the flakiness of migrataion on 64-bit systems.

[FixRM #8361]
2013-09-12 22:34:31 -05:00
Spencer McIntyre e3e2c69de1 Fix additional issues in the python meterpreter. 2013-09-10 15:06:33 -04:00