Allow searching through netstat output tables for specific strings.
Example:
```
meterpreter > netstat -S 192
Connection list
===============
Proto Local address Remote address State User Inode PID/Program name
----- ------------- -------------- ----- ---- ----- ----------------
tcp 10.1.1.20:3389 192.168.100.186:38470 ESTABLISHED 0 0 3076/svchost.exe
tcp 10.1.1.20:63826 192.168.100.186:31158 ESTABLISHED 0 0 4568/powershell.exe
tcp 10.1.1.20:64887 192.168.100.186:31158 ESTABLISHED 0 0 -
```
from @sempervictus
Merge forked changes to cmd_ps allowing for the use of string
matching on listing output via Rex::Ui::Text::Table's SearchTerm
facility
Example:
```
meterpreter > ps -S x64.*Auth.*Sys
Process list
============
PID Name Arch Session User Path
--- ---- ---- ------- ---- ----
400 smss.exe x64 0 NT AUTHORITY\SYSTEM C:\Windows\System32\smss.exe
...
```
from @sempervictus
Allow passing 'SearchTerm' into Rex::Ui::Text::Table creation to
filter all output by regex match to the string passed.
Provides base functionality for higher level subscribers such as
cmd_ls in meterpreter sessions for filtering output
from @sempervictus
Merge forked changes to cmd_ls allowing for the use of string
matching on listing output via Rex::Ui::Text::Table's SearchTerm
facility.
Example:
```
meterpreter > ls chef -R -S wget
No entries exist in chef/backup/chef/handlers
No entries exist in chef/backup/chef/ohai_plugins
No entries exist in chef/backup/chef
No entries exist in chef/backup
No entries exist in chef/cache/cookbooks/avast/attributes
No entries exist in chef/cache/cookbooks/avast/recipes
No entries exist in chef/cache/cookbooks/avast
No entries exist in chef/cache/cookbooks/chef-client/attributes
No entries exist in chef/cache/cookbooks/chef-client/libraries
No entries exist in chef/cache/cookbooks/chef-client/recipes
No entries exist in chef/cache/cookbooks/chef-client
No entries exist in chef/cache/cookbooks/chef_handler/attributes
No entries exist in chef/cache/cookbooks/chef_handler/libraries
No entries exist in chef/cache/cookbooks/chef_handler/providers
No entries exist in chef/cache/cookbooks/chef_handler/recipes
No entries exist in chef/cache/cookbooks/chef_handler/resources
No entries exist in chef/cache/cookbooks/chef_handler
No entries exist in chef/cache/cookbooks/cron/providers
No entries exist in chef/cache/cookbooks/cron/recipes
No entries exist in chef/cache/cookbooks/cron/resources
No entries exist in chef/cache/cookbooks/cron
No entries exist in chef/cache/cookbooks/logrotate/attributes
No entries exist in chef/cache/cookbooks/logrotate/definitions
No entries exist in chef/cache/cookbooks/logrotate/libraries
No entries exist in chef/cache/cookbooks/logrotate/recipes
No entries exist in chef/cache/cookbooks/logrotate
No entries exist in chef/cache/cookbooks/ohai/attributes
No entries exist in chef/cache/cookbooks/ohai/files/default/plugins
No entries exist in chef/cache/cookbooks/ohai/files/default
No entries exist in chef/cache/cookbooks/ohai/files
No entries exist in chef/cache/cookbooks/ohai/recipes
No entries exist in chef/cache/cookbooks/ohai
No entries exist in chef/cache/cookbooks/svit-windows/attributes
No entries exist in chef/cache/cookbooks/svit-windows/recipes
No entries exist in chef/cache/cookbooks/svit-windows/templates/default/plugins
No entries exist in chef/cache/cookbooks/svit-windows/templates/default
No entries exist in chef/cache/cookbooks/svit-windows/templates
No entries exist in chef/cache/cookbooks/svit-windows
No entries exist in chef/cache/cookbooks/windows/attributes
No entries exist in chef/cache/cookbooks/windows/files/default/handlers
No entries exist in chef/cache/cookbooks/windows/files/default
No entries exist in chef/cache/cookbooks/windows/files
No entries exist in chef/cache/cookbooks/windows/libraries
No entries exist in chef/cache/cookbooks/windows/providers
No entries exist in chef/cache/cookbooks/windows/recipes
No entries exist in chef/cache/cookbooks/windows/resources
No entries exist in chef/cache/cookbooks/windows
No entries exist in chef/cache/cookbooks
No entries exist in chef/cache
No entries exist in chef/handlers
No entries exist in chef/log
No entries exist in chef/ohai_plugins
No entries exist in chef/run
Listing: chef
=============
Mode Size Type Last modified Name
---- ---- ---- ------------- ----
100666/rw-rw-rw- 161 fil 2014-07-21 11:08:26 -0400 wget.ps1
100666/rw-rw-rw- 1285 fil 2014-07-21 11:08:26 -0400 wget.vbs
meterpreter >
```
This psexec payload size should be evaluated to make sure I'm not doing
anything stupid. i can't see a reason why increasing these sizes would
be bad. They seem to work fine.
MSP-9532
* Increase to reasonable size to handle larger xml file expansion on import
* Prevents the 'RuntimeError entity expansion has grown too large' error that prevents import
Tried to implement some more of the stuff that egypt suggested, managed
to get some in, but not others. Ultimately, its smaller than it was, and
I'm sure there are ways to make it better as well.
For some reason this was only working on Windows7/2008, yet when tired
on Windows 2012 it was resulting in crashes. It was also stopping
working in exploits such as psexec_psh.
Went back to the beginning and started again. With this in place, we can
now do a bit of shellcode golf to make it a bit smaller.
Adjusted payload sizes as well.
* Moved over to using single quotes for strings that don't need
escaping or interpolation.
* Changed one pack spec to be "more correct". Thankfully, we were only
packing 0 so the endianness isn't a problem, however it should be
correct, hence the fix.
This is causing sessions to fail because meterpreter isn't doing the
right thing. I have another fix in the works which will properly solve
this, but in the short term the best way of solving the problem is to
remove this line.
Transport configuration for basic session types can be performed
by the stager mixin.
Add a default transport_config method to Msf::Payload::Stager by
mixing in Msf::Payload::TransportConfig and attempting to guess
the default tranport and direction types from the currently loaded
module's (MSF module) refname.
Users with custom payloads will no longer need to update them with
transport_config methods unless they use a non standard transport,
direction, or other innovation which affects the default approach.
Testing:
Tested with payloads lacking transport_config methods or access
to the TransportConfig module (Ruby) namespace. This also resolves
problems with the RC4 payloads in upstream as they can't currently
generate stagers for meterpreter.
g0tmi1k
jvazquez-r7
Brent Cook
HD Moore
wchen-r7
root
RageLtMan
OJ
Christian Catalan
William Vu
David Maloney