Commit Graph

89 Commits (7cde510eb6dbd9c7139c5f33622b1a0cc31c8a61)

Author SHA1 Message Date
OJ fea28a89a5 Fix TLV defs for http headers 2017-11-21 13:47:19 -06:00
Jeffrey Martin d0a1fb6019
tlv response to ID based request with original ID
When a tlv response is created the request ID being responded to
needs to be copied into response created.
2017-10-06 13:58:38 -05:00
Brent Cook c365db135a pull in GUID fixes from #8818 2017-09-07 01:39:49 -05:00
OJ b38a962c09 Fix default session GUID when not specified
This resolves an issue with stategless HTTP sessions
2017-09-07 01:36:25 -05:00
OJ 7acd772c10 Pivot session stability, display and handling 2017-09-07 01:36:21 -05:00
OJ fdc9864b61 First working packet pivot session! 2017-09-07 01:36:20 -05:00
OJ e3de01219a Pushed on with more pivot code 2017-09-07 01:33:54 -05:00
OJ abc80655b7 Progress in named pipe pivots, more to come 2017-09-07 01:33:54 -05:00
Brent Cook 429824b5c9 guid is hex values 2017-08-21 03:44:02 -05:00
Brent Cook 8700a36858 make session_guid default with the correct length 2017-08-21 03:24:37 -05:00
OJ fa292dce96
Fix issue with truncated values when unpacking packets 2017-08-16 11:01:54 +10:00
OJ 4f054d25fc
Fix packet spec problems 2017-07-03 18:12:38 +10:00
OJ 999d90687e
Make encryption flags 32 bit
This changes the encryption flags on the meterpreter session so that
it's 32 bits (and hence changes the packet header). This also supports
the idea that sessions may use encryption that isn't AES256, so the
flags field will ultimately indicate that. A type flag has been added so
that MSF knows the type that should be done on the wire.

At some point soon we'll add something that makes sure that the packet
encryption type always matches the encryption type expected in MSF, this
will hopefully avoid the risk of having packets injected into the stream
by external entities.
2017-07-03 16:52:58 +10:00
OJ 494d389aa2
Merge upstream/master into packet encryption 2017-06-25 19:06:31 +10:00
OJ 67b1a19aa1
Finalised MSF-side of AES key negotiation over RSA 2017-06-25 10:24:00 +10:00
Brent Cook fda2e8c73d
Land #8523, Add support for session GUIDs 2017-06-22 20:10:10 -05:00
OJ a9e03c1efd
Initial working version of AES encryption of TLVs 2017-06-21 21:01:59 +10:00
OJ 2129959d2d
Begin rework of packet handling
This moves some of the packet-specific stuff to the packet class itself
2017-06-20 19:18:37 +10:00
OJ cec87a3e4f
Start of support for AES packet encryption 2017-06-19 22:27:51 +10:00
OJ a48f0fcec6
Remove references to Meterpreter CRYPTO TLVs
This feature wasn't supported, and so the TLVs are no longer needed.
2017-06-19 16:53:33 +10:00
OJ 37b9cd07a2
Add support for the session GUID in the UI
The Session GUID will identify active sessions, and is the beginning of
work that will allow for tracking of sessions that have come back alive
after failing or switching transports.
2017-06-06 17:15:57 +10:00
OJ a3cf400566
Re-set the TLV names for migration stuff 2017-01-24 07:36:56 +10:00
Jeffrey Martin 2c8cd80a2b
revert change to TLV_TYPE_MIGRATE_LEN in #7856 2017-01-23 09:23:32 -06:00
Jeffrey Martin 677d070179 make tlv enum of migrate length consistent 2017-01-23 09:19:53 -06:00
Brent Cook f61314d2d6
Land #7856, Fix incorrect translations in TLV inspection code 2017-01-22 11:08:05 -06:00
Brent Cook f69b4a330e handle Ruby 2.4 Fixnum/Bignum -> Integer deprecations 2017-01-22 10:20:03 -06:00
OJ 7e50ce09c0
Fix TLV inspect issue 2017-01-21 09:17:20 +10:00
OJ d0696a09ad
Move migration stub generation into MSF
This code adds support for transport-specific migration stubs to be
generated in MSF rather than having them hard-coded in Meterpreter.
2016-12-08 16:01:13 +10:00
OJ 0134161c1b Fix another typo 2016-01-25 22:15:13 +10:00
OJ 6c2391ed0d Fix typo in random xor key generator 2016-01-19 15:37:10 +10:00
OJ c747ffc05a Implement support for TLV packet XORing, and RECV removal 2015-12-08 16:37:10 +10:00
OJ d725554a87 Fix UUID code so that it always deals with 16 bytes
Also re-add the payload ID to session validation now that the UUID stuff
is reliable.
2015-05-17 17:49:21 +10:00
OJ 451484cb0d Add support for transport listing
Includes a verbose flag for the extra HTTP/S properties
2015-05-04 11:19:53 +10:00
OJ 4f9c8d04a2 Add support for moving transports and uuid fetching
The 'next' and 'prev' commands were added so that the session can jump
transports without having to add new ones at the same time.

There's also a command which gives the UUID now so that this can be
reused across sessions.
2015-04-28 20:24:44 +10:00
OJ 809409d8c4 Lots of changes to support moving timeouts to common spots
Session expiry, comms timeout, retry total/wait are all now part of all
of the meterpreter payloads as these are going to be used for
maintaining access with resiliency and will aim for consistency across
the payload types.
2015-04-09 17:57:43 +10:00
OJ d2d68d76a2 Update transport switching to a full blown command
Transport switching should now support all of the bits and pieces
required to do full switching with all configurable transport options
2015-04-02 23:13:59 +10:00
OJ 79ec2e0586 Add machine ID support to the command list 2015-04-01 14:29:04 +10:00
OJ 1f00b595bc Hacked support for transport switching 2015-03-25 13:08:52 +10:00
jvazquez-r7 56df2d0062 Add support for linux meterpreter migrate types 2014-12-30 18:30:15 -06:00
HD Moore 255e792ed3 Fix host-endian related pack errors. See below for details.
Ruby treats endianess in pack operators in the opposite way
of python. For example, using pack('<I') actually ignores the
endianess specifier. These need to be 'I<' or better yet, 'V'.
The endian specify must occur after the pack specifier and
multiple instances in meterpreter and exe generation were
broken in thier usage.

The summary:

Instead of I/L or I< use V
Instead of I/L or I> use N
For Q, you need to always use Q< (LE) or Q> (BE)
For c/s/l/i and other lowercase variants, you probably dont
need or want a *signed* value, so stick with vV nN and cC.
2014-06-30 02:46:36 -05:00
Jonathan 575072585f removed shebangs from files within rex 2013-11-07 18:51:59 -05:00
Tab Assassin 7e5e0f7fc8 Retab lib 2013-08-30 16:28:33 -05:00
HD Moore d656e3185f Mark all libraries as defaulting to 8-bit strings 2012-06-29 00:18:28 -05:00
James Lee 65b92efe8c Fix an ancient syntax fail 2012-03-16 02:03:54 -06:00
James Lee a3db547c76 Justify TLVs to be a little easier to read 2012-03-16 01:50:26 -06:00
James Lee 6cfb3ff4fc Comment out extension TLV types
I suspect this is a load order issue where sometimes the extension's TLV
types are defined before hitting this and sometimes aren't.
Nevertheless, pretty printing a TLV is not worth breaking all the
payloads.
2012-03-13 14:08:58 -06:00
James Lee 58bc9346f4 Make inspecting meterpreter packets a little less painful
Not sure why I originally thought there was no way to access extensions'
constants before.  A simple `require` makes it all happy.
2012-03-13 01:55:57 -06:00
HD Moore cccbdf9fab This patch allows meterpreter to work with file paths and user names that are not of the US-ASCII character set.
git-svn-id: file:///home/svn/framework3/trunk@13200 4d416f70-5f16-0410-b530-b9f4589650da
2011-07-17 17:32:52 +00:00
HD Moore 3a4b5a02fb Force strings to be binary in Meterpreter requests, wrap server-side errors with a client-side wrapper
git-svn-id: file:///home/svn/framework3/trunk@12758 4d416f70-5f16-0410-b530-b9f4589650da
2011-05-28 05:55:51 +00:00
James Lee f8c2fa6b72 aesthetic
git-svn-id: file:///home/svn/framework3/trunk@11771 4d416f70-5f16-0410-b530-b9f4589650da
2011-02-18 00:25:36 +00:00