871c30c0b3
refactor stdapi and lanattacks to use filter_commands
2017-06-06 14:05:07 +08:00
e9c9c852ab
check_commands -> filter_commands
2017-06-06 13:56:38 +08:00
7625d36c1c
fix #8199 , check extapi for dependencies
2017-06-05 14:56:59 +08:00
cc0ff8f3db
Enable adaptive download with variable block sizes
...
The aim of this commit is to allow users of Meterpreter in high-latency
environments have better control over the behaviour of the download
function. This code contains two new options that manage the block size
of the downloads and the ability to set "adaptive" which means that the
block size will adjust on the fly of things continue to fail.
2017-06-02 17:16:58 +10:00
11b3fd9067
Land #8468 , Update system info after running getsystem
2017-05-26 23:37:00 -05:00
53cbbbacd8
getsystem update session info
2017-05-26 17:28:11 -06:00
a9e6df6f15
fix shell command on osx meterpreter
2017-05-26 15:55:14 +08:00
86aad6b7c3
Fix proxy_type references to handle nil case
2017-05-22 21:47:37 +10:00
123462bdca
Land #8293 , add initial multi-platform railgun support
2017-05-11 22:32:23 -05:00
e026a8c663
Fix typo (s/Remote/Reverse/) in portfwd -L
...
Found by ThePortWhisperer on IRC.
2017-04-29 00:10:13 -05:00
3347af24ba
Add some basic libc definitions for railgun
2017-04-25 15:12:39 -04:00
9c60c3ee46
Support platform specific railgun constants
2017-04-25 14:36:15 -04:00
6f763a616d
Land #8225 , Expose the shared wifi profile dumping feature in Mimikatz
2017-04-25 11:23:34 -05:00
daf8833174
Refactor a bunch of windows_name references
2017-04-24 19:54:00 -04:00
3cc089bcef
Support loading platform specific railgun defs
2017-04-24 19:46:56 -04:00
d3a759d631
Make changes for initial linux railgun support
2017-04-24 17:11:27 -04:00
67047cf770
Revert "Fixes MS-1716, keep sessions in progress alive."
...
This reverts commit e5d0370a94
2017-04-16 15:52:22 -05:00
7950087804
Merge branch 'upstream-master' into land-8237-
2017-04-14 21:53:26 -05:00
cbebc5dc39
really remove errant keyscan_extract() call
2017-04-14 15:21:11 -05:00
303a767ccc
bring ukl branch up to date with upstream
2017-04-12 21:59:13 -05:00
271da4b4a5
Add new shared wifi profile dumping from kiwi
2017-04-11 22:01:52 +10:00
6983b0f857
Update the kiwi extension to show correct version number
2017-04-11 20:23:56 +10:00
a65936452f
Add android wakelock command to turn the screen on
2017-03-28 16:24:11 +08:00
ef53e6a593
fix execute and kill cmd usage/help
2017-03-22 16:29:47 +08:00
686f30e118
Land #8117 , p{grep,kill} for Meterpreter <3
2017-03-21 16:37:34 -05:00
dd6e75986d
add -l and -f flag simulation for pgrep, XXX rex handles flag opts poorly
2017-03-16 23:48:39 -05:00
70bbacf7ed
kill processes in reverse, allow children before parents more likely
2017-03-16 23:48:04 -05:00
85f7d73d4d
add pgrep as well
2017-03-16 04:14:45 -05:00
c9a85f58c0
add pkill command, rework to share filtering logic with ps
2017-03-16 03:57:49 -05:00
befc5e05e5
Fix more kernel32 railgun definitions using DWORD
2017-03-14 18:42:52 -04:00
d759c603b2
Fix more kernel32 railgun definitions using DWORD
...
Some railgun definitions for the kernel32 module define DWORD for the
functions return type when it should be HANDLE. This causes errors on
64-bit systems when the return value is truncated.
2017-03-14 16:58:22 -04:00
2d51801b01
Use native_arch for railfun multi and test it
2017-03-01 13:07:04 -05:00
0ebd51d224
Use native_arch for railgun sizes
2017-02-26 14:42:55 -05:00
3b2e5e0785
Add a new core_native_arch method for meterpreter
2017-02-26 14:22:24 -05:00
076848e904
Land #7993 , Keep sessions in progress alive
2017-02-24 16:57:47 -06:00
e5d0370a94
Fixes MS-1716, keep sessions in progress alive.
2017-02-24 12:56:05 -06:00
4f839299f1
Land #7978 , Add a test module for railgun API calls
2017-02-21 17:15:49 -06:00
2a20d24c29
Land #7966 , Fix 'rm' to handle multiple files
2017-02-21 13:32:19 -06:00
7d1fadb84f
Add a test module for railgun api calls
2017-02-18 17:37:49 -05:00
566bafe65d
Land #7962 , Uploading files without specifying the destination closes a Meterpreter session.
2017-02-17 17:04:22 -06:00
5207cb6c3a
Land #7914 , send the correct exception on channel open failure
2017-02-17 17:00:30 -06:00
807a27e73d
clarify error handling when a channel cannot be opened
2017-02-17 16:59:09 -06:00
5bd38af8d6
fix rm to handle multiple files
2017-02-15 19:22:39 -05:00
24a4211bb9
fix upload when dest not specified
2017-02-14 22:08:49 -05:00
b741c8b2f7
fix typo in failure path, pointed out by rw-
2017-02-13 21:16:48 -06:00
74e029f3b1
Land #7932 , Fix CVE-2017-5229
2017-02-07 19:22:36 -06:00
522c6dce8e
Land #7931 , Fix CVE-2017-5231 and respect user's dest
2017-02-07 19:22:17 -06:00
68a5d300fe
minor style issues
2017-02-07 18:35:35 -06:00
b370dd0654
Fix CVE-2017-5229 - extapi Clipboard.parse_dump() Directory Traversal
2017-02-07 18:24:06 -06:00
56cf6b129d
Fix CVE-2017-5228
2017-02-07 23:44:23 +10:00
cb74d3b05b
Fix CVE-2017-5231 and respect user's dest
2017-02-07 23:41:59 +10:00
9db2cdb33a
Fix close session
...
Fix close session if remote file is permission deined
2017-02-05 02:00:05 +03:00
a3cf400566
Re-set the TLV names for migration stuff
2017-01-24 07:36:56 +10:00
2c8cd80a2b
revert change to TLV_TYPE_MIGRATE_LEN in #7856
2017-01-23 09:23:32 -06:00
677d070179
make tlv enum of migrate length consistent
2017-01-23 09:19:53 -06:00
f61314d2d6
Land #7856 , Fix incorrect translations in TLV inspection code
2017-01-22 11:08:05 -06:00
f69b4a330e
handle Ruby 2.4 Fixnum/Bignum -> Integer deprecations
2017-01-22 10:20:03 -06:00
441222c2b5
Merge remote-tracking branch 'upstream/master' into land-7787-
2017-01-22 09:44:11 -06:00
e0094897a1
Add CSV and vCard support to dump_contacts
2017-01-20 19:18:50 -06:00
7e50ce09c0
Fix TLV inspect issue
2017-01-21 09:17:20 +10:00
5b2e76b981
Land #7794 , Fix #7793 , incorrect command name in android meterpreter extension
2017-01-11 12:38:36 -06:00
6dee63d727
Incorrect command name
2017-01-06 23:58:18 +00:00
eec5e88e1c
android_wakelock
2017-01-05 19:17:28 +07:00
5a4abeb110
make Rex UDPSocket.send work just like the real thing
2017-01-02 09:38:26 -06:00
d5bc6a089f
recvfrom_nonblock need flag = 0, not nil
2017-01-02 08:55:12 -06:00
bb684bb3b1
tcp channel fixes
2016-12-30 14:59:10 -06:00
99da91e278
Adjust golden ticket creation to force params when SYSTEM
2016-12-23 20:29:00 +10:00
894ed4957f
Add help where appropriate
2016-12-23 10:51:33 +10:00
93a280dfc1
Merge upstream/master ready for PR
2016-12-23 10:20:53 +10:00
34e3a17fda
Remove unused Kiwi TLVs
2016-12-23 09:57:57 +10:00
5702bd6745
Land #7674 , Move migration stub generation code into msf
2016-12-22 17:53:00 -06:00
4c150a10c2
Update to use new base64 flags for kiwi
2016-12-23 09:40:11 +10:00
c97e6ae1e8
Handle stupid merge from OJ's upstream
2016-12-23 09:00:27 +10:00
e6e2388256
SSP creds and golden tickets
2016-12-23 08:34:16 +10:00
0bca485858
Continue work on enabling kiwi functionality
2016-12-20 18:25:48 +10:00
ee4caba646
Remove `terminal` and tweak `sessions`
...
Hopefully everyone is now happy!
2016-12-20 07:50:07 +10:00
74040c4ee6
Rename the `sess` command to `terminal`
...
Lots of people have been frustrated by the `sess` command as it mucks
with the autocomplete for `sessions`. This is a fair concern, especially
given that `sess` was intended to be a non-annoying shortcut.
This commit changes the `sess` command so that it is instead called
`terminal`. I couldn't think of a better option that didn't already
clash with another name or meaning. At least `terminal` is something
that doesn't clash, doesn't muck with any existin autocomplete rules,
and is in some way another name for the existing sessions.
Feedback appreciated!
2016-12-19 17:05:04 +10:00
609c8da772
Re-add wifi support, start work on kerberos stuff
2016-12-10 11:20:16 +10:00
9a7c0eb7b6
Fix cloe file
2016-12-08 21:28:39 +03:00
d0696a09ad
Move migration stub generation into MSF
...
This code adds support for transport-specific migration stubs to be
generated in MSF rather than having them hard-coded in Meterpreter.
2016-12-08 16:01:13 +10:00
50b0c9ef5e
Add tspkg support and fix parsing a little
2016-12-07 15:06:08 +10:00
7d316cb3e6
Begin work on parsing mimikatz output and handling more cmds
2016-12-07 15:06:08 +10:00
8f4621f424
Initial work to support the new kiwi extension
2016-12-07 15:05:02 +10:00
b4a2a6ed60
Merge remote-tracking branch 'upstream/master' into land-7625-
2016-12-06 06:23:32 -06:00
8f3fab4b1b
fix sleep and transport on android
2016-11-30 21:59:01 +08:00
468bf4696f
stdapi_fs_file_copy
2016-11-29 13:56:27 +08:00
16b5f40dae
Revert "Rework XOR code to make more sense"
...
This reverts commit 699a8e91d2
2016-11-20 19:09:45 -06:00
f313389be4
Merge remote-tracking branch 'upstream/master' into land-7507-uuid-arch
2016-11-20 19:08:56 -06:00
5490fda0ae
Merge remote-tracking branch 'upstream/master' into land-7261
2016-11-14 16:49:28 -06:00
7773d90da4
Update railgun to use arch to check for 64 bit
2016-10-29 14:26:06 +10:00
57eabda5dc
Merge upstream/master
2016-10-29 13:54:31 +10:00
8b97183924
Update UUID to match detected platform, fail exploit on invalid session
2016-10-29 13:45:28 +10:00
bf7e7ae4be
Fix silly mistake with resetting arch in sysinfo
2016-10-29 08:32:32 +10:00
d201c5bccc
Force x86_64 to change over to x64 in sysinfo, tidy arch checks
2016-10-29 06:49:35 +10:00
1d617ae389
Implement first pass of architecture/platform refactor
2016-10-28 07:16:05 +10:00
786600bd09
Remove the unused binary_suffix var
2016-10-18 16:15:00 +10:00
67d07a715c
add android_hide_app_icon
2016-10-17 19:02:48 +08:00
5fad8d8efa
prefix android commands with android_
2016-10-15 23:57:20 +08:00
022830634b
Rejig platform to use windows instead of win32/win64
2016-10-14 10:10:04 +10:00
0d5a23b865
Merge branch 'master' into land-7423-localtime
2016-10-10 23:54:38 -05:00
699a8e91d2
Rework XOR code to make more sense
2016-10-10 13:38:08 +10:00
e139a1ee8f
Land #7383 : Rebase/Fix + SSL stager support for python
2016-10-10 13:06:09 +10:00
a89607bbdb
Prefer keyword argument
2016-10-04 23:14:14 -05:00
b7ea465855
refresh sysinfo when explicitly requested on a session
2016-10-04 22:06:06 -05:00
a4efa77878
Support driver list, adjust capcom exploit
...
This commit adds MSF-side support for listing currently loaded drivers
on the machine that Meterpreter is running on. It doesn't add a UI-level
command at this point, as I didn't see the need for it. It is, however,
possible to enumerate drivers on the target using the client API.
Also, the capcom exploit is updated so that it no longer checks for the
existence of the capcom.sys file in a fixed location on disk. Instead,
it enumerates the currently loaded drivers using the new driver listing
function, and if found it checks to make sure the MD5 of the target file
is the same as the one that is expected. The has is used instead of file
version information because the capcom driver doesn't have any version
information in it.
2016-10-04 11:27:20 +10:00
3469104f7a
Add localtime command support
2016-10-03 15:18:37 +10:00
039357a714
Land #7387 , checksum command for Meterpreter
2016-10-02 21:35:34 -05:00
8e09b172f6
Add a meterpreter checksum command
2016-10-01 14:29:35 -04:00
6241e48b34
Land #7350 , add 'sess' command for direct session switching support
2016-09-29 23:18:53 -05:00
49ed02a203
fix packet parsing when there is partial data
2016-09-29 17:21:59 -05:00
af4b1cf48f
Add the `sess` command to MSF and Meterp shells
...
This new command is a simpler shortcut that allows for moving around sessions much faster from within the console.
* From inside MSF, `sess <id>` is shorthand for `sessions -i <id>`
* From inside Meterp, `sess <id>` is shorthand for `background; sessions -i <id>`
In the latter case, if the session being switched to is the same id, then no swiching happens.
2016-09-22 16:09:59 +10:00
52d0840a79
Land #7276 , fix clipboard tlv usage
2016-09-22 00:47:18 -05:00
022ab74f30
See #7089 , add some stray fixups
2016-09-15 18:50:00 -05:00
6686e91ffe
fixup some leftover debug and whitespace issues
2016-09-15 18:39:08 -05:00
50fc3b10f8
Land #7086 , Add 'continue' and 'tries' wget-like options to meterpreter 'download'
2016-09-15 17:48:21 -05:00
43942e6029
refactor pem parser to use the rex-socket gem version
...
use rex-socket's pem aprser instead of the old one we used
to have in rex::parser
MS-1715
2016-09-07 11:38:27 -05:00
ab6ffcc725
Add tspkg support and fix parsing a little
2016-09-07 02:04:54 +10:00
dd977c0c28
Begin work on parsing mimikatz output and handling more cmds
2016-09-07 01:41:35 +10:00
f75b5569e5
fix android clipboard tlv usage
2016-09-05 17:24:32 +01:00
bfabb3877c
@void-in suggestions styles
2016-08-31 14:00:35 +02:00
39407dda95
Winpmem meterpreter extension
2016-08-31 11:46:15 +02:00
efdf7c4c00
Clipboard now sets 'recursive' download option in new way. Improved download_file compatibility
2016-08-27 01:44:04 +00:00
3545c5f8db
Rebase after #7125 . Changed tries to -l. Added 'opts' for all download options
2016-08-27 00:55:16 +00:00
95b82219a3
Land #7233 , ssh over L# pivot
...
this lands egypt's fix for using Net::SSH over L# pivots
2016-08-23 14:12:54 -05:00
bcf0062d47
Make SocketInterface things be Rex::Sockets
2016-08-22 14:17:00 -05:00
3d4d7aae14
Add ps -c to show child processes of current shell
2016-08-18 19:23:21 -05:00
eb73a6914d
replace old rex::ui::text::table refs
...
everywhere we called the class we have now rewritten it
to use the new namespace
MS-1875
2016-08-10 13:30:09 -05:00
f9a7d34089
Initial work to support the new kiwi extension
2016-08-02 19:12:24 +10:00
4c12c2f6c5
Improve Meterpreter ps -A experience
...
This allows us to use "x64" instead of "x86_64" in ps -A.
2016-07-31 17:19:57 -07:00
3987c2c0d8
cache sysinfo (we use it a lot, it will not change)
2016-07-27 08:49:19 -05:00
9cb4880747
allow process architecture to be a string (allow more than x86)
2016-07-27 08:49:19 -05:00
bebff786b7
Add timestamping to downloaded files
2016-07-25 17:18:27 -05:00
ed8fec255e
Fixed dir download. Retry when no network even at the download start
2016-07-12 23:05:50 +00:00
a6e92034bf
Added glob to dir_files.entries search - thanks @OJ
2016-07-11 06:22:28 +00:00
3c2f0e814e
'Continue' and 'tries' wget-like options for meterpreter 'download'
2016-07-10 16:24:36 +00:00
6072697126
continued
2016-06-22 14:54:00 -05:00
60f81a69ea
Remove the pfservice close call on shutdown
2016-05-03 12:03:37 +10:00
d136844d3b
Add error handling around double-bind of ports
2016-05-03 10:42:41 +10:00
c15a2e8787
Merge branch 'upstream/master' into reverse-port-forward
...
Signed-off-by: OJ <oj@buffered.io>
2016-04-26 09:48:40 +10:00
12a47b7fab
prefer &&
2016-04-24 11:56:32 -04:00
194a84c793
Modify stdapi so it also uses exist? over exists? for ruby parity
...
Also add an alias for backward compatibility.
2016-04-23 17:31:22 -04:00
7f8491149f
Fix minor whitespace issues
2016-04-22 17:18:10 -05:00
540409e735
Add `resolve` to the meterpreter command line
...
I'm aware that this already exists as a post module, but there's nothing more annoying than having to bail out of Meterpreter, use the right module, set up the host list, etc all to just fire off a one-liner.
So this commit adds the command directly to Meterpreter's command line so that you don't have to do all that. This doesn't support specifying a file with the hosts in it (the post module does that). This is intended for quick resolution of particular hosts quickly.
2016-04-22 13:21:19 +10:00
57ab974737
File.exists? must die
2016-04-21 00:47:07 -04:00
b95267997d
Fix LURI support for stageless, transport add/change and code tidies
2016-04-18 08:24:41 -05:00
5c2e5398ad
Fix issue with flushing rev port forwards
2016-04-11 10:41:12 +10:00
866cb5a23b
Fix usage of lport/rport while tracking rev forwards
2016-04-06 16:36:41 +10:00
6d504316ae
Add MSF-side support for reverse port forwards
...
This includes changes to the portfwd command so that the output is
nicer, things are easier to use, and users have the ability to create
reverse port forwards.
2016-04-06 15:38:39 +10:00
3d995546d9
check for true before empty string
2016-04-01 21:30:11 -05:00
2a9f813bcd
Don't interpreter blank string as error
2016-04-01 09:53:25 +10:00
Tim
OJ
Brent Cook
TheNaterz
William Vu
Spencer McIntyre
Brent Cook
William Webb
Pearce Barry
bwatters-r7
Rich Whitcroft
Justin Steven
Artem
Jeffrey Martin
Ubuntu
David Maloney
Danil Bazin
caye
James Lee