8bae58d631
Updated cache sizes
2015-03-11 21:25:12 -05:00
1135e5e073
First take on WinHTTP stagers, untested
2015-03-11 16:27:14 -05:00
7e3b4017f0
Rename and resynced with master, ready for refactoring
2015-03-11 14:36:27 -05:00
ea1bc69e2e
Merge branch 'master' into feature/add-reverse_winhttp-stagers
2015-03-11 14:29:34 -05:00
ceeee4446f
Land #4904 , @hmoore-r7 reworks reverse_http/s stagers
...
They are now assembled dynamically and support more flexible options,
such as long URLs.
2015-03-11 10:41:59 -05:00
ad39adf9c2
Missing comma
2015-03-11 00:49:07 -05:00
a89926b663
Exclude vncinject from http stagers (depends on sockedi)
2015-03-11 00:46:04 -05:00
9ade107325
disable reverse_http methods from upexec and shell payloads
...
These don't work over http and don't appear to have ever, as far back as
I could test. They appear to be an accident perhaps.
2015-03-10 17:08:58 -05:00
db351317a5
Merge with PR branch
2015-03-10 14:08:35 -05:00
0f763c2cb3
First step to reworking the winhttp stagers
2015-03-10 14:07:25 -05:00
991e72a4fa
HTTP stager based on WinHttp
2015-03-10 13:40:16 -05:00
966848127a
Refactor x86 Windows reverse_http and reverse_https stagers
2015-03-10 12:48:30 -05:00
618fbf075a
Update CachedSize for the fixed stager
2015-03-09 16:57:14 -05:00
746f18d9bb
Fallback to a localhost variant to make the length predictable
2015-03-09 16:56:25 -05:00
6543c3c36f
Update CachedSize for the fixed stager
2015-03-09 16:54:57 -05:00
c676ac1499
Fallback to a localhost variant to make the length predictable
2015-03-09 16:53:28 -05:00
d0324e8ad3
Final cleanup, passing specs
2015-03-09 15:50:57 -05:00
da81f6b2a0
Correct the :dynamic cache sizes
2015-03-09 15:44:14 -05:00
02509d02e4
The result of running ./tools/update_payload_cached_sizes.rb
2015-03-09 15:31:04 -05:00
a648e74c4b
Remove unnecessary semicolon
2015-03-02 15:36:45 -06:00
80169de4d0
Remove -i from shell in reverse_python
2015-03-02 15:29:50 -06:00
5297ebc1a1
Merge branch 'master' into land-1396-http_proxy_pstore
...
Bring things back to the future
2015-02-20 08:50:17 -06:00
91b4a59fc7
msftidy fixes
2015-02-20 08:42:54 -06:00
bae19405a7
Various grammar, spelling, word choice fixes
2015-01-26 11:00:07 -06:00
d14413579c
HTTP stager based on WinHttp
2015-01-19 13:01:56 +01:00
7a2f0553a8
Update reverse_tcp.rb
...
prevent over-reading from socket
2015-01-18 17:32:53 +02:00
9c12fcc2f1
Update bind_tcp.rb
...
Read exactly l bytes
2015-01-18 15:42:09 +02:00
18e15a109a
Update bind_tcp.rb
...
Prevent over reading from socket
2015-01-18 15:35:56 +02:00
9791acd0bf
Add stager ipknock shellcode (PR 2)
2014-12-27 22:03:45 +01:00
93be828738
Fix invalid URL in splat
2014-12-22 11:26:20 -06:00
f1b9862665
Align shellcode in bind_hidden_tcp
2014-12-22 11:17:14 -06:00
9a7e431a4a
New block_api applied
2014-12-22 17:21:13 +01:00
42636fb3c0
Handler and block_hidden_bind_tcp deleted
2014-12-22 17:21:13 +01:00
fa8e944e34
AHOST OptAddress moved to the payload
2014-12-22 17:21:11 +01:00
c0fa8c0e3f
Add stager for hidden bind shell payload
2014-12-22 17:21:11 +01:00
2c0c732967
Fix #4414 & #4415 - exitfunc and proper null-terminated string
...
This patch fixes the following for messagebox.rb
Issue 1 (#4415 )
When exitfunc is none, the payload will not be able to generate
due to an "invalid opcode" error.
Issue 2: (#4414 )
After "user32.dll" is pushed onto the stack for the LoadLibrary
call, the payload does not actually ensure bl is a null byte, it
just assumes it is and uses it to modify the stack to get a
null-terminated string.
Fix #4414
Fix #4415
2014-12-19 03:19:06 -06:00
e3943682a2
Improves linux/armle payloads, lands #3315
2014-12-13 18:27:14 -06:00
5a645c5eba
Stagers updated from source
2014-12-13 12:50:47 -06:00
92490ab5e8
Singles updated from the source
2014-12-13 12:22:07 -06:00
79f2708a6e
Slight fixes to grammar/desc/whitespace
...
Note that the format_all_drives module had a pile of CRLFs that should
have been caught by msftidy. Not sure why it didn't.
2014-12-04 13:11:33 -06:00
fc96d011ab
Python reverse_http stager, lands #4225
2014-12-02 11:47:31 -06:00
7fe72fd118
Cosmetic tweaks for #4225
2014-12-02 11:47:14 -06:00
4a4608adbc
Add format_all_drives shellcode for Windows x86_x64
2014-11-27 23:06:54 +05:30
8473ed144a
Add format_all_drives shellcode for Windows x86_x64
2014-11-27 14:13:49 +05:30
f5633ba3c3
Add format_all_drives shellcode for Windows x86_x64
2014-11-26 20:29:25 +05:30
8e7e5590c9
rename SHELLARG to ARGV0 because that's really what it is
2014-11-19 22:14:24 +01:00
ac4c11ca39
work on linux/armle/shell_bind/tcp
...
same changes as to shell_reverse_tcp
2014-11-19 21:53:23 +01:00
fd7248b3c0
work on linux/armle/shell_reverse_tcp
...
shorten the execve code, remove exit, grow argv[0] space
2014-11-19 21:53:23 +01:00
d5ebd8a2dc
Shorten the reverse_http stager by renaming a var
2014-11-17 19:04:26 -05:00
0bf93acf6b
Pymeterp http proxy and user agent support
2014-11-16 14:29:20 -05:00
7c14e818f6
Patch pymeterp http settings
2014-11-14 17:12:23 -05:00
681ae8ce6b
Pymet reverse_http stager basic implementation
2014-11-14 14:15:46 -05:00
35d3bbf74d
Fix up comment splats with the correct URI
...
See the complaint on #4039 . This doesn't fix that particular
issue (it's somewhat unrelated), but does solve around
a file parsing problem reported by @void-in
2014-10-17 11:47:33 -05:00
e0016d4af3
Remove hash rocket from refs array #3766
...
[SeeRM #8776 ]
2014-10-08 09:16:38 +00:00
3c7be9c4c5
Remove hash rockets from references #3766
...
[SeeRM #8776 ]
2014-10-08 09:01:19 +00:00
9e5826c4eb
Land #3844 - Add the JSObfu mixin to Firefox exploits
2014-09-29 11:15:14 -05:00
b96a7ed1d0
Install a global object in firefox payloads, bump jsobfu.
2014-09-24 16:05:00 -05:00
0247e4a521
Change RequiredCmd for reverse_bash_telnet_ssl cmd payload
2014-09-24 00:40:14 -05:00
e1b6ee283f
Allow Msf::Payload::JSP to guess system shell path if it isnt provided
2014-08-30 16:27:02 -05:00
af3ca19ab2
Land #3501 , @AnwarMohamed's android meterpreter commands.
2014-08-09 16:29:59 -05:00
c31fc61617
Land #3270 , @jlee-r7 deprecation ipv6 payloads
...
These are not needed, since you can just config the regular handler now
and pick either.
This resolves the conflict (rm'ed the old modules)
Conflicts:
modules/payloads/stagers/windows/reverse_ipv6_http.rb
modules/payloads/stagers/windows/reverse_ipv6_https.rb
2014-08-01 16:27:59 -05:00
c2be3d6875
fixing autoload bug
2014-07-29 17:51:56 +02:00
6bbb2124a7
bug fixing
2014-07-29 15:49:14 +02:00
283046b25d
fixing auto load on new session
2014-07-28 10:49:50 +02:00
25f74b79b8
Land #3484 , bad pack/unpack specifier fix
2014-07-16 14:52:23 -05:00
de22aeba41
Land #3481 , meterpreter bins
2014-07-14 15:57:52 -05:00
8937fbb2f5
Fix email format
2014-07-11 12:45:23 -05:00
bcec2df0a4
Fix Meterpreter PHP hop description
2014-07-10 11:35:48 -05:00
038d1e210a
Merge upstream/master to deconflict.
...
Conflicts:
Gemfile.lock
2014-07-09 17:43:42 -05:00
e908bb6819
formating
2014-07-08 11:02:41 +02:00
34dcb609e2
android extension
2014-07-08 04:52:06 +02:00
9fef2ca0f3
Description/whitespace changes (minor)
...
Four modules updated for the weekly release with minor cosmetic fixes.
- [ ] See all affected modules still load.
- [ ] See all affected modules have expected `info`
2014-07-07 12:39:05 -05:00
6f433db609
Minor typo fix
2014-07-06 23:44:17 -05:00
3ef35f19dc
Prefer strip over chomp
2014-07-06 23:17:09 -05:00
d76081bcef
Prefer strip over chomp
2014-07-06 23:16:56 -05:00
ab7848a895
Merge master for testing of #2809
2014-07-06 22:27:58 -05:00
c9b6c05eab
Fix improper use of host-endian or signed pack/unpack
...
Note that there are some cases of host-endian left, these
are intentional because they operate on host-local memory
or services.
When in doubt, please use:
```
ri pack
```
2014-06-30 02:50:10 -05:00
8b63d3d467
Revert the revert of #3446
...
This reverts commit 9b35b0e13a
2014-06-29 17:22:21 -05:00
9b35b0e13a
Revert "Land #3446 -- Meterpreter bins gem switch" due to build failures
...
This reverts commit bba8bd3498002234993f
2014-06-25 13:24:07 -05:00
5d6b582adc
Update modules to use new path.
2014-06-19 18:44:19 -05:00
8e1949f3c8
Added newline at EOF
2014-06-17 21:03:18 +02:00
2aa26fa290
Minor spacing and word choice fixups
2014-06-16 11:40:21 -05:00
2a7227f443
Land #3427 - Adds webcam module for firefox privileged sessions on OSX
2014-06-11 22:27:25 -05:00
2c8a99143b
Land #3426 , @Meatballs1's Python v2.3.3 Compatible Command Shell payloads
2014-06-10 09:55:58 -05:00
dc69afebb1
License and Require
2014-06-09 21:41:38 +01:00
25ed68af6e
Land #3017 , Windows x86 Shell Hidden Bind
...
A bind shellcode that responds as 'closed' unless the client matches the
AHOST ip.
2014-06-08 13:49:49 +01:00
2be6b8befe
Remove bind hidden handler
2014-06-07 14:34:20 +01:00
496be5c336
Ensure command_shell_options is present.
2014-06-06 16:26:45 -05:00
d990fb4999
Remove a number of stray edits and bs.
2014-06-06 16:24:45 -05:00
c032b8ce8e
Compat
2014-06-04 02:27:06 +01:00
6c7fd3642a
Land #3411 , Python 3.[34] Meterpreter support
2014-06-03 11:34:22 -05:00
0e4177fb75
Pymeterpreter shorten stagers by 3 bytes
2014-06-03 12:03:20 -04:00
95376bf6d3
Pymeterpreter update stager and stage descriptions
2014-06-03 10:17:27 -04:00
d0d389598a
Land #3086 , Android Java Meterpreter updates
...
w00t.
2014-06-02 17:28:38 -05:00
76c3aaf743
Pymeterpreter get type encoder from dict instead
2014-06-02 17:32:08 -04:00
aeca455a10
Pymeterpreter update pystagers for version 3.1/3.2
2014-06-02 17:18:13 -04:00
77eac38b01
Pymeterpreter fix processes_via_proc for Python v3
2014-05-30 16:32:03 -04:00
145776db4d
Add a DEBUGGING option to the python meterpreter
2014-05-29 10:52:49 -04:00
15b1c79039
Adjust whitespace and set bytes to str for Python 2
2014-05-28 16:30:27 -04:00
c559483176
Land #3392 , @TomSellers patch to use python constants
2014-05-25 16:18:42 -04:00
HD Moore
Brent Cook
Borja Merino
William Vu
Tod Beardsley
eyalgr
root
Peregrino Gris
sinn3r
HackSys Team
Mark Schloesser
Spencer McIntyre
URI Assassin
Brendan Coles
Joe Vennix
jvazquez-r7
joev
AnwarMohamed
James Lee
Chris Doughty
Christian Mehlmauer
Meatballs