5297ebc1a1
Merge branch 'master' into land-1396-http_proxy_pstore
...
Bring things back to the future
2015-02-20 08:50:17 -06:00
91b4a59fc7
msftidy fixes
2015-02-20 08:42:54 -06:00
bae19405a7
Various grammar, spelling, word choice fixes
2015-01-26 11:00:07 -06:00
d14413579c
HTTP stager based on WinHttp
2015-01-19 13:01:56 +01:00
7a2f0553a8
Update reverse_tcp.rb
...
prevent over-reading from socket
2015-01-18 17:32:53 +02:00
9c12fcc2f1
Update bind_tcp.rb
...
Read exactly l bytes
2015-01-18 15:42:09 +02:00
18e15a109a
Update bind_tcp.rb
...
Prevent over reading from socket
2015-01-18 15:35:56 +02:00
9791acd0bf
Add stager ipknock shellcode (PR 2)
2014-12-27 22:03:45 +01:00
93be828738
Fix invalid URL in splat
2014-12-22 11:26:20 -06:00
f1b9862665
Align shellcode in bind_hidden_tcp
2014-12-22 11:17:14 -06:00
9a7e431a4a
New block_api applied
2014-12-22 17:21:13 +01:00
42636fb3c0
Handler and block_hidden_bind_tcp deleted
2014-12-22 17:21:13 +01:00
fa8e944e34
AHOST OptAddress moved to the payload
2014-12-22 17:21:11 +01:00
c0fa8c0e3f
Add stager for hidden bind shell payload
2014-12-22 17:21:11 +01:00
2c0c732967
Fix #4414 & #4415 - exitfunc and proper null-terminated string
...
This patch fixes the following for messagebox.rb
Issue 1 (#4415 )
When exitfunc is none, the payload will not be able to generate
due to an "invalid opcode" error.
Issue 2: (#4414 )
After "user32.dll" is pushed onto the stack for the LoadLibrary
call, the payload does not actually ensure bl is a null byte, it
just assumes it is and uses it to modify the stack to get a
null-terminated string.
Fix #4414
Fix #4415
2014-12-19 03:19:06 -06:00
e3943682a2
Improves linux/armle payloads, lands #3315
2014-12-13 18:27:14 -06:00
5a645c5eba
Stagers updated from source
2014-12-13 12:50:47 -06:00
92490ab5e8
Singles updated from the source
2014-12-13 12:22:07 -06:00
79f2708a6e
Slight fixes to grammar/desc/whitespace
...
Note that the format_all_drives module had a pile of CRLFs that should
have been caught by msftidy. Not sure why it didn't.
2014-12-04 13:11:33 -06:00
fc96d011ab
Python reverse_http stager, lands #4225
2014-12-02 11:47:31 -06:00
7fe72fd118
Cosmetic tweaks for #4225
2014-12-02 11:47:14 -06:00
4a4608adbc
Add format_all_drives shellcode for Windows x86_x64
2014-11-27 23:06:54 +05:30
8473ed144a
Add format_all_drives shellcode for Windows x86_x64
2014-11-27 14:13:49 +05:30
f5633ba3c3
Add format_all_drives shellcode for Windows x86_x64
2014-11-26 20:29:25 +05:30
8e7e5590c9
rename SHELLARG to ARGV0 because that's really what it is
2014-11-19 22:14:24 +01:00
ac4c11ca39
work on linux/armle/shell_bind/tcp
...
same changes as to shell_reverse_tcp
2014-11-19 21:53:23 +01:00
fd7248b3c0
work on linux/armle/shell_reverse_tcp
...
shorten the execve code, remove exit, grow argv[0] space
2014-11-19 21:53:23 +01:00
d5ebd8a2dc
Shorten the reverse_http stager by renaming a var
2014-11-17 19:04:26 -05:00
0bf93acf6b
Pymeterp http proxy and user agent support
2014-11-16 14:29:20 -05:00
7c14e818f6
Patch pymeterp http settings
2014-11-14 17:12:23 -05:00
681ae8ce6b
Pymet reverse_http stager basic implementation
2014-11-14 14:15:46 -05:00
35d3bbf74d
Fix up comment splats with the correct URI
...
See the complaint on #4039 . This doesn't fix that particular
issue (it's somewhat unrelated), but does solve around
a file parsing problem reported by @void-in
2014-10-17 11:47:33 -05:00
e0016d4af3
Remove hash rocket from refs array #3766
...
[SeeRM #8776 ]
2014-10-08 09:16:38 +00:00
3c7be9c4c5
Remove hash rockets from references #3766
...
[SeeRM #8776 ]
2014-10-08 09:01:19 +00:00
9e5826c4eb
Land #3844 - Add the JSObfu mixin to Firefox exploits
2014-09-29 11:15:14 -05:00
b96a7ed1d0
Install a global object in firefox payloads, bump jsobfu.
2014-09-24 16:05:00 -05:00
0247e4a521
Change RequiredCmd for reverse_bash_telnet_ssl cmd payload
2014-09-24 00:40:14 -05:00
e1b6ee283f
Allow Msf::Payload::JSP to guess system shell path if it isnt provided
2014-08-30 16:27:02 -05:00
af3ca19ab2
Land #3501 , @AnwarMohamed's android meterpreter commands.
2014-08-09 16:29:59 -05:00
c31fc61617
Land #3270 , @jlee-r7 deprecation ipv6 payloads
...
These are not needed, since you can just config the regular handler now
and pick either.
This resolves the conflict (rm'ed the old modules)
Conflicts:
modules/payloads/stagers/windows/reverse_ipv6_http.rb
modules/payloads/stagers/windows/reverse_ipv6_https.rb
2014-08-01 16:27:59 -05:00
c2be3d6875
fixing autoload bug
2014-07-29 17:51:56 +02:00
6bbb2124a7
bug fixing
2014-07-29 15:49:14 +02:00
283046b25d
fixing auto load on new session
2014-07-28 10:49:50 +02:00
25f74b79b8
Land #3484 , bad pack/unpack specifier fix
2014-07-16 14:52:23 -05:00
de22aeba41
Land #3481 , meterpreter bins
2014-07-14 15:57:52 -05:00
8937fbb2f5
Fix email format
2014-07-11 12:45:23 -05:00
bcec2df0a4
Fix Meterpreter PHP hop description
2014-07-10 11:35:48 -05:00
038d1e210a
Merge upstream/master to deconflict.
...
Conflicts:
Gemfile.lock
2014-07-09 17:43:42 -05:00
e908bb6819
formating
2014-07-08 11:02:41 +02:00
34dcb609e2
android extension
2014-07-08 04:52:06 +02:00
9fef2ca0f3
Description/whitespace changes (minor)
...
Four modules updated for the weekly release with minor cosmetic fixes.
- [ ] See all affected modules still load.
- [ ] See all affected modules have expected `info`
2014-07-07 12:39:05 -05:00
6f433db609
Minor typo fix
2014-07-06 23:44:17 -05:00
3ef35f19dc
Prefer strip over chomp
2014-07-06 23:17:09 -05:00
d76081bcef
Prefer strip over chomp
2014-07-06 23:16:56 -05:00
ab7848a895
Merge master for testing of #2809
2014-07-06 22:27:58 -05:00
c9b6c05eab
Fix improper use of host-endian or signed pack/unpack
...
Note that there are some cases of host-endian left, these
are intentional because they operate on host-local memory
or services.
When in doubt, please use:
```
ri pack
```
2014-06-30 02:50:10 -05:00
8b63d3d467
Revert the revert of #3446
...
This reverts commit 9b35b0e13a
2014-06-29 17:22:21 -05:00
9b35b0e13a
Revert "Land #3446 -- Meterpreter bins gem switch" due to build failures
...
This reverts commit bba8bd3498002234993f
2014-06-25 13:24:07 -05:00
5d6b582adc
Update modules to use new path.
2014-06-19 18:44:19 -05:00
8e1949f3c8
Added newline at EOF
2014-06-17 21:03:18 +02:00
2aa26fa290
Minor spacing and word choice fixups
2014-06-16 11:40:21 -05:00
2a7227f443
Land #3427 - Adds webcam module for firefox privileged sessions on OSX
2014-06-11 22:27:25 -05:00
2c8a99143b
Land #3426 , @Meatballs1's Python v2.3.3 Compatible Command Shell payloads
2014-06-10 09:55:58 -05:00
dc69afebb1
License and Require
2014-06-09 21:41:38 +01:00
25ed68af6e
Land #3017 , Windows x86 Shell Hidden Bind
...
A bind shellcode that responds as 'closed' unless the client matches the
AHOST ip.
2014-06-08 13:49:49 +01:00
2be6b8befe
Remove bind hidden handler
2014-06-07 14:34:20 +01:00
496be5c336
Ensure command_shell_options is present.
2014-06-06 16:26:45 -05:00
d990fb4999
Remove a number of stray edits and bs.
2014-06-06 16:24:45 -05:00
c032b8ce8e
Compat
2014-06-04 02:27:06 +01:00
6c7fd3642a
Land #3411 , Python 3.[34] Meterpreter support
2014-06-03 11:34:22 -05:00
0e4177fb75
Pymeterpreter shorten stagers by 3 bytes
2014-06-03 12:03:20 -04:00
95376bf6d3
Pymeterpreter update stager and stage descriptions
2014-06-03 10:17:27 -04:00
d0d389598a
Land #3086 , Android Java Meterpreter updates
...
w00t.
2014-06-02 17:28:38 -05:00
76c3aaf743
Pymeterpreter get type encoder from dict instead
2014-06-02 17:32:08 -04:00
aeca455a10
Pymeterpreter update pystagers for version 3.1/3.2
2014-06-02 17:18:13 -04:00
77eac38b01
Pymeterpreter fix processes_via_proc for Python v3
2014-05-30 16:32:03 -04:00
145776db4d
Add a DEBUGGING option to the python meterpreter
2014-05-29 10:52:49 -04:00
15b1c79039
Adjust whitespace and set bytes to str for Python 2
2014-05-28 16:30:27 -04:00
c559483176
Land #3392 , @TomSellers patch to use python constants
2014-05-25 16:18:42 -04:00
77f66f8510
Update reverse_tcp.rb
2014-05-25 14:04:54 -05:00
b5c567c462
Update bind_tcp.rb
2014-05-25 14:03:45 -05:00
14b796acbf
First stab at refactoring webrtc mixin.
2014-05-21 15:32:29 -05:00
1ada4831e0
Land #3293 , module deprecation constants
2014-05-14 01:37:29 -05:00
ae0691c586
make string replacement more robust
2014-05-10 17:00:25 +01:00
111160147f
MIPS exec payload fixes for encoder
2014-04-30 20:37:54 +02:00
ec1f7d644c
Support deprecation information from constants
2014-04-23 23:03:02 -04:00
af899254a3
Missed file
2014-04-16 19:14:17 -05:00
549e306572
Remove superfluous v6 http{,s} payload and handler
2014-04-16 18:32:35 -05:00
b4f5784ba2
Land #3147 , @m-1-k-3's mipsbe exec payload.
2014-04-08 22:32:21 -05:00
ffdca3bf42
Fixup on some modules for release
...
There may be more coming, but if not, this should cover
this week's minor style changes.
2014-03-31 12:42:19 -05:00
657b096be3
make msftidy happy
2014-03-27 19:24:25 +01:00
ad94653fc0
feedback included
2014-03-27 16:12:34 +01:00
3fc114e265
exec payload - new try
2014-03-26 19:48:14 +01:00
33651d0753
Fix formatting of hash options.
2014-03-25 14:43:53 -05:00
c8784168d5
Fix references and whitespace in mips payloads.
2014-03-25 14:39:27 -05:00
1ac3944627
Merge branch 'landing-pr-3095' into upstream-master
2014-03-25 10:56:42 -05:00
1680f9cc5d
Land PR #3127 , @m-1-k-3's mipsbe reboot payload, into master
2014-03-25 10:44:37 -05:00
50efd0b5d0
change name and filename and file included
2014-03-25 09:13:04 +01:00
a9952fa294
change name and filename
2014-03-25 09:11:16 +01:00
fca4425f95
feedback
2014-03-25 09:09:13 +01:00
Brent Cook
Tod Beardsley
Borja Merino
eyalgr
William Vu
root
Peregrino Gris
sinn3r
HD Moore
HackSys Team
Mark Schloesser
Spencer McIntyre
URI Assassin
Brendan Coles
Joe Vennix
jvazquez-r7
joev
AnwarMohamed
James Lee
Chris Doughty
Christian Mehlmauer
Meatballs
Tom Sellers
Tim Wright
Michael Messner