93bf995b32
Reverse tcp support for POSIX
...
Ported the stager and wired in the new work to make the configuration
function.
2015-05-04 20:11:26 +10:00
9300158c9a
Initial rework of POSIX stuff to handle new configuration
2015-05-04 18:58:55 +10:00
451484cb0d
Add support for transport listing
...
Includes a verbose flag for the extra HTTP/S properties
2015-05-04 11:19:53 +10:00
8ddd7a4891
Fix session removal code, prevent missing transport param fail
2015-04-30 22:39:48 +10:00
919b96e4cf
Fix up UUID handling
2015-04-28 21:59:19 +10:00
4f9c8d04a2
Add support for moving transports and uuid fetching
...
The 'next' and 'prev' commands were added so that the session can jump
transports without having to add new ones at the same time.
There's also a command which gives the UUID now so that this can be
reused across sessions.
2015-04-28 20:24:44 +10:00
f711e5dee7
Update migration support
...
Migration now uses the new meterpreter loader. Migration configuration
is loaded and created by meterpreter on the fly, and supports the
multiple transport stuff that's just been wired in.
2015-04-28 17:41:43 +10:00
fca4d852a1
Remove the passing on off listen socket values
2015-04-28 13:51:48 +10:00
d82bfb0692
Reorder params, fix up the transport termination
2015-04-28 13:03:40 +10:00
c41f4bd59f
Fix up http/s a little
...
Correctly check the URL against the non-widechar version. Get the SSL
verification stuff working again.
2015-04-28 09:44:48 +10:00
1ca5188c5e
Change the payload to use IPv6 formats if required
2015-04-28 07:44:21 +10:00
f3e547ca92
Remvoe the exitfunk from the loader
...
Meterpreter handles the exitfunk internally as part of the config now
2015-04-28 07:43:26 +10:00
0d2f97ed2d
Add support for config in the x64 bind stager
2015-04-26 14:19:36 +10:00
6da8a14f62
Initial work on x64 payloads for new config
2015-04-26 13:41:31 +10:00
6ac3ecfa7c
Refactor, add reverse_winhttps support
...
Getting closer to a normalised view of what this stuff will look like.
There URL patching is slowly being removed. Reverse HTTPS works fine,
and by default HTTP should too.
Next up, x64 for the same main ones.
2015-04-26 12:11:14 +10:00
2455163d24
Refactor configuration for meterpreter payloads (x86)
...
RDI is now back to what it was before, as this leaves all the other RDI
style payloads alone. Instead we have a new Meterpreter loader which
does the stuff that is required to make meterpreter work well with the
new configuration options.
This is just the case for reverse_tcp and bind_tcp so far, need to do
the other payloads too, along with all the x64 versions.
2015-04-26 09:57:30 +10:00
3a24923361
Force bind to hand over the listen socket
2015-04-25 22:04:58 +10:00
4ec4868bcf
Make bind hand over the listen socket as well
2015-04-25 21:37:32 +10:00
bb77a3a0e6
First pass of refactoring to support new config block
...
This is pretty basic stuff, but at least it's reusable.
2015-04-25 21:36:28 +10:00
9f1e035c53
Changed required_space check in bind payloads
2015-04-25 21:30:54 +10:00
1b11322618
Remove STDERR debug statement
2015-04-23 19:36:17 +10:00
9ecb3cc634
Fixed specs, though they did run fine locally!
2015-04-23 10:09:58 +10:00
19a6ae68ff
Update bind_tcp sizes to dynamic
...
This is required due to the fact that we can now turn on/off the
closing of the listen socket.
2015-04-23 09:53:18 +10:00
c8bab6ace1
Fix help for timeouts
2015-04-21 20:35:46 +10:00
f654fea9b3
Adjust transport command to work with posix
2015-04-21 20:16:57 +10:00
86957d9b07
Merge branch 'upstream/master' into connection-recovery
2015-04-21 20:01:59 +10:00
8aca4539c9
Land #5152 , undefined var in WinRM_Login
2015-04-20 23:01:11 -05:00
ab33fc8eba
Land #5211 , parse nmap's tunnel attribute
2015-04-20 22:53:34 -05:00
ee07809fd8
Land #5190 , 64-bit meterpreter persistence script
2015-04-20 22:32:57 -05:00
1d5a054cb0
Land #5166 , update redcarpet for XSS vuln
2015-04-20 22:09:16 -05:00
a3b0f2e424
Land #5175 , Update mcafee_vse_hashdump description
2015-04-20 21:49:24 -05:00
9a49538c1a
Land #5016 , add SSL Labs scanner
2015-04-20 21:34:16 -05:00
74ad81c90c
Consolidate tunnel check into name check
2015-04-20 21:18:12 -05:00
752c3243f6
wrap print* functions in report_* wrappers
...
Preserve the semantics in the code, but don't call functions like 'print_error'
unless there is an actual error running the module. Fix spelling of 'Overall'.
2015-04-20 21:13:43 -05:00
c6c7560aed
Land #4846 , @joevennix's android 4.3 uxss module
2015-04-20 18:43:24 -05:00
9b240e1d8f
Use parenthesis
2015-04-20 18:42:34 -05:00
741149058c
Report unknown service names for consistency
2015-04-20 17:22:19 -05:00
d894502148
Update legacy Nmap XML parser
2015-04-20 17:15:35 -05:00
1a66786d1b
Fix Nmap XML parser for tunnel attribute
2015-04-20 17:04:19 -05:00
c7129e063c
Land #5069 , breaking up with old options
2015-04-20 16:23:44 -05:00
d67f7a21d9
Move autoloads into OptionContainer
...
This seems like a better place for them to live
2015-04-20 15:54:42 -05:00
d7fc9294f0
Add require
2015-04-20 15:54:41 -05:00
da0e7282d5
Replace some unnecessary eval action.
...
Metaprogramming should be reserved for when you don't know things. Here
we're making methods from literal strings, so replace the
metaprogramming with much easier to understand regular programming. Also
has the benefit that yard can parse it.
2015-04-20 15:54:41 -05:00
2a3ed890d2
Add specs for Msf::Opt
2015-04-20 15:54:40 -05:00
b64d881914
Make OptionContainer docs a little more useful
2015-04-20 15:54:40 -05:00
3a5af3939d
Split all the option classes into their own files
2015-04-20 15:54:40 -05:00
3fbd4e2fe6
Land #5172 , x64 BSD shell_{bind,reverse}_tcp
2015-04-20 15:37:29 -05:00
79ca0a56f9
Land #4171 , Steam protocol support
2015-04-20 15:35:06 -05:00
f762873a31
Land #5192 , @joevennix's module for Safari CVE-2015-1126
...
* Module to profit cross domain vulnerability on safari
2015-04-20 15:19:54 -05:00
e2eaff6b3a
Don't modify datastore options
2015-04-20 15:16:21 -05:00
OJ
Brent Cook
wchen-r7
William Vu
jvazquez-r7
James Lee