Samuel Huckins
985af3adfe
Update to masked credential format
...
* To support change in Pro export format. Previous format looked
like an XML element, for no reason, failed validation.
2013-12-30 10:59:15 -06:00
jvazquez-r7
b8569a1698
Land #2794 , @Meatballs1's fix for to_exe_jsp on J7u21, [FixRM #8717 ]
2013-12-30 09:28:27 -06:00
jvazquez-r7
39844e90c3
Don't user merge! because can modify self.compat
2013-12-27 16:37:34 -06:00
sinn3r
9c484dd0a3
Land #2786 - HP SiteScope issueSiebelCmd Remote Code Execution
2013-12-23 02:34:01 -06:00
Meatballs
f112e78de9
Fixes .war file creation
2013-12-22 20:58:21 +00:00
jvazquez-r7
ed838d73a6
Allow targets to specify Compat[ible] payloads
2013-12-19 17:48:15 -06:00
Joe Vennix
ca23b32161
Add support for Procs in browserexploit requirements.
2013-12-19 12:49:05 -06:00
Joe Vennix
cb390bee7d
Move comment.
2013-12-18 20:37:33 -06:00
Joe Vennix
f411313505
Tidy whitespace.
2013-12-18 20:31:31 -06:00
Joe Vennix
9ff82b5422
Move datastore options to mixin.
2013-12-18 14:52:41 -06:00
Joe Vennix
64273fe41d
Move addon datastore options into mixin.
2013-12-18 14:42:01 -06:00
Joe Vennix
1235615f5f
Add firefox 15 chrome privilege exploit.
...
* Moves the logic for generating a firefox addon into its own mixin
* Updates the firefox_xpi_bootstrapped_addon module to use the mixin
* Module only works if you move your mouse 1px in any direction.
2013-12-18 14:30:35 -06:00
William Vu
252909a609
Land #2448 , @OJ's ReverseListenerBindPort :)
2013-12-17 11:24:09 -06:00
Meatballs
6ee1a9c6e1
Fix duplicate error
2013-12-17 00:11:37 +00:00
Meatballs
06b399ee30
Remove ERROR_
...
To access as Error::NO_ACCESS
2013-12-16 19:52:11 +00:00
Meatballs
08a44fdfb7
Filename match module
2013-12-16 19:48:17 +00:00
Meatballs
57f2027e51
Move to module
2013-12-16 19:45:52 +00:00
Meatballs
c9084bd2d5
Remove errant fullstops
2013-12-16 18:53:37 +00:00
Meatballs
75c87faaf8
Add Windows Error Codes to Windows Post Mixin
2013-12-16 18:50:18 +00:00
Meatballs
ca1c887e68
Add missing ]
2013-12-15 01:12:50 +00:00
Meatballs
819ba30a33
msftidy
...
Conflicts:
lib/msf/core/post/windows/services.rb
2013-12-15 01:12:46 +00:00
Meatballs
a930056d7f
Added service status checks to Post::Windows::Services
...
Added QueryServiceStatus to Railgun Advapi32 Definitions
Added Checks to module
Conflicts:
lib/msf/core/post/windows/services.rb
lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_advapi32.rb
2013-12-15 01:12:45 +00:00
jvazquez-r7
f3ce1c10db
Land #2758 , @zeroSteiner's additions to railgun
2013-12-13 15:50:34 -06:00
Spencer McIntyre
a08c420862
Add railgun definitions for local exploit relevant functions.
2013-12-12 10:26:08 -05:00
jvazquez-r7
83e448f4ae
Restore vprint_error message
2013-12-12 09:06:29 -06:00
jvazquez-r7
5c1ca97e21
Create a new process to host the final payload
2013-12-12 08:26:44 -06:00
William Vu
ff9cb481fb
Land #2464 , fixes for llmnr_response and friends
...
Fixed conflict in lib/msf/core/exploit/http/server.rb.
2013-12-10 13:41:45 -06:00
Meatballs
45a0ac9e68
Land #2602 , Windows Extended API
...
Retrieve clipboard data
Retrieve window handles
Retrieve service information
2013-12-08 19:01:35 +00:00
Meatballs
e5a92a18a5
and expand path
2013-12-08 19:01:03 +00:00
Meatballs
3c67f1c6a9
Fix file download
2013-12-08 18:57:10 +00:00
scriptjunkie
f4636c46a6
Removing unused endjunk, sections_end, cert_entry
2013-12-07 20:55:51 -06:00
scriptjunkie
77e9996501
Mitigate metasm relocation error by disabling ASLR
...
Deal with import error by actually using the GetProcAddress code.
2013-12-07 20:54:13 -06:00
scriptjunkie
8d33138489
Support silent shellcode injection into DLLs
...
Only run code on DLL_PROCESS_ATTACH, preventing infinite loop otherwise:
Added code would create thread -> calls DLL entry point -> calling added code...
2013-12-07 19:44:17 -06:00
Meatballs
3aebe968bb
Land #2721 Reflective DLL Mixin
...
Adds support to load a dll and identify the ReflectiveLoader offset.
Adds support to inject dll into process and execute it.
Updates kitrap0d, ppr_flatten_rec, reflective_dll_inject modules and
payload modules to use above features.
2013-12-06 12:26:51 +00:00
OJ
e90b7641ca
Allow self-destruct via "kill -s"
...
HTTP(s) payloads don't exit cleanly at the moment. This is an issue that's
being addressed through other work. However, there's a need to be able to
terminate the current HTTP(s) session forcably.
This commit add a -s option to kill, which (when specified) will kill
the current session.
2013-12-06 14:56:19 +10:00
OJ
4ca48308c1
Fix downloading of files
2013-12-06 13:40:20 +10:00
OJ
155836ddf9
Adjusted style as per egypt's points
2013-12-06 10:08:38 +10:00
OJ
ccbf305de1
Remove exception stuff from the payloads
2013-12-06 09:26:46 +10:00
OJ
5a0a2217dc
Add exception if DLL isn't RDI enabled
2013-12-06 09:18:08 +10:00
OJ
2cb991cace
Shuffle RDI stuff into more appropriate structure
...
Now broken into two modules, one for loading RDI DLLs off disk and
finding the loader function offset, and another for doing the process
specific stuff of loading into the target.
2013-12-06 08:25:24 +10:00
OJ
fb84d7e7fe
Update to yardoc conventions
2013-12-06 07:54:25 +10:00
sinn3r
c7bb80c1d7
Add wvu as an author to author.rb
2013-12-05 00:33:07 -06:00
OJ
b936831125
Renamed the mixin module
2013-12-05 08:13:54 +10:00
OJ
7b24f815ee
Missed a single module in rename
2013-12-04 22:54:07 +10:00
OJ
7e8db8662e
Update name of the mixin
...
Changed `RdiMixin` to `ReflectiveDLLInjection`.
2013-12-04 22:18:29 +10:00
OJ
f79af4c30e
Add RDI mixin module
...
MSF was starting to see more modules using RDI to load binaries into
remote processes, so it made sense to create a mixin which contained
the functionality that was being used in various locations.
This commit contains the new mixin, and adjustments to all the existing
exploits and modules which use RDI.
2013-12-04 16:09:41 +10:00
OJ
1d757c40db
Remove empty parens
2013-12-04 07:10:23 +10:00
OJ
8b77da4ef7
Fix non-rubyisms
2013-12-04 07:06:32 +10:00
OJ
18e1d9ce17
Revert "Start clipboard monitor functionality"
...
This reverts commit ecbdfd3502
.
I don't know how this got in there, as it's in another branch waiting for more work.
My bad.
2013-12-04 07:03:12 +10:00
sinn3r
4d3d02ae01
Land #2667 - Add num and dword output format
2013-12-02 13:52:17 -06:00