In posix, a command like "echo 'foo bar'" would previously get parsed
out into arguments for execve like [ "echo", "'foo", "bar'" ] which
obviously isn't what you want. After this commit, it sticks the whole
thing in an arg to sh so the execve call ends up looking like
execve("/bin/sh", ["sh", "-c", "echo 'foo bar'"], [/* 26 vars */]) = 0
This is still a little less than ideal because shell escapes become a
problem; fortunately, that's easy to deal with on the client side as
long as module developers take it into account.
This release SSL-enables the red team collaboration architecture, adds several keyboard
shortcuts and it improves the workflow for viewing downloaded files/loots.
commit db8a4fe575ec09607036ae5550adb83b345d9f2c
Author: Michael Schierl <schierlm@gmx.de>
Date: Wed Apr 11 00:41:51 2012 +0200
Ensure the manifest is always at the beginning of the JAR files
Might create strange errors when loading stdapi if not.
commit fc02de4e36b3b952e256885d277e9c8e91f8f065
Author: Michael Schierl <schierlm@gmx.de>
Date: Wed Apr 4 23:20:20 2012 +0200
Change the build file so that it generates fixed timestamps inside meterpreter.jar / ext_server_stdapi.jar
[Closes#304]
commit 97755336f2227a7db668b61e548d2956dddaccb8
Author: Michael Schierl <schierlm@gmx.de>
Date: Thu Apr 5 22:33:40 2012 +0200
make sure PayloadTrustManager gets dropped when using Spawn > 0
commit 0d096043e23af5d46a20b7f2c30c5d926ff66f8d
Author: Michael Schierl <schierlm@gmx.de>
Date: Wed Apr 4 22:15:23 2012 +0200
Fix connection hangs when using java/meterpreter/reverse_https with recent Java versions
Reason is that Java thinks the SSL certificate presented by Metasploit is untrusted;
therefore add a hack similar to the one in the metasploit.Payload class to trust all
certificates here.
[Closes#303]
commit 9afece529a33739a088c9c4d10b76dd52f23b99e
Author: Michael Schierl <schierlm@gmx.de>
Date: Thu Apr 12 17:58:12 2012 +0200
fix cat ... command by making stdapi_fs_stat return a sensible result
[Closes#330]
* Add support for hashing commands (stdapi_fs_md5 and sha1)
* Replace MTU detection with the Proper Java Way
Squashed commit of the following:
commit 0207b6e2e0c0eb55c7c5f04bd3008f674f6239ad
Author: Michael Schierl <schierlm@gmx.de>
Date: Sat Mar 24 22:02:15 2012 +0100
add support for stdapi_fs_{md5|sha1} commands
commit a187e7bc79f8d89e66df8d3a3f892c6dce10307b
Author: Michael Schierl <schierlm@gmx.de>
Date: Sat Mar 24 20:32:03 2012 +0100
update binaries
commit 0fc553bdac76cc8997fc581141483a3efbdefdfc
Author: Michael Schierl <schierlm@gmx.de>
Date: Sat Mar 24 20:29:48 2012 +0100
Add support to Java Meterpreter for multiple addresses on same interface
For more information, see https://dev.metasploit.com/redmine/issues/6476
Tested with Java 1.4, 1.5, 1.6, 1.7.
commit fc6dba99fe0b13bf8837ed7a699c5dbad35100e6
Author: Michael Schierl <schierlm@gmx.de>
Date: Sat Mar 24 16:55:15 2012 +0100
Fix Eclipse warnings
commit 4168d025507c1ecfbc50164cfc7f25f3f222b0ab
Author: Michael Schierl <schierlm@gmx.de>
Date: Sat Mar 24 16:29:37 2012 +0100
Update pretty-printing of unsupported command TLVs
This adds the TLVs added by commit fbc8e25aaa to the pretty-printer.
commit 4a9335abdabb1b8a7741c5ec67852d7c5d552d6b
Author: Michael Schierl <schierlm@gmx.de>
Date: Sat Mar 24 16:17:25 2012 +0100
Un-ghetto Java Meterpreter MTU determination
This splits the change from commit 14dfcce63a into a 1.6-specific and a 1.4-specific implementation (the latter being empty).
Tested with Java 1.4, 1.5, 1.6, 1.7.
commit 968edd210ed68ba4974f051e280d90f0151df222
Author: Michael Schierl <schierlm@gmx.de>
Date: Sat Mar 24 15:52:46 2012 +0100
update .gitignore to ignore IDE generated files in JavaPayload projects
commit 86111625bee318411cf43da7706d37ce5d7045c5
Author: Michael Schierl <schierlm@gmx.de>
Date: Sat Mar 24 15:49:58 2012 +0100
synchronize stages with upstream JavaPayload
commit 2360f2e6eb8703ae762868678ac952203be35d93
Author: Michael Schierl <schierlm@gmx.de>
Date: Sat Mar 24 15:39:58 2012 +0100
remove unused stages
[Closes#270]
If the OnLinkPrefixLength is 0, something is wrong, try the value in the
prefix linked list. Appears to fix v4 addresses on XP but not 2k3.
[See #6525]
commit 8b4750d0dcbac0686f9403acdf5cab50c918212f
Author: James Lee <egypt@metasploit.com>
Date: Tue Mar 13 13:14:43 2012 -0600
Add bins for listing all addresses
[Fixes#6476]
commit 213dd92ebc9b706a45725e6515c7939d2edace0e
Author: James Lee <egypt@metasploit.com>
Date: Tue Mar 13 02:08:34 2012 -0600
Accept multiple addresses and netmasks
[See #6476]
commit 2e8bd3c3ecfb319bf9456485d2420bb5829b60cc
Author: James Lee <egypt@metasploit.com>
Date: Tue Mar 13 01:55:57 2012 -0600
Make inspecting meterpreter packets a little less painful
Not sure why I originally thought there was no way to access extensions'
constants before. A simple `require` makes it all happy.
commit da367907cf579bd3aefaffbc84d2f96a41b85f00
Author: James Lee <egypt@metasploit.com>
Date: Sun Mar 11 22:08:44 2012 -0600
Fix up Linux after changes for Windows
commit ec9f04378b0155f69df95d4a94e62d33ce61977c
Author: James Lee <egypt@metasploit.com>
Date: Sun Mar 11 21:56:11 2012 -0600
Grab IPv6 addresses on Windows when possible
Tries to GetProcAddress of GetAdaptersAddresses and falls back to the
old GetIpAddrTable() function when it isn't available. This should work
on XPSP1 and newer, albeit without netmasks on versions before Vista.
Still trying to figure that one out.
commit 1052ebdcf86114fbc03d1a37ab5d4c6a78e82daa
Author: James Lee <egypt@metasploit.com>
Date: Tue Mar 6 15:34:09 2012 -0700
Wrap Windows-specifc headers in ifdef
commit f23f20587b3117c38a77e7e5a93d542411e9504f
Author: James Lee <egypt@metasploit.com>
Date: Tue Mar 6 14:36:34 2012 -0700
Handle multiple addrs on one iface on the ruby side
commit d7207d075ac6462875d9da531cf20c175629a416
Author: James Lee <egypt@metasploit.com>
Date: Mon Mar 5 21:57:39 2012 -0700
Adds IPv6 addrs to win32 get_interfaces response
commit 11ae7e8a45bd56d25841ea8724377e0fb6789d72
Author: James Lee <egypt@metasploit.com>
Date: Mon Mar 5 09:07:28 2012 -0700
Don't distinguish between 4 and 6.
The client can figure it out from the length.
commit 2c7490bdf3e4079f30857ee323d2ce23ab1bd9a5
Author: James Lee <egypt@metasploit.com>
Date: Sun Mar 4 04:25:26 2012 -0700
Append to the list instead of assigning to it
All addresses are being sent to the client now. Just need a way to
parse them out correctly on the other side and meterpreter will be able
to list all addresses on all interfaces on Linux. Next step is to
allocate the proper number of TLVs to avoid good ol' stack smashes on
systems with lots of addresses and then make sure we clean all the
memory leaks.
[See #6476]
commit 73bba037ad968b922341c02459017afcc8407a76
Author: James Lee <egypt@metasploit.com>
Date: Sun Mar 4 03:12:28 2012 -0700
Lay the groundwork for returning all addresses
This commit only sends the last interface in the list, but it is looping
through all of them as evidenced by the log, just need to make sure
we're not overwriting as we go.
[See #6476]
Tries to GetProcAddress of GetAdaptersAddresses and falls back to the
old GetIpAddrTable() function when it isn't available. This should work
on XPSP1 and newer, albeit without netmasks on versions before Vista.
Still trying to figure that one out.
All addresses are being sent to the client now. Just need a way to
parse them out correctly on the other side and meterpreter will be able
to list all addresses on all interfaces on Linux. Next step is to
allocate the proper number of TLVs to avoid good ol' stack smashes on
systems with lots of addresses and then make sure we clean all the
memory leaks.
[See #6476]
This commit only sends the last interface in the list, but it is looping
through all of them as evidenced by the log, just need to make sure
we're not overwriting as we go.
[See #6476]
It's easier to deal with one Array of all routes regardless of INET
family than having get_routes() return a two-element Array of Arrays.
Also fixes a bug in each_route() which was expecting get_routes() to
return a single Array of all routes. Thanks to valsmith for reporting.
This doesn't work on 1.4, but I'm not Java-savvy enough to figure out
how to only compile it for 1.4, so do a ghetto try-catch block in case
the method doesn't exist.