e408d5a155
add windows error messages for windows meterpreter sessions, minor cleanups
...
git-svn-id: file:///home/svn/framework3/trunk@10605 4d416f70-5f16-0410-b530-b9f4589650da
2010-10-08 19:36:34 +00:00
41183d3395
Bump the packet queue timeout as well (10 minutes), which should handle even the worst lag
...
git-svn-id: file:///home/svn/framework3/trunk@10598 4d416f70-5f16-0410-b530-b9f4589650da
2010-10-08 05:00:03 +00:00
9489c2fa58
Note on thread safety
...
git-svn-id: file:///home/svn/framework3/trunk@10597 4d416f70-5f16-0410-b530-b9f4589650da
2010-10-08 04:55:06 +00:00
2e9138ebbc
This commit overhauls much of the meterpreter timeouts and staging processes. This fixes a bug with concurrent session handling, reduces CPU load by caching a single SSL certificate for all sessions, increases all of the critical timeouts, and generally makes mass ownage work better. We still need to limit the maximum number of concurrent on_session() threads to something sane to prevent sesssion spikes from dragging out the process even longer. The C-side meterpreter change is minimal and will only help with future compatibility if we move to non-blocking fd's for the SSL socket.
...
git-svn-id: file:///home/svn/framework3/trunk@10595 4d416f70-5f16-0410-b530-b9f4589650da
2010-10-08 04:11:47 +00:00
e4a00b2fd1
Handle a larger backlog
...
git-svn-id: file:///home/svn/framework3/trunk@10594 4d416f70-5f16-0410-b530-b9f4589650da
2010-10-08 03:20:09 +00:00
754225a80d
Implement per dispatch run channel_write of packets, remove __FUNCTION__ due to dprintf changes, and fix shutting down networkpug interfaces. Re-add networkpug binary.
...
git-svn-id: file:///home/svn/framework3/trunk@10586 4d416f70-5f16-0410-b530-b9f4589650da
2010-10-07 11:52:38 +00:00
6a47af814a
Basic, still buggy support for NetSparker XML
...
git-svn-id: file:///home/svn/framework3/trunk@10585 4d416f70-5f16-0410-b530-b9f4589650da
2010-10-07 06:24:26 +00:00
1afba58f94
Fix typos
...
git-svn-id: file:///home/svn/framework3/trunk@10584 4d416f70-5f16-0410-b530-b9f4589650da
2010-10-07 04:16:48 +00:00
3250ab13e0
Add a parser for Retina XML
...
git-svn-id: file:///home/svn/framework3/trunk@10582 4d416f70-5f16-0410-b530-b9f4589650da
2010-10-07 02:33:57 +00:00
1e75603894
Add a Quickfile class that is identical to Tempfile except for the finalizer
...
git-svn-id: file:///home/svn/framework3/trunk@10568 4d416f70-5f16-0410-b530-b9f4589650da
2010-10-06 17:57:56 +00:00
4e7e69f768
Avoid GC issue with Tempfiles in meterpreter's command dispatcher.
...
git-svn-id: file:///home/svn/framework3/trunk@10567 4d416f70-5f16-0410-b530-b9f4589650da
2010-10-06 17:26:33 +00:00
e2ed2f0d75
Fix a long-standing issue with Resolv.getaddress() being broken on Ruby 1.9.1 Windows
...
git-svn-id: file:///home/svn/framework3/trunk@10544 4d416f70-5f16-0410-b530-b9f4589650da
2010-10-04 14:49:19 +00:00
1b4190df38
This commit brings configurability to TCP Servers as to which Comm they use. The ReverseListenerComm and ListenerComm advanced options can be used to prevent a given listener from trying to bind a listener over the pivoted routed. This is useful for a number of situations and not possible to configure explicitly before.
...
git-svn-id: file:///home/svn/framework3/trunk@10534 4d416f70-5f16-0410-b530-b9f4589650da
2010-10-04 02:11:22 +00:00
14cabd2611
Allow debugging to be enabled.
...
This will make it easier to hopefully track down bugs.
exploitme-posix.c - make complete stack executable. On some kernel versions, execstack doesn't do the trick.
git-svn-id: file:///home/svn/framework3/trunk@10485 4d416f70-5f16-0410-b530-b9f4589650da
2010-09-26 05:58:59 +00:00
784e355d93
Networkpug improvements
...
git-svn-id: file:///home/svn/framework3/trunk@10484 4d416f70-5f16-0410-b530-b9f4589650da
2010-09-26 05:58:48 +00:00
e646176db7
check number of fields before trying to add row
...
git-svn-id: file:///home/svn/framework3/trunk@10482 4d416f70-5f16-0410-b530-b9f4589650da
2010-09-26 04:16:18 +00:00
cdc97316b5
Automatically close dead sessions (finally), also, automatically mark meterpreter sessions as dead when writes start to trigger exceptions
...
git-svn-id: file:///home/svn/framework3/trunk@10475 4d416f70-5f16-0410-b530-b9f4589650da
2010-09-25 03:57:30 +00:00
54c1ec843d
tab complete on scripts in ~/.msf3/scripts/meterpreter/ as well. fixes #2403
...
git-svn-id: file:///home/svn/framework3/trunk@10468 4d416f70-5f16-0410-b530-b9f4589650da
2010-09-24 23:05:10 +00:00
ae48757fd5
new nessus plugin patches from Zate Berg
...
git-svn-id: file:///home/svn/framework3/trunk@10450 4d416f70-5f16-0410-b530-b9f4589650da
2010-09-23 23:17:13 +00:00
465fe7c60d
nice work troulouliou, shuffling comments only
...
git-svn-id: file:///home/svn/framework3/trunk@10427 4d416f70-5f16-0410-b530-b9f4589650da
2010-09-21 16:24:18 +00:00
3204b3ad83
Patch for the SMB timestamp parser which allows it to function in GMT+ zones
...
git-svn-id: file:///home/svn/framework3/trunk@10425 4d416f70-5f16-0410-b530-b9f4589650da
2010-09-21 14:21:38 +00:00
50241faa57
Implement a sniffer for posix meterpreter using libpcap.
...
This version of the sniffer supports packet filtering after the packet count variable, like so:
meterpreter > sniffer_interfaces
1 - 'eth0' ( type:0 mtu:1514 usable:false dhcp:false wifi:false )
2 - 'any' ( type:0 mtu:1514 usable:false dhcp:false wifi:false )
3 - 'lo' ( type:0 mtu:1514 usable:false dhcp:false wifi:false )
meterpreter > use sniffer
Loading extension sniffer...success.
meterpreter > sniffer_start 1 500000 icmp <-- picks up only icmp packets.
[*] Capture started on interface 1 (500000 packet buffer)
meterpreter > sniffer_stop 1
[*] Capture stopped on interface 1
git-svn-id: file:///home/svn/framework3/trunk@10424 4d416f70-5f16-0410-b530-b9f4589650da
2010-09-21 11:43:30 +00:00
a179836fca
Initial import of networkpug, a pivoting interface using libpcap to monitor/inject packets on a interface on the remote machine.
...
git-svn-id: file:///home/svn/framework3/trunk@10423 4d416f70-5f16-0410-b530-b9f4589650da
2010-09-21 09:35:46 +00:00
4590844871
tons of indentation fixes, some other style tweaks
...
git-svn-id: file:///home/svn/framework3/trunk@10394 4d416f70-5f16-0410-b530-b9f4589650da
2010-09-20 08:06:27 +00:00
5d3089c135
raise EOFError from SSL connections
...
git-svn-id: file:///home/svn/framework3/trunk@10375 4d416f70-5f16-0410-b530-b9f4589650da
2010-09-19 21:20:06 +00:00
ff22e5212e
revert to backward compatible method of using utc+zone
...
git-svn-id: file:///home/svn/framework3/trunk@10367 4d416f70-5f16-0410-b530-b9f4589650da
2010-09-18 05:09:47 +00:00
b22c24289d
fix up the simple.client.system_time and underlying stuffs
...
git-svn-id: file:///home/svn/framework3/trunk@10362 4d416f70-5f16-0410-b530-b9f4589650da
2010-09-18 01:12:44 +00:00
012654947a
Store the time zone as well
...
git-svn-id: file:///home/svn/framework3/trunk@10357 4d416f70-5f16-0410-b530-b9f4589650da
2010-09-17 21:19:04 +00:00
31f5ee512c
Store the server time in Ruby object format
...
git-svn-id: file:///home/svn/framework3/trunk@10354 4d416f70-5f16-0410-b530-b9f4589650da
2010-09-17 21:03:08 +00:00
d0ea92d35f
Dont match on directories with the name of the intended file. Problem identified by JJ Gray
...
git-svn-id: file:///home/svn/framework3/trunk@10347 4d416f70-5f16-0410-b530-b9f4589650da
2010-09-17 16:02:10 +00:00
21d734201a
Closes #2520 . Merges Rob's patch to check admin privs on start
...
git-svn-id: file:///home/svn/framework3/trunk@10341 4d416f70-5f16-0410-b530-b9f4589650da
2010-09-16 21:44:25 +00:00
5e2295a9a8
Add in an aux module to create a socks4 proxy server. If you add in a route via a meterpreter session to the framework routing table the proxy server will use that route where appropriate. (Also modified the servers opts hash to optionally take a 'Comm' param if you want to programmatically create a socks4 server which will always use a specific meterpreter session for all socket creation - by default this does not happen and it uses the rex socket switchboard as per normal rex socket creation).
...
git-svn-id: file:///home/svn/framework3/trunk@10337 4d416f70-5f16-0410-b530-b9f4589650da
2010-09-16 18:23:03 +00:00
5c2717a189
Add in a Socks4a proxy server.
...
git-svn-id: file:///home/svn/framework3/trunk@10330 4d416f70-5f16-0410-b530-b9f4589650da
2010-09-16 12:11:30 +00:00
cf440fc6c9
Rename for consistency
...
git-svn-id: file:///home/svn/framework3/trunk@10324 4d416f70-5f16-0410-b530-b9f4589650da
2010-09-15 08:40:57 +00:00
6f4eaeb8e3
Delete the ruby side railgun meterpreter extension and add in the new stdapi railgun stuff. Railgun with stdapi works the same (e.g. just use client.railgun.user32.MesageBoxA(...) ). The module definitions are lazy loaded on demand to avoid the performance hit if we load them all at once when stdapi is initially loaded.
...
git-svn-id: file:///home/svn/framework3/trunk@10319 4d416f70-5f16-0410-b530-b9f4589650da
2010-09-14 23:28:52 +00:00
e85b8adcf8
Add Ruby side meterpreter packet support for QWORD Tlv's.
...
git-svn-id: file:///home/svn/framework3/trunk@10318 4d416f70-5f16-0410-b530-b9f4589650da
2010-09-14 23:23:15 +00:00
44a67d0440
Typo fix
...
git-svn-id: file:///home/svn/framework3/trunk@10315 4d416f70-5f16-0410-b530-b9f4589650da
2010-09-14 18:20:17 +00:00
792285cb87
Clean up monitor threads
...
git-svn-id: file:///home/svn/framework3/trunk@10309 4d416f70-5f16-0410-b530-b9f4589650da
2010-09-13 21:07:02 +00:00
778132ad02
Remove the select spin loop in favor of a thread.join
...
git-svn-id: file:///home/svn/framework3/trunk@10308 4d416f70-5f16-0410-b530-b9f4589650da
2010-09-13 20:57:38 +00:00
7ccf4e2f11
Change stream writes to be non-blocking, this has been pretty heavily tested over the last couple days, and should preserve the original behavior as well. This fixes a deadlock in Ruby in certain conditions
...
git-svn-id: file:///home/svn/framework3/trunk@10306 4d416f70-5f16-0410-b530-b9f4589650da
2010-09-13 14:39:17 +00:00
eddd6d481d
add some documentation for request_cgi
...
git-svn-id: file:///home/svn/framework3/trunk@10293 4d416f70-5f16-0410-b530-b9f4589650da
2010-09-11 17:31:26 +00:00
eec9b59609
add docs dir
...
git-svn-id: file:///home/svn/framework3/trunk@10274 4d416f70-5f16-0410-b530-b9f4589650da
2010-09-09 15:49:06 +00:00
1405bda8a4
properly set defaults for ip start and end, fixes #2500
...
git-svn-id: file:///home/svn/framework3/trunk@10261 4d416f70-5f16-0410-b530-b9f4589650da
2010-09-08 17:06:31 +00:00
e8e796868e
default to nil
...
git-svn-id: file:///home/svn/framework3/trunk@10237 4d416f70-5f16-0410-b530-b9f4589650da
2010-09-04 00:08:12 +00:00
0b8eebcace
make sure sets has something in it. lib/msf/core/exploit.rb sends this a nil if the user didn't specify anything
...
git-svn-id: file:///home/svn/framework3/trunk@10235 4d416f70-5f16-0410-b530-b9f4589650da
2010-09-03 23:48:46 +00:00
4388b886c8
jduck tricked me on purpose.
...
git-svn-id: file:///home/svn/framework3/trunk@10222 4d416f70-5f16-0410-b530-b9f4589650da
2010-09-02 16:22:48 +00:00
e7aa1a86ec
Avoid xml encoding spaces.
...
git-svn-id: file:///home/svn/framework3/trunk@10221 4d416f70-5f16-0410-b530-b9f4589650da
2010-09-02 16:20:30 +00:00
832960b6df
Whoops forgot the x.
...
git-svn-id: file:///home/svn/framework3/trunk@10216 4d416f70-5f16-0410-b530-b9f4589650da
2010-09-01 23:26:35 +00:00
1d1805306e
Adds xml_char_encode. Like html_encode, but allows xml-safe character through.
...
git-svn-id: file:///home/svn/framework3/trunk@10214 4d416f70-5f16-0410-b530-b9f4589650da
2010-09-01 22:40:07 +00:00
a0f86c62e3
Meterpreter search support to leverage the index on older systems (2000/XP/2003) via Windows Desktop Search v2.
...
git-svn-id: file:///home/svn/framework3/trunk@10187 4d416f70-5f16-0410-b530-b9f4589650da
2010-08-30 09:50:41 +00:00
6d333eb185
style compliance fixes
...
git-svn-id: file:///home/svn/framework3/trunk@10173 4d416f70-5f16-0410-b530-b9f4589650da
2010-08-27 21:26:59 +00:00
d02687b755
add dest adjust option to omelete hunter
...
git-svn-id: file:///home/svn/framework3/trunk@10172 4d416f70-5f16-0410-b530-b9f4589650da
2010-08-27 21:19:42 +00:00
8dd489ad3b
expose the payload exe filename, remove the concat operator
...
git-svn-id: file:///home/svn/framework3/trunk@10169 4d416f70-5f16-0410-b530-b9f4589650da
2010-08-27 17:23:47 +00:00
a3a20ebb05
default to no concatenation
...
git-svn-id: file:///home/svn/framework3/trunk@10168 4d416f70-5f16-0410-b530-b9f4589650da
2010-08-27 17:16:44 +00:00
fbf64adf2a
Commit the ruby side for meterpreter file search. If available, will leverage Windows Search to speed up searching an indexed directory. Examples of usage as follows:
...
Find all .PDF files on the host system:
meterpreter>search *.pdf
Find all files on bob's desktop:
meterpreter>search -d 'c:\users\bob\desktop' -f *
Find all files in the root drive c: but don't search subdirectories:
meterpreter>search -d c: -r false -f *
If Windows Search is available (Vista and above by default, XP/2003 by addon) we can also search any indexed IE history and indexed email
meterpreter>search -d iehistory -f *
meterpreter>search -d mapi -f *
git-svn-id: file:///home/svn/framework3/trunk@10167 4d416f70-5f16-0410-b530-b9f4589650da
2010-08-27 14:59:38 +00:00
a119cb7b71
dont let close exceptions slow us down
...
git-svn-id: file:///home/svn/framework3/trunk@10163 4d416f70-5f16-0410-b530-b9f4589650da
2010-08-27 04:44:02 +00:00
6e48076249
fixes #2435 , add BROADCAST option to DHCP server, use in cases where sending to 255.255.255.255 fails
...
git-svn-id: file:///home/svn/framework3/trunk@10159 4d416f70-5f16-0410-b530-b9f4589650da
2010-08-26 19:34:53 +00:00
330281eadd
see #684 , adds checksum support, updates modules to use it, fixes some wfs_delay/WfsDelay issues
...
git-svn-id: file:///home/svn/framework3/trunk@10150 4d416f70-5f16-0410-b530-b9f4589650da
2010-08-25 20:55:37 +00:00
a0e7901c19
add syscall name comment
...
git-svn-id: file:///home/svn/framework3/trunk@10147 4d416f70-5f16-0410-b530-b9f4589650da
2010-08-25 20:23:38 +00:00
9557980607
oops, semicolon is a comment except when used in metasm_shell
...
git-svn-id: file:///home/svn/framework3/trunk@10144 4d416f70-5f16-0410-b530-b9f4589650da
2010-08-25 17:46:06 +00:00
1477ae6b92
merge in checksum support, add quick-n-dirty unit test
...
git-svn-id: file:///home/svn/framework3/trunk@10143 4d416f70-5f16-0410-b530-b9f4589650da
2010-08-25 16:52:13 +00:00
623e4ef3ac
add forward search, reset between eggs, move options into a hash
...
git-svn-id: file:///home/svn/framework3/trunk@10132 4d416f70-5f16-0410-b530-b9f4589650da
2010-08-25 01:21:12 +00:00
49beb83081
add the "makerc" command for quick resource script generation, fixes #738
...
git-svn-id: file:///home/svn/framework3/trunk@10119 4d416f70-5f16-0410-b530-b9f4589650da
2010-08-23 21:19:01 +00:00
b6577681c6
another omelet update from Peter, this time with in-line assembly
...
git-svn-id: file:///home/svn/framework3/trunk@10118 4d416f70-5f16-0410-b530-b9f4589650da
2010-08-23 21:03:00 +00:00
bd96c10cc0
only read the history file if we have no history
...
git-svn-id: file:///home/svn/framework3/trunk@10117 4d416f70-5f16-0410-b530-b9f4589650da
2010-08-23 20:56:50 +00:00
6e66831517
couple minor fixes to omelet mixin/class
...
git-svn-id: file:///home/svn/framework3/trunk@10116 4d416f70-5f16-0410-b530-b9f4589650da
2010-08-23 19:53:15 +00:00
d2bada79a9
typo in error string
...
git-svn-id: file:///home/svn/framework3/trunk@10109 4d416f70-5f16-0410-b530-b9f4589650da
2010-08-23 17:37:06 +00:00
08fc366d0b
add omlet mixin from Peter Van Eeckhoutte
...
git-svn-id: file:///home/svn/framework3/trunk@10108 4d416f70-5f16-0410-b530-b9f4589650da
2010-08-23 17:35:41 +00:00
62f6c9b961
fix some 1.8/1.9 incompatabilities, should be last commit on #2329
...
git-svn-id: file:///home/svn/framework3/trunk@10106 4d416f70-5f16-0410-b530-b9f4589650da
2010-08-23 16:45:38 +00:00
8c9d08b1e8
add egg override param for egghunter
...
git-svn-id: file:///home/svn/framework3/trunk@10098 4d416f70-5f16-0410-b530-b9f4589650da
2010-08-22 20:19:19 +00:00
5d95f48848
add preliminary support for the new java payloads. Working meterpreter and shell stages with tcp bind and reverse stagers, see #406
...
git-svn-id: file:///home/svn/framework3/trunk@10073 4d416f70-5f16-0410-b530-b9f4589650da
2010-08-20 07:01:23 +00:00
d9337f3cca
add a Jar class to Rex::Zip
...
git-svn-id: file:///home/svn/framework3/trunk@10057 4d416f70-5f16-0410-b530-b9f4589650da
2010-08-19 17:08:29 +00:00
d5149b8e23
less verbose Entry#inspect
...
git-svn-id: file:///home/svn/framework3/trunk@10056 4d416f70-5f16-0410-b530-b9f4589650da
2010-08-19 17:04:42 +00:00
a9a4e3f2da
Add meterpreter client side support for cleaning up loaded extensions upon server termination by calling the loaded extensions cleanup() method if available.
...
git-svn-id: file:///home/svn/framework3/trunk@10055 4d416f70-5f16-0410-b530-b9f4589650da
2010-08-19 11:37:22 +00:00
48e91af25d
remove client ip send, remove puts lines, fixes #2329
...
git-svn-id: file:///home/svn/framework3/trunk@10049 4d416f70-5f16-0410-b530-b9f4589650da
2010-08-18 23:35:28 +00:00
8463e026bd
read responses until EOF per RFC
...
git-svn-id: file:///home/svn/framework3/trunk@10045 4d416f70-5f16-0410-b530-b9f4589650da
2010-08-18 22:41:07 +00:00
06dca2addb
fix this unit test
...
git-svn-id: file:///home/svn/framework3/trunk@10044 4d416f70-5f16-0410-b530-b9f4589650da
2010-08-18 22:36:13 +00:00
b8991c541e
add a NO RECV flag to the client call function
...
git-svn-id: file:///home/svn/framework3/trunk@10038 4d416f70-5f16-0410-b530-b9f4589650da
2010-08-18 17:21:10 +00:00
626f7e0c66
add a flag indication not to recv to various smb/client methods
...
git-svn-id: file:///home/svn/framework3/trunk@10037 4d416f70-5f16-0410-b530-b9f4589650da
2010-08-18 17:20:55 +00:00
24d10866b6
add update_checksum, size, and length methods
...
git-svn-id: file:///home/svn/framework3/trunk@10036 4d416f70-5f16-0410-b530-b9f4589650da
2010-08-18 04:39:38 +00:00
d46d4313e7
reduce verbosity for printed exceptions when processing on_request
...
git-svn-id: file:///home/svn/framework3/trunk@10029 4d416f70-5f16-0410-b530-b9f4589650da
2010-08-17 22:57:52 +00:00
9ba0916937
fix port bug, add diff from sj, see #2329
...
git-svn-id: file:///home/svn/framework3/trunk@10015 4d416f70-5f16-0410-b530-b9f4589650da
2010-08-14 20:21:14 +00:00
3a0402de2a
a few minor cleanups
...
git-svn-id: file:///home/svn/framework3/trunk@10013 4d416f70-5f16-0410-b530-b9f4589650da
2010-08-14 06:42:17 +00:00
10c2bfb64e
added validation for the meterpreter route command - thanks robin for pointing it out
...
git-svn-id: file:///home/svn/framework3/trunk@9993 4d416f70-5f16-0410-b530-b9f4589650da
2010-08-13 06:12:05 +00:00
f48afb37a7
merge tftp.diff from scriptjunkie, see #2329
...
git-svn-id: file:///home/svn/framework3/trunk@9991 4d416f70-5f16-0410-b530-b9f4589650da
2010-08-13 03:25:43 +00:00
939bf2a881
merge dhcp.diif from scriptjunkie, see #2329
...
git-svn-id: file:///home/svn/framework3/trunk@9990 4d416f70-5f16-0410-b530-b9f4589650da
2010-08-13 03:11:30 +00:00
23a0064f9d
merge cleanup.diff from scriptjunkie, rewrote set_option, see #2329
...
git-svn-id: file:///home/svn/framework3/trunk@9970 4d416f70-5f16-0410-b530-b9f4589650da
2010-08-07 06:45:02 +00:00
7f8bbbc535
add dhcp/pxe stuff from scriptjunkie, see #2329
...
git-svn-id: file:///home/svn/framework3/trunk@9963 4d416f70-5f16-0410-b530-b9f4589650da
2010-08-06 17:37:28 +00:00
52b2d0a495
add support for various options
...
git-svn-id: file:///home/svn/framework3/trunk@9962 4d416f70-5f16-0410-b530-b9f4589650da
2010-08-06 17:21:22 +00:00
1c7ead1699
remove duped p_filesz entry, fixes #2307
...
git-svn-id: file:///home/svn/framework3/trunk@9937 4d416f70-5f16-0410-b530-b9f4589650da
2010-07-27 18:03:18 +00:00
1ae81367ac
Forgot, TABS not spaces for indent
...
git-svn-id: file:///home/svn/framework3/trunk@9921 4d416f70-5f16-0410-b530-b9f4589650da
2010-07-25 01:54:29 +00:00
d279123b77
Added functions for managing services in the railgun api and created new calls to use this functions for starting, stopping and creating services, Thanks to Scriptjunkie for the calls and example code that I used to base the mixin calls on
...
git-svn-id: file:///home/svn/framework3/trunk@9920 4d416f70-5f16-0410-b530-b9f4589650da
2010-07-25 01:32:50 +00:00
3ae1a26aef
include a bunch more firefox fingerprints. thanks Mark Fioravanti for the patch
...
git-svn-id: file:///home/svn/framework3/trunk@9917 4d416f70-5f16-0410-b530-b9f4589650da
2010-07-23 22:20:05 +00:00
25bc9f2973
add error printing for HttpServer exploits
...
git-svn-id: file:///home/svn/framework3/trunk@9909 4d416f70-5f16-0410-b530-b9f4589650da
2010-07-21 23:24:51 +00:00
b8b5d0586d
generate job info from available properties in rpc. fixes #2236
...
git-svn-id: file:///home/svn/framework3/trunk@9902 4d416f70-5f16-0410-b530-b9f4589650da
2010-07-21 08:57:11 +00:00
6b25b1024e
Always try to read the NB header first to get the length
...
git-svn-id: file:///home/svn/framework3/trunk@9826 4d416f70-5f16-0410-b530-b9f4589650da
2010-07-14 17:07:10 +00:00
c78b87a356
Add support for the ring0 stager_sysenter_hook payload to run its ring3 payload in a new thread in order to preserve/resume the original hijacked ring3 thread.
...
git-svn-id: file:///home/svn/framework3/trunk@9819 4d416f70-5f16-0410-b530-b9f4589650da
2010-07-14 13:43:17 +00:00
e765553d26
Fix BufferItem references
...
git-svn-id: file:///home/svn/framework3/trunk@9811 4d416f70-5f16-0410-b530-b9f4589650da
2010-07-13 19:34:32 +00:00
9d859e4dce
Implements the client side of multi-call railgun
...
git-svn-id: file:///home/svn/framework3/trunk@9807 4d416f70-5f16-0410-b530-b9f4589650da
2010-07-13 19:19:36 +00:00
e67e231659
Adds Rex::Text.to_hex_ascii(), replaces the gsub on the banner checks to use it.
...
git-svn-id: file:///home/svn/framework3/trunk@9804 4d416f70-5f16-0410-b530-b9f4589650da
2010-07-13 18:52:27 +00:00
301d220c80
get rid of debugging alerts. wtf
...
git-svn-id: file:///home/svn/framework3/trunk@9800 4d416f70-5f16-0410-b530-b9f4589650da
2010-07-13 07:58:50 +00:00
a430970ddd
Wrap the write() calls to catch exceptions from the socket api
...
git-svn-id: file:///home/svn/framework3/trunk@9794 4d416f70-5f16-0410-b530-b9f4589650da
2010-07-12 17:55:20 +00:00
16134447d9
Cleanup / cosmetic for dcerpc, make EBADF pretend to be EOFError in terms of what exception is raised
...
git-svn-id: file:///home/svn/framework3/trunk@9752 4d416f70-5f16-0410-b530-b9f4589650da
2010-07-09 19:05:16 +00:00
adf33feb0e
Catch an odd corner case with zero timeouts - this broke dcerpc over tcp
...
git-svn-id: file:///home/svn/framework3/trunk@9749 4d416f70-5f16-0410-b530-b9f4589650da
2010-07-09 17:58:59 +00:00
2d65cb602b
Fix boolean handling
...
git-svn-id: file:///home/svn/framework3/trunk@9747 4d416f70-5f16-0410-b530-b9f4589650da
2010-07-09 16:34:18 +00:00
573fc216dd
add write support, tftproot, output dir for tftp server
...
git-svn-id: file:///home/svn/framework3/trunk@9742 4d416f70-5f16-0410-b530-b9f4589650da
2010-07-08 23:34:29 +00:00
a4c6280ae0
Minor cleanups for railgun, fix 1.8/1.9 differences, remove use of string encoding routines for 1.8 back-compat
...
git-svn-id: file:///home/svn/framework3/trunk@9736 4d416f70-5f16-0410-b530-b9f4589650da
2010-07-08 18:53:49 +00:00
3049d527ef
there is no comm variable here, fixes #2200
...
git-svn-id: file:///home/svn/framework3/trunk@9728 4d416f70-5f16-0410-b530-b9f4589650da
2010-07-07 20:49:49 +00:00
9915be8935
Add the railgun client extensions
...
git-svn-id: file:///home/svn/framework3/trunk@9712 4d416f70-5f16-0410-b530-b9f4589650da
2010-07-07 16:31:24 +00:00
843b6ffa00
Make the http client try harder
...
git-svn-id: file:///home/svn/framework3/trunk@9698 4d416f70-5f16-0410-b530-b9f4589650da
2010-07-06 23:08:28 +00:00
24fbbfb906
use fat_offset, from Dino, fixes #2183
...
git-svn-id: file:///home/svn/framework3/trunk@9682 4d416f70-5f16-0410-b530-b9f4589650da
2010-07-06 17:16:35 +00:00
f3afedf490
Fix an issue caused by pad_data being a string not an integer, this caused the evasion code to return a nil. Fixed a couple of ambiguities in how options are passed
...
git-svn-id: file:///home/svn/framework3/trunk@9674 4d416f70-5f16-0410-b530-b9f4589650da
2010-07-05 13:38:39 +00:00
2250a83913
Updates meterpreter autoroute to accept CIDR notation.
...
git-svn-id: file:///home/svn/framework3/trunk@9667 4d416f70-5f16-0410-b530-b9f4589650da
2010-07-03 01:27:24 +00:00
fb273e83a9
Updates autoroute to enforce sensible netmasks. This is serious business.
...
git-svn-id: file:///home/svn/framework3/trunk@9664 4d416f70-5f16-0410-b530-b9f4589650da
2010-07-02 18:42:56 +00:00
01139ed655
Adding an autoroute meterpreter script, and enabling route housekeeping to be stored and retrived via Sessions directly, rather than through Rex::Socket::SwitchBoard.
...
git-svn-id: file:///home/svn/framework3/trunk@9663 4d416f70-5f16-0410-b530-b9f4589650da
2010-07-02 17:38:56 +00:00
1c9059eeb1
standardize job context as an Array and always copy datastore for jobs. fixes #2096 and fixes #2098
...
git-svn-id: file:///home/svn/framework3/trunk@9652 4d416f70-5f16-0410-b530-b9f4589650da
2010-07-01 22:02:46 +00:00
864fcafb4a
See #2167 . This should make all platforms equal now in terms of how read selects are handled. It looks like OS X needs the same workaround as Windows
...
git-svn-id: file:///home/svn/framework3/trunk@9641 4d416f70-5f16-0410-b530-b9f4589650da
2010-07-01 14:49:49 +00:00
aecb6cd43f
Prevent a loop condition noted by commonism
...
git-svn-id: file:///home/svn/framework3/trunk@9631 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-28 14:40:11 +00:00
96cd7bddae
compatibility for 1.9. fixes #2143
...
git-svn-id: file:///home/svn/framework3/trunk@9622 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-25 05:52:05 +00:00
83d3e3cbac
1.9 fixes, see 2143
...
git-svn-id: file:///home/svn/framework3/trunk@9618 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-25 04:03:58 +00:00
01702e8506
don't rescue IOError.
...
git-svn-id: file:///home/svn/framework3/trunk@9616 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-25 00:31:00 +00:00
6e01b03767
IO.select has different behavior when a socket is closed, go back to Rex::ThreadSafe.select; fixes portfwd
...
git-svn-id: file:///home/svn/framework3/trunk@9615 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-25 00:28:49 +00:00
161ae211c4
add a capabilities hash to the meterpreter client for determining whether libs are available on the server. eventually there should be a way to request this from the server directly instead of inferring it from platform
...
git-svn-id: file:///home/svn/framework3/trunk@9561 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-18 23:15:48 +00:00
50c59a9ab1
Skip nmap port imports where the result is unknown and the target is really localhost.
...
git-svn-id: file:///home/svn/framework3/trunk@9553 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-18 03:03:11 +00:00
ebe48096f3
put the original suspend handler back, even if it was nil. fixes 2102
...
git-svn-id: file:///home/svn/framework3/trunk@9547 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-16 22:41:53 +00:00
3e38aa9cd4
put the old sigint handler back, fixes #2103
...
git-svn-id: file:///home/svn/framework3/trunk@9546 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-16 21:57:46 +00:00
3d98f22ef4
Un-private-ing :range
...
git-svn-id: file:///home/svn/framework3/trunk@9537 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-16 19:12:31 +00:00
f6901861fa
allow host specifications like 'range, range' e.g. '10.1.1.0/24, 10.2.2.1'. Note that the space is required
...
git-svn-id: file:///home/svn/framework3/trunk@9489 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-11 17:20:14 +00:00
e32abab8dc
a HTTP -> an HTTP ( http://www.english-zone.com/grammar/a-anlessn.html )
...
git-svn-id: file:///home/svn/framework3/trunk@9488 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-11 16:12:05 +00:00
32c24b944a
actually increment the loop variable; document the deficiencies of the employed technique
...
git-svn-id: file:///home/svn/framework3/trunk@9449 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-07 23:56:35 +00:00
7044c65f22
make sure we have a newline in a chunk length before parsing it, tighten up the regex. fixes 2063 (I hope)
...
git-svn-id: file:///home/svn/framework3/trunk@9448 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-07 23:43:32 +00:00
6950cae916
more legible inspect for meterpreter packets
...
git-svn-id: file:///home/svn/framework3/trunk@9445 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-07 15:20:24 +00:00
e4c2a74915
DIY on the iconv stuff. just load the arrays once, plz.
...
git-svn-id: file:///home/svn/framework3/trunk@9407 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-03 17:35:58 +00:00
a5a318f623
Workaround for a lack of Iconv for performing EBCDIC/ASCII conversions
...
git-svn-id: file:///home/svn/framework3/trunk@9406 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-03 17:28:45 +00:00
87379e798a
Bump the timeout for hashdump, handle large DCs better, thanks Chris!
...
git-svn-id: file:///home/svn/framework3/trunk@9385 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-01 16:45:34 +00:00
5b6b13e7e8
check for existence before using stuff
...
git-svn-id: file:///home/svn/framework3/trunk@9384 4d416f70-5f16-0410-b530-b9f4589650da
2010-06-01 16:35:10 +00:00
845407a356
Allow interrupts to break out of recvfrom
...
git-svn-id: file:///home/svn/framework3/trunk@9380 4d416f70-5f16-0410-b530-b9f4589650da
2010-05-29 06:52:47 +00:00
288b700e75
remove silly debugging statements
...
git-svn-id: file:///home/svn/framework3/trunk@9377 4d416f70-5f16-0410-b530-b9f4589650da
2010-05-26 22:46:22 +00:00
6d1e7bdaa5
big commit - lots of cmdstager changes
...
created 4 cmd stagers (instead of just one): CmdStagerVBS, CmdStagerDebugAsm, CmdStagerDebugWrite, CmdStagerTFTP
created a TFTPServer mixin
created Msf::Exploit::EXE mixin to generate executables
updated all uses of CmdStager to use CmdStagerVBS for the time being
add exploit for cve-2001-0333 using CmdStagerTFTP
updated tftp server to wait for transfers to finish (up to 30 seconds) before shutting down
write debug.exe stager stub in 16-bit assembly (used in CmdStagerDebugAsm)
git-svn-id: file:///home/svn/framework3/trunk@9375 4d416f70-5f16-0410-b530-b9f4589650da
2010-05-26 22:39:56 +00:00
110e0c8404
Allow for an IP range notation of "10.1.1.1-10.255.255.255" . This is equivalent to "10.1-255.1-255.1-255" but is more natural for some people not familiar with the nmap-style notation. Note that there must be no spaces around the hyphen. In the case of "10.1.1.1 - 10.255.255.255", this will merely fail normally. In the case of "10.1.1.1- 10.255.255.255," you will end up with a funny range of 10.1.1.1-255 and 10.255.255.255, since the space after the hyphen denotes "until the end of the octet space."
...
git-svn-id: file:///home/svn/framework3/trunk@9368 4d416f70-5f16-0410-b530-b9f4589650da
2010-05-25 22:44:55 +00:00
563ab310dc
Strengthening up the checks for valid formats for CIDR address ranges when passed to Rex::Socket::RangeWalker
...
git-svn-id: file:///home/svn/framework3/trunk@9366 4d416f70-5f16-0410-b530-b9f4589650da
2010-05-25 20:46:00 +00:00
1a2be34a63
Fixes #2002 . Needed to work with some pipelining to get this all to work right, but it seems to function now pretty well -- if the target takes Basic, do basic, if the target takes NTLM, do NTLM. Should implement Digest too, but I don't think hardly anyone uses that.
...
git-svn-id: file:///home/svn/framework3/trunk@9346 4d416f70-5f16-0410-b530-b9f4589650da
2010-05-22 17:58:01 +00:00
83adc3f391
switch to ::IO.select
...
git-svn-id: file:///home/svn/framework3/trunk@9339 4d416f70-5f16-0410-b530-b9f4589650da
2010-05-21 05:02:52 +00:00
872575209f
Fix a corner case with udp send destinations already having a ::ffff: prefix
...
git-svn-id: file:///home/svn/framework3/trunk@9338 4d416f70-5f16-0410-b530-b9f4589650da
2010-05-21 05:01:14 +00:00
21130bc38a
replace hardcoded numbers with friendly constants
...
git-svn-id: file:///home/svn/framework3/trunk@9334 4d416f70-5f16-0410-b530-b9f4589650da
2010-05-21 00:15:10 +00:00
957b1432ed
add simple tftp server
...
git-svn-id: file:///home/svn/framework3/trunk@9333 4d416f70-5f16-0410-b530-b9f4589650da
2010-05-21 00:03:04 +00:00
15cee53b41
move tab completion setup out of init_ui. fixes #1180
...
git-svn-id: file:///home/svn/framework3/trunk@9332 4d416f70-5f16-0410-b530-b9f4589650da
2010-05-20 23:47:49 +00:00
dfa7fb7d0b
Move away from Kernel.select in exchange for IO.select, solves some issues with windows compatibility
...
git-svn-id: file:///home/svn/framework3/trunk@9330 4d416f70-5f16-0410-b530-b9f4589650da
2010-05-20 20:42:17 +00:00
a29371647f
Force cygwin to use the Rex::ThreadSafe.select code
...
git-svn-id: file:///home/svn/framework3/trunk@9322 4d416f70-5f16-0410-b530-b9f4589650da
2010-05-18 15:11:19 +00:00
670bacb9bc
a couple rex/ole fixes
...
git-svn-id: file:///home/svn/framework3/trunk@9287 4d416f70-5f16-0410-b530-b9f4589650da
2010-05-12 05:33:35 +00:00
Joshua Drake
HD Moore
pks
Tod Beardsley
James Lee
Stephen Fewer
Jonathan Cran
Carlos Perez