870621d169
Add OverrideScheme option, fixes #7841
2017-02-08 23:30:29 +08:00
99047fa8a1
be stricter in what we accept for payload uri
...
datastore needs to contain something to produce a valid URI
2017-01-22 10:20:04 -06:00
836da6177f
Cipher::Cipher is deprecated
2017-01-22 10:20:03 -06:00
3808eebad8
Land #7704 , Update jobs output to show TCP listener information
2017-01-02 15:44:49 -06:00
505cc19662
Update reverse_tcp to show TCP listener information
...
Also update the readable text to only output the listener information if
it differs from the payload information.
2016-12-12 15:56:26 +10:00
e8d7a074fa
Tweak to stageless handling for python payloads
2016-11-29 07:54:51 +10:00
5e8a47ac00
Merge upstream/master into universal handler work
2016-11-28 15:26:43 +10:00
496836fc06
Remove debug junk, rejig order of ops in initializer
2016-11-28 15:25:07 +10:00
e8158bd200
Add multi platform type, wire into the multi stage
2016-11-28 09:34:09 +10:00
b45a36180e
Don't complain when Proxies is an empty string
2016-11-22 09:29:04 -06:00
09d9733a75
Interim commit while working on multi payloads
2016-11-03 06:44:39 +10:00
494b4e67bd
Refactor http/s handler & payloads
...
This commit moves much of the platform-specific logic from the
reverse_http handler down into the payloads. This makes the handler
a bit more agnostic of what the payload is (which is a good thing).
There is more to do here though, and things can be improved.
Handling of datastore settings has been changed to make room for the
ability to override the datastore completely when generating the
payloads. If a datastore is given via the `opts` then this is used
instead otherwise it falls back to the settings specified in the usual
datatstore location.
Down the track, we'll have a payload that supports multiple stages, and
the datastore will be generated on the fly, along with the stage itself.
Without this work, there's no other nice way of getting datastore
settings to be contained per-stager.
2016-11-02 11:33:59 +10:00
0fca4483c0
Correctly call generate_stage on native init
2016-11-02 00:52:25 +10:00
c13ab28a5b
remove debug statement
2016-09-22 16:27:11 +01:00
43942e6029
refactor pem parser to use the rex-socket gem version
...
use rex-socket's pem aprser instead of the old one we used
to have in rex::parser
MS-1715
2016-09-07 11:38:27 -05:00
5f9f3259f8
Merge branch 'master' into feature/MS-1688/net-ssh-cleanup
2016-07-05 10:48:38 -05:00
5dc7d4b16e
Land #7043 , Fix-up double slash handling with the LURI parameter
2016-07-05 01:21:33 -05:00
85dfec0cf5
minor whitespace
2016-07-05 01:20:54 -05:00
9b4028d2d7
Revert #6581 , it causes regressions
...
We need a more clever solution without breaking HttpUnknownRequestResponse.
2016-07-05 00:11:15 -05:00
23399326c2
Fix up double slashes, tweak syntax
2016-06-30 12:56:29 -05:00
6072697126
continued
2016-06-22 14:54:00 -05:00
f7382f5b3b
Make `jobs` display a full uri
...
Addresses the problem of LURI taking the place of URIPATH, which has
different semantics.
See #4623
2016-05-27 11:15:12 -05:00
5921ac7b47
Add a spec and fix ReverseHttp#luri
2016-05-24 17:22:14 -05:00
3b893cf740
Merge pull request #6581 from bcook-r7/uuidretry
...
don't send a response on invalid UUID, allow stagers to survive another day
2016-05-02 11:23:02 -05:00
98f89ca23a
Land #6794 , Fixed yard doc errors
2016-04-21 13:16:45 -05:00
5e36a3128c
Fix #5197 , Fixed yard doc errors
...
Fix #5197 Fixed issues that caused errors during yard doc generation
2016-04-21 13:06:00 -05:00
555352b210
Force lurl string duplication to avoid stageless issues
...
I have NO idea why this is even a problem. Mutating state is the spawn of satan.
2016-04-18 08:25:19 -05:00
a74a7dde55
More fixies for LURI in Python, and native too
2016-04-18 08:25:19 -05:00
b95267997d
Fix LURI support for stageless, transport add/change and code tidies
2016-04-18 08:24:41 -05:00
a45d0aed53
show LURI in new connection log message
2016-04-18 08:21:50 -05:00
1e16804c63
size considerations for LURI, stageless
2016-04-18 08:16:35 -05:00
d2d36ca043
java handler, better default, jobs -v
2016-04-18 08:13:10 -05:00
b122dffe3d
initial LURI commit. windows, python functional
2016-04-18 08:13:10 -05:00
a2a522be07
Land #6716 , Add a rescue to catch method missing for stage_payload
2016-03-30 13:08:52 -05:00
ead6e6b6b6
Use a print_prefix instead
2016-03-30 11:50:45 -05:00
0a239742f5
Show handler URI so we know which job's responding
2016-03-30 11:35:04 -05:00
6523600952
Add a rescue to catch method missing for stage_payload
...
This allows us to provide a friendlier message to users when they are
using a stageless listener with a staged payload.
2016-03-29 09:46:09 +10:00
b409b2237d
update to use the common bind_addresses method
2016-02-18 18:17:56 -06:00
b5ae4c0322
remove the sleep
2016-02-18 08:33:44 -06:00
aff118a3a5
don't send a response on invalid UUID
2016-02-16 09:19:45 -06:00
b4ed55b4d4
Fix reverse_http{,s} LHOST bind address
2016-02-02 09:57:11 -06:00
a587975f90
be more robust and careful breaking from the accept thread
2016-01-23 01:46:58 -06:00
91700f17e3
tidy up the ruby style while we're in here testing
2016-01-22 14:43:19 -06:00
ac8b483d32
don't break the accept loop just because we got a client connection that closed early
2016-01-22 13:52:00 -06:00
28cf943bcb
Fix a couple of missing requires in payloads.
...
This pops up occasionally. This fixes a couple of anecdotal reports of missing
requires that cause the loader to fail, depending on the directory sort order.
It also fixes the problem as reported in #6460
2016-01-14 13:17:26 -06:00
beb2fa9f92
Use bind_addresses rather than bind_address; fixes #6394
2015-12-24 09:20:21 -08:00
3f4c6eb370
Land #5383 , allow tunneling reverse_tcp meterpreter sessions without 'route add'
2015-12-22 15:42:42 -06:00
14b1b3a1f0
Land #6299 , Stageless HTTP(S) Python Meterpreter
2015-12-04 16:16:54 -06:00
d7aeabbb71
Land #6293 , listener bind_port fix
2015-12-02 13:16:23 -06:00
fba9715a56
Add stageless python meterpreter http & https payloads
2015-11-28 17:41:55 -05:00
Tim
Brent Cook
Brent Cook
OJ
James Lee
David Maloney
HD Moore
wchen-r7
thao doan
Rory McNamara
William Vu
Jon Hart
Sonny Gonzalez
Spencer McIntyre