HD Moore
6ea5ed1a82
Shrinks windows payloads, lands #4391
2014-12-13 17:41:50 -06:00
HD Moore
f67a32ef9c
Add missing commits from #3770 , lands #4393
2014-12-13 17:36:26 -06:00
HD Moore
92490ab5e8
Singles updated from the source
2014-12-13 12:22:07 -06:00
HD Moore
4681416a0f
Update block_api with @schierlm's changes
2014-12-13 12:06:38 -06:00
Joe Vennix
2bd7a67413
Restructure parts of Author, fix some doc bugs.
2014-11-26 13:54:23 -06:00
Joe Vennix
2a24151fa8
Remove BAP target, payload is flaky. Add warning.
2014-11-17 02:02:37 -06:00
Joe Vennix
105a28d8fd
Run the tests again.
2014-11-16 23:42:40 -06:00
Joe Vennix
a7aeac5df3
Fix APK signing on osx.
2014-11-16 23:29:54 -06:00
jvazquez-r7
c833888c32
Just randomize
2014-11-05 15:53:06 -06:00
jvazquez-r7
7ba705f23a
Add some randomized variables to JSP Payloads
...
Because the JASPER engine with Tomcat has been found
complaining about the out variable.
2014-11-05 12:16:33 -06:00
Tod Beardsley
0199e4d658
Land #3770 , resolve random stager bugs
2014-11-03 14:15:14 -06:00
HD Moore
8aecd5e4a5
Address the two open comments from @jlee-r7
2014-11-03 12:33:11 -06:00
Luke Imhoff
9dfbbbde7d
Add missing require
...
MSP-11145
2014-10-21 09:39:31 -05:00
James Lee
41e41e2f49
Fix typo that caused encoding to ignore saved regs
2014-10-06 16:24:50 -05:00
Joe Vennix
b96a7ed1d0
Install a global object in firefox payloads, bump jsobfu.
2014-09-24 16:05:00 -05:00
Joe Vennix
5d234c0e01
Pass #send in this so jsobfu is not confused.
2014-09-24 15:07:14 -05:00
HD Moore
29eb3ebf86
Fix up the StageEncodingFallback logic and error handling
2014-09-15 21:56:35 -05:00
agix
9cbc7e46a3
Fix suggested stuff
...
https://github.com/hmoore-r7/metasploit-framework/pull/2
2014-09-15 09:47:06 +02:00
agix
c71428be50
Choose fallback if stage encoding fail
2014-09-13 13:56:54 +02:00
agix
28e61edef4
Unblock when invalid encoder is selected and allow multiple encoder
2014-09-12 12:48:09 +02:00
HD Moore
71228b48a0
Update 3 more encoders to be StageEncoder compatible
...
This could probably use some DRY love via a mixin
2014-09-10 20:21:35 -05:00
sinn3r
65287e41cd
Land #3773 - Fix windows cmd redirection in firefox payloads
2014-09-10 13:25:42 -05:00
Joe Vennix
1bb6573570
Fix windows cmd redirection in ff payloads.
2014-09-10 00:47:05 -05:00
HD Moore
6c0dae953d
Stage encoding is now SaveRegister aware
2014-09-09 14:21:51 -05:00
jvazquez-r7
559ec4adfe
Add module for ZDI-14-299
2014-08-31 01:11:46 -05:00
jvazquez-r7
e1b6ee283f
Allow Msf::Payload::JSP to guess system shell path if it isnt provided
2014-08-30 16:27:02 -05:00
HD Moore
5e123e024d
Add 'coding: binary' to all msf/rex library files
...
This fixes a huge number of hard-to-detect runtime bugs
that occur when a default utf-8 string from one of these
libraries is passed into a method expecting ascii-8bit
2014-08-17 17:31:53 -05:00
sinn3r
2a7227f443
Land #3427 - Adds webcam module for firefox privileged sessions on OSX
2014-06-11 22:27:25 -05:00
joev
d990fb4999
Remove a number of stray edits and bs.
2014-06-06 16:24:45 -05:00
Tod Beardsley
d0d389598a
Land #3086 , Android Java Meterpreter updates
...
w00t.
2014-06-02 17:28:38 -05:00
joev
14b796acbf
First stab at refactoring webrtc mixin.
2014-05-21 15:32:29 -05:00
Brendan Coles
cc8ab9bcba
Support one line js payload
...
Add missing ';' in `run_cmd_source`
2014-05-05 18:57:15 +10:00
sinn3r
6e37493471
Land #3091 - native shellcode payloads from a FF privileged js shell
2014-03-13 13:36:37 -05:00
AnwarMohamed
b45524ecdd
generate cert @ payload/dalvik.rb
2014-03-10 21:50:00 -05:00
AnwarMohamed
99cc94e6fc
moving string_sub() to payload/dalvik.rb
2014-03-10 21:49:59 -05:00
jvazquez-r7
6c490af75e
Add randomization to Rex::Zip::Jar and java_signed_applet
2014-02-27 12:38:52 -06:00
sinn3r
d0780cd1a2
Land #3010 - EXITFUNC as OptEnum
2014-02-24 11:07:10 -06:00
Joe Vennix
212ebb568c
EXITFUNC option should be an OptEnum.
2014-02-19 03:06:15 -06:00
Joe Vennix
50fb9b247e
Restructure some of the exploit methods.
2014-02-19 02:31:22 -06:00
Joe Vennix
318ebdb4c8
Clean up // comments.
2014-02-17 15:34:42 -06:00
Joe Vennix
57449ac719
Adds working shellcode exec local exploit.
2014-02-17 15:31:45 -06:00
jvazquez-r7
1f0020a61c
Land #2946 , @jlee-r7's optimization of the x86 block_api code
2014-02-11 15:00:00 -06:00
James Lee
b226ecf591
Add block_api changes to prepend_migrate
2014-02-05 15:32:59 -06:00
sinn3r
bda93c2bbc
Land #2811 - Add generate_war to jsp_shell payloads
2014-02-04 15:06:45 -06:00
Joe Vennix
7af8fe9cd1
Catch exceptions in an XSS script and return the error.
2014-01-07 16:23:24 -06:00
Joe Vennix
fb1a038024
Update async API to actually be async in all cases.
...
This avoids zalgo. Also optionally checks the return value
of the compiled Function in XSS to allow you to use send()
or an explicit return, which is maybe more natural for
synchronous xss payloads.
2014-01-07 16:17:34 -06:00
Joe Vennix
9d3b86ecf4
Add explicit require for JSON, so msfpayload runs.
2014-01-05 14:58:18 -06:00
Joe Vennix
f2f68a61aa
Use shell primitives instead of resorting to
...
echo hacks.
2014-01-04 19:00:36 -06:00
Joe Vennix
b9c46cde47
Refactor runCmd, allow js exec.
...
* Updates exec payload to not touch disk
* Adds XSS module that uses hiddenWindow (to avoid X-Frame-Options)
2014-01-04 08:46:57 -06:00
Joe Vennix
a5ebdce262
Add exec payload. Cleans up a lot of code.
...
Adds some yardocs and whatnot.
2014-01-03 18:23:48 -06:00