infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
33,463 Commits
7 Branches
556 Tags
421 MiB
Commit Graph

3450 Commits (b9ac612db170afd7bf79d5cbaf01c51856dd2252)

Author SHA1 Message Date
OJ 4f9c8d04a2 Add support for moving transports and uuid fetching 
The 'next' and 'prev' commands were added so that the session can jump
transports without having to add new ones at the same time.

There's also a command which gives the UUID now so that this can be
reused across sessions.
 2015-04-28 20:24:44 +10:00
OJ f711e5dee7 Update migration support 
Migration now uses the new meterpreter loader. Migration configuration
is loaded and created by meterpreter on the fly, and supports the
multiple transport stuff that's just been wired in.
 2015-04-28 17:41:43 +10:00
OJ fca4d852a1 Remove the passing on off listen socket values 2015-04-28 13:51:48 +10:00
OJ d82bfb0692 Reorder params, fix up the transport termination 2015-04-28 13:03:40 +10:00
OJ c41f4bd59f Fix up http/s a little 
Correctly check the URL against the non-widechar version. Get the SSL
verification stuff working again.
 2015-04-28 09:44:48 +10:00
OJ 1ca5188c5e Change the payload to use IPv6 formats if required 2015-04-28 07:44:21 +10:00
OJ 6da8a14f62 Initial work on x64 payloads for new config 2015-04-26 13:41:31 +10:00
OJ 6ac3ecfa7c Refactor, add reverse_winhttps support 
Getting closer to a normalised view of what this stuff will look like.
There URL patching is slowly being removed. Reverse HTTPS works fine,
and by default HTTP should too.

Next up, x64 for the same main ones.
 2015-04-26 12:11:14 +10:00
OJ bb77a3a0e6 First pass of refactoring to support new config block 
This is pretty basic stuff, but at least it's reusable.
 2015-04-25 21:36:28 +10:00
Brent Cook ff96101dba
Land #5218, fix #3816, remove print_debug / DEBUG 2015-04-24 13:41:07 -05:00
Brent Cook 27f6adcd81
Land #5110, teach Http::Response to extract hidden form inputs 2015-04-24 13:30:57 -05:00
Spencer McIntyre edbf9b766f
Land #5100, @bcook-r7's deletekey API usage fix 
Fixes #5099
 2015-04-21 12:58:02 -04:00
jvazquez-r7 4224008709
Delete print_debug/vprint_debug 2015-04-21 11:14:03 -05:00
rwhitcroft 70f94bbd96 break loop if socket is closed 2015-04-21 11:09:17 -04:00
OJ c8bab6ace1 Fix help for timeouts 2015-04-21 20:35:46 +10:00
OJ f654fea9b3 Adjust transport command to work with posix 2015-04-21 20:16:57 +10:00
OJ 86957d9b07
Merge branch 'upstream/master' into connection-recovery 2015-04-21 20:01:59 +10:00
William Vu 1a66786d1b Fix Nmap XML parser for tunnel attribute 2015-04-20 17:04:19 -05:00
William Vu 79ca0a56f9
Land #4171, Steam protocol support 2015-04-20 15:35:06 -05:00
OJ 97912882ca Adjustments for POSIX meterpreter patching 2015-04-17 19:53:05 +10:00
Brent Cook 3107d99b9a Use the same URI that was registered when we deregister 
The original URI is registered as '/foobar/' but is deregistered as
'//foobar/', causing it to never get deregistered. Changing this fixes
unregistration of the service handler for staged payloads, but stageless
doesn't work properly if the URI actually gets deregistered.
 2015-04-17 03:20:24 -05:00
Brent Cook 18225780da cleanup HTTP and HTTPS listeners when sessions are closed 
Rather than listening forever after a session shuts down, close the session if
there are no other URI's registered on the listener. This allows reconfiguring
the listener without restarting framework, but should be safe for situations
where multiple modules share the same listener.
 2015-04-17 02:41:24 -05:00
OJ 0a8b29dd86 Merge branch 'upstream/master' into connection-recovery 
Conflicts:
	lib/rex/post/meterpreter/ui/console/command_dispatcher/core.rb
 2015-04-17 14:40:21 +10:00
OJ e0cd4a4d44
Merge branch 'upstream/master' into multi-session-stageless 2015-04-17 12:46:20 +10:00
wchen-r7 f280e5191b I forgot to move this require statement 2015-04-16 21:11:09 -05:00
wchen-r7 3493d25ff9 Move all this to Rex 2015-04-16 21:07:23 -05:00
Brent Cook 9bf897a829
Land #4744, refactor powershell for msfvenom psh-cmd 2015-04-16 15:44:57 -05:00
rwhitcroft 602e9c8df1 Update client.rb 2015-04-16 16:06:16 -04:00
rwhitcroft 6ef86b69a7 Fix loop spinning in HttpClient 2015-04-16 10:49:47 -04:00
Brent Cook 75b559eea3
Land #5081, meterpreter certificate hash check controls 2015-04-14 10:46:13 -05:00
Brent Cook 7f56c07b64 add missing sslhash attribute 2015-04-14 10:45:44 -05:00
OJ 4e49964c15 Add support for init_connect for stageless payloads 
This new mode for HTTP/S stageless allows the stageless payload to be
reused without MSF believing that the session has already been
initialised.
 2015-04-14 16:43:07 +10:00
OJ 1c5de59d99 Add support for the set of timeout values 
This removes the need for a separate get call behind the scenes as
meterpreter does get and set in a single call.
 2015-04-13 10:42:05 +10:00
OJ ec7fab7ef6 Add support for getting transport timeouts 2015-04-13 10:07:50 +10:00
William Vu d5903ca5b2
Land #5126, Meterpreter edit command fix 2015-04-10 17:19:33 -05:00
William Vu 8acc768da7 Copy documentation 2015-04-10 17:17:54 -05:00
rwhitcroft 64c2bf3227 don't raise exception if file download fails 2015-04-10 16:23:33 -04:00
rwhitcroft b5f4b72b51 fix timestomp arg parsing 2015-04-10 00:28:35 -04:00
OJ 809409d8c4 Lots of changes to support moving timeouts to common spots 
Session expiry, comms timeout, retry total/wait are all now part of all
of the meterpreter payloads as these are going to be used for
maintaining access with resiliency and will aim for consistency across
the payload types.
 2015-04-09 17:57:43 +10:00
Anant Shrivastava 2b5ba7d12d fixed a typo 
a typo fixed in help. 
command and not commannd
 2015-04-09 12:11:46 +05:30
Roberto Soares 1591c92547 Add the "all" option for the uictl 2015-04-09 01:04:50 -03:00
Brent Cook e03f2df691
Land #5002, RMI/JMX improvements 2015-04-08 15:23:29 -05:00
Brent Cook db9a3d167a fix deletekey API usage from the meterpreter CLI 
There is an old-looking bug where the deletekey command opens the key it tries
to delete, then deletes the same key name again. Basically, it uses the wrong
level of indirection.
 2015-04-07 15:34:23 -05:00
OJ 53d5b97634 Add support for UUID generation in transport switching 
If the session doesn't have a payload UUID we now generate one as best
we can. This code will probably go away when TCP related transports have
had the UUID stuf baked in.
 2015-04-07 17:25:55 +10:00
OJ 15313243cc Use UUID instead of old skool URIs 
This uses HD's UUID stuff to generate a new URI for the transport.
Currently we don't have UUID support for TCP connections, but that's
coming.

Still do to: generation of a valid UUID for payloads that don't already
have one.
 2015-04-07 16:00:30 +10:00
OJ 2977cbd42a Merge branch 'upstream/master' into dynamic-transport 2015-04-07 14:30:48 +10:00
OJ 38a77c930e
Land #5072 : Support and embed payload UUIDs 2015-04-07 10:10:36 +10:00
William Vu 5f8d58f214 Use framework.db.active 2015-04-06 14:08:10 -05:00
James Lee 566c330b83
Add workspace to prompt format options 2015-04-06 09:19:49 -05:00
OJ 4635bb83c3 Implement ssl verification toggling 
Add support to meterpreter that allows for the querying and toggling of
SSL certificate verification on the fly.

In order to verify that the socket was SSL-enabled, some rejigging had
to be done of the type? method in the ssl socket class.
 2015-04-06 14:40:59 +10:00
HD Moore 8bcdddfd04 Fix yardoc comment, thanks @void-in! 2015-04-05 22:09:35 -05:00
jvazquez-r7 261ef51813
Add Rex::Java::Serialization exceptions 2015-04-05 18:43:03 -05:00
jvazquez-r7 2e52817b24
Add DecodeError 2015-04-05 18:16:19 -05:00
jvazquez-r7 85a70d401b
Introduce Rex::Proto::Rmi::DecodeError 2015-04-05 18:15:04 -05:00
jvazquez-r7 3570fc586f
Use constants for JMX serial version uids 2015-04-05 16:23:39 -05:00
jvazquez-r7 72c36eb23e Use concatenation 2015-04-05 15:57:50 -05:00
Meatballs ebf77cd02d
Merge remote-tracking branch 'upstream/master' into msfvenom_psh_squash 
Conflicts:
	lib/msf/util/exe.rb
 2015-04-05 00:24:48 +01:00
HD Moore c9696d3f6c Merge in stageless/transport work, deconflict 2015-04-04 11:52:26 -07:00
jvazquez-r7 e3bbb7c297 Solve conflicts 2015-04-03 14:57:49 -05:00
jvazquez-r7 75c6341dd8
Fix raise 2015-04-03 14:18:15 -05:00
jvazquez-r7 6c36a82f78
Land #5059, @void-in's documentation clean up 2015-04-03 14:16:34 -05:00
jvazquez-r7 b0042f1cf2
Undo java serialization and RMI fixes 2015-04-03 14:07:49 -05:00
jvazquez-r7 11d372b015
Fix YARD documentation 
* Thanks @void-in
* See #5059
 2015-04-03 14:01:31 -05:00
root 0dd987d873 Updated as per jlee-r7 feedback 2015-04-03 10:17:54 +05:00
OJ fd043d4842 Fix up build and missing uri_checksum stuff 
Somehow this made it into a merge when it shouldn't have. This fix moves
the URI checksum module to where it needs to be and updates all the
references where required. This will result in a class with the dynamic
transport branch, but I can fix that after.
 2015-04-03 13:42:25 +10:00
OJ d2d68d76a2 Update transport switching to a full blown command 
Transport switching should now support all of the bits and pieces
required to do full switching with all configurable transport options
 2015-04-02 23:13:59 +10:00
root 4ba761986f Correct YARD doc comments 2015-04-02 16:14:25 +05:00
OJ 47fa97816d Code fixes as per suggestions, fix build 
* Use of `ERROR_FAILURE_WINDOWS` in python meterpreter.
* Moving of constants/logic to client_core instead of
command_dispatcher.
* Fix spec include.
 2015-04-02 09:05:38 +10:00
OJ 01bdf54487 Merge branch 'upstream/master' into dynamic-transport 2015-04-01 18:53:20 +10:00
OJ 79ec2e0586 Add machine ID support to the command list 2015-04-01 14:29:04 +10:00
OJ 1a313ad943 Fix up the proxy patching 
Patching of the proxy details was failing, so this commit fixes that.
Also, added code that makes the proxy type check case-insensitive.
 2015-04-01 11:48:22 +10:00
HD Moore a9cfd7efef Merging master back into the UUID branch 2015-03-31 12:02:03 -05:00
Brent Cook d89cd118e0 remove wininet workaround in meterpreter http/s 
We had a workaround to close connections on very old wininet implementations
that would not do it themselves. With the new WinHttp API-using meterpreters
and stagers, we no longer should use this workaround. It can actually be
actively bad and prematurely close the connection.

This needs testing around different payloads, and they should be on real
networks, ideally where TCP really has to work to get data transfered.
 2015-03-30 23:38:32 -05:00
Samuel Huckins 13fc498523
Land #4948, fixes several AppScan import issues 2015-03-29 23:33:01 -05:00
OJ c0f496197c Rejig code to support http payloads 
* Move the uri checksum code to a spot that can be shared with rex.
* Adjust modules to make use of this new location.
* Fix up the tranpsort switcher to add the URI for those payloads.
 2015-03-30 07:11:25 +10:00
OJ 1f00b595bc Hacked support for transport switching 2015-03-25 13:08:52 +10:00
jvazquez-r7 6ea42f6599
Fix description 2015-03-24 12:30:27 -05:00
jvazquez-r7 39e87f927a
Make code consistent 2015-03-24 11:44:26 -05:00
OJ 25dcfc796a Better support old binaries in rev http(s) 
* Patch 256char URL if the 512char one doesn't work.
* Return an empty list in the case where the ext enum fails.
 2015-03-24 10:14:44 +10:00
jvazquez-r7 04341bfc78
Support JMX_ROLE again 2015-03-23 17:32:26 -05:00
Brent Cook 1869977921
Land #4962: OJ adjusts MSF to new metsrv needs 
bump meterpreter bins to 0.0.17
 2015-03-23 17:18:06 -05:00
jvazquez-r7 d8d4c23d60
JMX code refactoring 2015-03-23 17:06:51 -05:00
David Maloney 60966f3d2a
handle a blank response body 
sometimes the response body itself can be blank
so we need to handle that properly.

MSP-9972
 2015-03-23 16:03:30 -05:00
jvazquez-r7 962bb670de
Remove old JMX mixin 2015-03-23 15:48:10 -05:00
OJ 9c9d333a1b Create verify ssl mixin, adjust some formatting 2015-03-23 13:21:08 +10:00
HD Moore bc3c73e408 Merge branch 'master' into feature/registered-payload-uuids 2015-03-22 18:51:13 -05:00
HD Moore 0d1fe37710 Ignore non-base64url characters during decode 2015-03-22 16:16:47 -05:00
HD Moore 94241b2998 First attempt at rewiring HTTP handlers to use UUIDs 2015-03-21 03:15:08 -05:00
sinn3r 97b919923e Fix undefined esize in Rex::Exploitation::Egghunter 
esize is not a valid variable, and we don't need it either.
 2015-03-20 21:32:46 -05:00
HD Moore 858d9b1e7a Introduce Rex::Text.(en|de)code_base64url and use it for uri_checksum 2015-03-20 21:32:08 -05:00
OJ 9d20d057dd Update Meterpreter URL length to 512 2015-03-20 13:16:43 +10:00
oj@buffered.io fd4ad9bd2e Rework changes on top of HD's PR 
This commit removes duplication, tidies up a couple of things and puts
some common code into the x509 module.
 2015-03-20 13:06:57 +10:00
OJ 7ca91b2eb5 Add support for ssl to the patcher 2015-03-20 12:52:38 +10:00
OJ a9f74383d0 Update patch to support both ascii and wchar 2015-03-20 12:52:18 +10:00
OJ acd802c5fd Initial work for WinHTTP comms support in Meterpreter 2015-03-20 12:51:47 +10:00
Brent Cook 564962042e
Land #4925, OJ adds self-contained windows meterpreter options 2015-03-19 21:07:32 -05:00
Brent Cook 24ce0118b8 reenable UTF filtering support where needed 
revert d22231bdc8
 2015-03-19 16:02:21 -05:00
jvazquez-r7 ec90594f7e
Add support for Rex::Java::Serialization::ProxyClassDesc 2015-03-19 15:41:24 -05:00
OJ a582e05b6d Merge gemfile changes in master 2015-03-20 06:29:38 +10:00
OJ 040ef1e3e9
Land #4950: ls unicode and sorting in meterpreter 2015-03-20 06:28:29 +10:00