Commit Graph

187 Commits (bc81cfad1f6e63be0f662514f8c2cc9b8b280522)

Author SHA1 Message Date
Brent Cook 99e278fa29
Land #9584, Fix reverse_php_ssl infinite loop 2018-02-22 07:03:52 -06:00
Trevor Sibanda 77b3673e38 Fix reverse_php_ssl infinite loop 2018-02-22 08:42:54 +00:00
Jeffrey Martin d56111a33c
update cache sizes from new tests 2018-02-13 14:34:21 -06:00
Jeffrey Martin 2221779ddd
update package namespaces 2018-02-13 13:33:36 -06:00
RageLtMan ed47efdadc Silence tidy failures 2018-01-23 02:03:50 -05:00
RageLtMan ef1d4ddb03 Add UDP handlers and payloads (redux)
This is a repackaging effort for the work i originally pushed in
6035. This segment of the PR provides UDP session handlers for
bind and reverse sessions, a Windows Metasm stager (really the
TCP stager with a small change), and a pair of socat payloads for
testing simple UDP shells. Netcat or any scripting language with
a sockets library is sufficient to use these sessions as they are
stateless and simple.

Testing of this PR requires rex/core #1 and rex/socket #2

The SSL testing which was being done on 6035 is backed out, left
for a later time when we can do DTLS properly.
2018-01-23 02:00:55 -05:00
Brent Cook aae77fc1a4
Land #9349, GoAhead LD_PRELOAD CGI Module 2018-01-22 23:10:36 -06:00
HD Moore ab8886e25c Updated payloads and addition of payload stubs 2017-12-28 16:21:37 -06:00
Brent Cook 4050985649
update payloads 2017-11-21 13:53:33 -06:00
Patrick Webster 2f6da89674 Change author name to nick. 2017-11-09 03:00:24 +11:00
Jeffrey Martin cd755b05d5
update powershell specs for rex-powershell 0.1.77 2017-10-26 15:03:10 -05:00
itsmeroy2012 9afc8b589c Updating the payload sizes 2017-10-14 11:05:44 +05:30
itsmeroy2012 a0abffb6c4 Adding functionality of StagerRetryWait and StagerRetryCount 2017-10-12 22:25:00 +05:30
itsmeroy2012 374c139d33 Increasing the functionality of the nodejs shell_reverse_tcp payload 2017-10-12 19:05:59 +05:30
Jeffrey Martin b76c1f3647
remove invalid 'client' object reference in nodejs
fix #9063 by removing invalid object reference introduced in PR #8825
2017-10-11 11:09:28 -05:00
bwatters-r7 f996597bcf update cached payload sizes 2017-10-06 13:19:00 -05:00
Brent Cook c701a53def
Land #9018, Add Bind Shell JCL Payload for z/OS 2017-10-05 17:24:50 -05:00
bigendiansmalls 8af2e5a7ee
Cleanup revshell for zos
remove unused code, extra comments
align code, etc. no functionality changes
2017-09-29 18:27:29 -05:00
bigendiansmalls 9ae8bdda1c
Added Bind Shell JCL Payload for mainframe
The bind shell is the companion payload to the reverse_shell_jcl
payload for the mainframe platform.
2017-09-29 16:52:36 -05:00
h00die c90f885938 Finished spelling issues 2017-09-17 16:00:04 -04:00
Jeffrey Martin a58552daad
Land #8825, Handle missing util.pump in nodejs shell payloads 2017-09-11 15:32:21 -05:00
Brent Cook 15ec40f5c6 update R cached sizes 2017-08-28 05:31:42 -05:00
Jeffrey Martin cba4d36df2
provide missing bits for R platform 2017-08-23 16:58:48 -05:00
Brent Cook 031f48725f
add missing quotes 2017-08-21 16:16:03 -05:00
RageLtMan 2873a899db Address msftidy complaint 2017-08-21 03:39:03 -04:00
RageLtMan 7ab097a784 Unix cmd versions of R payloads
Use R to connect back from a unix shell.

Notes:
  We need to DRY this up - tons of copy pasta here, when we should
  really be instantiating the language specific payloads and just
  wrapping them with CLI execution strings.

Testing:
  None, yet, just did the quick port to wrap this and push to CI
  now that rex-arch #4 is in.
2017-08-20 21:25:57 -04:00
Patrick Thomas 25764397ba Update CachedSizes for changed nodejs payloads
Fixes test failures
2017-08-12 23:21:54 -07:00
Brent Cook 6300758c46 use https for metaploit.com links 2017-07-24 06:26:21 -07:00
g0tmi1k b8d80d87f1 Remove last newline after class - Make @wvu-r7 happy 2017-07-19 11:19:49 +01:00
g0tmi1k 3d4feffc62 OCD - Spaces & headings 2017-07-19 11:04:15 +01:00
g0tmi1k a008f8e795 BruteForce - > Brute Force 2017-07-19 10:39:58 +01:00
Brent Cook cf487cc90c reverse_ncat_ssl is stable 2017-05-08 17:43:34 -05:00
William Vu 64452de06d Fix msf/core and self.class msftidy warnings
Also fixed rex requires.
2017-05-03 15:44:51 -05:00
C_Sto 772a16f4cd fix style 2017-05-02 00:55:57 +08:00
C_Sto 9e06c3f07e fix argument arrangement 2017-05-02 00:39:00 +08:00
C_Sto 5a2afbc364 Tidy payload 2017-05-01 21:38:34 +08:00
C_Sto cfa204b8e8 add reverse ncat ssl 2017-05-01 06:57:28 +08:00
bigendiansmalls fa8011fd07 New mainframe privesc payload for z/OS
This module performs a privilege escaltion on mainframe systems
runing z/OS and using RACF for their security manager.  A user
with any non-privileged credentials and the ability to write to
an apf authorized library can use this payload to add "root level"
privileges (e.g. SPECIAL / BPX.SUPERUSER) to their profile.
2017-04-11 15:04:44 -05:00
bigendiansmalls 27a7b279f5
Major rewrite and cleanup of reverse shell jcl
The shell does exactly the same as the previous, just made the code read much
better so as to not severely anger the gray beards and other lesser
mainframe deities.  The only architectural change is the payload uses the
spawn system call vs exec - this provides for a cleaner exit in some cases.
2017-02-22 17:17:27 -06:00
OJ 7895ba810d
Update payload cached size for the powershell payload 2016-11-03 02:50:13 +10:00
OJ e4b4264d79
Fix psh template to avoid 100% cpu spike on CTRL+C
Fixes #7293
2016-11-02 05:19:52 +10:00
bigendian smalls 05278c868e
Updated JCL cmd payloads to use PR7007 format
PR7007 centralized JCL job card for any JCL cmd payload.  This PR simply
uses that new format for existing JCL cmd payloads.  No functionality
for these payloads was changed, added or deleted.
2016-08-31 14:39:01 -05:00
William Vu 74e5772bbf Replace mknod with mkfifo for portability
Works on BSD and OS X now. This has been bugging me for a while.
2016-05-04 02:32:37 -05:00
Brent Cook d86174c3bf style fixes 2016-04-23 12:18:28 -04:00
Brent Cook 4250725b13 fix incorrect hex port conversion 2016-04-23 12:18:28 -04:00
Brent Cook 7ff5a5fd7e switch mainframe payloads to fixed size 2016-04-23 11:40:05 -04:00
Brent Cook 6ce7055130
Land #6737, Added reverse shell JCL payload for z/OS 2016-04-13 22:19:15 -05:00
Bigendian Smalls 6a4d7e3b58
Revshell cmd JCL payload for z/OS
Added a JCL-based reverse shell.  Uses the same source code as the
shellcode version does.  Source code is in
external/source/shellcode/mainframe/shell_reverse_tcp.s
2016-03-31 20:42:42 -05:00
Bigendian Smalls a6518b5273
Add generic JCL cmd payload for z/OS (mainframe)
This payload does nothing but return successfully.  It can be used to
test exploits and as a basis for other JCL cmd payloads.
2016-03-28 21:01:39 -05:00
Christian Mehlmauer 3123175ac7
use MetasploitModule as a class name 2016-03-08 14:02:44 +01:00