Commit Graph

72 Commits (d11d391e174ca9f01619b576afeca78631d76834)

Author SHA1 Message Date
OJ a78d8f83fc Add HTTP header support for Host/Cookie/Referer
This is to start the support for things like domain fronting.
2017-11-21 13:47:18 -06:00
OJ 7acd772c10 Pivot session stability, display and handling 2017-09-07 01:36:21 -05:00
OJ fdc9864b61 First working packet pivot session! 2017-09-07 01:36:20 -05:00
OJ abc80655b7 Progress in named pipe pivots, more to come 2017-09-07 01:33:54 -05:00
OJ 816e78b6f6 First pass of named pipe code for pivots 2017-09-07 01:33:53 -05:00
OJ 37b9cd07a2
Add support for the session GUID in the UI
The Session GUID will identify active sessions, and is the beginning of
work that will allow for tracking of sessions that have come back alive
after failing or switching transports.
2017-06-06 17:15:57 +10:00
OJ 86aad6b7c3
Fix proxy_type references to handle nil case 2017-05-22 21:47:37 +10:00
Brent Cook 353191992f move mettle payloads to meterpreter, add reverse_http/s stageless 2017-04-26 17:06:34 -05:00
Brent Cook f69b4a330e handle Ruby 2.4 Fixnum/Bignum -> Integer deprecations 2017-01-22 10:20:03 -06:00
David Maloney 43942e6029 refactor pem parser to use the rex-socket gem version
use rex-socket's pem aprser instead of the old one we used
to have in rex::parser

MS-1715
2016-09-07 11:38:27 -05:00
OJ 0afc5be3bc Finalise set up of stageless init 2015-11-10 20:01:23 +10:00
OJ a28ab216d3 Adding stageless init script support 2015-11-10 19:18:47 +10:00
Brent Cook 9ce669f878
Land #5328: reworked x64 http/https stagers 2015-05-21 23:26:34 -05:00
OJ bf2b113abb
Merge branch 'upstream/master' into update-x64-stagers 2015-05-18 13:28:36 +10:00
OJ dbe4f3f1c8 Adjust single pack statement, fix up some quotes
* Moved over to using single quotes for strings that don't need
escaping or interpolation.
* Changed one pack spec to be "more correct". Thankfully, we were only
packing 0 so the endianness isn't a problem, however it should be
correct, hence the fix.
2015-05-18 09:29:48 +10:00
OJ d725554a87 Fix UUID code so that it always deals with 16 bytes
Also re-add the payload ID to session validation now that the UUID stuff
is reliable.
2015-05-17 17:49:21 +10:00
OJ 489afd5aa1 Remove redundant check for ascii_str setting 2015-05-12 09:50:58 +10:00
OJ 42f94e70c7 Add `nil` default to exit_types, transport param order swap
This allows for checking against exit types to be super easy instead of
having to have extra checks in place. Also changed the order of scope_id
and uri in the transport URI generation. The net effect of this is NOP
because these things only appear separately.
2015-05-12 09:05:58 +10:00
OJ 29649ff881 Fix proxy config not making it through 2015-05-11 17:24:02 +10:00
OJ b42f4f5cd2 Merge branch 'upstream/master' into multi-transport-support
Conflicts:
	lib/msf/core/payload/windows/stageless_meterpreter.rb
	lib/msf/core/payload/windows/x64/stageless_meterpreter.rb
	lib/rex/post/meterpreter/client_core.rb
	modules/payloads/stages/linux/x86/meterpreter.rb
	modules/payloads/stages/windows/meterpreter.rb
	modules/payloads/stages/windows/x64/meterpreter.rb
2015-05-05 07:53:54 +10:00
OJ e45bf5cf51 Remove the URI patcher now that it's not used at all 2015-05-05 07:35:49 +10:00
OJ e835f2b99c Rejig transport config into module
Adjust a few other things along the way, including tidying of code,
removing of dead stuff.
2015-05-04 22:04:34 +10:00
OJ 9300158c9a Initial rework of POSIX stuff to handle new configuration 2015-05-04 18:58:55 +10:00
OJ 919b96e4cf Fix up UUID handling 2015-04-28 21:59:19 +10:00
OJ f711e5dee7 Update migration support
Migration now uses the new meterpreter loader. Migration configuration
is loaded and created by meterpreter on the fly, and supports the
multiple transport stuff that's just been wired in.
2015-04-28 17:41:43 +10:00
OJ fca4d852a1 Remove the passing on off listen socket values 2015-04-28 13:51:48 +10:00
OJ d82bfb0692 Reorder params, fix up the transport termination 2015-04-28 13:03:40 +10:00
OJ c41f4bd59f Fix up http/s a little
Correctly check the URL against the non-widechar version. Get the SSL
verification stuff working again.
2015-04-28 09:44:48 +10:00
OJ 1ca5188c5e Change the payload to use IPv6 formats if required 2015-04-28 07:44:21 +10:00
OJ 6da8a14f62 Initial work on x64 payloads for new config 2015-04-26 13:41:31 +10:00
OJ 6ac3ecfa7c Refactor, add reverse_winhttps support
Getting closer to a normalised view of what this stuff will look like.
There URL patching is slowly being removed. Reverse HTTPS works fine,
and by default HTTP should too.

Next up, x64 for the same main ones.
2015-04-26 12:11:14 +10:00
OJ bb77a3a0e6 First pass of refactoring to support new config block
This is pretty basic stuff, but at least it's reusable.
2015-04-25 21:36:28 +10:00
OJ 0a8b29dd86 Merge branch 'upstream/master' into connection-recovery
Conflicts:
	lib/rex/post/meterpreter/ui/console/command_dispatcher/core.rb
2015-04-17 14:40:21 +10:00
OJ 4e49964c15 Add support for init_connect for stageless payloads
This new mode for HTTP/S stageless allows the stageless payload to be
reused without MSF believing that the session has already been
initialised.
2015-04-14 16:43:07 +10:00
OJ 809409d8c4 Lots of changes to support moving timeouts to common spots
Session expiry, comms timeout, retry total/wait are all now part of all
of the meterpreter payloads as these are going to be used for
maintaining access with resiliency and will aim for consistency across
the payload types.
2015-04-09 17:57:43 +10:00
HD Moore 8bcdddfd04 Fix yardoc comment, thanks @void-in! 2015-04-05 22:09:35 -05:00
HD Moore c9696d3f6c Merge in stageless/transport work, deconflict 2015-04-04 11:52:26 -07:00
OJ fd043d4842 Fix up build and missing uri_checksum stuff
Somehow this made it into a merge when it shouldn't have. This fix moves
the URI checksum module to where it needs to be and updates all the
references where required. This will result in a class with the dynamic
transport branch, but I can fix that after.
2015-04-03 13:42:25 +10:00
OJ 1a313ad943 Fix up the proxy patching
Patching of the proxy details was failing, so this commit fixes that.
Also, added code that makes the proxy type check case-insensitive.
2015-04-01 11:48:22 +10:00
OJ 25dcfc796a Better support old binaries in rev http(s)
* Patch 256char URL if the 512char one doesn't work.
* Return an empty list in the case where the ext enum fails.
2015-03-24 10:14:44 +10:00
OJ 9c9d333a1b Create verify ssl mixin, adjust some formatting 2015-03-23 13:21:08 +10:00
OJ 9d20d057dd Update Meterpreter URL length to 512 2015-03-20 13:16:43 +10:00
OJ 7ca91b2eb5 Add support for ssl to the patcher 2015-03-20 12:52:38 +10:00
OJ a9f74383d0 Update patch to support both ascii and wchar 2015-03-20 12:52:18 +10:00
OJ acd802c5fd Initial work for WinHTTP comms support in Meterpreter 2015-03-20 12:51:47 +10:00
HD Moore 8d3cb8bde5 Fix up meterpreter patching arguments and names 2015-03-18 01:25:42 -05:00
HD Moore 390a704cc7 Cleanup proxyhost/proxyport arguments to match new names 2015-03-18 01:19:05 -05:00
sinn3r d45cdd61aa Resolve #4507 - respond_to? + send = evil
Since Ruby 2.1, the respond_to? method is more strict because it does
not check protected methods. So when you use send(), clearly you're
ignoring this type of access control. The patch is meant to preserve
this behavior to avoid potential breakage.

Resolve #4507
2015-01-02 13:29:17 -06:00
HD Moore 9de4137aa7 Patch UA/Proxy settings during migration, lands #3632 2014-12-16 22:21:48 -06:00
Sean Verity 52b3025351 Reworked to avoid extending String class on blob per hdm's rec. 2014-12-15 21:40:41 -05:00