36e8f7a2bc
Land #9585 , fix ctrl-D handling with block continuation
2018-02-20 04:52:09 -06:00
99965c142b
remove duplicate check
2018-02-20 04:42:49 -06:00
bb3a11dd20
use ctrl-d to cancel input instead
2018-02-20 04:40:00 -06:00
f5f7b4d25a
handle sessions still open
2018-02-20 03:31:20 -06:00
e995ccfc33
make this a little easier to read
2018-02-20 03:27:55 -06:00
e26fb49c99
if we have no more input from the console, quit
2018-02-20 03:27:38 -06:00
42b4381ce5
Land #9583 , move osx stage binary
2018-02-20 03:15:14 -06:00
a01f0f3023
fix #9366 , fix osx x64 stage location
2018-02-20 13:50:44 +08:00
3d8451e616
Land #8997 , add local 'ls' support to Meterpreter sessions
2018-02-19 23:21:59 -06:00
05e002e3c5
Land #9366 , Add x64 staged Meterpreter for macOS
2018-02-19 23:15:03 -06:00
69c7e83a55
Land #9164 , add OWA 2016 support
2018-02-19 23:12:27 -06:00
74c6e21f49
Lands #9504 , MagniComp SysInfo privilege escalation
2018-02-19 22:47:33 -06:00
56c00a8cb6
initial OWA 2016 support
2018-02-19 21:43:49 -06:00
b9c1a64d20
Land #9505 , Support local knowledge base documents
2018-02-19 21:39:55 -06:00
93689f0f0e
Land #9270 , Implement plugin API for hooking database events
2018-02-19 21:36:26 -06:00
4e9d900a17
Land #9507 , Expand paths for meterpreter's cp, mv, and rm commands
2018-02-19 21:26:03 -06:00
3d67d2ed12
Land #9443 , Add warning to FileDropper for deleting CWD
2018-02-19 21:22:39 -06:00
25d1642664
Land #9575 , Fix wmap_sites -a exception on missing url
2018-02-18 20:49:39 -06:00
310ab9c11d
Land #9573 , fixes for bind_named_pipe
2018-02-18 20:47:20 -06:00
e48f53851e
Land #9568 , handle mismatch uid/gids in docker images
2018-02-18 20:42:58 -06:00
e6e595000f
Fix silent fail on missing url
2018-02-19 12:07:33 +13:00
b3f26ea55f
bind_named_pipe fixes
2018-02-18 10:31:57 -07:00
ca6c55047e
Fix wmap_sites -a exception on missing url
2018-02-19 01:17:48 +13:00
70ad41903b
another approach
2018-02-17 20:12:35 +01:00
80779f73ef
Implement Michael Schierl's suggestions
2018-02-16 23:03:05 -05:00
eaca91cad7
Land #9572 , add bind_named_pipe tests
2018-02-16 20:47:24 -06:00
0acc5fed20
add missing payload tests for bind_named_pipe
2018-02-16 18:05:45 -06:00
4a631714f5
Land #9571 , specify a python encoding for the claymore DoS module
2018-02-16 16:39:34 -06:00
4fc4b77a8b
Land #9570 , properly handle when there is no stat callback specified on upload
2018-02-16 16:39:06 -06:00
ac7fe99a2b
specify a python encoding for the module
2018-02-16 16:17:52 -06:00
bd2af0143a
properly handle when there is no stat callback specified on upload
2018-02-16 16:14:09 -06:00
289277c613
Land #9516 , Support Bash-Style Continuation Lines
2018-02-16 10:53:58 -06:00
242f2d3117
Land #9512 , Add Claymore Dual GPU Miner<= 10.5 DoS module
2018-02-16 10:46:48 -06:00
d19ee7a403
docker error workaround
2018-02-16 17:39:20 +01:00
354eb4092a
Reverse TCP x64 RC4 via max3raza's rc4_x64 asm
...
To round out the work done by mihi for x86 stages back in the day,
this PR provides x64 Windows stage encryption in RC4 via assembly
written/modified by max3raza during adjacent work on DNS tunneled
transport.
Stage encryption differs from encoding in that there is no decoder
stub or key materiel carried with the stage which can be used by
defensive systems to decode and identify the contents. Persistence
payloads, oob-delivered stage0, and other contexts benefit heavily
from this as their subsequent stage is difficult to detect/identify,
and the chance of accidental execution of the wrong payload/stage
is drastically reduced if separate keys are in play for individual
targets - acquiring the wrong stage will result in decryption
failure and prevent further execution.
For historical context, all of the RC4 stagers implement in-place
decryption via stage0 for the contents of stage1 using the provided
passphrase converted to a key and embedded in stage0 as part of the
payload.
Testing:
In-house testing with Max - we got sessions, loaded extensions.
Notes:
All credit for the work goes to Max3raza - big ups for getting
this knocked out.
2018-02-16 05:15:05 -05:00
6734e532f5
Land #9562 , avoid an error with aux module command dispatcher
2018-02-15 17:46:58 -06:00
a197997aca
avoid chinese finger trap logic, put it all on one side
2018-02-15 17:45:09 -06:00
25d2b551d8
Land #9539 , add bind_named_pipe transport to Windows meterpreter
2018-02-15 17:39:32 -06:00
d28f6888b2
bump payloads, include bind_named_pipe support
2018-02-15 17:37:33 -06:00
b533ec6019
Land #9509 , Ulterius Server < v1.9.5.0 Directory Traversal
...
Land #9509
2018-02-15 16:34:31 -06:00
949b474a0a
Avoid target_uri.path
...
It doesn't look like target_uri.path is suitable for this scenario,
because it causes our input to be modified and hard to use.
2018-02-15 16:31:09 -06:00
38b03fdfff
Merge branch 'upstream-master' into land-9539-
2018-02-15 16:22:13 -06:00
5467f4c97e
Add header
2018-02-15 16:19:54 -06:00
c4c864f391
Land #9558 , Fix #9417 , map timeout exp to a var for telnet_encrypt_overflow
2018-02-15 15:54:23 -06:00
2d3aef9031
Land #9533 , Add output file support to the vulns command
2018-02-15 15:52:25 -06:00
67dc579fd3
update magic numbers
2018-02-15 15:10:26 -06:00
ae684c1002
Land #9564 , honoring retry counts for x86/64 Windows reverse_tcp payloads
2018-02-15 14:37:23 -06:00
93450b87dd
use common retry options for UDP
2018-02-15 14:36:21 -06:00
6fe8691528
Fix #9090 , honoring retry counts for x86/64 payloads
...
Fix #9090
2018-02-15 13:52:34 -06:00
0f656d6b5b
Land #9563 : improve memory usage on meterpreter file upload
2018-02-15 12:07:19 -06:00
Brent Cook
Tim W
Chris Higgins
klayklogg
UserExistsError
Christian Mehlmauer
RageLtMan
Jeffrey Martin
Wei Chen