Commit Graph

1450 Commits (d9c402c035b65f6d92900daa5e8163159798216d)

Author SHA1 Message Date
sinn3r 62102dd1f9
Land #2544 - Vbs minimize 2013-11-11 11:14:56 -06:00
sinn3r 33f65dd611
Land #2577 - Use base64 to reduce psh-net payload size 2013-11-11 10:21:20 -06:00
William Vu f402f4c16e
Land #2614, another default OWA URL 2013-11-08 17:20:20 -06:00
Rob Fuller cdc6a863dd Add another default owa url
Its not default, but not uncommon to find /exchange/ NTLM protected
2013-11-07 08:50:22 -05:00
OJ 715fdc05ec
Updated meterpreter binaries
Includes the following changes:

* Security cleanup - remove use of insecure functions
* Windows 8/8.1/2012 R2 support to sysinfo
* VS 2013 upgrade
* Command dispatcher refactor
* Getproxy command added (needs MSF side too)
2013-11-07 14:31:54 +10:00
joev 4425cf1dc1 Add support for firefox 25.
Also replaces a bunch of missing semicolons.
2013-10-30 12:19:22 -05:00
jvazquez-r7 2b5e2df94e
Land #2568, @h0ng10's update of SAP url's wordlist 2013-10-28 09:01:33 -05:00
jvazquez-r7 e88e523eaa Delete newline 2013-10-28 09:01:00 -05:00
Meatballs e18dd3ec0b
Use base64 to reduce size 2013-10-25 01:19:43 +01:00
Tod Beardsley 27739a0351
Meterpreter bins after Meterpreter PR 32
Protects against potential BOFs due to strcpy usage.

These binaries were built against meterpreter master after
https://github.com/rapid7/meterpreter/pull/32 landed.

The CI tests can be seen here:

https://ci.metasploit.com/view/Meterpreter/job/MeterpreterWin/75/

Note, this commit is signed. Your merge commit should be signed, too, so
people can be assured that nobody is backdooring Meterpreter on the sly.
2013-10-24 15:15:49 -05:00
Tod Beardsley b5f26455a3
Land #2545, javascript library overhaul 2013-10-23 16:12:49 -05:00
h0ng10 a834fec889 Added URL for PT-2013-13/SAP Note 1820894 2013-10-23 21:20:18 +02:00
h0ng10 e02bf0cce6 Added /AdapterFramework/version/version.jsp 2013-10-23 21:09:19 +02:00
sinn3r 19615ac4b7 Apparently I missed a lot of stuff 2013-10-21 21:02:01 -05:00
Tod Beardsley 824dd84982 Merge remote-tracking branch 'upstream/pr/2500' into temp 2013-10-21 14:26:05 -05:00
Meatballs1 1717a98ba3 Update to_exe.vbs.template
Rename values
2013-10-21 13:49:09 +01:00
sinn3r 8a94df7dcd Change category name for base64 2013-10-18 21:20:16 -05:00
sinn3r 62dadc80d3 Make sure the data type for the return value is a string 2013-10-18 21:08:46 -05:00
sinn3r 711399bb34 Update property_spray.js 2013-10-18 20:56:00 -05:00
sinn3r e1ca2d2730 Fix mstime_malloc.js 2013-10-18 20:49:33 -05:00
sinn3r 298f23c91c Fix extra slashes that cause browser autopwn to fail. 2013-10-18 20:43:39 -05:00
Meatballs 2ef89eaf35
Randomize exe name 2013-10-18 19:01:28 +01:00
Meatballs 56aa9ab01c
Reduce size 2013-10-18 18:59:30 +01:00
OJ 827bf23979
Updated binaries with railgun crash fixes 2013-10-18 19:43:17 +10:00
sinn3r c926fa710b Move all exploitation-related JavaScript to their new home 2013-10-17 16:43:29 -05:00
Tod Beardsley bd405277d9
Add a default Samsung community string
See http://www.kb.cert.org/vuls/id/281284

and

http://www.h-online.com/security/news/item/Samsung-network-printer-vulnerability-discovered-Update-2-1757967.html
2013-10-17 10:35:59 -05:00
Spencer McIntyre 6f23e95c14 Fix an endianess issue in pymeterpreter registry_query_value. 2013-10-12 23:39:22 +01:00
Meatballs 378f403fab
Land #2453, Add stdapi_net_resolve_host(s) to Python Meterpreter.
Moves resolve_host post module to multi and depreciates Windows module.
Resolve will now return nil for failed lookups instead of an empty
string.
2013-10-10 20:13:06 +01:00
g0tmi1k 6b004086ea Removed SVN from msfupdate 2013-10-10 12:25:00 +00:00
OJ b477ae369b
Updated stdapi binaries with railgun fix
Changes are from https://github.com/rapid7/meterpreter/pull/28
2013-10-10 16:03:38 +10:00
OJ 0a194b203d
Updated sniffer binaries
These updated binaries include a packet-sniffer fix which results in
sniffing working on x86 builds of Windows 8 and Windows 8.1.
2013-10-09 07:38:54 +10:00
Spencer McIntyre 7414dff958 Add fault tolerance for resolve_hosts. 2013-10-04 08:51:13 -04:00
sinn3r bc8604f151 Use safe_negate_size for hxds 2013-10-03 23:15:29 -05:00
sinn3r 63d7b8c309 Use safe_negate_size for java 2013-10-03 23:13:57 -05:00
sinn3r ab62af220b Use safe_negate_size key for msvcrt (XP) 2013-10-03 23:12:58 -05:00
jvazquez-r7 9df676ca7e
Land #2447, @wchen-r7's new msvcrt ROP chains without nulls 2013-10-03 22:38:29 -05:00
Spencer McIntyre ecf286a8c4 Add support for stdapi_net_resolve_host. 2013-10-03 10:31:54 -04:00
James Lee 56b6f0be02 Add bins for #2443
See #740 and meterpreter#26
2013-10-01 23:47:24 -05:00
sinn3r cd1f023f72 Update msvcrt.dll ROP chain for Windows Server 2003 2013-10-01 16:18:57 -05:00
sinn3r 14d99ffbdb Update Win XP msvcrt.dll ROP
This updated ROP chain for msvcrt.dll does not have any null bytes.
2013-10-01 15:00:43 -05:00
sinn3r 7c6c8291e2 Add ROP chains for Office 2007 and Office 2010 (hxds.dll)
This adds two ROP chains for Office 2007 and Office 2010 based on
hxds.dll.
2013-10-01 01:33:35 -05:00
Tab Assassin 2e8d19edcf Retab all the things (except external/) 2013-09-30 13:47:53 -05:00
Meatballs e806047411
Add MSI bins 2013-09-27 20:03:19 +01:00
Meatballs 8a9843cca6
Merge upstream/master 2013-09-27 20:02:23 +01:00
Meatballs 9fde8bee2b Merge branch 'master' of github.com:rapid7/metasploit-framework into upstream-master 2013-09-27 18:12:17 +01:00
Tod Beardsley 869c10af04
Land #2396, aspx-exe shellcode generator
Looks good to me, specs are all happy (also added a #to_h spec)
2013-09-27 11:42:16 -05:00
OJ c38f3b4a56 New meterpreter binaries
New binaries contain fixes for:

* kitrap0d crashing during `getsystem` calls.
    * https://github.com/rapid7/meterpreter/pull/23
* Meterpreter crashing on XP SP0 in certain scenarios.
    * https://github.com/rapid7/meterpreter/pull/21
2013-09-27 09:31:53 +10:00
Meatballs 079eec0aea Compile.bat and gitignore 2013-09-21 13:14:01 +01:00
Meatballs 85ea9ca05a Merge branch 'master' of github.com:rapid7/metasploit-framework into msi_payload 2013-09-21 12:49:38 +01:00
Meatballs 1bd1c3587d No UAC prompt MSI 2013-09-21 12:47:58 +01:00