Commit Graph

71 Commits (dea0ec37f0c84fec841e53e01943f1cbfc153253)

Author SHA1 Message Date
HD Moore aaea62bb92 Report the correct local/peer names for the session information. Fix a return value check
git-svn-id: file:///home/svn/framework3/trunk@8765 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-10 07:13:18 +00:00
HD Moore 6bd2a954cf Lots of small changes, the big one is moving from sysread -> readpartial in the stream base class
git-svn-id: file:///home/svn/framework3/trunk@8764 4d416f70-5f16-0410-b530-b9f4589650da
2010-03-10 06:43:46 +00:00
Stephen Fewer 300cede801 Fix for #291, Meterpreter over PassiveX now working again :)
git-svn-id: file:///home/svn/framework3/trunk@8653 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-26 05:13:58 +00:00
Joshua Drake 85cd572df1 minor cleanups
git-svn-id: file:///home/svn/framework3/trunk@8506 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-15 22:38:25 +00:00
Stephen Fewer fd2469db24 Commit the Ruby end for TCP server channels, the modified TCP client channels and the support for pivoting a reverse_tcp meterpreter.
git-svn-id: file:///home/svn/framework3/trunk@8384 4d416f70-5f16-0410-b530-b9f4589650da
2010-02-06 17:59:25 +00:00
James Lee 7e177962bf tell the user what port we're listening on
git-svn-id: file:///home/svn/framework3/trunk@7452 4d416f70-5f16-0410-b530-b9f4589650da
2009-11-10 17:39:51 +00:00
HD Moore 00b2915554 Fixes #342. Set ReverseConnectRetries to a value between 1 and 255 (default is 5). On failure it will ExitProcess (still better than a cpu spin)
git-svn-id: file:///home/svn/framework3/trunk@7217 4d416f70-5f16-0410-b530-b9f4589650da
2009-10-20 20:31:14 +00:00
HD Moore ee9a8f4f76 Adds support for the reverse_tcp_allports stager for Windows. This payload tries to connect back on all ports, one at a time, from LPORT to 65535. This is incredibly slow (depends on the default socket timeout) and requires the user to forward all TCP ports of LHOST to a single listening port in the handler. Inspired by a few user requests and this blog post: http://clinicallyawesome.com/post/196352889/blind-connect-back-through-restrictive-firewall
git-svn-id: file:///home/svn/framework3/trunk@7058 4d416f70-5f16-0410-b530-b9f4589650da
2009-09-25 05:44:50 +00:00
HD Moore 069144f56a Dont print the bind message for the any address
git-svn-id: file:///home/svn/framework3/trunk@7057 4d416f70-5f16-0410-b530-b9f4589650da
2009-09-24 20:52:58 +00:00
HD Moore cdbfe74b1b Fixes #273. Move the passivex default port to 8000 so it doesnt conflict with the default HttpServer port
git-svn-id: file:///home/svn/framework3/trunk@7044 4d416f70-5f16-0410-b530-b9f4589650da
2009-09-20 19:46:08 +00:00
James Lee 71bf0a12a1 remove the dll option from passivex. users shouldn't ever have to change this
git-svn-id: file:///home/svn/framework3/trunk@6964 4d416f70-5f16-0410-b530-b9f4589650da
2009-08-18 18:13:38 +00:00
James Lee 96c8f6127c Replace += with << for Strings in a bunch of places.
git-svn-id: file:///home/svn/framework3/trunk@6318 4d416f70-5f16-0410-b530-b9f4589650da
2009-03-08 07:55:47 +00:00
natron 10f44dd364 Updated passivex to work with IE7/IE8. Launches multiple processes on IE8; will debug later.
git-svn-id: file:///home/svn/framework3/trunk@6261 4d416f70-5f16-0410-b530-b9f4589650da
2009-02-27 23:13:53 +00:00
James Lee 077c201f10 try any before specific LHOST
git-svn-id: file:///home/svn/framework3/trunk@6177 4d416f70-5f16-0410-b530-b9f4589650da
2009-01-23 23:03:53 +00:00
HD Moore cb327d40fc Fix up the dialup code
git-svn-id: file:///home/svn/framework3/trunk@6150 4d416f70-5f16-0410-b530-b9f4589650da
2009-01-14 05:46:10 +00:00
HD Moore 5600b0b67d Try harder to verify the socket if its a modem connection
git-svn-id: file:///home/svn/framework3/trunk@6139 4d416f70-5f16-0410-b530-b9f4589650da
2009-01-13 06:52:23 +00:00
druid 0d1ca42ed6 Adds support for exploitation over dialup via the new Telephony library.
git-svn-id: file:///home/svn/framework3/trunk@6120 4d416f70-5f16-0410-b530-b9f4589650da
2009-01-11 06:09:02 +00:00
kris 248f1e9fc3 Remove "#{xxx.to_s}" redundancies ('s/\(#{[^}]*\)\.to_s}/\1}/g')
git-svn-id: file:///home/svn/framework3/trunk@6022 4d416f70-5f16-0410-b530-b9f4589650da
2008-12-19 07:11:08 +00:00
James Lee 9bb814a9d1 fix typo in comment
git-svn-id: file:///home/svn/framework3/trunk@5974 4d416f70-5f16-0410-b530-b9f4589650da
2008-11-21 23:44:45 +00:00
James Lee 4b082a77a8 un-break reverse handler for ipv6
git-svn-id: file:///home/svn/framework3/trunk@5972 4d416f70-5f16-0410-b530-b9f4589650da
2008-11-21 05:34:39 +00:00
James Lee b76d3e1560 better handling of LHOST vs 0.0.0.0; fixes #262 again
git-svn-id: file:///home/svn/framework3/trunk@5971 4d416f70-5f16-0410-b530-b9f4589650da
2008-11-21 05:12:31 +00:00
James Lee fec1533b50 revert r5969 which breaks behind nat
git-svn-id: file:///home/svn/framework3/trunk@5970 4d416f70-5f16-0410-b530-b9f4589650da
2008-11-21 02:01:43 +00:00
James Lee f1e71237e4 bind to LHOST instead of 0.0.0.0, fixes #262
git-svn-id: file:///home/svn/framework3/trunk@5969 4d416f70-5f16-0410-b530-b9f4589650da
2008-11-21 01:09:17 +00:00
HD Moore bc8e5669bd Fixes #238. Exposes the RHOST option to the payload and fixes the MSFGUI display of payload options
git-svn-id: file:///home/svn/framework3/trunk@5852 4d416f70-5f16-0410-b530-b9f4589650da
2008-11-08 19:25:25 +00:00
Ramon de C Valle f124597a56 Code cleanups
git-svn-id: file:///home/svn/framework3/trunk@5773 4d416f70-5f16-0410-b530-b9f4589650da
2008-10-19 21:03:39 +00:00
James Lee 36a06e7576 initial commit of php findsock. This patch makes all http connections global and removes the "close if (!pipelining)" checks, so beware of bugs.
git-svn-id: file:///home/svn/framework3/trunk@5678 4d416f70-5f16-0410-b530-b9f4589650da
2008-09-24 04:41:51 +00:00
HD Moore d53dd66701 Adds initial support for IPv6, including two stager. Tested Meterpreter over IPv6 stages on XP and Vista. Using this is still tricky, I will add a wiki page tomorrow to explain the ScopeID stuff for link-local testing. This commit also includes the raw (oversized) assembler for the stagers as well as the entire old metasploit assembly set (useful for development).
git-svn-id: file:///home/svn/framework3/trunk@5635 4d416f70-5f16-0410-b530-b9f4589650da
2008-08-22 06:34:57 +00:00
HD Moore 62303eefbf Merged revisions 5378-5379 via svnmerge from
svn+ssh://metasploit.com/home/svn/framework3/branches/framework-3.1

........
  r5379 | hdm | 2008-01-27 21:13:27 -0600 (Sun, 27 Jan 2008) | 3 lines
  
  Remove $stderr prints
........


git-svn-id: file:///home/svn/framework3/trunk@5380 4d416f70-5f16-0410-b530-b9f4589650da
2008-01-28 03:13:55 +00:00
Matt Miller 117d004e01 fixed unit tests in core
git-svn-id: file:///home/svn/framework3/trunk@4464 4d416f70-5f16-0410-b530-b9f4589650da
2007-02-24 06:35:03 +00:00
HD Moore 0012389ba0 Adds support for bind payloads in passive exploits
git-svn-id: file:///home/svn/framework3/trunk@4281 4d416f70-5f16-0410-b530-b9f4589650da
2007-01-18 03:51:15 +00:00
HD Moore 070f9af55f Reverse connection payloads now listen on 0.0.0.0 by default.
git-svn-id: file:///home/svn/framework3/trunk@4000 4d416f70-5f16-0410-b530-b9f4589650da
2006-10-01 16:56:17 +00:00
Matt Miller cc6900d2ec fix to bind_tcp handler where it wouldn't use the proper comm
git-svn-id: file:///home/svn/framework3/trunk@3834 4d416f70-5f16-0410-b530-b9f4589650da
2006-08-17 01:57:52 +00:00
Matt Miller 7bd26e4925 fixed bug in service manager hardcore alias, new passivex dll/proj files
git-svn-id: file:///home/svn/framework3/trunk@3807 4d416f70-5f16-0410-b530-b9f4589650da
2006-08-08 03:29:26 +00:00
HD Moore c36519cfbf Fix bind_Tcp being killed too early
git-svn-id: file:///home/svn/framework3/trunk@3792 4d416f70-5f16-0410-b530-b9f4589650da
2006-07-31 06:58:29 +00:00
HD Moore 817c4c189f Timeouts added for handlers
git-svn-id: file:///home/svn/framework3/trunk@3773 4d416f70-5f16-0410-b530-b9f4589650da
2006-07-29 22:37:39 +00:00
Matt Miller 1a61d3d2fb changes to support native win32
git-svn-id: file:///home/svn/incoming/trunk@3654 4d416f70-5f16-0410-b530-b9f4589650da
2006-06-08 20:53:15 +00:00
HD Moore b4ad4a5d75 Tabs vs Spaces
git-svn-id: file:///home/svn/incoming/trunk@3453 4d416f70-5f16-0410-b530-b9f4589650da
2006-01-27 05:33:08 +00:00
Matt Miller f1596d0d26 fix for obscure ruby thing
git-svn-id: file:///home/svn/incoming/trunk@3380 4d416f70-5f16-0410-b530-b9f4589650da
2006-01-16 03:56:08 +00:00
HD Moore 884fffa28c Ported the unix revers command payloads and handler
git-svn-id: file:///home/svn/incoming/trunk@3372 4d416f70-5f16-0410-b530-b9f4589650da
2006-01-14 20:12:53 +00:00
Matt Miller 79e055c7fd fix termination of bind handler thread
git-svn-id: file:///home/svn/incoming/trunk@3349 4d416f70-5f16-0410-b530-b9f4589650da
2006-01-08 19:49:14 +00:00
Matt Miller 8e72f20095 better support for random uri base in px
git-svn-id: file:///home/svn/incoming/trunk@3331 4d416f70-5f16-0410-b530-b9f4589650da
2006-01-07 20:11:21 +00:00
Matt Miller b6395069ee fixed a few bugs for px
git-svn-id: file:///home/svn/incoming/trunk@3323 4d416f70-5f16-0410-b530-b9f4589650da
2006-01-07 18:59:04 +00:00
Matt Miller ae5c816e85 various enhancements to support passivex, seems to be functional, somewhat
git-svn-id: file:///home/svn/incoming/trunk@3322 4d416f70-5f16-0410-b530-b9f4589650da
2006-01-07 10:04:30 +00:00
HD Moore 8de634c25f timing fixes
git-svn-id: file:///home/svn/incoming/trunk@3292 4d416f70-5f16-0410-b530-b9f4589650da
2005-12-31 19:49:12 +00:00
HD Moore 2029e8a335 Revert stupid hack, done right now
git-svn-id: file:///home/svn/incoming/trunk@3277 4d416f70-5f16-0410-b530-b9f4589650da
2005-12-30 06:49:25 +00:00
HD Moore 1d673f144c Claim the socket when a shell is found, regardless of the return value of create_session()..
git-svn-id: file:///home/svn/incoming/trunk@3276 4d416f70-5f16-0410-b530-b9f4589650da
2005-12-30 06:40:41 +00:00
HD Moore 97129d0303 New modules, module renames
git-svn-id: file:///home/svn/incoming/trunk@3254 4d416f70-5f16-0410-b530-b9f4589650da
2005-12-26 14:34:22 +00:00
HD Moore 7a26ec55bf Proxy chaining patch from bmc
git-svn-id: file:///home/svn/incoming/trunk@3244 4d416f70-5f16-0410-b530-b9f4589650da
2005-12-18 02:19:21 +00:00
HD Moore 88658064df /usr/bin/ruby vs /usr/bin/env ruby
git-svn-id: file:///home/svn/incoming/trunk@3242 4d416f70-5f16-0410-b530-b9f4589650da
2005-12-17 06:46:23 +00:00
Matt Miller 22278ce458 vncinject payload
git-svn-id: file:///home/svn/incoming/trunk@3201 4d416f70-5f16-0410-b530-b9f4589650da
2005-12-12 07:07:19 +00:00