Metasploit Framework

Go to file

Professor-plum 99546330f1 Added PlugX Controller Stack Overflow Module This module exploits a stack overflow in the Plug-X Controller when handling a larger than expected message. This vulnerability can allow remote code execution however it causes a popup message to be displayed on the target before execution is gained. ## Verification Run the PlugX C2 server on a target windows machine. The sample 9f59a606c57217d98a5eea6846c8113aca07b203e0dcf17877b34a8b2308ade6 is a Plux Type 1 server that works good for testing. - [ ] use exploit/windows/misc/plugx - [ ] set RHOST [ip of target] - [ ] set target 1 - [ ] exploit - [ ] acknowledge the "PeDecodePacket" message on the target Sample output: ``` msf> use exploit/windows/misc/plugx msf exploit(plugx) > set rhost 192.168.161.128 rhost => 192.168.161.128 msf exploit(plugx) > set target 1 target => 1 msf exploit(plugx) > check [] 192.168.161.128:13579 - "\x03\xB0\x02\x00\x04\x00" [] 192.168.161.128:13579 The target appears to be vulnerable. msf exploit(plugx) >		2017-07-29 10:36:42 -06:00
.github	Add documentation requirement to PR template	2017-04-05 10:03:05 -04:00
app	Move shared example from pro into framework	2016-04-07 13:09:52 -05:00
config	Land #6556 , include Vagrant development environment provisioner	2016-06-09 09:55:37 -05:00
data	use https for metaploit.com links	2017-07-24 06:26:21 -07:00
db	Bump version of framework to 4.13.11	2017-01-04 14:53:33 -08:00
docker	Land #8689 , Docker improvements	2017-07-17 10:12:20 -05:00
documentation	use https for metaploit.com links	2017-07-24 06:26:21 -07:00
external	Land #8655 , add error handling to mipsle linux reverse tcp stager	2017-07-11 22:33:54 +08:00
lib	Bump version of framework to 4.15.5	2017-07-28 10:21:44 -07:00
modules	Added PlugX Controller Stack Overflow Module	2017-07-29 10:36:42 -06:00
plugins	Land #8612 , RSS feed plugin	2017-07-24 17:27:00 -05:00
script	kill cucumber in framework	2017-07-12 08:00:29 -05:00
scripts	use https for metaploit.com links	2017-07-24 06:26:21 -07:00
spec	use https for metaploit.com links	2017-07-24 06:26:21 -07:00
test	use https for metaploit.com links	2017-07-24 06:26:21 -07:00
tools	use https for metaploit.com links	2017-07-24 06:26:21 -07:00
.dockerignore	use https for metaploit.com links	2017-07-24 06:26:21 -07:00
.gitignore	use https for metaploit.com links	2017-07-24 06:26:21 -07:00
.gitmodules	Add RDI submodule, port Kitrap0d	2013-11-27 16:04:41 +10:00
.mailmap	refine rageltman, add rwhitcroft	2016-12-22 00:58:58 -06:00
.rspec	Add modern --require to .rspec	2014-10-08 10:55:40 -05:00
.rubocop.yml	update rubocop rules for common practice	2017-07-24 06:15:35 -07:00
.ruby-gemset	Restoring ruby and gemset files	2014-05-20 10:17:00 -05:00
.ruby-version	revert back to Ruby 2.4.1	2017-06-23 20:39:44 -05:00
.simplecov	Remove fastlib	2014-09-18 15:24:21 -05:00
.travis.yml	kill cucumber in framework	2017-07-12 08:00:29 -05:00
.yardopts	update .yardopts	2014-07-24 13:59:04 -05:00
CODE_OF_CONDUCT.md	Add individual contacts	2016-01-13 10:35:39 -06:00
CONTRIBUTING.md	Add note about release notes to CONTRIBUTING.md	2016-08-22 15:15:22 -05:00
COPYING	Updated COPYING	2017-01-17 12:36:26 +10:00
Gemfile	only pin rb-readline on linux/osx	2017-07-23 12:13:15 -07:00
Gemfile.local.example	update Gemfile.local example, use Gemfile.local if it exists when bundling	2017-04-30 10:57:55 -05:00
Gemfile.lock	Bump version of framework to 4.15.5	2017-07-28 10:21:44 -07:00
HACKING	Update link for The Metasploit Development Environment	2014-07-15 10:16:47 -05:00
LICENSE	move gem licenses to a separate auto-generated file	2017-04-07 11:49:58 -05:00
LICENSE_GEMS	kill cucumber in framework	2017-07-12 08:00:29 -05:00
README.md	Removed dead SourceForge link	2017-07-20 09:32:52 -05:00
Rakefile	trying rspec-retry	2017-06-20 14:02:32 -05:00
Vagrantfile	fix #8693 , update Vagrant to latest rvm syntax	2017-07-10 21:41:50 -05:00
docker-compose.yml	add timezone	2017-05-21 15:21:40 +02:00
metasploit-framework.gemspec	Update payloads	2017-07-28 09:56:03 -07:00
msfconsole	Move service stub in x86 encoder to be easily used.	2016-06-23 14:56:03 +02:00
msfd	Initialize the DisableBanner option	2015-10-08 14:08:45 -05:00
msfrpc	Change {} back to do/end	2015-03-09 00:00:49 -05:00
msfrpcd	allow overriding the default timeout for a session	2015-05-01 15:04:55 -05:00
msfupdate	update specs	2017-05-27 00:34:12 -05:00
msfvenom	Removing unnecessary spaces	2017-05-04 10:41:02 -03:00

README.md

Metasploit

The Metasploit Framework is released under a BSD-style license. See COPYING for more details.

The latest version of this software is available from: https://metasploit.com

Bug tracking and development information can be found at: https://github.com/rapid7/metasploit-framework

New bugs and feature requests should be directed to: https://r-7.co/MSF-BUGv1

API documentation for writing modules can be found at: https://rapid7.github.io/metasploit-framework/api

Questions and suggestions can be sent to: Freenode IRC channel or e-mail the metasploit-hackers mailing list

Installing

Generally, you should use the free installer, which contains all of the dependencies and will get you up and running with a few clicks. See the Dev Environment Setup if you'd like to deal with dependencies on your own.

Using Metasploit

Metasploit can do all sorts of things. The first thing you'll want to do is start msfconsole, but after that, you'll probably be best served by reading Metasploit Unleashed, the great community resources, or the wiki.

Contributing

See the Dev Environment Setup guide on GitHub, which will walk you through the whole process from installing all the dependencies, to cloning the repository, and finally to submitting a pull request. For slightly more information, see Contributing.