adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
68,051 Commits 27 Branches 1,043 Tags
052d233bd973e6a7e8b39da038962ceffa4cc6de
Commit Graph

135 Commits

Author SHA1 Message Date
ssst0n3 246a3604b8 set the org to be 0x400000 2022-05-13 10:50:19 +08:00
Grant Willcox d29f5690a1 Add in backup code to DLL template to fall back to old way of executing things in case the BREAKAWAY_FROM_JOB flag cannot be used 2022-03-31 14:28:29 -05:00
Grant Willcox 743138abed Add in initial fixes from review and remove extra BREAKAWAY_FROM_JOB code changes not directly related to this PR as we'll raise a separate PR for those 2022-03-31 12:13:29 -05:00
Grant Willcox e5c0259723 Add CREATE_BREAKAWAY_FROM_JOB flag to source files related to DLL generation, update the exploit source to denote how to clean up in case the payload can't clean up 2022-03-23 19:38:32 -05:00
Grant Willcox a25b3a70ad Update permissions on template DLLs 2022-03-23 17:49:03 -05:00
Grant Willcox b1ce05f97c Add in updated Ruby code and also update the DLLs and prepend_migrate.rb to use the CREATE_BREAKAWAY_FROM_JOB flag with CreateProcess to break away from the job if the job has the JOB_OBJECT_LIMIT_BREAKAWAY_OK limit set to allow breakaway jobs 2022-03-23 17:47:25 -05:00
bwatters 9635fde12d Add support and templates for aarch64 targets 2022-02-10 10:49:02 -06:00
Spencer McIntyre efa125bb23 Document the synchronization procedure 2020-11-16 16:13:35 -05:00
Spencer McIntyre 3586644b62 Increase the payload space to 4096 within the DLL template 2020-11-16 15:58:59 -05:00
Spencer McIntyre 2d367b867d Add a synchronization primitive to the DLL template 2020-11-16 15:57:27 -05:00
Spencer McIntyre c6304704f4 Cleanup inconsistent whitespace in the DLL template 2020-11-16 11:26:15 -05:00
Spencer McIntyre d6e1eee635 Add a new Mixed Mode Assembly DLL payload template 2020-10-05 15:19:40 -04:00
bwatters-r7 c63d5fb4fb Recompiled binaries 2017-10-09 12:44:58 -05:00
bwatters-r7 0bf948e906 Removed binary files before recompiling 2017-10-09 11:35:41 -05:00
bwatters-r7 7df18e378d Fix conflicts in PR 8509 by mergeing to master 2017-10-09 10:30:21 -05:00
Brent Cook 605330faf6 Land #8842, add linux/aarch64/shell_reverse_tcp 2017-08-21 15:44:28 -05:00
Brent Cook e734a7923a Land #8267, Handle multiple entries in PSModulePath 2017-08-20 17:44:30 -05:00
Brent Cook d5a5321a8c Merge remote-tracking branch 'upstream/pr/8299' into land-8267- 2017-08-20 17:43:56 -05:00
Tim 8b4ccc66c7 add linux/aarch64/shell_reverse_tcp 2017-08-17 18:55:37 +08:00
L3cr0f 6a3fc618a4 Add bypassuac_injection_winsxs.rb module 2017-06-03 12:59:50 +02:00
HD Moore 0520d7cf76 First crack at Samba CVE-2017-7494 2017-05-24 19:42:04 -05:00
anhilo f3d6a8c456 split PSModulePath in multi strings with ';' 
1、allows the HTA window to be invisible
 2017-04-26 11:01:59 +08:00
Brandon Knight c724f0e05d Handle multiple entries in PSModulePath 
This commit handles the case where more than one entry exists in
the PSModulePath environment variable. The updated code will loop
through each entry in the PSModulePath checking for the presence of
powershell.exe. When one is encountered it will execute the payload
and exit the for loop.
 2017-04-19 11:22:38 -04:00
nixawk 637098466c Hidden black flash windows / Close HTA windows 2017-04-16 22:53:17 -05:00
David Maloney af4f3e7a0d use templates from the gem for psh 
use the templates now contained within the magical
gem of rex-powershell

7309
MS-2106
 2016-10-04 14:14:25 -05:00
mach-0 dcc77fda5b Add back accidentally-deleted nasm comment. 2016-10-03 23:47:13 -05:00
mach-0 eff85e4118 Just remove DT_HASH. 2016-10-03 23:43:19 -05:00
mach-0 8828060886 Fix linux x64 elf-so template. 
Previously the elf-so would crash when loaded with LD_PRELOAD,
due to not enough room for the symbol table.
 2016-10-03 23:24:31 -05:00
Christian Mehlmauer c6012e7947 add jsp payload generator 2016-09-06 22:17:21 +02:00
f7b053223a9e 629bc00696 Use MSXML decoder instead 2016-03-25 22:52:16 +09:00
f7b053223a9e 19bd7b98f4 Fix minor indenting issue 2016-03-01 11:50:56 +09:00
f7b053223a9e c8c5549b19 Send base64ed shellcode and decode with certutil 2016-03-01 10:48:25 +09:00
wchen-r7 737559bcbb Land #5180, VBA Powershell for Office Macro 2015-05-28 19:55:27 -05:00
wchen-r7 3bc3614be6 Do a check for powershell.exe before running it. 2015-05-15 11:48:21 -05:00
Meatballs 381f6ffe0a HTA Powershell template 2015-04-20 23:19:54 +01:00
Meatballs b229e87940 Create VBA powershell 2015-04-17 16:52:12 +01:00
joev 2d3614f647 Implement x64 BSD exec and exe template. 
- Fixes bug in CachedSize due to all options being set
- Adds new payload to payload_spec.
 2015-04-12 12:17:25 -05:00
navs 1c5cfeebb3 adding template and src for elf 64 shared object payload target 2014-06-19 00:38:16 -05:00
Meatballs d868294d5b MEM_RESERVE too 2014-06-08 17:37:57 +01:00
jvazquez-r7 9d08ebe273 Fix VirtualAlloc call on PSH old template 2014-06-08 11:09:03 -05:00
Meatballs 8bdb22aeb9 Merge remote-tracking branch 'upstream/master' into bypassuac_redo 
Conflicts:
	lib/msf/core/post/windows.rb
 2014-02-25 22:15:05 +00:00
David Maloney b1dfed8577 rebuilt template DLLs 
x86 dll template was way out of date and
did not match the x64 tempalte. rebuilt them both
 2014-02-25 15:34:42 -06:00
Spencer McIntyre 3299b68adf Landing #2767, @Meatballs1 Powershell Reflective Payload 2014-02-14 16:12:46 -05:00
Meatballs dc87575b9d Retab and whitespace 2013-12-22 21:04:44 +00:00
Meatballs f112e78de9 Fixes .war file creation 2013-12-22 20:58:21 +00:00
Meatballs 14c0096115 Update template 
Use Copy instead of memset
Remove | Out-Null
 2013-12-16 13:38:14 +00:00
Meatballs 25b84217ac Correctly VAlloc 2013-12-16 12:47:03 +00:00
Meatballs 8dfcc8aa77 WaitForThread 2013-12-16 12:44:58 +00:00
Meatballs 0a29176855 Update psh_web_delivery for reflection 2013-12-16 09:08:01 +00:00
Meatballs 7cc99d76ad Merge remote-tracking branch 'upstream/master' into powershell_auto_arch 
Conflicts:
	lib/msf/util/exe.rb
 2013-12-16 09:07:08 +00:00