adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
35,959 Commits 27 Branches 1,043 Tags
0ae2e64bc56dd8543a97cc4ebc94de4738376488
Commit Graph

111 Commits

Author SHA1 Message Date
HD Moore 32255a4621 Always show the URI and User-Agent for unknown requests 2015-10-05 11:05:05 -05:00
Brent Cook 92958bdf8b prefer && to 'and' for consistent order-of-operations 2015-08-16 11:21:22 -05:00
HD Moore 6e75db090f Fix comment 2015-08-12 21:11:48 -05:00
HD Moore e9203060b0 Allow the hostname and port to be overridden, necessary for complex NAT setups 2015-08-12 16:20:14 -05:00
Brent Cook c30127cfe8 Land #5729, add user-agent list, MeterpreterUserAgent derives from this 
Later PRs will convert modules to use this. A random user agent might be nice
for meterpreter actually.
 2015-07-24 17:39:30 -05:00
OJ b6e25506d0 Add a common user agent list, use the shortest for Meterpreter 2015-07-15 13:03:47 +10:00
Spencer McIntyre 29d45e3b18 Pymet patch in timeout info on generate_stage 2015-07-03 14:12:29 -04:00
Spencer McIntyre 0af397217c Merge pymet transport feature into fresh branch 2015-07-02 08:43:13 -04:00
OJ a5ad56754f Use full namespace for PACKET_TYPE_RESPONSE 2015-07-02 08:03:39 +10:00
HD Moore e7271e3c04 Call the Meterpreter methods directly vs pollute the namespace 2015-07-01 16:04:54 -05:00
Spencer McIntyre 79185e91c6 Refactor the pymet to use transport objects 2015-06-26 14:56:31 -04:00
OJ a8c20496be Remove unused code from the java http stager 2015-06-24 22:37:40 +10:00
Brent Cook b8a8e65c2c Merge branch 'master' into land-5394-uuid-tracker 2015-05-29 16:22:45 -05:00
HD Moore 4622fa60eb Register the init_* URLs and whitelist these 2015-05-21 00:22:41 -05:00
HD Moore ac0004ea0a Implement IgnoreUnknownPayloads 2015-05-20 19:47:17 -05:00
OJ 0d56b3ee66 Stage UUIDs, generation options, php and python meterp uuid 2015-05-18 13:29:46 +10:00
OJ 69d2b8ffb1 Various code format, style changes, file moves 
As per Egypt's suggestions.
 2015-05-12 09:43:41 +10:00
OJ e45bf5cf51 Remove the URI patcher now that it's not used at all 2015-05-05 07:35:49 +10:00
OJ 6ac3ecfa7c Refactor, add reverse_winhttps support 
Getting closer to a normalised view of what this stuff will look like.
There URL patching is slowly being removed. Reverse HTTPS works fine,
and by default HTTP should too.

Next up, x64 for the same main ones.
 2015-04-26 12:11:14 +10:00
OJ 86957d9b07 Merge branch 'upstream/master' into connection-recovery 2015-04-21 20:01:59 +10:00
Brent Cook 18225780da cleanup HTTP and HTTPS listeners when sessions are closed 
Rather than listening forever after a session shuts down, close the session if
there are no other URI's registered on the listener. This allows reconfiguring
the listener without restarting framework, but should be safe for situations
where multiple modules share the same listener.
 2015-04-17 02:41:24 -05:00
OJ 0a8b29dd86 Merge branch 'upstream/master' into connection-recovery 
Conflicts:
	lib/rex/post/meterpreter/ui/console/command_dispatcher/core.rb
 2015-04-17 14:40:21 +10:00
OJ 4e49964c15 Add support for init_connect for stageless payloads 
This new mode for HTTP/S stageless allows the stageless payload to be
reused without MSF believing that the session has already been
initialised.
 2015-04-14 16:43:07 +10:00
OJ c83a763150 Fix IPv6 issues in staged and stageless 
* Stageless payloads weren't adding brackets around IPv6 hosts.
* Staged HTTP handler was using an undefined function to check for IPv6
addresses when host header overriding was disabled.
 2015-04-09 23:33:10 +10:00
OJ 809409d8c4 Lots of changes to support moving timeouts to common spots 
Session expiry, comms timeout, retry total/wait are all now part of all
of the meterpreter payloads as these are going to be used for
maintaining access with resiliency and will aim for consistency across
the payload types.
 2015-04-09 17:57:43 +10:00
OJ 53d5b97634 Add support for UUID generation in transport switching 
If the session doesn't have a payload UUID we now generate one as best
we can. This code will probably go away when TCP related transports have
had the UUID stuf baked in.
 2015-04-07 17:25:55 +10:00
HD Moore 98c95104da Use ||= for consistency 2015-04-06 10:55:14 -05:00
HD Moore c9696d3f6c Merge in stageless/transport work, deconflict 2015-04-04 11:52:26 -07:00
OJ fd043d4842 Fix up build and missing uri_checksum stuff 
Somehow this made it into a merge when it shouldn't have. This fix moves
the URI checksum module to where it needs to be and updates all the
references where required. This will result in a class with the dynamic
transport branch, but I can fix that after.
 2015-04-03 13:42:25 +10:00
HD Moore a39ba05383 Functional Payload UUID embedding via PayloadUUIDSeed 2015-03-31 15:44:18 -05:00
HD Moore a9cfd7efef Merging master back into the UUID branch 2015-03-31 12:02:03 -05:00
Brent Cook e0568e95c2 Land #4978 @zerosteiner adds reverse https for python meterpreter 2015-03-26 19:16:46 -05:00
Brent Cook 5ac1ee1d73 fix http/s handler reference counting for pymet 
add a persistent session counter to avoid stopping listening when pymet stages over http/s
 2015-03-26 18:26:56 -05:00
OJ 9c9d333a1b Create verify ssl mixin, adjust some formatting 2015-03-23 13:21:08 +10:00
HD Moore bc3c73e408 Merge branch 'master' into feature/registered-payload-uuids 2015-03-22 18:51:13 -05:00
HD Moore 378e867486 Refactor Msf::Payload::UUID, use this in reverse_http 2015-03-22 16:17:12 -05:00
HD Moore 94241b2998 First attempt at rewiring HTTP handlers to use UUIDs 2015-03-21 03:15:08 -05:00
oj@buffered.io fd4ad9bd2e Rework changes on top of HD's PR 
This commit removes duplication, tidies up a couple of things and puts
some common code into the x509 module.
 2015-03-20 13:06:57 +10:00
OJ 7b4161bdb4 Update code to handle cert validation properly 
This code contains duplication from HD's PR. Once his has been landed
this code can be fixed up a bit so that duplication is removed.
 2015-03-20 12:52:47 +10:00
OJ 7899881416 Update POSIX bins from master 2015-03-19 14:50:14 +10:00
HD Moore b62da42927 Merge branch 'master' into feature/add-proxies-to-wininet 2015-03-18 01:51:15 -05:00
HD Moore 97def50cc2 Whitespace cleanup 2015-03-18 01:26:59 -05:00
HD Moore 8d3cb8bde5 Fix up meterpreter patching arguments and names 2015-03-18 01:25:42 -05:00
HD Moore 390a704cc7 Cleanup proxyhost/proxyport arguments to match new names 2015-03-18 01:19:05 -05:00
HD Moore f7a06d8e44 Rework PROXY_{HOST|PORT|TYPE|USERNAME|PASSWORD) to the new syntax 2015-03-18 01:15:32 -05:00
HD Moore 3aa8cb69a4 Fix two use cases of PROXYHOST/PROXYPORT 2015-03-18 01:08:09 -05:00
HD Moore 2ab14e7e79 Adds IPv6 and option-related issues with the previous patch 2015-03-18 01:01:10 -05:00
HD Moore a4df6d539f Cleanup proxy handling code (consistency & bugs) 
One subtle bug was that each time a request was received, a null byte was being appended to the datastore options for PROXY_USERNAME and PROXY_PASSWORD. Eventually this would break new sessions. This change centralizes the proxy configuration and cleans up the logic.
 2015-03-18 00:59:59 -05:00
HD Moore a01be365b0 Rework PROXYHOST/PROXYPORT to PROXY_HOST/PROXY_PORT 
This also cleans up the windows reverse_https_proxy stager.
 2015-03-18 00:59:13 -05:00
HD Moore 69a808b744 StagerProxy -> PayloadProxy 2015-03-16 12:14:42 -05:00