This update adds the ability to manage multiple team server instances
through one Armitage client. This update also adds nickname completion
to the event log. Several bug fixes are included too.
This update to Armitage adds the ability to assign labels to hosts
and create dynamic workspaces based on these labs. This update also
adds helpers to configure USERNAME/PASSWORD options and EXE::Custom
and EXE::Template. Several bugs were fixed as well.
Armitage on Windows requires the user to specify their MSF
install folder. This tweak checks for an MSF 4.5 environment
and updates the specified folder to make everything work.
Like magic.
This is Armitage release 01.04.13. This update fixes several bugs
and improves the user experience launching *_login modules from
Armitage. This update adds a Windows 8 icon and includes a fix to
better work with the Metasploit 1.45 installer's environment.
ESI is not clobbered; no need to clear EDX as only DL is filled before and
it is overwritten before use.
Shellcodes in ruby modules not regenerated, but I guess you want to
regenerate them again anyway :-)
Those stagers will encrypt the initial stage with a 128-bit RC4 key and
the stage length with a XOR key. Both keys are embedded in the stager.
This should provide good evasion capabilities in addition to some
protection against MITM reversing (if the stager is sent a different
route, like in an executable on an USB key).
Note that, from a cryptanalyst's standpoint, it is a bad idea to reuse the
same stager (or stagers with the same RC4 and XOR keys) more than once
since an identical key will result in an identical keystream and make
correlation attacks easy. But I doubt that matters in practice.
Also note that since communication after the initial statging is not
encrypted, these stagers should be used in combination with additional
encryption support in the payloads (like Meterpreter).
Provided as a block to be included into stagers and/or decoder stubs.
Also included is a test shellcode that can be used for verifying that the
algorithm is compatible to Ruby's OpenSSL RC4 algorithm.
Downgrad JUnit version since JUnit 4 can only work with -target 1.5 or
higher class files.
Covered are Shell and Meterpreter stage, StreamForwarder, MemoryBuffer,
AESEncryption and Payload (Bind, Reverse, Spawn, AESPassword).
Check JavaPayload and Java Meterpreter against version incompatibilities
for Java 1.2, 1.3, 1.4, 1.5, and 1.6.
Note that webcam_audio_record is currently excluded from the checks, as it
uses Sun proprietary API for building the WAV file and is therefore
failing the build (and will most likely crash Meterpreter if run on a JVM
of version 1.4 or later that is not based on the Sun/Oracle JVM).
Possible workarounds (apart from either removing the module or changing it
to produce empty files when WAV creation is not supported) include
implementing the WAV file writer ourselves or providing raw PCM files
instead.
- Adds a call to mprotect(2) to the reverse and bind stagers
- Adds accurate source for some other linux shellcode, including some
comments to make it more maintainable
- Adds tools/module_payload.rb for listing all payloads for each exploit
in a greppable format. Makes it easy to find out if a payload change
causes a payload to no longer be compatible with a given exploit.
- Missing from this commit is source for reverse_ipv6_tcp
sinn3r