0d591a3136
Land #18526 , Add a command to customise DNS resolution
2023-11-23 17:46:16 +01:00
7442655ab9
Override to TCP when encountering UDP-unfriendly comms
2023-11-07 15:58:45 +11:00
c7e0e094fa
Add core session commands and test suite
2023-11-06 16:34:37 +00:00
e93a75cd01
Fix broken reverse ssh command shell
2022-08-04 23:58:11 +01:00
7277483022
add safe navigation to ensure fs access valid
2022-08-01 14:33:02 -05:00
aca1b8df9b
Use debug versions of extensions if MeterpreterDebugBuild is enabled
2022-04-13 14:10:57 +01:00
d99d14eaa8
Defer TLV logging until session is bootstrapped
2022-03-07 15:47:49 +00:00
a2fadf0606
Init logging on meterpreter's init, add option to change log file
2022-03-04 14:21:00 +00:00
f54f03fc92
Prevent payloads being used if can't clean up files
2021-11-17 15:40:16 +11:00
99308d896b
Refactor calling process_autoruns into the handler to be consistent
2021-04-15 09:07:12 -04:00
38688e1429
Only fire off on_session_open event after we know the session is fully initialised
2021-03-09 18:32:03 +00:00
f2e1afed79
Fix session verification by checking TLV negotiation
2021-02-22 11:19:31 -05:00
998b38cf0d
Enumerate Meterpreter's supported core commands
2021-02-19 15:51:33 -06:00
b95be3ed10
Zeitwerk rex folder
2021-02-08 12:24:12 +00:00
bad5ccbc49
Remove msf/base requires
2021-01-05 14:59:46 +00:00
0a87386c49
Add base folder to autoloader
2021-01-05 13:07:53 +00:00
07cbe426e2
Rails 5, all models inherit from ApplicationRecord
...
ApplicationRecord is a new superclass for all app models, analogous to app controllers subclassing ApplicationController instead of ActionController::Base. This gives apps a single spot to configure app-wide model behavior.
https://edgeguides.rubyonrails.org/upgrading_ruby_on_rails.html#active-record-models-now-inherit-from-applicationrecord-by-default
Deprecated Relation#uniq use Relation#distinct instead.
https://edgeguides.rubyonrails.org/5_0_release_notes.html#active-record-deprecations
2020-07-31 11:56:49 -05:00
1a2bf98222
creates standard elog & updates exisiting usages
2020-06-22 12:48:39 +01:00
b300284d82
switch logic
2019-10-11 16:22:51 -05:00
d87308e9c0
Fix a couple of bugs in the MeterpreterPrompt
2019-10-10 21:13:12 -04:00
48f1e1d909
Add the %D and %U meterpreter prompt chars
2019-10-10 21:13:12 -04:00
f63fd37938
Support a dynmaic meterpreter prompt
2019-10-10 21:13:12 -04:00
68f7ece9a1
Removed superfluous assignment and populated datastore with pingback_uuid
...
for payloads that require the pingbackvalue to be in the datastore.
2019-07-25 19:45:10 -05:00
310533f96c
First stab at filtering payloads that require cleanup
2019-07-25 19:44:09 -05:00
53557cc92e
replace trivial usage of expand_path with getenv
...
expand_path is not implemented consistently across platforms and
sessions, which leads to confusing behavior. In places where we have trivial
single variable expansions, this changes modules and library code to just use
getenv.
We'll look at the rest individually to see if they can also be reimplemented in
terms of getenv.
2019-05-31 17:44:35 -05:00
a5a8c88a6e
Implement resource scripting for command shells
2019-01-17 13:39:03 -06:00
0d0356ccdd
Land #11126 , Update sessions through the DBManager
2018-12-26 13:15:43 -06:00
eec7a3dafc
Remove debug code
2018-12-14 13:33:16 -05:00
c2af36f405
Use update_session rather than Mdm save method
...
The changes ensure that updates to an Mdm::Session are reflected on a
remote data service.
2018-12-14 12:22:49 -05:00
bba7bcc885
add support for ext_server_unhook
2018-09-19 16:20:26 -04:00
4aac8f5c39
Merge branch 'rapid7/master' into goliath
2018-01-02 17:34:40 -06:00
3339c3b74d
remove magic, because it causes complications with complex RC scripts
2017-12-20 11:49:42 -06:00
0c867d92fd
fix incorrect regex
2017-12-20 11:46:14 -06:00
2629ec6bdb
infer whether the user supplied a Meterpreter or resource script
2017-12-20 06:43:20 -06:00
90b97d6581
Merge branch 'upstream-master' into land-9151-
2017-12-15 14:15:14 -06:00
0f2bfb70c0
hacky fix for osx
2017-11-22 13:07:42 +08:00
48975a4327
Support multiple suffixes on meterpreter extensions.
2017-10-31 10:04:34 -05:00
daf2acc2b1
Initial work to support Mettle exetensions (and a sniffer).
...
See MS-2775.
2017-10-31 10:04:30 -05:00
85b59c87ca
fix buggy handling of partial ingress packet data
...
If we have more data, and the packet parser needs more data, connect the two
together rather than bailing. This fixes reverse_tcp_ssl along with probably a
lot of other higher-latency corner cases.
2017-10-27 02:15:08 -07:00
0dbfc9d447
WIP: Drop session objects before JSON conversion
...
The session object is not intended to be store in the DB.
There are a ton of subobjects and unneeded data that causes the JSON conversion
to hang or fail with 'stack level too deep' errors.
2017-10-06 11:43:01 -05:00
b9fdca04a1
rework logical fix for #8884 to function with bootstrap code
2017-09-07 01:43:58 -05:00
dfba42e2c1
Fix exception when datastore value is nil in meterp session
2017-09-07 01:36:24 -05:00
7acd772c10
Pivot session stability, display and handling
2017-09-07 01:36:21 -05:00
fdc9864b61
First working packet pivot session!
2017-09-07 01:36:20 -05:00
3b2e5e0785
Add a new core_native_arch method for meterpreter
2017-02-26 14:22:24 -05:00
10cfadaf98
add optional output to merterp run_cmd
...
the run_cmd method on meterpreter sessions can now
take an optiona output IO to redirect output. This allows
backgrounded sessions to also run commands and still output
to the console
2017-01-05 12:12:20 -06:00
294b1e5ed7
Move session_type to base, and map shell arch to string
2016-11-01 03:02:23 +10:00
eeff24d2ef
Change BSD regex as per Brent's suggestion
2016-11-01 01:26:45 +10:00
8b97183924
Update UUID to match detected platform, fail exploit on invalid session
2016-10-29 13:45:28 +10:00
1d617ae389
Implement first pass of architecture/platform refactor
2016-10-28 07:16:05 +10:00
Christophe De La Fuente