aac74778b9
Move memory search method to Meterpreter stdapi
2024-01-24 19:53:30 +00:00
6a851855a8
spelling fixes for lib folder
2024-01-06 15:54:49 -05:00
296a7afc86
Land #18076 , Don't use length for freeing.
2023-06-09 10:10:29 -04:00
717ceae45b
Don't use length for freeing.
...
MSDN says this will never succeed - should always be zero.
2023-06-08 15:02:41 +10:00
42ef5ad322
remove TLV_TYPE_TOKEN_UPDATE_RESULT - update_token sends empty response when succeeds
2023-05-24 16:12:12 +02:00
3a685849a8
add update_token bridge + make_token module
2023-05-24 10:33:52 +02:00
069ad805c1
Fix ruby 3.1 crashes when garbage collecting meterpreter resources
2023-05-05 14:04:17 +01:00
f145a214ca
Add exception handling for finalizer methods
2023-02-07 20:28:15 +00:00
c436f42c8c
Land #16994 , Fix Multiple Registry Related Issues
2022-09-27 11:43:02 +01:00
0c5377b808
Consolidate registry value conversion logic
2022-09-21 09:06:58 -04:00
d82774be59
Test and handle REG_QWORD
2022-09-20 16:31:54 -04:00
2654752585
Fix REG_EXPAND_SZ correctly
2022-09-20 16:31:47 -04:00
61a2bde27d
Fix and test writing REG_EXPAND_SZ values
2022-09-08 12:18:28 -04:00
eaf149ac21
Add a missing type to #type_to_s
2022-09-07 11:52:12 -04:00
f1a7be6c49
Fix how REG_MULTI_SZ is handled
2022-09-06 16:53:30 -04:00
40b18b5e7a
Update lib/rex/post/meterpreter/extensions/stdapi/sys/process_subsystem/memory.rb
...
Co-authored-by: Spencer McIntyre <58950994+smcintyre-r7@users.noreply.github.com >
2022-07-01 12:56:45 -05:00
47f8d3acae
rename tlvs, add improvements
2022-07-01 12:56:42 -05:00
ecb09864d3
make sure generic permission is actually set
2022-06-30 13:27:51 -05:00
2c8ef87649
Add flag for running command in pty
2021-10-18 14:31:30 +01:00
5f92746b7d
add Process.capture_output
2021-05-04 20:48:58 +01:00
142ba7f123
Fix #15097 , fix unreliable sessions -c output
2021-04-28 19:06:29 +01:00
af330874f5
Prefix time module with namespace resolution operator
2021-03-04 13:19:09 +00:00
b95be3ed10
Zeitwerk rex folder
2021-02-08 12:24:12 +00:00
8070074da3
Almost final refactor of how IDs are handled
2020-06-09 08:58:26 +10:00
1807461882
Land #13069 , fix channel args and powershell_shell
2020-03-13 13:09:49 +08:00
5e65021914
Land #13054 , PPID_NAME fix for Windows migrate
2020-03-12 17:35:39 -05:00
f43c547a56
Fix args when directly opening a channel
2020-03-12 15:45:31 -04:00
204e4d8cdb
Switch to preferred style (ruby)
2020-03-12 09:59:08 +00:00
5081496786
fix rapid7/metasploit-framework#13060
2020-03-12 16:57:14 +08:00
bba65ac090
Fix #13053 - post/windows/manage/migrate & PPID_NAME
...
If its blank, no point in going forward!
2020-03-10 12:54:00 +00:00
30dcc3d78f
add support for ParentPid
2019-12-17 01:04:55 +01:00
48f1e1d909
Add the %D and %U meterpreter prompt chars
2019-10-10 21:13:12 -04:00
31eab90c74
fix mettle cmd_exec
2019-04-18 15:30:26 +08:00
3e571ff71a
Compatible with REG_MULTI_SZ when set value.
2018-11-29 15:47:09 +08:00
6a0534de14
Update splitkey method to match better on windows
2018-07-26 05:23:27 -04:00
7aef0f249e
Per MS-2916, load Mettle extensions via new API.
2017-12-07 20:40:22 -06:00
3068fb6e7e
Fix getprivs and getsystem
...
This is a fix for crap and stupid stuff that I did half way through the
packet pivot code. I was working on some priv stuff at the same time,
and when I realised that the work I was doing was not sensible as part
of the packet pivot PR, I failed to revert my changes properly.
As a result I broke `getprivs` and `getsystem`. I am sorry. And I'm
ashamed.
2017-09-27 16:31:42 +10:00
abc80655b7
Progress in named pipe pivots, more to come
2017-09-07 01:33:54 -05:00
283f36f79a
Compare headers w/process keys instead of themselves
...
Also clarifies a bunch of old bad variable names
2017-06-22 21:43:11 -05:00
32fbad7fca
Style changes for cmd_ps cleanup
2017-06-14 01:28:21 -04:00
762427b447
Clean up cmd_ps table output for Mettle
...
Mettle can run in all sorts of environments where some colums of a
process table will be nil. The existing implementation compacts
rows going into the table while providing filtering for the colum
contents only by checking the output of the first row in the proc
table.
Check column filters against all rows to ensure proper table init.
Check columns going into table for match against header.
Do not compact nil values in the table rows - some things, like
kthreads/workers dont have a path while other PIDs will.
2017-06-12 01:20:59 -04:00
57eabda5dc
Merge upstream/master
2016-10-29 13:54:31 +10:00
8b97183924
Update UUID to match detected platform, fail exploit on invalid session
2016-10-29 13:45:28 +10:00
bf7e7ae4be
Fix silly mistake with resetting arch in sysinfo
2016-10-29 08:32:32 +10:00
d201c5bccc
Force x86_64 to change over to x64 in sysinfo, tidy arch checks
2016-10-29 06:49:35 +10:00
1d617ae389
Implement first pass of architecture/platform refactor
2016-10-28 07:16:05 +10:00
0d5a23b865
Merge branch 'master' into land-7423-localtime
2016-10-10 23:54:38 -05:00
a89607bbdb
Prefer keyword argument
2016-10-04 23:14:14 -05:00
b7ea465855
refresh sysinfo when explicitly requested on a session
2016-10-04 22:06:06 -05:00
a4efa77878
Support driver list, adjust capcom exploit
...
This commit adds MSF-side support for listing currently loaded drivers
on the machine that Meterpreter is running on. It doesn't add a UI-level
command at this point, as I didn't see the need for it. It is, however,
possible to enumerate drivers on the target using the client API.
Also, the capcom exploit is updated so that it no longer checks for the
existence of the capcom.sys file in a fixed location on disk. Instead,
it enumerates the currently loaded drivers using the new driver listing
function, and if found it checks to make sure the MD5 of the target file
is the same as the one that is expected. The has is used instead of file
version information because the capcom driver doesn't have any version
information in it.
2016-10-04 11:27:20 +10:00
sjanusz-r7