adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
36,919 Commits 27 Branches 1,043 Tags
478cd2ed5c4e4651a5fa4e9ed7ccf8fb795bd2cf
Commit Graph

125 Commits

Author SHA1 Message Date
Brent Cook 3f4c6eb370 Land #5383, allow tunneling reverse_tcp meterpreter sessions without 'route add' 2015-12-22 15:42:42 -06:00
wchen-r7 14b1b3a1f0 Land #6299, Stageless HTTP(S) Python Meterpreter 2015-12-04 16:16:54 -06:00
Sonny Gonzalez d7aeabbb71 Land #6293, listener bind_port fix 2015-12-02 13:16:23 -06:00
Spencer McIntyre fba9715a56 Add stageless python meterpreter http & https payloads 2015-11-28 17:41:55 -05:00
Jon Cave 0c8eb6fb37 Display ReverseListenerBindPort if it is set 
ReverseListenerBindPort overrides LPORT if it is used. The `listener_uri`
method should use the output `bind_port` to account for this.
 2015-11-27 09:16:20 +00:00
Brent Cook e5119e6446 use payload_uri's result to derive lhost / lport 2015-11-26 15:21:51 -06:00
Brent Cook 216119c05c unfold override lhost/lport logic 2015-11-26 15:15:21 -06:00
sammbertram cd4aa28d11 Transport priority changes 
Pass in the "lhost" and "lport" options to the default transport during the native payload. This takes the following LHOST priorities:
1. OverrideLHOST, only if OverrideRequestHost is TRUE
2. The request Host: header.
3. The LHOST datastore.
 2015-11-13 13:21:46 +00:00
James Lee 344e8a6f90 Refactor common reverse options 2015-10-29 15:15:20 -05:00
James Lee 46159f5dbe Back out the Comm stuff for HTTP 2015-10-29 14:22:34 -05:00
James Lee d51f0ebd4c Refactor "via" string into a method 2015-10-16 15:08:00 -05:00
James Lee b16c284395 Determine comm from ReverseListenerComm in reverse_http 
Also some copypasta from reverse_tcp to display where we started the
listener.
 2015-10-09 08:54:01 -05:00
HD Moore 32255a4621 Always show the URI and User-Agent for unknown requests 2015-10-05 11:05:05 -05:00
Meatballs a10bf76c29 Merge remote-tracking branch 'upstream/master' into reverse-listener-comm 
Conflicts:
	lib/msf/core/handler/reverse_http.rb
 2015-09-04 10:36:00 +01:00
Brent Cook 92958bdf8b prefer && to 'and' for consistent order-of-operations 2015-08-16 11:21:22 -05:00
HD Moore 6e75db090f Fix comment 2015-08-12 21:11:48 -05:00
HD Moore e9203060b0 Allow the hostname and port to be overridden, necessary for complex NAT setups 2015-08-12 16:20:14 -05:00
Brent Cook c30127cfe8 Land #5729, add user-agent list, MeterpreterUserAgent derives from this 
Later PRs will convert modules to use this. A random user agent might be nice
for meterpreter actually.
 2015-07-24 17:39:30 -05:00
OJ b6e25506d0 Add a common user agent list, use the shortest for Meterpreter 2015-07-15 13:03:47 +10:00
Spencer McIntyre 29d45e3b18 Pymet patch in timeout info on generate_stage 2015-07-03 14:12:29 -04:00
Spencer McIntyre 0af397217c Merge pymet transport feature into fresh branch 2015-07-02 08:43:13 -04:00
OJ a5ad56754f Use full namespace for PACKET_TYPE_RESPONSE 2015-07-02 08:03:39 +10:00
HD Moore e7271e3c04 Call the Meterpreter methods directly vs pollute the namespace 2015-07-01 16:04:54 -05:00
Spencer McIntyre 79185e91c6 Refactor the pymet to use transport objects 2015-06-26 14:56:31 -04:00
OJ a8c20496be Remove unused code from the java http stager 2015-06-24 22:37:40 +10:00
Brent Cook b8a8e65c2c Merge branch 'master' into land-5394-uuid-tracker 2015-05-29 16:22:45 -05:00
HD Moore 4622fa60eb Register the init_* URLs and whitelist these 2015-05-21 00:22:41 -05:00
HD Moore ac0004ea0a Implement IgnoreUnknownPayloads 2015-05-20 19:47:17 -05:00
Meatballs 9bc5cdd423 Refactor to common mixin 
Remove the datastore option from HTTP as currently does nothing.
 2015-05-20 00:24:09 +01:00
OJ 0d56b3ee66 Stage UUIDs, generation options, php and python meterp uuid 2015-05-18 13:29:46 +10:00
OJ 69d2b8ffb1 Various code format, style changes, file moves 
As per Egypt's suggestions.
 2015-05-12 09:43:41 +10:00
OJ e45bf5cf51 Remove the URI patcher now that it's not used at all 2015-05-05 07:35:49 +10:00
OJ 6ac3ecfa7c Refactor, add reverse_winhttps support 
Getting closer to a normalised view of what this stuff will look like.
There URL patching is slowly being removed. Reverse HTTPS works fine,
and by default HTTP should too.

Next up, x64 for the same main ones.
 2015-04-26 12:11:14 +10:00
OJ 86957d9b07 Merge branch 'upstream/master' into connection-recovery 2015-04-21 20:01:59 +10:00
Brent Cook 18225780da cleanup HTTP and HTTPS listeners when sessions are closed 
Rather than listening forever after a session shuts down, close the session if
there are no other URI's registered on the listener. This allows reconfiguring
the listener without restarting framework, but should be safe for situations
where multiple modules share the same listener.
 2015-04-17 02:41:24 -05:00
OJ 0a8b29dd86 Merge branch 'upstream/master' into connection-recovery 
Conflicts:
	lib/rex/post/meterpreter/ui/console/command_dispatcher/core.rb
 2015-04-17 14:40:21 +10:00
OJ 4e49964c15 Add support for init_connect for stageless payloads 
This new mode for HTTP/S stageless allows the stageless payload to be
reused without MSF believing that the session has already been
initialised.
 2015-04-14 16:43:07 +10:00
OJ c83a763150 Fix IPv6 issues in staged and stageless 
* Stageless payloads weren't adding brackets around IPv6 hosts.
* Staged HTTP handler was using an undefined function to check for IPv6
addresses when host header overriding was disabled.
 2015-04-09 23:33:10 +10:00
OJ 809409d8c4 Lots of changes to support moving timeouts to common spots 
Session expiry, comms timeout, retry total/wait are all now part of all
of the meterpreter payloads as these are going to be used for
maintaining access with resiliency and will aim for consistency across
the payload types.
 2015-04-09 17:57:43 +10:00
OJ 53d5b97634 Add support for UUID generation in transport switching 
If the session doesn't have a payload UUID we now generate one as best
we can. This code will probably go away when TCP related transports have
had the UUID stuf baked in.
 2015-04-07 17:25:55 +10:00
HD Moore 98c95104da Use ||= for consistency 2015-04-06 10:55:14 -05:00
HD Moore c9696d3f6c Merge in stageless/transport work, deconflict 2015-04-04 11:52:26 -07:00
OJ fd043d4842 Fix up build and missing uri_checksum stuff 
Somehow this made it into a merge when it shouldn't have. This fix moves
the URI checksum module to where it needs to be and updates all the
references where required. This will result in a class with the dynamic
transport branch, but I can fix that after.
 2015-04-03 13:42:25 +10:00
HD Moore a39ba05383 Functional Payload UUID embedding via PayloadUUIDSeed 2015-03-31 15:44:18 -05:00
HD Moore a9cfd7efef Merging master back into the UUID branch 2015-03-31 12:02:03 -05:00
Brent Cook e0568e95c2 Land #4978 @zerosteiner adds reverse https for python meterpreter 2015-03-26 19:16:46 -05:00
Brent Cook 5ac1ee1d73 fix http/s handler reference counting for pymet 
add a persistent session counter to avoid stopping listening when pymet stages over http/s
 2015-03-26 18:26:56 -05:00
OJ 9c9d333a1b Create verify ssl mixin, adjust some formatting 2015-03-23 13:21:08 +10:00
HD Moore bc3c73e408 Merge branch 'master' into feature/registered-payload-uuids 2015-03-22 18:51:13 -05:00
HD Moore 378e867486 Refactor Msf::Payload::UUID, use this in reverse_http 2015-03-22 16:17:12 -05:00