46d203a52f
Fix ssh server warnings on bootup with openssl 3
2022-08-24 10:42:09 +01:00
526ce819c0
Widen rescue scope for reverse ssh handler
2022-07-19 18:29:58 +01:00
1103f525a6
Stop msfconsole crashing with openssl3
2022-07-14 12:05:01 +01:00
d5373a7278
Removed redundant cleanup calls which exploit_driver will call anyway
2022-03-11 12:08:51 +11:00
c9d43aafe6
Use dereferencing directly, and rename 'stop' to 'cleanup' for clarity
2022-03-10 09:06:25 +11:00
837cf199a0
Use reference counting consistently for HTTP handlers ( Fixes #16315 )
2022-03-09 10:56:38 +11:00
dd2d512851
Support session -1 for ListenerComm options
2022-01-24 11:42:39 -05:00
184795513f
Land #15831 , add more ssh session support
2021-12-16 15:39:55 -06:00
726c5f26e3
SSH session consistency with auto-platform IDing
2021-11-12 16:03:27 -05:00
87d1e925d0
Add an interactive SSH payload
2021-11-12 16:01:22 -05:00
2447ce3eba
Use a random, modern UA string for HTTP payloads
2021-11-10 10:40:32 +11:00
cf479725b2
Add in string option for ReverseListenerComm to reverse_udp.rb so we don't encounter errors when calling select_com in lib/msf/core/handler/reverse/comm.rb
2021-10-07 12:07:24 -05:00
71aab90b53
Added TCP pivot details for reverse_tcp_double handlers
2021-10-04 23:07:15 +11:00
c9499fc70c
Show TCP forwarding information for UDP jobs and shells
2021-10-04 22:43:12 +11:00
0df82e9a21
HTTP payload listeners support ReverseListenerComm param, and display of the session it transits over
2021-10-04 20:27:06 +11:00
ef8628f1ad
Avoid modifying payload_uri, which may be used elsewhere
2021-10-02 14:57:26 +10:00
2784ce88c1
Use correct property of listener_sock
2021-09-24 20:47:06 +10:00
3dec024fbd
When listing sessions and jobs, note whether they are dependent on TCP forwarding
2021-09-24 20:30:57 +10:00
8b8d138812
Land #15496 , specify SSLVersion for servers
2021-08-26 10:57:11 -05:00
5acd0ee5d6
Fix #15480 , fix IgnoreUnknownPayloads for stageless reverse_http payloads
2021-08-13 16:57:04 +01:00
8d66913c00
guard hrr_rb_ssh from zeitwerk eager loading
...
if/when eager loading is enabled any class or top level require
will be exercised during the process. Since the ruby builtin PTY
does not function in Windows, defer requires that inveract with symbols
in the `hrr_rb_ssh` gem to ensure they load only during runtime.
2021-08-09 12:22:13 -05:00
c43d55068c
Add the SSLVersion datastore option for handlers
...
Requires rapid7/rex-socket#37 for the option to be honored.
2021-08-06 14:44:48 -05:00
e4100c8018
Fix rubocop issues in the handler file
2021-07-23 11:12:46 -04:00
10ad84434c
Initial support for pivoting over SSH
2021-06-25 21:19:05 -04:00
a9d38ecc15
Land #14430 , Add warnings for no db connection while using uuid tracking
2021-03-24 12:12:18 +00:00
7fbbe23426
Remove more requires that were missed before
2021-02-08 14:51:58 +00:00
b95be3ed10
Zeitwerk rex folder
2021-02-08 12:24:12 +00:00
bad5ccbc49
Remove msf/base requires
2021-01-05 14:59:46 +00:00
1617b3ec9b
Use zeitwerk for lib/msf/core folder
2020-12-07 10:31:45 +00:00
8f729b6fd5
removed this JSON
2020-12-04 11:26:01 +08:00
893dd6b653
fix #14158
2020-11-25 20:07:00 +08:00
2007583c29
Land #13238 , Replace exit calls in bind_named_pipe handler with Thread.exit calls
2020-08-11 14:09:39 -05:00
0882b62cf6
Replace return with Thread.exit call and interrupt_wait_for_session
2020-08-11 14:08:26 -05:00
65039a5091
Merge upstream into 6.x
2020-07-15 09:58:07 -05:00
26cbfa5d56
Land #13417 , SMBv3 integration with Framework
2020-06-24 14:09:11 -04:00
1a2bf98222
creates standard elog & updates exisiting usages
2020-06-22 12:48:39 +01:00
a9a1d01419
Update some libraries and modules
2020-06-09 14:18:52 +02:00
48290ac38a
Fix a stupid mistake with core_patch_url
...
This was not originally ported to an int when it should have been.
2020-06-09 08:58:27 +10:00
1e044d5ca1
changed 'exit' to 'return' in bind_named_pipe handler
2020-04-12 19:38:05 +01:00
059dd59d90
Use the new max_length check elsewhere
2020-03-11 11:56:15 -04:00
db9626153b
Minor refactoring for style, whitespace, etc.
2020-03-11 11:56:15 -04:00
2283948fcf
Fixed description in reverse_http payload, for real
2020-03-11 11:55:18 -04:00
364b6c1359
Fixed description in reverse_http payload
2020-03-11 11:55:18 -04:00
f10f5701dd
Added maximum string length check
2020-03-11 11:43:10 -04:00
2db93c9051
Land #12002 , Feature/reverse ssh
...
Merge branch 'land-12002' into upstream-master
2020-02-21 09:17:51 -06:00
1aa412ccc0
add some of bcoles suggested fixes
2020-02-19 13:52:38 -05:00
7f82816065
Add description udp listening information
2020-01-10 14:58:36 +08:00
21dd5f438d
Address some of @bcoles comments
2019-09-15 01:14:04 -04:00
d1eaac9932
Implement native reverse SSH via openssh binary
...
Implement a reverse SSH shell using nothing but the on-target SSH
client and a fifo in the same manner as used by netcat payloads.
This is not forensically sound as the fifo will be caught by HIDS,
filesystem snapshots, and other defensive measures. However, it
does provide a way out from almost any modern POSIX system as they
nearly all have an SSH client in one form or another.
Convert existing Ruby reverse SSH payloads to use dynamic cached
payload sizing.
2019-06-23 05:48:50 -04:00
c339662fed
SshCommandSession and Ruby Payloads
...
Implement a command-only session type over the HrrRbSsh client
Connection Channels' file descriptors, adjust from base command
session to deal with the separate reader/writer IOs. Technically,
a TTY session works out of the box here as well.
Implement a pair of showcase Ruby payloads using net/ssh to call
back to the handler, create a shell channel, and loop piping I/O
between framework session and client via the Ruby backtick exec.
Next Steps:
Command payloads need to be written for every major interpreted
language as well as some sort of bashism a la openssl_double if
it comes to that, but preferably single socket implementation.
Testing:
Very minimal, needs a good run through by the community and R7
2019-06-23 05:20:04 -04:00
adfoster-r7