7c2d214af2
Clean up debugging, move options to one place and delete superflous file
...
change the uuid handing to prevent changes to it when it gets put in payloads
2019-07-25 19:45:05 -05:00
6ae3f97c4a
Maybe include the super pingback type in the payloads?
2019-07-25 19:44:11 -05:00
310533f96c
First stab at filtering payloads that require cleanup
2019-07-25 19:44:09 -05:00
f098a836e9
Stupid pry...
2019-07-25 19:43:14 -05:00
949b356f09
Update the session to die after callback
...
Remove stale old file
2019-07-25 19:43:14 -05:00
398a5dcce1
Reset send_uuid because it should not have been changed
...
remove debug print from options
change puts on pingback
2019-07-25 19:43:14 -05:00
89913924f6
Remove 'workspace' option from Mdm::Payload.create
2019-07-25 19:42:50 -05:00
f4fa70da0a
Add error handling for users without a database configured
2019-07-25 19:42:26 -05:00
6d6b33968f
Record UUID upon pingback_reverse_tcp generation and callback
2019-07-25 19:42:26 -05:00
1b64b9f984
Fix odd edge case converting binary to hex string
2019-07-25 19:42:26 -05:00
5202a85cd8
Use nonvolitile register for the counter
...
Change option name to match convention
2019-07-25 19:42:26 -05:00
d626e5641d
Updated to have a handler
2019-07-25 19:42:26 -05:00
9805a14875
Add support for pingback as a single and session...
2019-07-25 19:42:26 -05:00
cc69fa286f
Let's try it as a single this time....
2019-07-25 19:42:26 -05:00
4ca6c35053
Add new files
2019-07-25 19:42:26 -05:00
38b98dc6f7
Revert "Land #11903 , initial implementation of "pingback" payloads"
...
This reverts commit 3bd3dfc86ed7bc50fb25
2019-07-25 16:44:09 -05:00
3bd3dfc86e
Land #11903 , initial implementation of "pingback" payloads
2019-07-25 12:17:04 -05:00
709a9c2156
Remove async callback stuff for later work and change db checks
2019-07-25 09:08:22 -05:00
01b200bafa
Unpry
2019-07-24 16:58:44 -05:00
a84fb40a4b
update the read/write for pingback data
2019-07-24 15:36:33 -05:00
787c346af2
Remove extra assignments elsewhere
2019-07-22 15:01:33 -05:00
6396bccf63
Removed superfluous assignment and populated datastore with pingback_uuid
...
for payloads that require the pingbackvalue to be in the datastore.
2019-07-22 13:59:57 -05:00
b89df1b3eb
Fix printing in session handler while I'm at it...
2019-07-18 15:53:05 -05:00
66ff0af096
delete extra file
2019-07-18 15:45:41 -05:00
91ffeaa354
Clean up debugging, move options to one place and delete superflous file
...
change the uuid handing to prevent changes to it when it gets put in payloads
2019-07-18 15:44:20 -05:00
2ebc2c10aa
Maybe include the super pingback type in the payloads?
2019-07-17 14:13:42 -05:00
f2ed823516
First stab at filtering payloads that require cleanup
2019-07-17 13:23:20 -05:00
c339662fed
SshCommandSession and Ruby Payloads
...
Implement a command-only session type over the HrrRbSsh client
Connection Channels' file descriptors, adjust from base command
session to deal with the separate reader/writer IOs. Technically,
a TTY session works out of the box here as well.
Implement a pair of showcase Ruby payloads using net/ssh to call
back to the handler, create a shell channel, and loop piping I/O
between framework session and client via the Ruby backtick exec.
Next Steps:
Command payloads need to be written for every major interpreted
language as well as some sort of bashism a la openssl_double if
it comes to that, but preferably single socket implementation.
Testing:
Very minimal, needs a good run through by the community and R7
2019-06-23 05:20:04 -04:00
805d64428f
Stupid pry...
2019-06-13 10:27:29 -05:00
a11d6221d9
Update the session to die after callback
...
Remove stale old file
2019-06-13 09:08:14 -05:00
915149ad6d
Reset send_uuid because it should not have been changed
...
remove debug print from options
change puts on pingback
2019-06-10 15:03:49 -05:00
53557cc92e
replace trivial usage of expand_path with getenv
...
expand_path is not implemented consistently across platforms and
sessions, which leads to confusing behavior. In places where we have trivial
single variable expansions, this changes modules and library code to just use
getenv.
We'll look at the rest individually to see if they can also be reimplemented in
terms of getenv.
2019-05-31 17:44:35 -05:00
0bcb94f989
Remove 'workspace' option from Mdm::Payload.create
2019-05-30 11:40:08 -05:00
c89fd1cc3f
Add error handling for users without a database configured
2019-05-30 11:38:46 -05:00
e83bdf7c7e
Record UUID upon pingback_reverse_tcp generation and callback
2019-05-30 11:38:46 -05:00
b12128a8d0
Fix odd edge case converting binary to hex string
2019-05-30 11:37:34 -05:00
1ab0a04f60
Use nonvolitile register for the counter
...
Change option name to match convention
2019-05-30 11:37:33 -05:00
b818d6d9d3
Updated to have a handler
2019-05-30 11:37:33 -05:00
a2f55947e6
Add support for pingback as a single and session...
2019-05-30 11:37:33 -05:00
e233ee38ea
Let's try it as a single this time....
2019-05-30 11:34:06 -05:00
c9c78ba707
Add new files
2019-05-30 11:34:06 -05:00
ca13769c22
Remove special handling of missing CVE references
2019-05-13 18:12:18 -05:00
3757769906
Compromised on improved wording for NOCVE
2019-05-13 17:47:22 -05:00
fa06e88ab9
Revert "Display NOCVE reason in missing CVE reference"
...
This reverts commit c252ff2e7e
2019-05-13 17:38:35 -05:00
c252ff2e7e
Display NOCVE reason in missing CVE reference
2019-05-07 00:59:09 -05:00
ce39b929b2
Remove stray backslash - oops!
2019-04-24 11:50:53 -05:00
0ad5dca9fa
Revert to RelatedModules and handle Array/Hash
2019-04-24 11:26:52 -05:00
372ec1949a
Handle NOCVE and module traits
2019-04-23 19:47:49 -05:00
c0e675abfb
Change dump_aka to dump_notes with special casing
...
Also add RELATED for related modules.
2019-04-23 16:31:40 -05:00
2ef2e65424
Ready
2019-04-02 18:06:56 -04:00
bwatters-r7