744724c083
conditionalize fingerprinting
...
* fix bug where host not preserved
2016-10-24 18:45:48 -05:00
e29567f390
Bump version of framework to 4.12.38
2016-10-24 14:25:47 -07:00
12508f7140
Fix DRDoS mixin to handle empty responses
2016-10-24 14:21:28 -07:00
39b889ea29
Land #7459 , Delay fingerprinting during import
2016-10-24 10:47:25 -05:00
ba3830c100
Land #7485 , lib/rex/post/gen.pl removal
2016-10-24 09:56:41 -05:00
bf59ba526a
Bump version of framework to 4.12.37
2016-10-24 07:35:41 -07:00
66a1b57c17
delete lib/rex/post/gen.pl
2016-10-24 08:53:45 -05:00
ce1f3e6b9e
Land #7451 , copy original signing certificate when backdooring APK
2016-10-22 18:04:22 +08:00
6b77f509ba
fixes bad file refs for cmdstagers
...
when moving to the rex-exploitation gem some of the
file references were missed, partially due to silly differences
between how each file was referenced
Fixes #7466
2016-10-21 12:31:18 -05:00
de87fccf85
Land #7469 , OJ's php preamble fix
...
this is OJ's fix for the bind_php payload
preamble that causes it to be missing the php
tags
2016-10-21 12:05:39 -05:00
8e0d866976
Bump version of framework to 4.12.36
2016-10-21 10:02:09 -07:00
b8e30a241e
Copy original cert data into new signing cert created for APK injection
2016-10-20 08:43:45 -07:00
1644a1e20b
Change how we populate workgroup/domain data
2016-10-19 17:24:26 -05:00
95294b00d1
Whitespace
2016-10-19 17:13:07 -05:00
078496437f
Make sure that the ntlm blob data is pasrsed into UTF-8
2016-10-19 17:11:04 -05:00
f18cbd655e
delay fingerprinting of host
...
MS-2073
* imports are slow mainly caused by fingerprinting after every service creation
* now only fingerprints after all the services are created for imports
2016-10-18 17:42:48 -05:00
43fd0a8813
Land #7436 , Put Rex-exploitation Gem Back
2016-10-18 16:03:54 -05:00
786600bd09
Remove the unused binary_suffix var
2016-10-18 16:15:00 +10:00
67d07a715c
add android_hide_app_icon
2016-10-17 19:02:48 +08:00
6fb418d4d2
Land #7447 , unify Android meterpreter method names, add missing stageless class
2016-10-17 04:48:43 -05:00
ebf52759cc
Land #7449 , unsuitable language fix
2016-10-16 03:23:05 -05:00
2ae62cfce1
Fix typo: Use a better adjective
2016-10-16 18:01:42 +10:00
d7ac8eba45
Create new signing certificate with dname value copied from original certificate.
2016-10-15 14:05:53 -07:00
5fad8d8efa
prefix android commands with android_
2016-10-15 23:57:20 +08:00
74340e9eb7
Bump version of framework to 4.12.35
2016-10-14 15:13:45 -07:00
5736b2c821
add missing require
2016-10-14 12:15:45 -05:00
b3666ff7ab
Bump version of framework to 4.12.34
2016-10-14 10:04:05 -07:00
5ab3401f98
Land #7430 , Refactor Android payload configuration into a byte array, add evasions
2016-10-14 10:01:23 -05:00
4c248ebe9e
Merge branch 'master' into land-7430-
2016-10-14 09:48:33 -05:00
a2fe934c15
Land #7435 , NTLM Util change to support Unicode hostnames
2016-10-14 09:46:10 -05:00
70011922a3
Remove binary suffixes for payloads that don't exist
2016-10-14 14:08:13 +10:00
022830634b
Rejig platform to use windows instead of win32/win64
2016-10-14 10:10:04 +10:00
7894d5b2c1
Revert "Revert "use the new rex-exploitation gem""
...
This reverts commit f3166070ba
2016-10-11 17:40:43 -05:00
2493ff1886
Revert "Revert "remove leftover cruft""
...
This reverts commit 74e0256448
2016-10-11 17:40:18 -05:00
13de5f9b1e
fix missing require in rex
...
this missing required caused an unitialized
constant in browser_autopwn2 because it required
the js utils bit directly without requiring rex-exploitation
2016-10-11 17:36:55 -05:00
fe36801918
Changed to convert hostnames and domains to UTF-8 rather than ANSI
...
after pulling them from the NTLM blob
2016-10-11 15:51:50 -05:00
e5ac3eda61
Land #7362 , Fix apk injection script to include android payload service and broadcast receivers
2016-10-11 07:54:10 -05:00
3d9cb7375c
store Android payload information in byte array
2016-10-11 14:41:32 +08:00
0d5a23b865
Merge branch 'master' into land-7423-localtime
2016-10-10 23:54:38 -05:00
699a8e91d2
Rework XOR code to make more sense
2016-10-10 13:38:08 +10:00
e139a1ee8f
Land #7383 : Rebase/Fix + SSL stager support for python
2016-10-10 13:06:09 +10:00
adb6f31e36
Bump version of framework to 4.12.33
2016-10-08 20:57:08 -07:00
74e0256448
Revert "remove leftover cruft"
...
This reverts commit 2be551cbd3
2016-10-08 21:55:22 -05:00
f3166070ba
Revert "use the new rex-exploitation gem"
...
This reverts commit 52f6265d2e
2016-10-08 21:55:16 -05:00
63bf93be1b
code and style cleanups
2016-10-08 21:04:15 -05:00
7c1fa3eb51
fix 'info -d module', it assumed active module only
2016-10-08 19:31:00 -05:00
44c5fc3250
Sync build_net_code post module upstream
...
Fix merge conflicts and add missing lines to framework version of
the DotNet compiler example module.
Test output to come in PR #5393
2016-10-08 14:06:35 -05:00
47b1320d08
Add options to cmd_psh_payload
...
Fill in validated datastore options for generating custom PSH
payloads
2016-10-08 14:06:35 -05:00
fb8e025aa5
Force datastore validation by option set
...
cmd_psh_payload relies on datastore options to have a proper
data type down the call chain. When modules are created with string
values for all data store options, a conditional naively checking
what should be a boolean value for false/nil? would return true
for a string representation of "false."
Ensure that datastore options are validated prior to using them
to set variables passed into Rex methods.
2016-10-08 14:06:35 -05:00
f24bfe7d4e
Import Powershell::exec_in_place
...
Allow passing exec_in_place parameter to cmd_psh_payload in order
to execute raw powershell without the commandline wrappers of
comspec or calling the powershell binary itself.
This is useful in contexts such as the web delivery mechanism or
recent powershell sessions as it does not require the creation of
a new PSH instance.
2016-10-08 14:06:35 -05:00
Louis Sato