adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
46,097 Commits 27 Branches 1,043 Tags
974e5d5750434f24212d7bd83f31081883cbb334
Commit Graph

243 Commits

Author SHA1 Message Date
Wei Chen e6482537a5 Land #11083, set user agent in Windows reverse_http(s) stagers 2018-12-19 09:39:54 -08:00
asoto-r7 28bb518dbd Land #10349, deconflict the method names in mix-ins 2018-07-23 11:40:49 -07:00
Brent Cook c5dce5edd7 Land #10217, keep bind_named_pipe with SMBv1 2018-07-02 12:56:00 -07:00
bwatters-r7 914f8ba872 Land #9734, Remove unwanted 'pop RAX' from windows/x64/reverse_(win)http 2018-04-04 19:06:17 -07:00
Jeffrey Martin d756db4f9d Land #9613, add bind_named_pipe x86 2018-03-17 20:33:05 -07:00
bwatters-r7 00d5fcfd97 ReLand #9565, Reverse TCP x64 RC4 via max3raza's rc4_x64 asm 
This reverts commit 7964868fcd.
 2018-03-02 17:46:46 -06:00
bwatters-r7 d2150c8d15 Revert "Land #9565, Reverse TCP x64 RC4 via max3raza's rc4_x64 asm" 
This reverts commit fcc579377f, reversing
changes made to 95cd149378.
 2018-03-02 17:45:58 -06:00
bwatters-r7 4841f29190 Land #9565, Reverse TCP x64 RC4 via max3raza's rc4_x64 asm 2018-03-02 16:41:33 -06:00
Brent Cook b3962c73b0 Land #9573, fixes for bind_named_pipe 2018-02-18 20:27:53 -08:00
Brent Cook 31ed50ac92 Land #9539, add bind_named_pipe transport to Windows meterpreter 2018-02-16 15:34:47 -08:00
Brent Cook 1045c1fc11 Land #9564, honoring retry counts for x86/64 Windows reverse_tcp payloads 2018-02-15 13:22:56 -08:00
Jeffrey Martin aecc1f143f Land #7699, Add UDP handlers and payloads (redux) 2018-02-13 14:46:07 -08:00
Brent Cook 48c3c7cd62 Land #9475, Fix import for Fix proxy authentication in reverse_http 2018-02-01 11:24:10 -06:00
bwatters-r7 af0c58c2ae Land #9335, Added socket bind port option for reverse tcp payload. 
Merge branch 'land-9335' into upstream-master
 2018-01-24 17:20:14 -06:00
Tim 15da7c699d Fix #7779, fix multi/meterpreter/reverse_http with web_delivery 2017-12-20 16:32:07 +08:00
Brent Cook ea37196614 use cooler names c/o @timwr, make options easier to grep 2017-11-21 13:47:19 -06:00
Brent Cook 2076db2d61 DRY up common stager and payload http and retry options 2017-11-21 13:47:19 -06:00
Brent Cook 1fd7f7c8bc prefix MeterpreterUserAgent and PayloadProxy* with Http for consistency, 
this also adds aliases where needed
 2017-11-21 13:47:19 -06:00
OJ a78d8f83fc Add HTTP header support for Host/Cookie/Referer 
This is to start the support for things like domain fronting.
 2017-11-21 13:47:18 -06:00
RageLtMan 124a1531f4 Clean up powershell exec string 
The scriptblock invocation is already coming from Rex, so there's
no need to re-wrap the executed code in more of the same.
 2017-10-06 13:19:36 -04:00
RageLtMan 9afdde2938 Address generation issues with pure PSH payloads 
Powershell payloads were generating using the :generate method
mixed in from Payload::Windows::Exec which is a binary payload
mixin.

Address the breakage by implementing a generate method which simply
outputs the script code produced by the module with no additional
content prepended or appended.

While here, cleanup the commandline generation for the script being
produced by having Rex do it (this permits changes made in Rex to
benefit all consumers).

As a bonus, drop the IEX invocation since it'll trip up AMSI and
upgrade to the scripblock execution semantic.

Credit for finding this little gem goes to bperry - i dont usually
use the native powershell command shells, and managed to miss this
for a long time. Thanks boss.

Testing:
  Local in pry

@bperry: Could you test and ping me back if this is right?
 2017-10-06 12:32:52 -04:00
root ec51ab2547 Exit function param bug 2017-09-26 11:16:41 +03:00
Brent Cook 9877a61eff bump payloads 2017-09-07 01:36:25 -05:00
OJ 7a2a47586b Fix named pipe migration stubs 2017-09-07 01:36:25 -05:00
OJ 4ec87985a2 Fix stager crash and support pivots in x64 meterp loader 2017-09-07 01:36:24 -05:00
OJ c8b8ef03bd Force max 0x10000 bytes when reading from pipe in stager 2017-09-07 01:36:23 -05:00
OJ 7acd772c10 Pivot session stability, display and handling 2017-09-07 01:36:21 -05:00
OJ fdc9864b61 First working packet pivot session! 2017-09-07 01:36:20 -05:00
OJ e3de01219a Pushed on with more pivot code 2017-09-07 01:33:54 -05:00
OJ abc80655b7 Progress in named pipe pivots, more to come 2017-09-07 01:33:54 -05:00
OJ 816e78b6f6 First pass of named pipe code for pivots 2017-09-07 01:33:53 -05:00
Brent Cook 4ca68a178b switch reverse_tcp stagers to all prefer StagerRetryCount 
This leaves ReverseConnectRetries as an alternate spelling.
 2017-08-08 19:27:00 -05:00
OJ 37b9cd07a2 Add support for the session GUID in the UI 
The Session GUID will identify active sessions, and is the beginning of
work that will allow for tracking of sessions that have come back alive
after failing or switching transports.
 2017-06-06 17:15:57 +10:00
alpiste f715fee10c The option StagerRetryWait will be used by default with the value of 5 seconds 2017-03-17 20:28:14 -03:00
alpiste 09442f226a Functionality was added to allow the payload to wait before trying to reconnect. 
Also the code was modified to allow the payload to infinite retry if 0 is set.
 2017-03-04 18:12:09 -03:00
Brent Cook 836da6177f Cipher::Cipher is deprecated 2017-01-22 10:20:03 -06:00
Brent Cook f69b4a330e handle Ruby 2.4 Fixnum/Bignum -> Integer deprecations 2017-01-22 10:20:03 -06:00
William Webb 5702bd6745 Land #7674, Move migration stub generation code into msf 2016-12-22 17:53:00 -06:00
OJ d0696a09ad Move migration stub generation into MSF 
This code adds support for transport-specific migration stubs to be
generated in MSF rather than having them hard-coded in Meterpreter.
 2016-12-08 16:01:13 +10:00
OJ bd8f8fd6cb More rework of payload structure to handle multi arch handlers 2016-11-29 15:21:13 +10:00
OJ c606eabbb9 Merge 'upstream/master' into universal-handlers 2016-11-22 14:06:46 +10:00
Brent Cook f313389be4 Merge remote-tracking branch 'upstream/master' into land-7507-uuid-arch 2016-11-20 19:08:56 -06:00
OJ b0970783ff Another interim commit moving towards universal handlers 2016-11-04 13:25:02 +10:00
OJ 47ac122c15 Add LURI support to the reverse_http/s stagers 2016-11-03 14:51:07 +10:00
OJ 494b4e67bd Refactor http/s handler & payloads 
This commit moves much of the platform-specific logic from the
reverse_http handler down into the payloads. This makes the handler
a bit more agnostic of what the payload is (which is a good thing).
There is more to do here though, and things can be improved.

Handling of datastore settings has been changed to make room for the
ability to override the datastore completely when generating the
payloads. If a datastore is given via the `opts` then this is used
instead otherwise it falls back to the settings specified in the usual
datatstore location.

Down the track, we'll have a payload that supports multiple stages, and
the datastore will be generated on the fly, along with the stage itself.
Without this work, there's no other nice way of getting datastore
settings to be contained per-stager.
 2016-11-02 11:33:59 +10:00
OJ 1d617ae389 Implement first pass of architecture/platform refactor 2016-10-28 07:16:05 +10:00
David Maloney 43942e6029 refactor pem parser to use the rex-socket gem version 
use rex-socket's pem aprser instead of the old one we used
to have in rex::parser

MS-1715
 2016-09-07 11:38:27 -05:00
scriptjunkie bc42ac5761 Fix #7117 by fixing stack offset 2016-07-21 20:48:08 -05:00
William Vu 6e7f07f0f3 Fix off-by-one error in #6954 
Props to @egypt for noticing. My bad. :-)
 2016-07-05 11:12:12 -05:00
William Vu 4b01213fb5 Rewrite the logic to be positive 
unless is the devil. unless/else doubly so.
 2016-07-01 09:15:42 -05:00