1a0f77edb2
Land #2739 , DLL injection in msfvenom
...
lands Meatballs PR to fix dll injection
in Msfvenom. Test to ensure it still works
in the new MsfVenom
2014-02-28 14:22:17 -06:00
9e355e1265
Merge branch 'master' into dll_inject
2014-02-28 14:20:46 -06:00
ac446d3b3f
Land #3043 - randomization for Rex::Zip::Jar and java_signed_applet
2014-02-28 14:10:55 -06:00
566a791ef3
Land #2992 , Fix VNC Inject Defaults
2014-02-28 14:04:56 -06:00
fd1586ee6a
Land #2515 , plaintext creds fix for John
...
[FixRM #8481 ]
2014-02-28 09:53:47 -06:00
f66709b5bb
make bypassuac module clean itself up
...
since the IO redirection hangs our original process
we have the moudle wait for the session then kills
the spawning process and delete the exe we dropped
2014-02-27 12:54:40 -06:00
6c490af75e
Add randomization to Rex::Zip::Jar and java_signed_applet
2014-02-27 12:38:52 -06:00
d358fe5f94
Merge branch 'payload_defaults'
2014-02-26 10:28:46 -06:00
f51cbfffb8
minor fix to payload generator
...
was passing platform string instead of the
platform lsit when formatting the payload
2014-02-25 15:51:06 -06:00
d0780cd1a2
Land #3010 - EXITFUNC as OptEnum
2014-02-24 11:07:10 -06:00
e31a144f4d
Use better system call
2014-02-22 20:34:56 +00:00
0179faa66f
Fix yardoc for Post::Windows::LDAP
...
Also fix some style issues and warnings.
2014-02-21 13:25:11 -06:00
0b5e617236
Land #3016 lsanchez-r7's send_message mod to return info
2014-02-19 17:01:06 -06:00
c0cdea37f7
Initialize send_status at the function's start
2014-02-19 16:54:29 -06:00
f7a483523c
changing the initial state from false to nil
2014-02-19 16:45:00 -06:00
212ebb568c
EXITFUNC option should be an OptEnum.
2014-02-19 03:06:15 -06:00
4ca4d82d89
Land #2939 , @Meatballs1 exploit for Wikimedia RCE and a lot more...
2014-02-18 17:48:02 -06:00
07fd3494e5
changing send_message to return more information
2014-02-18 16:48:52 -06:00
4f9ab0b99f
Land #2903 , @Meatballs1 SPN gather post module
2014-02-18 13:53:32 -06:00
8e0a4aaa58
Land #2983 , webcam_chat for Meterpreter
2014-02-18 13:43:42 -06:00
5c8af63063
Fix regression
2014-02-18 17:41:35 +00:00
0519abb558
Fix the wrong conversion
2014-02-17 23:17:19 -06:00
1bc94b8a9d
Merge for retab
2014-02-17 19:19:47 -06:00
f07efc91a8
Land #2915 , @Meatballs1 improvements for LDAP post mixin
2014-02-17 19:14:59 -06:00
7f9b4a4bf4
Land #2655 , Re-do exe-small for scripting payloads.
2014-02-17 15:56:23 -05:00
f58b66adf8
Docs and more robust code
2014-02-14 23:15:05 +00:00
f5c401bee7
Yarddocs
2014-02-14 22:59:36 +00:00
3299b68adf
Landing #2767 , @Meatballs1 Powershell Reflective Payload
2014-02-14 16:12:46 -05:00
f7858bf1a7
SnakeCase option looks better
2014-02-14 21:05:24 +00:00
983f5abc2f
Make vnc a bit safer to use
2014-02-14 20:59:44 +00:00
d606be5efb
That's funny I changed the wrong method
2014-02-13 16:41:18 -06:00
5d3eed8600
Add info about browser requirements in help
2014-02-13 16:37:05 -06:00
9c48335764
Change to google.com
2014-02-13 16:30:44 -06:00
a44f235a8d
Fix things based on Tod's feedback
2014-02-13 16:13:42 -06:00
4dd60631cb
Land #2950 - New Payload Generator for MsfVenom
2014-02-13 15:13:10 -06:00
61563fb2af
Do minor cleanup
2014-02-13 09:10:04 -06:00
4565be18e3
require active_support numeric
...
ensure we have the activesupport numeric bytes extension
loaded for calling .gigabyte
2014-02-12 13:20:13 -06:00
8b25b6e343
Land #2980 , @wvu-r7 fix to handle invalid session id on post module runs
2014-02-12 13:13:34 -06:00
ff267a64b1
Have into account the Content-Transfer-Encoding header
2014-02-12 12:40:11 -06:00
40db1c4d0d
s/auxiliarly/auxiliary/
2014-02-12 12:17:53 -06:00
45d4b1e1fd
Land #2958 - Add options: Applicaiton-Name, Permissions for jar.rb
2014-02-12 11:14:25 -06:00
750ce3c4db
Make server configurable
2014-02-11 23:07:43 -06:00
beca4b8bc3
Fix issue with getenv failing
...
The call to `getenv` failed when `%` or `$` were used because of the
differences between Meterpreter handling and MSF handling.
Meterpreter effectively ignores (ie. strips out) the platform-specific
characters which are used for environment variables. In the `getenv`
call, MSF was invoking `getenvs` and getting a full hash of values, then
attempting to index into the hash using a string which may be "polluted"
with those platform-specific characters. This meant that there was a
discrepency between what was returned and what was used to index and
as a result, the value would come out as `nil`.
For example, calling `getenv('%FOO%')` would result in a hash with
`{'FOO'=>'bar'}`, so looking for '%FOO%' in this result would yield
nothing.
This commit changes this so that the name is ignored and the first
value is returned.
2014-02-12 13:51:30 +10:00
5a488b310d
Use a more correct error message
...
-1 is a valid session ID, even though it's a fake one.
2014-02-11 18:06:43 -06:00
4a603b9a8d
Merge remote-tracking branch 'upstream/master' into beug/session
...
Conflicts:
lib/msf/base/simple/post.rb
2014-02-11 16:38:16 -06:00
18816f3d5e
Land #2952 , -1 for last session ID
2014-02-11 16:22:36 -06:00
2476d9be2d
Fix invalid session ID bug
...
This fix should work seamlessly with #2952 .
2014-02-11 15:43:35 -06:00
1f0020a61c
Land #2946 , @jlee-r7's optimization of the x86 block_api code
2014-02-11 15:00:00 -06:00
e3aa838e52
Fix on_session_module_run bug
2014-02-11 11:37:58 -06:00
51df2d8b51
Use the fixed API on the mediawiki exploit
2014-02-11 08:28:58 -06:00
David Maloney