adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
38,020 Commits 27 Branches 1,043 Tags
f1523d0804e13b59e414a9cc05d8aecdfca77ec1
Commit Graph

131 Commits

Author SHA1 Message Date
wchen-r7 a2a522be07 Land #6716, Add a rescue to catch method missing for stage_payload 2016-03-30 13:08:52 -05:00
James Lee ead6e6b6b6 Use a print_prefix instead 2016-03-30 11:50:45 -05:00
James Lee 0a239742f5 Show handler URI so we know which job's responding 2016-03-30 11:35:04 -05:00
OJ 6523600952 Add a rescue to catch method missing for stage_payload 
This allows us to provide a friendlier message to users when they are
using a stageless listener with a staged payload.
 2016-03-29 09:46:09 +10:00
Brent Cook b409b2237d update to use the common bind_addresses method 2016-02-18 18:17:56 -06:00
William Vu b4ed55b4d4 Fix reverse_http{,s} LHOST bind address 2016-02-02 09:57:11 -06:00
Brent Cook 3f4c6eb370 Land #5383, allow tunneling reverse_tcp meterpreter sessions without 'route add' 2015-12-22 15:42:42 -06:00
wchen-r7 14b1b3a1f0 Land #6299, Stageless HTTP(S) Python Meterpreter 2015-12-04 16:16:54 -06:00
Sonny Gonzalez d7aeabbb71 Land #6293, listener bind_port fix 2015-12-02 13:16:23 -06:00
Spencer McIntyre fba9715a56 Add stageless python meterpreter http & https payloads 2015-11-28 17:41:55 -05:00
Jon Cave 0c8eb6fb37 Display ReverseListenerBindPort if it is set 
ReverseListenerBindPort overrides LPORT if it is used. The `listener_uri`
method should use the output `bind_port` to account for this.
 2015-11-27 09:16:20 +00:00
Brent Cook e5119e6446 use payload_uri's result to derive lhost / lport 2015-11-26 15:21:51 -06:00
Brent Cook 216119c05c unfold override lhost/lport logic 2015-11-26 15:15:21 -06:00
sammbertram cd4aa28d11 Transport priority changes 
Pass in the "lhost" and "lport" options to the default transport during the native payload. This takes the following LHOST priorities:
1. OverrideLHOST, only if OverrideRequestHost is TRUE
2. The request Host: header.
3. The LHOST datastore.
 2015-11-13 13:21:46 +00:00
James Lee 344e8a6f90 Refactor common reverse options 2015-10-29 15:15:20 -05:00
James Lee 46159f5dbe Back out the Comm stuff for HTTP 2015-10-29 14:22:34 -05:00
James Lee d51f0ebd4c Refactor "via" string into a method 2015-10-16 15:08:00 -05:00
James Lee b16c284395 Determine comm from ReverseListenerComm in reverse_http 
Also some copypasta from reverse_tcp to display where we started the
listener.
 2015-10-09 08:54:01 -05:00
HD Moore 32255a4621 Always show the URI and User-Agent for unknown requests 2015-10-05 11:05:05 -05:00
Meatballs a10bf76c29 Merge remote-tracking branch 'upstream/master' into reverse-listener-comm 
Conflicts:
	lib/msf/core/handler/reverse_http.rb
 2015-09-04 10:36:00 +01:00
Brent Cook 92958bdf8b prefer && to 'and' for consistent order-of-operations 2015-08-16 11:21:22 -05:00
HD Moore 6e75db090f Fix comment 2015-08-12 21:11:48 -05:00
HD Moore e9203060b0 Allow the hostname and port to be overridden, necessary for complex NAT setups 2015-08-12 16:20:14 -05:00
Brent Cook c30127cfe8 Land #5729, add user-agent list, MeterpreterUserAgent derives from this 
Later PRs will convert modules to use this. A random user agent might be nice
for meterpreter actually.
 2015-07-24 17:39:30 -05:00
OJ b6e25506d0 Add a common user agent list, use the shortest for Meterpreter 2015-07-15 13:03:47 +10:00
Spencer McIntyre 29d45e3b18 Pymet patch in timeout info on generate_stage 2015-07-03 14:12:29 -04:00
Spencer McIntyre 0af397217c Merge pymet transport feature into fresh branch 2015-07-02 08:43:13 -04:00
OJ a5ad56754f Use full namespace for PACKET_TYPE_RESPONSE 2015-07-02 08:03:39 +10:00
HD Moore e7271e3c04 Call the Meterpreter methods directly vs pollute the namespace 2015-07-01 16:04:54 -05:00
Spencer McIntyre 79185e91c6 Refactor the pymet to use transport objects 2015-06-26 14:56:31 -04:00
OJ a8c20496be Remove unused code from the java http stager 2015-06-24 22:37:40 +10:00
Brent Cook b8a8e65c2c Merge branch 'master' into land-5394-uuid-tracker 2015-05-29 16:22:45 -05:00
HD Moore 4622fa60eb Register the init_* URLs and whitelist these 2015-05-21 00:22:41 -05:00
HD Moore ac0004ea0a Implement IgnoreUnknownPayloads 2015-05-20 19:47:17 -05:00
Meatballs 9bc5cdd423 Refactor to common mixin 
Remove the datastore option from HTTP as currently does nothing.
 2015-05-20 00:24:09 +01:00
OJ 0d56b3ee66 Stage UUIDs, generation options, php and python meterp uuid 2015-05-18 13:29:46 +10:00
OJ 69d2b8ffb1 Various code format, style changes, file moves 
As per Egypt's suggestions.
 2015-05-12 09:43:41 +10:00
OJ e45bf5cf51 Remove the URI patcher now that it's not used at all 2015-05-05 07:35:49 +10:00
OJ 6ac3ecfa7c Refactor, add reverse_winhttps support 
Getting closer to a normalised view of what this stuff will look like.
There URL patching is slowly being removed. Reverse HTTPS works fine,
and by default HTTP should too.

Next up, x64 for the same main ones.
 2015-04-26 12:11:14 +10:00
OJ 86957d9b07 Merge branch 'upstream/master' into connection-recovery 2015-04-21 20:01:59 +10:00
Brent Cook 18225780da cleanup HTTP and HTTPS listeners when sessions are closed 
Rather than listening forever after a session shuts down, close the session if
there are no other URI's registered on the listener. This allows reconfiguring
the listener without restarting framework, but should be safe for situations
where multiple modules share the same listener.
 2015-04-17 02:41:24 -05:00
OJ 0a8b29dd86 Merge branch 'upstream/master' into connection-recovery 
Conflicts:
	lib/rex/post/meterpreter/ui/console/command_dispatcher/core.rb
 2015-04-17 14:40:21 +10:00
OJ 4e49964c15 Add support for init_connect for stageless payloads 
This new mode for HTTP/S stageless allows the stageless payload to be
reused without MSF believing that the session has already been
initialised.
 2015-04-14 16:43:07 +10:00
OJ c83a763150 Fix IPv6 issues in staged and stageless 
* Stageless payloads weren't adding brackets around IPv6 hosts.
* Staged HTTP handler was using an undefined function to check for IPv6
addresses when host header overriding was disabled.
 2015-04-09 23:33:10 +10:00
OJ 809409d8c4 Lots of changes to support moving timeouts to common spots 
Session expiry, comms timeout, retry total/wait are all now part of all
of the meterpreter payloads as these are going to be used for
maintaining access with resiliency and will aim for consistency across
the payload types.
 2015-04-09 17:57:43 +10:00
OJ 53d5b97634 Add support for UUID generation in transport switching 
If the session doesn't have a payload UUID we now generate one as best
we can. This code will probably go away when TCP related transports have
had the UUID stuf baked in.
 2015-04-07 17:25:55 +10:00
HD Moore 98c95104da Use ||= for consistency 2015-04-06 10:55:14 -05:00
HD Moore c9696d3f6c Merge in stageless/transport work, deconflict 2015-04-04 11:52:26 -07:00
OJ fd043d4842 Fix up build and missing uri_checksum stuff 
Somehow this made it into a merge when it shouldn't have. This fix moves
the URI checksum module to where it needs to be and updates all the
references where required. This will result in a class with the dynamic
transport branch, but I can fix that after.
 2015-04-03 13:42:25 +10:00
HD Moore a39ba05383 Functional Payload UUID embedding via PayloadUUIDSeed 2015-03-31 15:44:18 -05:00