Squashed commit of the following:
commit 1dcad7c21b
Merge: 1a2f35d35d29f5
Author: OJ <oj@buffered.io>
Date: Thu Mar 19 14:43:27 2015 +1000
Land #4953 : Updated POSIX meterpreter binaries
commit 35d29f5d08
Author: Brent Cook <bcook@rapid7.com>
Date: Wed Mar 18 22:57:03 2015 -0500
update linux meterpreter bins
commit 1a2f35d806
Merge: 076f15f346b1d5
Author: OJ <oj@buffered.io>
Date: Thu Mar 19 12:41:20 2015 +1000
Land #4951: Dynamic URI generation for Java/Python reverse_http(s)
commit 076f15f933
Merge: b33e7f43f8ed56
Author: Spencer McIntyre <zeroSteiner@gmail.com>
Date: Wed Mar 18 20:59:54 2015 -0400
Land #4792 @jakxx Publish It PUI file exploit
commit 3f8ed56a9a
Author: Spencer McIntyre <zeroSteiner@gmail.com>
Date: Wed Mar 18 20:57:58 2015 -0400
Add available space to the payload info
commit b33e7f477c
Merge: 0d1f2055dd718e
Author: joev <joev@metasploit.com>
Date: Wed Mar 18 17:17:34 2015 -0500
Land #4947, h0ng10's TWiki exploit.
commit 346b1d539f
Author: HD Moore <hd_moore@rapid7.com>
Date: Wed Mar 18 16:24:01 2015 -0500
Revert Java back to static size for cache purposes (less cpu usage on startup)
commit 33bbf7cb7e
Author: HD Moore <hd_moore@rapid7.com>
Date: Wed Mar 18 16:08:11 2015 -0500
Dynamic URI generation for python/java http(s) stagers
commit 0d1f2055c5
Merge: e943cb5dab4333
Author: HD Moore <hd_moore@rapid7.com>
Date: Wed Mar 18 15:31:22 2015 -0500
Lands #4949 which fixes#4845
commit dab4333867
Author: rwhitcroft <rw81junk@gmail.com>
Date: Wed Mar 18 16:07:46 2015 -0400
updated asm in block
commit 7ae97393e0
Author: rwhitcroft <rw81junk@gmail.com>
Date: Wed Mar 18 15:34:31 2015 -0400
fix x64/reverse_https stager shellcode
commit e943cb550f
Merge: d152c41d1a2f58
Author: OJ <oj@buffered.io>
Date: Wed Mar 18 22:34:52 2015 +1000
Land #4585 : CVE-2015-0975 XXE in OpenNMS
commit d1a2f58303
Author: OJ <oj@buffered.io>
Date: Wed Mar 18 22:17:44 2015 +1000
Fix of regex for file capture and format tweaks
commit 5dd718e4fa
Author: Hans-Martin Münch (h0ng10) <muench@mogwaisecurity.de>
Date: Wed Mar 18 09:51:51 2015 +0100
Better description
commit 00de437918
Author: Hans-Martin Münch (h0ng10) <muench@mogwaisecurity.de>
Date: Wed Mar 18 09:45:08 2015 +0100
Initial commit
commit fa7242388b
Author: OJ <oj@buffered.io>
Date: Wed Mar 18 18:18:54 2015 +1000
Move the module to the correct location
commit d152c41826
Merge: b46e5f8b62da42
Author: OJ <oj@buffered.io>
Date: Wed Mar 18 17:42:19 2015 +1000
Land #4934 : Proxy and auth support in reverse_http(s)
commit b62da42927
Merge: c607cf7b46e5f8
Author: HD Moore <hd_moore@rapid7.com>
Date: Wed Mar 18 01:51:15 2015 -0500
Merge branch 'master' into feature/add-proxies-to-wininet
commit b46e5f8d13
Merge: bd4738b97def50
Author: OJ <oj@buffered.io>
Date: Wed Mar 18 16:49:13 2015 +1000
Land #4295 : Refactory proxy-enabled payload handling
commit c607cf7b11
Merge: 0513852bd4738b
Author: HD Moore <hd_moore@rapid7.com>
Date: Wed Mar 18 01:45:44 2015 -0500
Merging master
commit 97def50cc2
Author: HD Moore <hd_moore@rapid7.com>
Date: Wed Mar 18 01:26:59 2015 -0500
Whitespace cleanup
commit 8d3cb8bde5
Author: HD Moore <hd_moore@rapid7.com>
Date: Wed Mar 18 01:25:42 2015 -0500
Fix up meterpreter patching arguments and names
commit ef443c83b9
Author: HD Moore <hd_moore@rapid7.com>
Date: Wed Mar 18 01:21:53 2015 -0500
Fix overgreed search/replace
commit 390a704cc7
Author: HD Moore <hd_moore@rapid7.com>
Date: Wed Mar 18 01:19:05 2015 -0500
Cleanup proxyhost/proxyport arguments to match new names
commit f7a06d8e44
Author: HD Moore <hd_moore@rapid7.com>
Date: Wed Mar 18 01:15:32 2015 -0500
Rework PROXY_{HOST|PORT|TYPE|USERNAME|PASSWORD) to the new syntax
commit 3aa8cb69a4
Author: HD Moore <hd_moore@rapid7.com>
Date: Wed Mar 18 01:08:09 2015 -0500
Fix two use cases of PROXYHOST/PROXYPORT
commit 87a489907c
Author: HD Moore <hd_moore@rapid7.com>
Date: Mon Dec 15 14:48:09 2014 -0600
Place an IPv6 proxy IP between brackets
commit 259db269bd
Author: HD Moore <hd_moore@rapid7.com>
Date: Tue Dec 2 15:36:14 2014 -0600
Remove user/pass and invalid class from the options
commit 2ab14e7e79
Author: HD Moore <hd_moore@rapid7.com>
Date: Wed Mar 18 01:01:10 2015 -0500
Adds IPv6 and option-related issues with the previous patch
commit 0601946830
Author: HD Moore <hd_moore@rapid7.com>
Date: Tue Dec 2 13:29:39 2014 -0600
Don't mandate and default PROXY_HOST (miscopy from the proxy stager)
commit a4df6d539f
Author: HD Moore <hd_moore@rapid7.com>
Date: Wed Mar 18 00:59:59 2015 -0500
Cleanup proxy handling code (consistency & bugs)
One subtle bug was that each time a request was received, a null byte was being appended to the datastore options for PROXY_USERNAME and PROXY_PASSWORD. Eventually this would break new sessions. This change centralizes the proxy configuration and cleans up the logic.
commit 85fb534e63
Author: HD Moore <hd_moore@rapid7.com>
Date: Tue Dec 2 12:57:30 2014 -0600
Fix up the offset detection again, cleanup redundant code
commit 2f13988d7b
Author: HD Moore <hd_moore@rapid7.com>
Date: Tue Dec 2 12:33:53 2014 -0600
Use OptPort vs OptInt and cleanup the description
commit a01be365b0
Author: HD Moore <hd_moore@rapid7.com>
Date: Wed Mar 18 00:59:13 2015 -0500
Rework PROXYHOST/PROXYPORT to PROXY_HOST/PROXY_PORT
This also cleans up the windows reverse_https_proxy stager.
commit b197b7aaf0
Author: jakxx <jakx.ppr@gmail.com>
Date: Tue Mar 17 19:24:13 2015 -0400
Additional Updates
-Removed unused mixin
-Cleaned up Module name
-Cleaned up author name
commit bd4738b93e
Merge: 47a7f99ad7fa0ec
Author: James Lee <egypt@metasploit.com>
Date: Tue Mar 17 17:37:55 2015 -0500
Land #4827, capture and nbns fixups
commit d7fa0ec669
Author: James Lee <egypt@metasploit.com>
Date: Tue Mar 17 17:36:45 2015 -0500
Let IPAddr#hton do the calculating
commit 47a7f99aae
Merge: d1d63785fd3637
Author: Brent Cook <bcook@rapid7.com>
Date: Tue Mar 17 16:22:46 2015 -0500
Land #4930, @hmoore-r7 winhttp stager certificate check
commit 085e6cc815
Author: jakxx <jakx.ppr@gmail.com>
Date: Tue Mar 17 16:39:56 2015 -0400
Implemented Recommended Changes
-corrected spelling error
-set only option to required
-dumped header data to included file
-Used Rex for jmp values
commit 0490af8ba8
Author: jstnkndy <jstnkndy@gmail.com>
Date: Tue Mar 17 10:20:22 2015 -0400
Added error checks, randomness, and uuid delimeter
commit f3fc4003d0
Author: jstnkndy <jstnkndy@gmail.com>
Date: Tue Mar 17 10:19:40 2015 -0400
typo
commit b92d243c0e
Merge: e0a7f53766a07a
Author: jstnkndy <jstnkndy@gmail.com>
Date: Tue Mar 17 10:18:32 2015 -0400
Merge branch 'module-cve-2015-0975' of https://github.com/jstnkndy/metasploit-framework into module-cve-2015-0975
commit e0a7f531cc
Author: jstnkndy <jstnkndy@gmail.com>
Date: Tue Mar 17 10:10:51 2015 -0400
Added error checking, randomness, uuid delimiters
commit 2ea984423b
Author: HD Moore <hd_moore@rapid7.com>
Date: Mon Mar 16 14:08:01 2015 -0500
while(true)->loop, use thread.join
commit 5fd3637d34
Author: HD Moore <hd_moore@rapid7.com>
Date: Mon Mar 16 14:00:51 2015 -0500
Remove the i32 size specifier (not needed)
commit 69d9280748
Author: HD Moore <hd_moore@rapid7.com>
Date: Mon Mar 16 13:52:13 2015 -0500
Fix yard docs, retries, push.i8 instructions. See commit 05138524e3
Note that StagerRetryCount is not defined here, but will be in the parent class once #4934 lands
commit 05138524e3
Author: HD Moore <hd_moore@rapid7.com>
Date: Mon Mar 16 13:35:36 2015 -0500
Fix yard docs, fix retries, trim bytes, retested and working
commit 69a808b744
Author: HD Moore <hd_moore@rapid7.com>
Date: Mon Mar 16 12:14:42 2015 -0500
StagerProxy -> PayloadProxy
commit f361e4ee52
Author: HD Moore <hd_moore@rapid7.com>
Date: Mon Mar 16 00:22:10 2015 -0500
Prefer the new-style proxy datastore options when available
commit 7e89281485
Author: HD Moore <hd_moore@rapid7.com>
Date: Mon Mar 16 00:03:31 2015 -0500
Adds proxy (with authentication) support to reverse_http(s)
commit 8e37342c50
Author: HD Moore <hd_moore@rapid7.com>
Date: Sat Mar 14 16:52:04 2015 -0500
Comment typo
commit 0d12ca49a7
Author: HD Moore <hd_moore@rapid7.com>
Date: Sat Mar 14 16:19:13 2015 -0500
Work around lack of option normalization during size calculation
commit 03019cf451
Author: HD Moore <hd_moore@rapid7.com>
Date: Sat Mar 14 15:53:21 2015 -0500
Adds StagerVerifySSLCert support (SHA1 of HandlerSSLCert)
commit 11593800b6
Author: HD Moore <hd_moore@rapid7.com>
Date: Sat Mar 14 15:52:23 2015 -0500
Move X509 PEM parsing into Rex::Parser::X509Certificate
commit 1001061a96
Author: HD Moore <hd_moore@rapid7.com>
Date: Wed Mar 4 18:52:18 2015 -0600
Initialize @capture_count
commit 1b1716bcf6
Author: HD Moore <hd_moore@rapid7.com>
Date: Sun Feb 22 22:01:01 2015 -0600
Fix a handful of bugs that broke this modules. Fixes#4799
commit 9730a1655e
Author: HD Moore <hd_moore@rapid7.com>
Date: Sun Feb 22 22:00:42 2015 -0600
Small cleanups to the LLMR responder module
commit bdd5276524
Author: HD Moore <hd_moore@rapid7.com>
Date: Sun Feb 22 21:53:47 2015 -0600
This fixes a number of issues with the Capture mixin
* The use of www.metasploit.com in a datastore option results in a DNS lookup (infoleak). Switch to 8.8.8.8 (TTL=1)
* The hackey code around #each_packet is no longer necessary in newer Ruby versions
* The arp()/probe_gateway() calls to inject_reply() had broken logic leading to early exit and missed replies
* The arp() function now tries up to three times to get a reply (helpful with lossy L2)
* GC.start is extraneous and should be removed
* Increased timeouts
commit 615d71de6e
Author: HD Moore <hd_moore@rapid7.com>
Date: Sun Feb 22 21:51:33 2015 -0600
Remove extraneous calls to GC.start()
commit 44a7e7e4bc
Author: jakxx <jakx.ppr@gmail.com>
Date: Wed Feb 18 13:22:54 2015 -0500
publish-it fileformat exploit
commit 766a07a904
Author: jstnkndy <jstnkndy@gmail.com>
Date: Tue Jan 13 22:08:08 2015 -0500
Add CVE-2015-0975 XXE for OpenNMS <= 14.0.2
Matt Buck
2056ff6899