* use a lambda for cleaner iterator.
* also disables buffering, since we are reading byte-by-byte in the first place
and maintaining our own buffer (#data).
This is a new set of binaries for Meterpreter as of commit hash
9e33acf3a283f1df62f264e557e1f6161d8c2999. We haven't yet finalised
the process we'll be using for releasing bins from Meterpreter to MSF
so this is hopefully the last time we will have to do it the old way.
Given this is a new extension, building bins and including them in this
PR can't cause any issues regarding lost functionality (like it can
with existing bins).
Adding to this PR so that it's easier to test and land.
This change adds support for `getenv` to python meterpreter. Nothing too
complex going on here. I tidied up the definitions of the TLVs as well
so that they look nice.
These were committed in the flurry of merges last night by me. They
should be removed until the extapi PR has been fully reviewed and
merged. This commit just removes the binaries from master, they'll
be re-added when appropriate.
Includes the following:
* Clean builds
* Removal of kitrap0d from getsystem
* Doc updates
* Webcam crash fix
* Schedular and channel refactor
* Posix crash fix for post modules
Includes the following changes:
* Security cleanup - remove use of insecure functions
* Windows 8/8.1/2012 R2 support to sysinfo
* VS 2013 upgrade
* Command dispatcher refactor
* Getproxy command added (needs MSF side too)
This makes x86 more consistent with x64.
Also replaces a bunch of instances of:
File.join(Msf::Config.install_root, 'data', ...)
with the simpler
File.join(Msf::Config.data_directory, ...)
[See rapid7/meterpreter#19]
Not sure exactly what was causing the breakage, but using bins compiled
with the same version of Visual Studio seems to have fixed the issue.
[FixRM #7233]
This includes 2 bug fixes:
1) Returning a handle with execute
2) Bug in process_channel_read that caused the following to always
return nil or a single byte:
p = client.sys.process.execute("id", "-u", "Channelized"=>true)
p.channel.read
[SeeRM #7005][See #681]
Squashed commit of the following:
commit 57795ff9c33a53167fca85845b96b82b5c92315f
Author: James Lee <egypt@metasploit.com>
Date: Wed Aug 1 14:13:20 2012 -0600
Add recompiled sniffer bin for linux
commit 0e11fdb06fcb9771a11eb631e6f10ec7a2d315f3
Author: m m <gaspmat@gmail.com>
Date: Thu Jul 12 15:08:10 2012 +0200
really limit packet count and data in linux sniffer
[Closes#605]
The meterpreter API wants arguments in a seperate string (not an array,
mind you) just so it can concatenate them on the server side.
Originally, I worked around that by using Shellwords.shellwords to pull
out the first token. But! Shellwords.shellwords inexplicably and
inexcusably removes backslashes in ways that make it impossible to quote
things on Windows. This commit works around both of those things.
commit 6a3ad1d887
Author: James Lee <egypt@metasploit.com>
Date: Wed May 9 16:22:49 2012 -0600
Add register_command calls for md5 and sha1
commit dbd52c5a1e
Author: James Lee <egypt@metasploit.com>
Date: Wed May 9 16:22:09 2012 -0600
Read the file instead of downloading it
commit 55b84ad8e2
Author: James Lee <egypt@metasploit.com>
Date: Wed May 9 15:27:11 2012 -0600
Re-compile linux meterp to support the loadlib api
commit d112e84e49
Author: James Lee <egypt@metasploit.com>
Date: Wed May 9 14:50:25 2012 -0600
Re-compile java meterp to support the loadlib api
commit c137187b34
Author: James Lee <egypt@metasploit.com>
Date: Wed May 9 14:44:10 2012 -0600
Don't try to get interfaces if this session doesn't implement it
commit 88bba1e6c3
Author: James Lee <egypt@metasploit.com>
Date: Wed May 9 14:38:17 2012 -0600
Remove debugging load
commit 02954cbf93
Merge: d9ef25688b35a3
Author: James Lee <egypt@metasploit.com>
Date: Wed May 9 12:06:53 2012 -0600
Merge branch 'rapid7' into feature/4905
Conflicts:
data/meterpreter/ext_server_stdapi.php
modules/exploits/windows/browser/adobe_flashplayer_flash10o.rb
commit d9ef2569b8
Author: James Lee <egypt@metasploit.com>
Date: Wed May 2 18:06:06 2012 -0600
PHP doesn't support rev2self
commit bf13ea0ff2
Author: James Lee <egypt@metasploit.com>
Date: Tue May 1 18:21:59 2012 -0600
Add php support for returning new extension commands
commit 7e35f2d671
Author: James Lee <egypt@metasploit.com>
Date: Tue May 1 16:03:26 2012 -0600
Reset CVE-2012-0507 back to master
Purges commits unrelated to this branch.
commit 86a77b3cd0
Author: James Lee <egypt@metasploit.com>
Date: Tue May 1 15:59:35 2012 -0600
Revert "Make building the jar for cve-2012-0507 a bit easier"
This reverts commit 27ef76522a.
Conflicts:
external/source/exploits/CVE-2012-0507/Makefile
external/source/exploits/CVE-2012-0507/src/msf/x/PayloadX.java
commit 8c259fb779
Merge: fe2c2731c03c2b
Author: James Lee <egypt@metasploit.com>
Date: Tue May 1 15:35:44 2012 -0600
Merge branch 'rapid7' into feature/4905
Conflicts:
data/meterpreter/ext_server_stdapi.jar
data/meterpreter/meterpreter.jar
external/source/meterpreter/java/src/meterpreter/com/metasploit/meterpreter/Meterpreter.java
modules/auxiliary/server/browser_autopwn.rb
commit fe2c273a6d
Merge: 8caff474e955e5
Author: James Lee <egypt@metasploit.com>
Date: Fri Apr 6 10:19:53 2012 -0600
Merge branch 'rapid7' into feature/4905
commit 8caff47d97
Author: James Lee <egypt@metasploit.com>
Date: Thu Apr 5 17:51:18 2012 -0600
Fix requires to find the test library
commit 51c33574ce
Author: James Lee <egypt@metasploit.com>
Date: Thu Apr 5 17:48:35 2012 -0600
Fix a load order problem with solaris post mods
commit 81b658362e
Merge: adad2cf6ef4257
Author: James Lee <egypt@metasploit.com>
Date: Thu Apr 5 15:43:19 2012 -0600
Merge branch 'master' into feature/4905
commit 6ef4257947
Merge: 70ab8c05852455
Author: James Lee <egypt@metasploit.com>
Date: Thu Apr 5 15:16:56 2012 -0600
Merge branch 'rapid7'
Conflicts:
lib/rex/exploitation/javascriptosdetect.rb
commit adad2cf04c
Author: James Lee <egypt@metasploit.com>
Date: Thu Mar 29 20:20:21 2012 -0600
Deal with null data/jar
Not sure why "" turns into null sometimes, but it was breaking shells;
this fixes it.
commit 4f8a437b49
Author: James Lee <egypt@metasploit.com>
Date: Thu Mar 29 18:10:59 2012 -0600
Prev commit moved these to src/a
commit 27ef76522a
Author: James Lee <egypt@metasploit.com>
Date: Thu Mar 29 18:08:32 2012 -0600
Make building the jar for cve-2012-0507 a bit easier
Mostly stolen from cve-2008-5353
commit db3dbad0a5
Author: James Lee <egypt@metasploit.com>
Date: Thu Mar 29 14:52:23 2012 -0600
Fix incorrect option name
commit 776976af31
Author: James Lee <egypt@metasploit.com>
Date: Wed Mar 28 15:36:20 2012 -0600
Add bap support to java_rhino
commit a611ab16e0
Author: James Lee <egypt@metasploit.com>
Date: Wed Mar 28 15:35:16 2012 -0600
Put next_exploit on the window object so it's always in scope
Solves some issues with Chrome not running more than one exploit
commit 5114d35de7
Author: James Lee <egypt@metasploit.com>
Date: Tue Mar 27 14:31:53 2012 -0600
Pull common stuff up out of the body
commit 748309465a
Author: James Lee <egypt@metasploit.com>
Date: Tue Mar 27 11:04:03 2012 -0600
Fix indentation level
commit 954d485e3b
Author: James Lee <egypt@metasploit.com>
Date: Tue Mar 27 11:02:42 2012 -0600
Abstract out copy-pasted methods
Need to do the same thing for OSX, but it's a different implementation.
commit cba8d7c911
Author: James Lee <egypt@metasploit.com>
Date: Fri Mar 23 18:04:50 2012 -0600
Linux doesn't implement (drop|steal)_token
commit 1cfda3a7b0
Author: James Lee <egypt@metasploit.com>
Date: Fri Mar 23 17:57:37 2012 -0600
Add availability checks for net, sys, ui, and webcam
commit 4bdf39a8bf
Author: James Lee <egypt@metasploit.com>
Date: Fri Mar 23 16:45:59 2012 -0600
add requirement checking for fs and core commands
commit 42e35971c9
Author: James Lee <egypt@metasploit.com>
Date: Wed Mar 21 17:20:59 2012 -0600
Add a to_octal method that converts e.g. "A" to \0101
commit c3b9415a0a
Author: James Lee <egypt@metasploit.com>
Date: Wed Mar 21 17:20:07 2012 -0600
Don't use "echo -n"
It's not portable
commit b0f3ceccfa
Author: James Lee <egypt@metasploit.com>
Date: Tue Mar 20 17:01:10 2012 -0600
Return a list of new commands after core_loadlib, java version
Thanks mihi for the patch and the awesome responsiveness!
commit d65303e1b6
Author: James Lee <egypt@metasploit.com>
Date: Tue Mar 20 13:21:06 2012 -0600
Make sure we have a response before doing stuff with it
commit 721001ead4
Author: James Lee <egypt@metasploit.com>
Date: Mon Mar 19 21:25:31 2012 -0600
Add missing rmdir and mkdir protocol commands to PHP
Now passes all the stdapi tests that it can
[*] Session type is meterpreter and platform is php/php
[+] should return a user id
[+] should return a sysinfo Hash
[-] FAILED: should return network interfaces
[-] Exception: Rex::Post::Meterpreter::RequestError : stdapi_net_config_get_interfaces: Operation failed: 1
[-] FAILED: should have an interface that matches session_host
[-] Exception: Rex::Post::Meterpreter::RequestError : stdapi_net_config_get_interfaces: Operation failed: 1
[-] FAILED: should return network routes
[-] Exception: Rex::Post::Meterpreter::RequestError : stdapi_net_config_get_routes: Operation failed: 1
[+] should return the proper directory separator
[+] should return the current working directory
[+] should list files in the current directory
[+] should stat a directory
[+] should create and remove a dir
[+] should change directories
[+] should create and remove files
[+] should upload a file
[-] Passed: 10; Failed: 3
commit 024e99167a
Author: James Lee <egypt@metasploit.com>
Date: Mon Mar 19 15:26:00 2012 -0600
Use a proper TLV type instead of a generic one
commit 1836d915cb
Author: James Lee <egypt@metasploit.com>
Date: Mon Mar 19 15:24:25 2012 -0600
Fix a counting error that caused segfaults (Linux)
commit 1e419d3fc3
Author: James Lee <egypt@metasploit.com>
Date: Mon Mar 19 15:06:02 2012 -0600
Return a list of new commands after core_loadlib
Gets Windows back in sync with Linux
commit 3d3959f720
Author: James Lee <egypt@metasploit.com>
Date: Mon Mar 19 14:50:55 2012 -0600
Refactor extensionList -> extension_commands
It's not the same as extension_list.
commit a7acb638af
Author: sinn3r <msfsinn3r@gmail.com>
Date: Sun Mar 18 00:07:27 2012 -0500
Massive whitespace cleanup
commit ef8b9fd5ce
Author: sinn3r <msfsinn3r@gmail.com>
Date: Sat Mar 17 16:00:20 2012 -0500
Add back enum_protections with some new changes
commit d778eec369
Author: ohdae <bindshell@live.com>
Date: Sat Mar 17 13:28:31 2012 -0400
Added fix for enum_protections
commit 64611819d4
Author: sinn3r <msfsinn3r@gmail.com>
Date: Sat Mar 17 03:14:26 2012 -0500
A bunch of fixes
commit bb1a0205d7
Author: sinn3r <msfsinn3r@gmail.com>
Date: Sat Mar 17 00:28:05 2012 -0500
The comments in get_chatlogs need an update
commit 666477e42a
Author: sinn3r <msfsinn3r@gmail.com>
Date: Sat Mar 17 00:25:41 2012 -0500
Correct license format
commit 3c8eecbcd7
Author: sinn3r <msfsinn3r@gmail.com>
Date: Sat Mar 17 00:22:03 2012 -0500
Add enum_adium.rb post module
commit d290cf4fef
Author: ohdae <bindshell@live.com>
Date: Fri Mar 16 16:54:36 2012 -0300
Changed store_note to store_loot. Fixed local/remote file retrieval
commit ccb830b594
Author: James Lee <egypt@metasploit.com>
Date: Fri Mar 16 11:29:07 2012 -0600
Fall back to MIB method if we can't get netmasks
Misses IPv6 addresses, but at least doesn't break everything.
[Fixes#6525]
commit a9a30232dd
Author: sinn3r <msfsinn3r@gmail.com>
Date: Fri Mar 16 11:49:31 2012 -0500
This module is not ready, yanked.
commit 6bb34f7fd0
Author: Gregory Man <man.gregory@gmail.com>
Date: Fri Mar 16 18:09:08 2012 +0200
sockso_traversal 1.8 compatibility fix
commit e76965ce56
Author: ohdae <bindshell@live.com>
Date: Fri Mar 16 09:17:35 2012 -0400
fix
commit 61ce7b587d
Author: ohdae <bindshell@live.com>
Date: Fri Mar 16 09:14:48 2012 -0400
saves each config to loot instead of notes
commit f4713974fa
Author: James Lee <egypt@metasploit.com>
Date: Fri Mar 16 03:46:10 2012 -0600
Check for a 0 prefix length
If the OnLinkPrefixLength is 0, something is wrong, try the value in the
prefix linked list. Appears to fix v4 addresses on XP but not 2k3.
[See #6525]
commit cde7fcc012
Author: James Lee <egypt@metasploit.com>
Date: Fri Mar 16 01:46:41 2012 -0600
Return network prefixes when available
Solves #6525 on Vista+. Win2k still works using the old MIB method
(which doesn't support ipv6). Win2k3 and XP are still busted for
unknown reasons.
commit 98bd9a7bd0
Author: ohdae <bindshell@live.com>
Date: Thu Mar 15 22:59:42 2012 -0400
Enumerate important and interesting configuration files
commit 9336df2ac2
Author: David Maloney <David_Maloney@rapid7.com>
Date: Thu Mar 15 19:06:48 2012 -0500
More Virtualisation SSL fixes
commit f24c378281
Author: David Maloney <David_Maloney@rapid7.com>
Date: Thu Mar 15 18:15:29 2012 -0500
Default SSL to true for esx_fingerprint module
commit d6e14c4212
Author: sinn3r <msfsinn3r@gmail.com>
Date: Thu Mar 15 15:56:24 2012 -0500
Fix typo
commit b24dcfe43e
Author: sinn3r <msfsinn3r@gmail.com>
Date: Thu Mar 15 15:55:54 2012 -0500
Add sockso dir traversal
commit 033052c1e0
Author: James Lee <egypt@metasploit.com>
Date: Thu Mar 15 14:31:25 2012 -0600
Fix syntax error in 1.8, thanks Jun Koi for the patch
commit 4529efaeaa
Author: sinn3r <msfsinn3r@gmail.com>
Date: Thu Mar 15 14:27:40 2012 -0500
enum_protections is now find_apps
commit 49e823802b
Author: sinn3r <msfsinn3r@gmail.com>
Date: Thu Mar 15 14:22:23 2012 -0500
File rename, as well as design and cosmetic changes
commit ccf6b01114
Author: ohdae <bindshell@live.com>
Date: Thu Mar 15 15:29:52 2012 -0300
added report_note, removed store_loot function, cleaned up info/author
commit 27d571932e
Author: ohdae <bindshell@live.com>
Date: Thu Mar 15 12:18:29 2012 -0300
fixed output newline issue
commit 5a828e35d1
Author: ohdae <bindshell@live.com>
Date: Thu Mar 15 01:05:35 2012 -0300
fixed save line
commit 805c2ee987
Author: ohdae <bindshell@live.com>
Date: Thu Mar 15 01:02:07 2012 -0300
removed unneeded comments
commit 5861e1512f
Author: ohdae <bindshell@live.com>
Date: Thu Mar 15 01:00:55 2012 -0300
fixed output issue
commit 593a364811
Author: ohdae <bindshell@live.com>
Date: Wed Mar 14 18:26:53 2012 -0300
removed unneeded dependency
commit 05053e6e74
Author: ohdae <bindshell@live.com>
Date: Wed Mar 14 13:30:16 2012 -0400
locates installed 3rd part av, fws, etc
commit 5bf512d0e9
Author: sinn3r <msfsinn3r@gmail.com>
Date: Wed Mar 14 16:50:54 2012 -0500
Add OSVDB-79863 NetDecision Directory Traversal
commit 18715d0367
Author: James Lee <egypt@metasploit.com>
Date: Wed Mar 14 23:03:01 2012 -0600
Store the retrieved commands on the session
commit b752cb8b31
Author: James Lee <egypt@metasploit.com>
Date: Wed Mar 14 22:45:16 2012 -0600
Retrieve the list of new commands
The client side doesn't do anything with them yet
commit 69ce8ef42d
Author: James Lee <egypt@metasploit.com>
Date: Wed Mar 14 22:41:16 2012 -0600
Return a list of the new commands in response to core_loadlib
Linux
commit 354c754aa4
Author: James Lee <egypt@metasploit.com>
Date: Wed Mar 14 15:13:45 2012 -0600
Whitespace at EOL
commit 4afcb4cb9d
Author: James Lee <egypt@metasploit.com>
Date: Wed Mar 14 14:30:09 2012 -0600
Create instance methods that return extensions
Before this change, meterpreter sessions would not #respond_to? their
extensions despite having a pseudo-accessor for them:
```
>> client.respond_to? :sys
=> false
>> client.sys
=> #<Rex::Post::Meterpreter::ObjectAliases:0x0000000e263488 @aliases={"config"=>#<Rex::Post::Meterpreter::Extensions::Stdapi::Sys::Config:0x0000000e268dc8 @client=#<Session:meterpreter 192.168.99.1:55882 (192.168.99.1) "uid=1000, gid=1000, euid=1000, egid=1000, suid=1000, sgid=1000 @ wpad">>, "process"=>#<Class:0x0000000e268d20>, "registry"=>#<Class:0x0000000e266da0>, "eventlog"=>#<Class:0x0000000e2654e8>, "power"=>#<Class:0x0000000e263c30>}>
```
After:
```
>> client.respond_to? :sys
=> true
```
commit 70ab8c018f
Merge: a8a39385f2bace
Author: James Lee <egypt@metasploit.com>
Date: Tue Apr 3 11:46:25 2012 -0600
Merge branch 'master' into bap-refactor
Conflicts:
external/source/exploits/CVE-2012-0507/Help.java
external/source/exploits/CVE-2012-0507/Makefile
external/source/exploits/CVE-2012-0507/msf/x/Help.java
external/source/exploits/CVE-2012-0507/src/a/Exploit.java
external/source/exploits/CVE-2012-0507/src/a/Help.java
commit a8a3938915
Author: James Lee <egypt@metasploit.com>
Date: Thu Mar 29 20:20:21 2012 -0600
Deal with null data/jar
Not sure why "" turns into null sometimes, but it was breaking shells;
this fixes it.
commit 5e5eb39d3c
Author: James Lee <egypt@metasploit.com>
Date: Thu Mar 29 18:10:59 2012 -0600
Prev commit moved these to src/a
commit 5074eadbea
Author: James Lee <egypt@metasploit.com>
Date: Thu Mar 29 18:08:32 2012 -0600
Make building the jar for cve-2012-0507 a bit easier
Mostly stolen from cve-2008-5353
commit bdb3fbe7fd
Author: James Lee <egypt@metasploit.com>
Date: Thu Mar 29 14:52:23 2012 -0600
Fix incorrect option name
commit 78824ef600
Author: James Lee <egypt@metasploit.com>
Date: Thu Mar 29 13:24:33 2012 -0600
Add the detected browser version to the DOM
Doing it this way lets modules grab the info a bit more easily.
commit 9813ccb8d6
Merge: 0faa3f6b5fc8e4
Author: James Lee <egypt@metasploit.com>
Date: Thu Mar 29 13:19:05 2012 -0600
Merge branch 'master' into bap-refactor
commit 0faa3f6524
Author: James Lee <egypt@metasploit.com>
Date: Wed Mar 28 15:36:20 2012 -0600
Add bap support to java_rhino
commit 66ca27f994
Author: James Lee <egypt@metasploit.com>
Date: Wed Mar 28 15:35:16 2012 -0600
Put next_exploit on the window object so it's always in scope
Solves some issues with Chrome not running more than one exploit
commit 7fc2ca1a06
Merge: 325d306e48c47e
Author: James Lee <egypt@metasploit.com>
Date: Wed Mar 28 15:10:54 2012 -0600
Merge branch 'master' into bap-refactor
commit 325d306059
Author: James Lee <egypt@metasploit.com>
Date: Tue Mar 27 14:31:53 2012 -0600
Pull common stuff up out of the body
commit 4f2b3260bf
Author: James Lee <egypt@metasploit.com>
Date: Tue Mar 27 11:04:03 2012 -0600
Fix indentation level
commit 9b905c53b4
Author: James Lee <egypt@metasploit.com>
Date: Tue Mar 27 11:02:42 2012 -0600
Abstract out copy-pasted methods
Need to do the same thing for OSX, but it's a different implementation.
Check service.info at the end of reporting a service instead of the
beginning. This will preserve an existing service info in the event
we're re-reporting a service.
[See #6701]
commit 97755336f2227a7db668b61e548d2956dddaccb8
Author: Michael Schierl <schierlm@gmx.de>
Date: Thu Apr 5 22:33:40 2012 +0200
make sure PayloadTrustManager gets dropped when using Spawn > 0
commit 0d096043e23af5d46a20b7f2c30c5d926ff66f8d
Author: Michael Schierl <schierlm@gmx.de>
Date: Wed Apr 4 22:15:23 2012 +0200
Fix connection hangs when using java/meterpreter/reverse_https with recent Java versions
Reason is that Java thinks the SSL certificate presented by Metasploit is untrusted;
therefore add a hack similar to the one in the metasploit.Payload class to trust all
certificates here.
[Closes#303]
commit 9afece529a33739a088c9c4d10b76dd52f23b99e
Author: Michael Schierl <schierlm@gmx.de>
Date: Thu Apr 12 17:58:12 2012 +0200
fix cat ... command by making stdapi_fs_stat return a sensible result
[Closes#330]
* Add support for hashing commands (stdapi_fs_md5 and sha1)
* Replace MTU detection with the Proper Java Way
Squashed commit of the following:
commit 0207b6e2e0c0eb55c7c5f04bd3008f674f6239ad
Author: Michael Schierl <schierlm@gmx.de>
Date: Sat Mar 24 22:02:15 2012 +0100
add support for stdapi_fs_{md5|sha1} commands
commit a187e7bc79f8d89e66df8d3a3f892c6dce10307b
Author: Michael Schierl <schierlm@gmx.de>
Date: Sat Mar 24 20:32:03 2012 +0100
update binaries
commit 0fc553bdac76cc8997fc581141483a3efbdefdfc
Author: Michael Schierl <schierlm@gmx.de>
Date: Sat Mar 24 20:29:48 2012 +0100
Add support to Java Meterpreter for multiple addresses on same interface
For more information, see https://dev.metasploit.com/redmine/issues/6476
Tested with Java 1.4, 1.5, 1.6, 1.7.
commit fc6dba99fe0b13bf8837ed7a699c5dbad35100e6
Author: Michael Schierl <schierlm@gmx.de>
Date: Sat Mar 24 16:55:15 2012 +0100
Fix Eclipse warnings
commit 4168d025507c1ecfbc50164cfc7f25f3f222b0ab
Author: Michael Schierl <schierlm@gmx.de>
Date: Sat Mar 24 16:29:37 2012 +0100
Update pretty-printing of unsupported command TLVs
This adds the TLVs added by commit fbc8e25aaa to the pretty-printer.
commit 4a9335abdabb1b8a7741c5ec67852d7c5d552d6b
Author: Michael Schierl <schierlm@gmx.de>
Date: Sat Mar 24 16:17:25 2012 +0100
Un-ghetto Java Meterpreter MTU determination
This splits the change from commit 14dfcce63a into a 1.6-specific and a 1.4-specific implementation (the latter being empty).
Tested with Java 1.4, 1.5, 1.6, 1.7.
commit 968edd210ed68ba4974f051e280d90f0151df222
Author: Michael Schierl <schierlm@gmx.de>
Date: Sat Mar 24 15:52:46 2012 +0100
update .gitignore to ignore IDE generated files in JavaPayload projects
commit 86111625bee318411cf43da7706d37ce5d7045c5
Author: Michael Schierl <schierlm@gmx.de>
Date: Sat Mar 24 15:49:58 2012 +0100
synchronize stages with upstream JavaPayload
commit 2360f2e6eb8703ae762868678ac952203be35d93
Author: Michael Schierl <schierlm@gmx.de>
Date: Sat Mar 24 15:39:58 2012 +0100
remove unused stages
[Closes#270]
If the OnLinkPrefixLength is 0, something is wrong, try the value in the
prefix linked list. Appears to fix v4 addresses on XP but not 2k3.
[See #6525]
commit 8b4750d0dcbac0686f9403acdf5cab50c918212f
Author: James Lee <egypt@metasploit.com>
Date: Tue Mar 13 13:14:43 2012 -0600
Add bins for listing all addresses
[Fixes#6476]
commit 213dd92ebc9b706a45725e6515c7939d2edace0e
Author: James Lee <egypt@metasploit.com>
Date: Tue Mar 13 02:08:34 2012 -0600
Accept multiple addresses and netmasks
[See #6476]
commit 2e8bd3c3ecfb319bf9456485d2420bb5829b60cc
Author: James Lee <egypt@metasploit.com>
Date: Tue Mar 13 01:55:57 2012 -0600
Make inspecting meterpreter packets a little less painful
Not sure why I originally thought there was no way to access extensions'
constants before. A simple `require` makes it all happy.
commit da367907cf579bd3aefaffbc84d2f96a41b85f00
Author: James Lee <egypt@metasploit.com>
Date: Sun Mar 11 22:08:44 2012 -0600
Fix up Linux after changes for Windows
commit ec9f04378b0155f69df95d4a94e62d33ce61977c
Author: James Lee <egypt@metasploit.com>
Date: Sun Mar 11 21:56:11 2012 -0600
Grab IPv6 addresses on Windows when possible
Tries to GetProcAddress of GetAdaptersAddresses and falls back to the
old GetIpAddrTable() function when it isn't available. This should work
on XPSP1 and newer, albeit without netmasks on versions before Vista.
Still trying to figure that one out.
commit 1052ebdcf86114fbc03d1a37ab5d4c6a78e82daa
Author: James Lee <egypt@metasploit.com>
Date: Tue Mar 6 15:34:09 2012 -0700
Wrap Windows-specifc headers in ifdef
commit f23f20587b3117c38a77e7e5a93d542411e9504f
Author: James Lee <egypt@metasploit.com>
Date: Tue Mar 6 14:36:34 2012 -0700
Handle multiple addrs on one iface on the ruby side
commit d7207d075ac6462875d9da531cf20c175629a416
Author: James Lee <egypt@metasploit.com>
Date: Mon Mar 5 21:57:39 2012 -0700
Adds IPv6 addrs to win32 get_interfaces response
commit 11ae7e8a45bd56d25841ea8724377e0fb6789d72
Author: James Lee <egypt@metasploit.com>
Date: Mon Mar 5 09:07:28 2012 -0700
Don't distinguish between 4 and 6.
The client can figure it out from the length.
commit 2c7490bdf3e4079f30857ee323d2ce23ab1bd9a5
Author: James Lee <egypt@metasploit.com>
Date: Sun Mar 4 04:25:26 2012 -0700
Append to the list instead of assigning to it
All addresses are being sent to the client now. Just need a way to
parse them out correctly on the other side and meterpreter will be able
to list all addresses on all interfaces on Linux. Next step is to
allocate the proper number of TLVs to avoid good ol' stack smashes on
systems with lots of addresses and then make sure we clean all the
memory leaks.
[See #6476]
commit 73bba037ad968b922341c02459017afcc8407a76
Author: James Lee <egypt@metasploit.com>
Date: Sun Mar 4 03:12:28 2012 -0700
Lay the groundwork for returning all addresses
This commit only sends the last interface in the list, but it is looping
through all of them as evidenced by the log, just need to make sure
we're not overwriting as we go.
[See #6476]
It's easier to deal with one Array of all routes regardless of INET
family than having get_routes() return a two-element Array of Arrays.
Also fixes a bug in each_route() which was expecting get_routes() to
return a single Array of all routes. Thanks to valsmith for reporting.
Squashed commit of the following:
commit 2f4e8df33c5b4baa8d6fd67b400778a3f93482aa
Author: James Lee <egypt@metasploit.com>
Date: Tue Feb 28 16:31:03 2012 -0700
Clean up some rdoc comments
This adds categories for the various interfaces that meterpreter and
shell sessions implement so they are grouped logically in the docs.
commit 9d31bc1b35845f7279148412f49bda56a39c9d9d
Author: James Lee <egypt@metasploit.com>
Date: Tue Feb 28 13:00:25 2012 -0700
Combine the docs into one output dir
There's really no need to separate the API sections into their own
directory. Combining them makes it much easier to read.
commit eadd7fc136a9e7e4d9652d55dfb86e6f318332e0
Author: James Lee <egypt@metasploit.com>
Date: Tue Feb 28 08:27:22 2012 -0700
Keep the order of iface attributes the same accross rubies
1.8 doesn't maintain insertion order for Hash keys like 1.9 does so we
end up with ~random order for the display with the previous technique.
Switch to an Array instead of a Hash so it's always the same.
commit 6f66dd40f39959711f9bacbda99717253a375d21
Author: James Lee <egypt@metasploit.com>
Date: Tue Feb 28 08:23:35 2012 -0700
Fix a few more compiler warnings
commit f39cb536a80c5000a5b9ca1fec5902300ae4b440
Author: James Lee <egypt@metasploit.com>
Date: Tue Feb 28 08:17:39 2012 -0700
Fix a type-safety warning
commit 1e52785f38146515409da3724f858b9603d19454
Author: James Lee <egypt@metasploit.com>
Date: Mon Feb 27 15:21:36 2012 -0700
LHOST should be OptAddress, not OptAddressRange
commit acef978aa4233c7bd0b00ef63646eb4da5457f67
Author: James Lee <egypt@metasploit.com>
Date: Sun Feb 26 17:45:59 2012 -0700
Fix a couple of warnings and a typo
commit 29d87f88790aa1b3e5db6df650ecfb3fb93c675b
Author: HD Moore <hdm@digitaloffense.net>
Date: Mon Feb 27 11:54:29 2012 -0600
Fix ctype vs content_type typo
commit 83b5400356c47dd1973e6be3aa343084dfd09c73
Author: Gregory Man <man.gregory@gmail.com>
Date: Sun Feb 26 15:38:33 2012 +0200
Fixed scripts/meterpreter/enum_firefox to work with firefox > 3.6.x
commit 49c2c80b347820d02348d694cc71f1b3028b4365
Author: Steve Tornio <swtornio@gmail.com>
Date: Sun Feb 26 07:13:13 2012 -0600
add osvdb ref
commit e18e1fe97b89c3a2b8c22bc6c18726853d2c2bee
Author: Matt Andreko <mandreko@gmail.com>
Date: Sat Feb 25 18:02:56 2012 -0500
Added aspx target to msfvenom. This in turn added it to msfencode as well.
Ref: https://github.com/rapid7/metasploit-framework/pull/188
Tested on winxp with IIS in .net 1.1 and 2.0 modes
commit e6aa5072112d79bbf8a4d2289cf8d301db3932f5
Author: Joshua J. Drake <github.jdrake@qoop.org>
Date: Sat Feb 25 13:00:48 2012 -0600
Fixes#6308: Fall back to 127.0.0.1 when SocketError is raised from the resolver
commit b3371e8bfe
Author: James Lee <egypt@metasploit.com>
Date: Tue Feb 28 17:07:42 2012 -0700
Simplify logic for whether an inner iface has the same address
commit 5417419f35
Author: James Lee <egypt@metasploit.com>
Date: Tue Feb 28 16:58:16 2012 -0700
Whitespace
commit 9036875c29
Author: James Lee <egypt@metasploit.com>
Date: Tue Feb 28 16:53:45 2012 -0700
Set session info before worrying about address
get_interfaces can take a while on Linux, grab uid and hostname earlier
so we can give the user an idea of what they popped as soon as possible.
commit f34b51c629
Author: James Lee <egypt@metasploit.com>
Date: Tue Feb 28 16:48:42 2012 -0700
Clean up rdoc
commit e61a066345
Author: HD Moore <hd_moore@rapid7.com>
Date: Tue Feb 28 04:54:45 2012 -0600
Ensure the architecture is only the first word (not the full WOW64
message in some cases)
commit 4c70161097
Author: HD Moore <hd_moore@rapid7.com>
Date: Tue Feb 28 04:49:17 2012 -0600
More paranoia code, just in case RHOST is set to whitespace
commit c5ff89fe3d
Author: HD Moore <hd_moore@rapid7.com>
Date: Tue Feb 28 04:47:01 2012 -0600
A few more small bug fixes to handle cases with an empty string target
host resulting in a bad address
commit 462d0188a1
Author: HD Moore <hd_moore@rapid7.com>
Date: Tue Feb 28 03:55:10 2012 -0600
Fix up the logic (reversed by accident)
commit 2b2b0adaec
Author: HD Moore <hd_moore@rapid7.com>
Date: Mon Feb 27 23:29:52 2012 -0600
Automatically parse system information and populate the db, identify and
report NAT when detected, show the real session_host in the sessions -l
listing
commit 547a4ab4c6
Author: HD Moore <hd_moore@rapid7.com>
Date: Mon Feb 27 22:16:03 2012 -0600
Fix typo introduced
commit 27a7b7961e
Author: HD Moore <hd_moore@rapid7.com>
Date: Mon Feb 27 22:11:38 2012 -0600
More session.session_host tweaks
commit e447302a1a
Author: HD Moore <hd_moore@rapid7.com>
Date: Mon Feb 27 22:08:20 2012 -0600
Additional tunnel_peer changes
commit 93369fcffa
Author: HD Moore <hd_moore@rapid7.com>
Date: Mon Feb 27 22:06:21 2012 -0600
Additional changes to session.session_host
commit c3552f66d1
Author: HD Moore <hd_moore@rapid7.com>
Date: Mon Feb 27 22:00:19 2012 -0600
Merge changes into the new branch
Spencer McIntyre