4e28d3df8f
Update the YSoSerial Dockerfile and remove runme
...
Remove the runme script because we should no longer be updating all of
the gadget chains at once because doing so would require that quite a
few different modules be updated. Moving forward we should be updating
individual chains using an incremental approach to allow us to validate
the results of the find_ysoserial_offsets tool which is error prone.
2021-09-14 09:10:44 -04:00
521975976b
Update find_ysoserial_offsets
...
* Apply rubocop suggestions for style
* Support patching an existing JSON file
* Use an OptionParser
2021-09-14 09:10:44 -04:00
6b90582864
Fix the diff-lcs v1.4+ bug
2021-09-14 09:10:44 -04:00
abd15f723c
Update dockerfile comments and pin jar versions
...
Pin the JAR versions so future travelers know what I was using today.
This should make the build deterministic. You're welcome.
2021-03-11 12:09:29 -06:00
3ecf0914e1
Use 'none' as the original ysoserial type, increase the size
...
Increasing the size to occupy two bytes seems to be helping stabilize
the generation for both the ROME and CommonsCollections1 payloads.
2021-03-11 12:09:29 -06:00
515d8fa853
Revert a subset of the changes from d39b1c911d which broke a payload
...
Adjusting the value used as a buffer offset in commit d39b1c911d
2021-03-11 12:09:29 -06:00
64387ff9c0
Fix multiple issues with find_ysoserial_offsets
...
1) The output of ysoserial changed so update the number of dropped lines.
2) Pin the diff-lcs gem to version 1.3 because 1.4 breaks the script
3) Generate all payloads by default
2021-03-11 12:09:29 -06:00
bad5ccbc49
Remove `msf/base` requires
2021-01-05 14:59:46 +00:00
1617b3ec9b
Use zeitwerk for lib/msf/core folder
2020-12-07 10:31:45 +00:00
1a2bf98222
creates standard elog & updates exisiting usages
2020-06-22 12:48:39 +01:00
1134ac69a0
Add missing newline to the ysoserial/dot_net tool
2020-04-30 16:45:38 -04:00
09d2008c20
Show some serialized payload information in the output
2020-04-29 18:02:24 -04:00
197365b610
Finish up the .NET deserialization tool
2020-04-29 17:50:07 -04:00
0a12522445
Add the initial YSoSerial.NET tool
2020-04-28 20:46:07 -04:00
ab210f15f1
chmod +x find_ysoserial_offsets.rb
2020-04-27 12:19:27 -05:00
fb057a3016
fixed
...
Co-Authored-By: L-codes <20529064+L-codes@users.noreply.github.com>
2020-04-27 10:50:34 -05:00
d31882fe15
Modify unkown to unknown
2020-04-27 10:50:34 -05:00
884d0ca4a2
fixed tools/payloads/ysoserial/find_ysoserial_offsets.rb
...
Co-Authored-By: L-codes <20529064+L-codes@users.noreply.github.com>
2020-04-27 10:50:33 -05:00
645a4c6d26
Remove ysoserial JRMPClient && JRMPListener payload
2020-04-27 10:50:09 -05:00
d7768c3476
fixed tools/payloads/ysoserial/find_ysoserial_offsets.rb
2020-04-27 10:49:25 -05:00
7576a9d1c3
Support ysoserial alongside ysoserial-modified payload (including cmd, bash, powershell, none)
2020-04-27 10:48:53 -05:00
d39b1c911d
Fix bug of find_bysoserial_offsets
2020-04-27 10:48:04 -05:00
e643afb681
Fix find_ysoserial_offsets.rb and prettify JSON
2020-03-13 14:22:32 -05:00
85555b81c4
Update code for Ruby coding style standards
2019-01-15 17:08:54 -06:00
ddd9ab2041
Fixed an off-by-one error in the fingerprinting randomization
2019-01-14 17:42:59 -06:00
ddebc291f2
Added partial 'ysoserial-modified' support, along with debug flags
2019-01-04 16:43:06 -06:00
7557624c00
ysoserial: Generated more compact JSON and renamed script
2018-12-18 15:42:50 -06:00
349a366e84
ysoserial: Changes from code review
2018-12-17 15:41:31 -06:00
fa74a1839a
Initial support for dynamic ysoserial Java serialization payloads
2018-12-14 12:51:08 -06:00
Spencer McIntyre