1
mirror of https://github.com/rapid7/metasploit-framework synced 2024-10-29 18:07:27 +01:00
Commit Graph

191 Commits

Author SHA1 Message Date
James Lee
1375600780
Land #6644, datastore validation on assignment 2016-03-17 11:16:12 -05:00
Christian Mehlmauer
3123175ac7
use MetasploitModule as a class name 2016-03-08 14:02:44 +01:00
Brent Cook
f703fa21d6 Revert "change Metasploit3 class names"
This reverts commit 666ae14259.
2016-03-07 13:19:55 -06:00
Brent Cook
44990e9721 Revert "change Metasploit4 class names"
This reverts commit 3da9535e22.
2016-03-07 13:19:48 -06:00
Brent Cook
0e46cc0259 Revert "change remaining class names"
This reverts commit 62217fff2b.
2016-03-07 13:19:42 -06:00
Christian Mehlmauer
62217fff2b
change remaining class names 2016-03-07 09:58:21 +01:00
Christian Mehlmauer
3da9535e22
change Metasploit4 class names 2016-03-07 09:57:22 +01:00
Christian Mehlmauer
666ae14259
change Metasploit3 class names 2016-03-07 09:56:58 +01:00
Brent Cook
c7c0e12bb3 remove various module hacks for the datastore defaults not preserving types 2016-03-05 23:11:39 -06:00
Spencer McIntyre
24290dc169 Address x86/Bmp polyglot encoder feedback 2016-01-07 10:23:32 -05:00
Spencer McIntyre
cca0ba3efe Add an x86/Bitmap polyglot encoder 2016-01-05 23:17:34 -05:00
Brent Cook
55f6fe7037
Land #5510, update x86/alpha* encoders to be SaveRegister aware 2015-10-01 15:07:10 -05:00
HD Moore
cea8605365 Fix #5596 by catching RuntimeError from Rex::Poly 2015-06-24 15:17:33 -05:00
jvazquez-r7
f8623ebdda
Add support for stage encoding to alpha_upper 2015-06-08 14:35:48 -05:00
jvazquez-r7
d56b3663fb
Have into account modified registers on geteip_fpu call from alpha_mixed 2015-06-08 12:00:52 -05:00
jvazquez-r7
a77a4bd4c5
Account alpha_mixed modified registers 2015-06-08 11:16:24 -05:00
jvazquez-r7
e72f705298
Add new code template 2015-06-08 09:46:04 -05:00
HD Moore
093ca31c7d The InvalidPayloadSizeException wasn't actually defined anywhere 2015-05-18 15:36:15 -05:00
HD Moore
b0a8c77127 Switch RuntimeError -> EncodingError 2015-05-18 15:33:01 -05:00
HD Moore
7989a29203 Switch to the stock EncodingError exception 2015-05-18 15:27:31 -05:00
HD Moore
5c31586c68 Switch to the correct exception class 2015-05-18 15:25:26 -05:00
sinn3r
a543d957d4 Fix #4717 - Change AllowWin32SEH's default to false
This is patch to change AllowWin32SEH to false.

Root cause:

The truely intended behavior is that if the user doesn't set a
BufferRegister and the encoder is for Windows, the AllowWin32SEH
code should kick in.

The problem here is that msfencode and msfvenom handle the platform
information differently, so we get different results.

With msfencode, the platform information isn't passed when alpha_mixed
is used, so even if you're using the encoder for Win32, the encoder
doesn't actually know about this. But everything works out just fine
anyway because people don't actually rely on AllowWin32SEH.

With msfvenom, the platform information is passed, so the encoder
actually knows it's for Windows. The two conditions are met (regster
and platform), so AllowWin32SEH kicks in. However, the AllowWin32SEH
technique enforces the BufferRegister to ECX, and that there's no
GetPC, so by default this isn't going to work.

The solution:

We are actually better off with setting AllowWin32SEH to false, mainly
because the SEH technique is pretty much dead (congrats MSFT!). And we
want the GetPC routine by default.

If people want to use AllowWin32SEH routine, they can simply set
AllowWin32SEH to true to bring it right back. For example:

e = framework.encoders.create('x86/alpha_mixed')
e.datastore.import_options_from_hash({'AllowWin32SEH'=>true})
buf = e.encode("AAAA", nil, nil, ::Msf::Module::PlatformList.win32)

Or in msfvenom:

msfvenom -p windows/meterpreter/bind_tcp -e x86/alpha_mixed
AllowWin32SEH=true -f raw

Fix #4717
2015-02-06 12:38:04 -06:00
HD Moore
f67a32ef9c
Add missing commits from #3770, lands #4393 2014-12-13 17:36:26 -06:00
Christian Mehlmauer
544f75e7be
fix invalid URI scheme, closes #4362 2014-12-11 23:34:10 +01:00
Tod Beardsley
0199e4d658
Land #3770, resolve random stager bugs 2014-11-03 14:15:14 -06:00
sinn3r
7cb4320a76
Land #3561 - unix cmd generic_sh encoder 2014-10-23 15:48:00 -05:00
jvazquez-r7
57fe829f96 Switch generic_sh's rank to ManualRanking 2014-10-20 09:34:19 -05:00
jvazquez-r7
c991c5e377 Readd generic_sh encoder 2014-10-20 09:33:34 -05:00
URI Assassin
35d3bbf74d
Fix up comment splats with the correct URI
See the complaint on #4039. This doesn't fix that particular
issue (it's somewhat unrelated), but does solve around
a file parsing problem reported by @void-in
2014-10-17 11:47:33 -05:00
jvazquez-r7
341d8b01cc Favor echo encoder for back compatibility 2014-10-07 10:24:32 -05:00
jvazquez-r7
3628f73235 Fix ARCH_CMD perl encoding 2014-10-07 10:21:30 -05:00
jvazquez-r7
e63b389713 Add @jlee-r7's changes to perl encoding 2014-10-07 00:16:16 -05:00
jvazquez-r7
6f174a9996 Fix obvious introduced bug 2014-10-06 18:56:25 -05:00
jvazquez-r7
6b52ce9101 Delete 'old' generic_sh unix cmd encoder, favor splitting 2014-10-06 18:45:10 -05:00
jvazquez-r7
212762e1d6 Delete RequiredCmd for unix cmd encoders, favor EncoderType 2014-10-06 18:42:21 -05:00
James Lee
e9f341fd6c
Rename to more intention-revealing name 2014-10-06 16:33:21 -05:00
HD Moore
b8a1010ba4 Switch to Array#union and rename preserved_registers 2014-09-13 22:48:14 -05:00
HD Moore
71228b48a0 Update 3 more encoders to be StageEncoder compatible
This could probably use some DRY love via a mixin
2014-09-10 20:21:35 -05:00
HD Moore
815e007f48 Fix two cosmetic typos 2014-09-10 19:07:40 -05:00
HD Moore
6c0dae953d Stage encoding is now SaveRegister aware 2014-09-09 14:21:51 -05:00
jvazquez-r7
f546eae464 Modify encoders to allow back compatibility 2014-07-22 13:27:12 -05:00
jvazquez-r7
b770745e9d Split generic_sh in echo, perl and ifs encoders 2014-07-22 10:27:45 -05:00
jvazquez-r7
8937fbb2f5 Fix email format 2014-07-11 12:45:23 -05:00
Tod Beardsley
7572d6612e
Spelling and grammar on new release modules 2014-04-07 12:18:13 -05:00
sinn3r
367652592c
Land #2964 - Powershell CMD Encoder 2014-04-01 10:26:38 -05:00
Tod Beardsley
fb20759fc2
Comment doc speelling 2014-03-31 16:42:50 -05:00
Tod Beardsley
196e07c5b1
Touch up the EICAR stuff 2014-03-28 11:45:28 -05:00
sinn3r
a50b4e88be Fix msftidy warning: Suspect capitalization in module title: 'encoder' 2014-02-24 11:25:46 -06:00
OJ
b2d09ed0d1 Add the NULL byte to the list of valid chars
While rare, I guess it is a possibility that the NULL byte can be
used.
2014-02-17 16:40:56 +10:00
OJ
e134ec4691 Remove '*' from valid file system chars 2014-02-16 23:57:54 +10:00