github/metasploit-framework
1
Fork 0
mirror of https://github.com/rapid7/metasploit-framework synced 2024-11-12 11:52:01 +01:00
Code Releases Activity
8,077 Commits 20 Branches 920 Tags 1.3 GiB
53f6416dad
Commit Graph

488 Commits

Author SHA1 Message Date
HD Moore
d0c8f91f21 Bump to 3.4.1 
git-svn-id: file:///home/svn/framework3/trunk@9764 4d416f70-5f16-0410-b530-b9f4589650da
 2010-07-10 15:19:01 +00:00
HD Moore
d3a6418e53 Revert changes to elevate, still not getting around restrictions on primary token creation, needs a deeper look 
git-svn-id: file:///home/svn/framework3/trunk@9759 4d416f70-5f16-0410-b530-b9f4589650da
 2010-07-09 21:59:31 +00:00
HD Moore
d5932fc2fd Switch the namedpipe code to convert the thread token to a primary token first 
git-svn-id: file:///home/svn/framework3/trunk@9756 4d416f70-5f16-0410-b530-b9f4589650da
 2010-07-09 21:40:44 +00:00
HD Moore
ec9156827e Switch the elevator methods to DuplicateHandleEx to get a primary token 
git-svn-id: file:///home/svn/framework3/trunk@9755 4d416f70-5f16-0410-b530-b9f4589650da
 2010-07-09 21:23:05 +00:00
HD Moore
29f9f6671e This *should* fix all cases where execute -t would fail to use an impersonated token 
git-svn-id: file:///home/svn/framework3/trunk@9754 4d416f70-5f16-0410-b530-b9f4589650da
 2010-07-09 19:32:51 +00:00
James Lee
7fd71dcbcb note the updated version of ruby 
git-svn-id: file:///home/svn/framework3/trunk@9753 4d416f70-5f16-0410-b530-b9f4589650da
 2010-07-09 19:29:34 +00:00
HD Moore
972e7bc282 Clean up some of the token impersonation code around process execution 
git-svn-id: file:///home/svn/framework3/trunk@9751 4d416f70-5f16-0410-b530-b9f4589650da
 2010-07-09 18:54:20 +00:00
HD Moore
ccfea56ed5 Minor tweak to build without the include path for common 
git-svn-id: file:///home/svn/framework3/trunk@9715 4d416f70-5f16-0410-b530-b9f4589650da
 2010-07-07 16:46:58 +00:00
HD Moore
5d9a6622de Merge railgun, tweak configurations 
git-svn-id: file:///home/svn/framework3/trunk@9709 4d416f70-5f16-0410-b530-b9f4589650da
 2010-07-07 16:29:03 +00:00
James Lee
fb43495ada meterpreter now compiles on 64-bit linux in a 32-bit chroot. still need payload handlers and some stdapi love to make it useable 
git-svn-id: file:///home/svn/framework3/trunk@9468 4d416f70-5f16-0410-b530-b9f4589650da
 2010-06-10 06:10:15 +00:00
Joshua Drake
6d1e7bdaa5 big commit - lots of cmdstager changes 
created 4 cmd stagers (instead of just one): CmdStagerVBS, CmdStagerDebugAsm, CmdStagerDebugWrite, CmdStagerTFTP
created a TFTPServer mixin
created Msf::Exploit::EXE mixin to generate executables
updated all uses of CmdStager to use CmdStagerVBS for the time being
add exploit for cve-2001-0333 using CmdStagerTFTP
updated tftp server to wait for transfers to finish (up to 30 seconds) before shutting down
write debug.exe stager stub in 16-bit assembly (used in CmdStagerDebugAsm)


git-svn-id: file:///home/svn/framework3/trunk@9375 4d416f70-5f16-0410-b530-b9f4589650da
 2010-05-26 22:39:56 +00:00
Ramon de C Valle
380ed580fb Update unixasm external source. 
git-svn-id: file:///home/svn/framework3/trunk@9348 4d416f70-5f16-0410-b530-b9f4589650da
 2010-05-23 20:01:11 +00:00
James Lee
4f61fb6dc3 add a mini installer to the standard build. it can still use some more minification, it's at about 24MB and expands to 132MB 
git-svn-id: file:///home/svn/framework3/trunk@9341 4d416f70-5f16-0410-b530-b9f4589650da
 2010-05-21 06:25:26 +00:00
James Lee
0615dac174 break the common stuff out into a function 
git-svn-id: file:///home/svn/framework3/trunk@9337 4d416f70-5f16-0410-b530-b9f4589650da
 2010-05-21 04:53:46 +00:00
James Lee
a89db83513 use the BINPATH 
git-svn-id: file:///home/svn/framework3/trunk@9329 4d416f70-5f16-0410-b530-b9f4589650da
 2010-05-20 20:39:55 +00:00
James Lee
3a928fc9c2 this is what i really meant. 
git-svn-id: file:///home/svn/framework3/trunk@9318 4d416f70-5f16-0410-b530-b9f4589650da
 2010-05-17 21:14:10 +00:00
James Lee
3ed28c0822 typo 
git-svn-id: file:///home/svn/framework3/trunk@9317 4d416f70-5f16-0410-b530-b9f4589650da
 2010-05-17 21:05:51 +00:00
James Lee
b5cd499b06 only build an arch if we've got bins for it 
git-svn-id: file:///home/svn/framework3/trunk@9316 4d416f70-5f16-0410-b530-b9f4589650da
 2010-05-17 20:49:08 +00:00
James Lee
8d38f0da87 use a variable for the installation directory so we can eventually make it an option 
git-svn-id: file:///home/svn/framework3/trunk@9314 4d416f70-5f16-0410-b530-b9f4589650da
 2010-05-17 20:27:03 +00:00
James Lee
c4a7368591 use our gems directory 
git-svn-id: file:///home/svn/framework3/trunk@9313 4d416f70-5f16-0410-b530-b9f4589650da
 2010-05-17 20:22:57 +00:00
HD Moore
c93642b11f Update for 3.4.0 
git-svn-id: file:///home/svn/framework3/trunk@9307 4d416f70-5f16-0410-b530-b9f4589650da
 2010-05-16 17:35:56 +00:00
HD Moore
36836423d9 Add a warning, cosmetic comment to asm 
git-svn-id: file:///home/svn/framework3/trunk@9037 4d416f70-5f16-0410-b530-b9f4589650da
 2010-04-07 20:51:05 +00:00
HD Moore
c6ebd735df Updated comments 
git-svn-id: file:///home/svn/framework3/trunk@9003 4d416f70-5f16-0410-b530-b9f4589650da
 2010-04-03 15:08:17 +00:00
HD Moore
11c10518b3 Bug fixes for better windows OS compatibility 
git-svn-id: file:///home/svn/framework3/trunk@9002 4d416f70-5f16-0410-b530-b9f4589650da
 2010-04-03 14:57:51 +00:00
HD Moore
cd2760f2c2 Bug fixes and size improvements for the reverse_https stager 
git-svn-id: file:///home/svn/framework3/trunk@9001 4d416f70-5f16-0410-b530-b9f4589650da
 2010-04-03 13:53:35 +00:00
HD Moore
e968c3894e More size tweaks 
git-svn-id: file:///home/svn/framework3/trunk@8999 4d416f70-5f16-0410-b530-b9f4589650da
 2010-04-03 08:03:28 +00:00
HD Moore
c8defe9716 Size tweaks to bring the ssl stager + encoder + target_id to exactly 400 bytes 
git-svn-id: file:///home/svn/framework3/trunk@8998 4d416f70-5f16-0410-b530-b9f4589650da
 2010-04-03 07:48:53 +00:00
HD Moore
c6c956ab46 Small patch to enable a new stager 
git-svn-id: file:///home/svn/framework3/trunk@8984 4d416f70-5f16-0410-b530-b9f4589650da
 2010-04-03 05:21:15 +00:00
HD Moore
5d0fb434b7 Adds a reverse_tcp_dns stager 
git-svn-id: file:///home/svn/framework3/trunk@8983 4d416f70-5f16-0410-b530-b9f4589650da
 2010-04-03 03:38:57 +00:00
Stephen Fewer
9a4293c445 In with the modified VNC payload which now supports an in memory breakout of session isolation for systems like Vista/2008/7 when the payload is run from a service in session 0 isolation. 
git-svn-id: file:///home/svn/framework3/trunk@8890 4d416f70-5f16-0410-b530-b9f4589650da
 2010-03-24 00:00:05 +00:00
Stephen Fewer
c09ca4eba5 Commit all the code for the new 'screenshot' command in the stdapi extension. Screenshot will now work on NT4 - 7 on both x86 and x64 and on newer versions of Windows we can break out of session isolation (e.g. session 0 isolation for services) to screenshot the active desktop (or logon screen) without the need to migrate meterpreter. The majority of the migration code-injection stuff has been refactored out into base_inject.c so it can be shared with the new ps_inject() functionality to inject dlls. The 'ps' command now reports what session each process belongs to (if this is too verbose we can remove it or add a -v verbose switch to the ps command). The 'execute' command can now take a -s switch in order to create a process in a users session under the users privs (assuming you have the privs to do this). 
git-svn-id: file:///home/svn/framework3/trunk@8787 4d416f70-5f16-0410-b530-b9f4589650da
 2010-03-11 17:09:55 +00:00
Stephen Fewer
c55e9af9ae Commit the updated APC injection stubs. fixes a nasty issue in some edge cases whereby when using APC injection for a process in another session then the current host process the injected APC can cause an access violation in kernel32 during a call the kernel32!CreateThread caused by the APC's host thread not having an initialized Activation Context inside its TEB. We now test for this and create a dummy ActivationContext entry to appease the kernel. This will both improve DLL injection reliability as well as meterpreter migration reliability. 
git-svn-id: file:///home/svn/framework3/trunk@8786 4d416f70-5f16-0410-b530-b9f4589650da
 2010-03-11 17:00:19 +00:00
Stephen Fewer
08d1850bcc Commit the new VNC x86/x64 DLL source code... 
git-svn-id: file:///home/svn/framework3/trunk@8745 4d416f70-5f16-0410-b530-b9f4589650da
 2010-03-08 14:49:45 +00:00
Stephen Fewer
d0f2b589b6 Delete the old VNC source code. 
git-svn-id: file:///home/svn/framework3/trunk@8744 4d416f70-5f16-0410-b530-b9f4589650da
 2010-03-08 14:39:20 +00:00
Stephen Fewer
195d1ab4b8 Commit snojobs jpeg patch for espia with an x64 build and some minor changes on the ruby side (The 'screenshot' command is now 'screengrab' to avoid a future conflict with changes happening in stdapi). 
git-svn-id: file:///home/svn/framework3/trunk@8726 4d416f70-5f16-0410-b530-b9f4589650da
 2010-03-05 15:50:24 +00:00
Stephen Fewer
4e73d95dac Commit the JPEG-8 lib code from snowjobs patch. Added an x64 build environment and the libs directory for x86/x64 projects to link against. 
git-svn-id: file:///home/svn/framework3/trunk@8725 4d416f70-5f16-0410-b530-b9f4589650da
 2010-03-05 15:44:36 +00:00
Stephen Fewer
5f35f33cd1 Forgot the updated build.py, also add in a link to a blog post I wrote for this shellcode. 
git-svn-id: file:///home/svn/framework3/trunk@8657 4d416f70-5f16-0410-b530-b9f4589650da
 2010-02-26 14:27:13 +00:00
Stephen Fewer
88cc851a41 Commit the stager_sysenter_hook win32 kernel shellcode source and mixin patch, resolves #405. 
git-svn-id: file:///home/svn/framework3/trunk@8655 4d416f70-5f16-0410-b530-b9f4589650da
 2010-02-26 13:41:16 +00:00
Tod Beardsley
d5f4ea9692 Adding TightVNC's java viewer to external/source. vnc.html works, it just needs to have the path set correctly. 
git-svn-id: file:///home/svn/framework3/trunk@8648 4d416f70-5f16-0410-b530-b9f4589650da
 2010-02-25 23:18:42 +00:00
Tod Beardsley
948d9d95d9 Deleting the winvnc java stuff. 
git-svn-id: file:///home/svn/framework3/trunk@8647 4d416f70-5f16-0410-b530-b9f4589650da
 2010-02-25 23:10:00 +00:00
Stephen Fewer
4ed9e71b76 Commit the meterpreter C side (and bins) for transparent zlib (zlib.c copied from the posix meterpreter source) compression of TLV's and channels. To use transparent compression with channels, create them with CHANNEL_FLAG_COMPRESS. To use transparent compression with any TLV value, bitwise or the TLV type with TLV_META_TYPE_COMPRESSED (Don't create the TLV type with TLV_META_TYPE_COMPRESSED as the compressed flag is removed on the remote end after compression). For consistency with the ruby side we could at a later stage add a boolean compress parameter to all the packet_add_tlv_* functions so you don't have to manually specify TLV_META_TYPE_COMPRESSED flag. 
git-svn-id: file:///home/svn/framework3/trunk@8515 4d416f70-5f16-0410-b530-b9f4589650da
 2010-02-16 14:56:24 +00:00
Stephen Fewer
e732ef6872 Commit the Meterpreter C side for the UDP socket pivoting. (+1 bug fix for the TCP client socket notify event function) 
git-svn-id: file:///home/svn/framework3/trunk@8430 4d416f70-5f16-0410-b530-b9f4589650da
 2010-02-09 16:43:33 +00:00
Stephen Fewer
a80d1ad2ee Commit the new TCP server channel support on the meterpreter end as well as some fixes to TCP client channels. 
git-svn-id: file:///home/svn/framework3/trunk@8383 4d416f70-5f16-0410-b530-b9f4589650da
 2010-02-06 17:55:41 +00:00
et
a40817ea67 Finally the Wmap patch for ratproxy for new db schema. Based on Albert School patch 
git-svn-id: file:///home/svn/framework3/trunk@8332 4d416f70-5f16-0410-b530-b9f4589650da
 2010-01-31 04:15:31 +00:00
HD Moore
42b331b47f Fix #790. Initialize the client state to be alive, tweak a few things on the meterpreter side 
git-svn-id: file:///home/svn/framework3/trunk@8327 4d416f70-5f16-0410-b530-b9f4589650da
 2010-01-29 18:52:44 +00:00
Stephen Fewer
7a32f9f2e2 fix ps so an x64 process's path is returned correctly when ps is run from a wow64 meterpeter. 
git-svn-id: file:///home/svn/framework3/trunk@8322 4d416f70-5f16-0410-b530-b9f4589650da
 2010-01-29 12:00:45 +00:00
Stephen Fewer
3824a2938c ...update the project files. I have added in an extra post build step for elevator.dll so it can work on NT4 (when used with rundll32.exe for getsystem technique #2). The post build step uses the editbin.exe to set the major OS/Subsystem version to 4 instead of 5 so NT4 will load it, (visual c++ 2008 cant build NT4 binaries, only 2000 and above). 
git-svn-id: file:///home/svn/framework3/trunk@8318 4d416f70-5f16-0410-b530-b9f4589650da
 2010-01-29 01:12:35 +00:00
Stephen Fewer
0e08aa0094 Add in KiTrap0D to the priv getsystem command. 
git-svn-id: file:///home/svn/framework3/trunk@8317 4d416f70-5f16-0410-b530-b9f4589650da
 2010-01-29 01:09:57 +00:00
HD Moore
284af1260a Disable debug tracing 
git-svn-id: file:///home/svn/framework3/trunk@8312 4d416f70-5f16-0410-b530-b9f4589650da
 2010-01-28 23:10:58 +00:00
HD Moore
f3408fd327 Fixes #744. The core issue was the migrate code waiting on SetEvent, but the migrate stub was blocked on a WSASocket due to a pending packet_receive in the main server thread. Simply settin the thread termination signal did not work, as the SSL_read was already in progress. This change forcible terminates the main server thread before waiting on the event in order to bypass this deadlock. The downside is a failed migrate has no way to recover if it makes it this far. 
git-svn-id: file:///home/svn/framework3/trunk@8309 4d416f70-5f16-0410-b530-b9f4589650da
 2010-01-28 22:55:41 +00:00
natron
69ad365b46 Added STDERR to pure java payload, cleaned up user's view. 
git-svn-id: file:///home/svn/framework3/trunk@8308 4d416f70-5f16-0410-b530-b9f4589650da
 2010-01-28 22:53:36 +00:00
Stephen Fewer
5793ab128c modularize the source for each technique in elevator too. 
git-svn-id: file:///home/svn/framework3/trunk@8299 4d416f70-5f16-0410-b530-b9f4589650da
 2010-01-28 16:30:09 +00:00
Stephen Fewer
8eb036d704 modularize the source for each technique, making it cleaner to add in new techniques at a later stage. 
git-svn-id: file:///home/svn/framework3/trunk@8298 4d416f70-5f16-0410-b530-b9f4589650da
 2010-01-28 15:04:27 +00:00
Stephen Fewer
62c1a99c8e update the workspace files. 
git-svn-id: file:///home/svn/framework3/trunk@8295 4d416f70-5f16-0410-b530-b9f4589650da
 2010-01-28 13:46:51 +00:00
Stephen Fewer
fad278566b Add in the elevator dll, used by getsystem for a number of things. 
git-svn-id: file:///home/svn/framework3/trunk@8294 4d416f70-5f16-0410-b530-b9f4589650da
 2010-01-28 13:45:31 +00:00
Stephen Fewer
e58847009c Add in the new getsystem command to the priv extension. 
git-svn-id: file:///home/svn/framework3/trunk@8293 4d416f70-5f16-0410-b530-b9f4589650da
 2010-01-28 13:40:55 +00:00
Stephen Fewer
f82b6c5952 Update RDI by adding in the LoadRemoteLibraryR function to use RDI to inject into arbitrary processes. Current limitation is it only works on x86->x86 and x64->x64 scenarios, due to the offsets used in parsing the PE file being determined at compile time (e.g. if we compile LoadRemoteLibraryR into an x86 binary it wont be able to load x64 images). Solution is to not rely on compiler for the offset but to do it manually which shouldn't be too much work. 
git-svn-id: file:///home/svn/framework3/trunk@8292 4d416f70-5f16-0410-b530-b9f4589650da
 2010-01-28 13:37:55 +00:00
Stephen Fewer
9f4332ce60 bug fix for the stdapi command rev2self. was not playing nice with new thread token stuff. 
git-svn-id: file:///home/svn/framework3/trunk@8291 4d416f70-5f16-0410-b530-b9f4589650da
 2010-01-28 13:33:24 +00:00
Stephen Fewer
095b6ee7ed move these macros from base_dispatch.c to common.h as they are useful to use elsewhere. 
git-svn-id: file:///home/svn/framework3/trunk@8290 4d416f70-5f16-0410-b530-b9f4589650da
 2010-01-28 13:32:16 +00:00
natron
cd5e5880d2 Initial commit of Msf::Exploit::Java mixin and multi/browser/java_signed_applet exploit. 
git-svn-id: file:///home/svn/framework3/trunk@8267 4d416f70-5f16-0410-b530-b9f4589650da
 2010-01-27 19:46:39 +00:00
HD Moore
cf26fcb9ad Fixes #784. Adds .NET server support 
git-svn-id: file:///home/svn/framework3/trunk@8256 4d416f70-5f16-0410-b530-b9f4589650da
 2010-01-27 07:02:07 +00:00
pusscat
227dd5ba12 Remove test trap ;) 
git-svn-id: file:///home/svn/framework3/trunk@8243 4d416f70-5f16-0410-b530-b9f4589650da
 2010-01-26 20:20:16 +00:00
Joshua Drake
e765288c6c lol, fix funny $Id$ replacement 
git-svn-id: file:///home/svn/framework3/trunk@8241 4d416f70-5f16-0410-b530-b9f4589650da
 2010-01-26 20:10:56 +00:00
HD Moore
4b637c4912 Updated with new target system, signature for 2000 SP4, fixed SP4 usage, but the priv esclation is non-functional, use twunk16/debug depending on what is available. 
git-svn-id: file:///home/svn/framework3/trunk@8240 4d416f70-5f16-0410-b530-b9f4589650da
 2010-01-26 19:13:28 +00:00
HD Moore
a898901ad3 Switch to twunk_16 for Windows 7 compatibility 
git-svn-id: file:///home/svn/framework3/trunk@8230 4d416f70-5f16-0410-b530-b9f4589650da
 2010-01-25 18:07:48 +00:00
HD Moore
9f37906ba9 Tweaks for reliability 
git-svn-id: file:///home/svn/framework3/trunk@8226 4d416f70-5f16-0410-b530-b9f4589650da
 2010-01-25 16:55:53 +00:00
Stephen Fewer
4e4a65b9a4 Complete overhaul of process migration. Migration across x86->x86, x64->x64, wow64->x64 and x64->wow64 all supported using a number of techniques. 
git-svn-id: file:///home/svn/framework3/trunk@8198 4d416f70-5f16-0410-b530-b9f4589650da
 2010-01-22 19:46:18 +00:00
Stephen Fewer
cfcbfd5d3c bug fix x64 migrate shellcodes for wow64->x64 migration. 
git-svn-id: file:///home/svn/framework3/trunk@8197 4d416f70-5f16-0410-b530-b9f4589650da
 2010-01-22 19:37:10 +00:00
Stephen Fewer
538a647671 The stub for wow64->x64 migration. 
git-svn-id: file:///home/svn/framework3/trunk@8195 4d416f70-5f16-0410-b530-b9f4589650da
 2010-01-22 17:12:41 +00:00
Stephen Fewer
1e63f357cb For now just adding in the new APC migrate stubs and the wow64->x64 exec stub. (fix up the build scripts and use a dedicated migrate directory for this stuff). 
git-svn-id: file:///home/svn/framework3/trunk@8193 4d416f70-5f16-0410-b530-b9f4589650da
 2010-01-22 14:03:53 +00:00
HD Moore
c419511386 Minor changes to make scripting easier and allow it to escalate a specific pid 
git-svn-id: file:///home/svn/framework3/trunk@8168 4d416f70-5f16-0410-b530-b9f4589650da
 2010-01-19 22:30:15 +00:00
HD Moore
752f8db83b Add KiTrap0d to the external/source/ as a reference 
git-svn-id: file:///home/svn/framework3/trunk@8167 4d416f70-5f16-0410-b530-b9f4589650da
 2010-01-19 22:22:19 +00:00
Stephen Fewer
f3fd2eae80 Commit the new x64 migrate stub. Compatible with x64->x64 migration (and x86->x64 migration once the remote thread issue is resolved) 
git-svn-id: file:///home/svn/framework3/trunk@8163 4d416f70-5f16-0410-b530-b9f4589650da
 2010-01-19 18:39:56 +00:00
Stephen Fewer
d032955959 Commit the new x86 migrate stub. Compatible with x86->x86 migration and x64->x86 migration, on NT4 and up (where applicable). 
git-svn-id: file:///home/svn/framework3/trunk@8160 4d416f70-5f16-0410-b530-b9f4589650da
 2010-01-19 12:55:24 +00:00
Stephen Fewer
159e240f3a updated stapi project file. 
git-svn-id: file:///home/svn/framework3/trunk@8158 4d416f70-5f16-0410-b530-b9f4589650da
 2010-01-19 11:07:21 +00:00
Stephen Fewer
757276d70f First cut for improved process listing. Now works well on NT4 and up. One issue with getting the path for x64 processes on an x86 meterpreter. 
git-svn-id: file:///home/svn/framework3/trunk@8156 4d416f70-5f16-0410-b530-b9f4589650da
 2010-01-19 10:40:02 +00:00
Stephen Fewer
0286a67f1e small bug fix to get getuid working on NT4 
git-svn-id: file:///home/svn/framework3/trunk@8155 4d416f70-5f16-0410-b530-b9f4589650da
 2010-01-19 10:36:12 +00:00
HD Moore
55dc3aa192 Support for slackware's mktemp, fixes #762 
git-svn-id: file:///home/svn/framework3/trunk@8112 4d416f70-5f16-0410-b530-b9f4589650da
 2010-01-14 12:48:30 +00:00
HD Moore
42b3a5774d Adds the process username to the ps output (when possible). 
git-svn-id: file:///home/svn/framework3/trunk@8056 4d416f70-5f16-0410-b530-b9f4589650da
 2010-01-02 03:41:21 +00:00
HD Moore
4d7aec7c2d Fixes #745. This commit changes how token manipulation works, adds the steal_token, drop_token, and getprivs commands. Tested on NT 4.0, 2000 SP4, XP SP3, 2003 SP2, Vista, and Windows 7 
git-svn-id: file:///home/svn/framework3/trunk@8055 4d416f70-5f16-0410-b530-b9f4589650da
 2010-01-02 00:35:10 +00:00
HD Moore
98f83bbab1 Adds reg queryclass 
git-svn-id: file:///home/svn/framework3/trunk@8046 4d416f70-5f16-0410-b530-b9f4589650da
 2009-12-31 15:52:30 +00:00
Joshua Drake
2283e029db crossing fingers, big cr removal batch 
git-svn-id: file:///home/svn/framework3/trunk@8038 4d416f70-5f16-0410-b530-b9f4589650da
 2009-12-30 22:24:22 +00:00
HD Moore
d0969746a4 Mostly cosmetic changes from local tree 
git-svn-id: file:///home/svn/framework3/trunk@7970 4d416f70-5f16-0410-b530-b9f4589650da
 2009-12-26 03:31:20 +00:00
HD Moore
f648a6605e Update the build script versions 
git-svn-id: file:///home/svn/framework3/trunk@7945 4d416f70-5f16-0410-b530-b9f4589650da
 2009-12-22 13:39:17 +00:00
HD Moore
68aafc8e13 Fixes #658 by adding a 250ms sleep to the dispatch of the close call. 
git-svn-id: file:///home/svn/framework3/trunk@7934 4d416f70-5f16-0410-b530-b9f4589650da
 2009-12-21 19:53:10 +00:00
Joshua Drake
b37c34579b add exploit module for cve-2009-3869 
NOTE: no policy change is required for this exploit to succeed.



git-svn-id: file:///home/svn/framework3/trunk@7899 4d416f70-5f16-0410-b530-b9f4589650da
 2009-12-17 04:52:40 +00:00
Joshua Drake
255724d640 compile java applet with 1.3, Fixes #685 
git-svn-id: file:///home/svn/framework3/trunk@7850 4d416f70-5f16-0410-b530-b9f4589650da
 2009-12-14 17:26:19 +00:00
Joshua Drake
34408c5e3e add exploit module for CVE-2009-3867 (JRE getSoundbank) 
git-svn-id: file:///home/svn/framework3/trunk@7827 4d416f70-5f16-0410-b530-b9f4589650da
 2009-12-11 21:18:31 +00:00
HD Moore
3e98ff9d9a Stop breaking tar on OS X, thanks 
git-svn-id: file:///home/svn/framework3/trunk@7815 4d416f70-5f16-0410-b530-b9f4589650da
 2009-12-10 22:25:29 +00:00
Stephen Fewer
be588716c5 Bug fix for meterpreter on NT4 (Tested on NT4.0 SP6). Add a function thread_open() in thread.c to wrap the use kernel32!OpenThread and ntdll!NtOpenThread for backwards compatibility. 
git-svn-id: file:///home/svn/framework3/trunk@7806 4d416f70-5f16-0410-b530-b9f4589650da
 2009-12-10 18:12:51 +00:00
HD Moore
6da0fda5ed Updated meterpreter binaries with a slight change to the thread schedule (solves a looping problem when the socket is dead). 
git-svn-id: file:///home/svn/framework3/trunk@7793 4d416f70-5f16-0410-b530-b9f4589650da
 2009-12-10 05:42:47 +00:00
HD Moore
ff19b649f3 See #662. This should fix most of the meterpreter-side issues with sockets, there is still a second piece of this which is unflushed data on the local forwards from the ruby code. 
git-svn-id: file:///home/svn/framework3/trunk@7761 4d416f70-5f16-0410-b530-b9f4589650da
 2009-12-08 22:08:06 +00:00
HD Moore
792724c3f3 Cleanups to the socket code, its still not perfect, but much more usable now 
git-svn-id: file:///home/svn/framework3/trunk@7750 4d416f70-5f16-0410-b530-b9f4589650da
 2009-12-08 14:52:07 +00:00
Stephen Fewer
4f8cfc27d4 Replace the use of Critical Sections for locking with Mutex's (thread.c). This appears to resolve a deadlock issue with OpenSSL on some Windows systems. This commit resolves a bug in interactive processes where an interactive waiter thread will chew cpu due to a tight loop introduced by anonymous pipes not blocking (process.c). Dynamic lock creation for OpenSSL has been re-enabled should a future version of OpenSSL require it, AFAIK the current version used, v0.8.9, does not use dynamic lock creation (server_setup.c). Channels have been given locks to help synchronize concurrent access to a single channel. 
git-svn-id: file:///home/svn/framework3/trunk@7732 4d416f70-5f16-0410-b530-b9f4589650da
 2009-12-07 13:04:41 +00:00
HD Moore
dfa0d155fc See #607. Switch sniffer code to use mutexes 
git-svn-id: file:///home/svn/framework3/trunk@7728 4d416f70-5f16-0410-b530-b9f4589650da
 2009-12-07 05:19:46 +00:00
Stephen Fewer
a273c9f07c Initial commit of the multi-threaded meterpreter. 
git-svn-id: file:///home/svn/framework3/trunk@7698 4d416f70-5f16-0410-b530-b9f4589650da
 2009-12-04 17:37:21 +00:00
HD Moore
8aef3d560c Fixes #579 
git-svn-id: file:///home/svn/framework3/trunk@7694 4d416f70-5f16-0410-b530-b9f4589650da
 2009-12-04 11:35:24 +00:00
HD Moore
cbb0fb10e7 Tweak for 3.3.1 
git-svn-id: file:///home/svn/framework3/trunk@7649 4d416f70-5f16-0410-b530-b9f4589650da
 2009-11-30 20:14:55 +00:00
HD Moore
8ba8945f53 Fixes #579. Clean up the runtime environment for ruby, update the version 
git-svn-id: file:///home/svn/framework3/trunk@7633 4d416f70-5f16-0410-b530-b9f4589650da
 2009-11-28 16:38:52 +00:00
HD Moore
ffcd613450 Commit the rc2 installer 
git-svn-id: file:///home/svn/framework3/trunk@7527 4d416f70-5f16-0410-b530-b9f4589650da
 2009-11-16 04:05:45 +00:00
HD Moore
5507d686da Remove rm of old touched file 
git-svn-id: file:///home/svn/framework3/trunk@7480 4d416f70-5f16-0410-b530-b9f4589650da
 2009-11-12 07:15:13 +00:00
HD Moore
d38ac81282 Hopefully the last round of tweaks for the windows installer 
git-svn-id: file:///home/svn/framework3/trunk@7479 4d416f70-5f16-0410-b530-b9f4589650da
 2009-11-12 07:13:09 +00:00
HD Moore
1e7be6650a This method seems to work on Windows 7 - $stdin reads on a closed rxvt lead to the hung ruby procs. 
git-svn-id: file:///home/svn/framework3/trunk@7478 4d416f70-5f16-0410-b530-b9f4589650da
 2009-11-12 07:02:40 +00:00
HD Moore
ecc06247ab Still sorting out permission checks 
git-svn-id: file:///home/svn/framework3/trunk@7477 4d416f70-5f16-0410-b530-b9f4589650da
 2009-11-12 06:38:03 +00:00
HD Moore
ab33e5403d Fixes #490. Fixes #497. Fixes #479 (hopefully in all cases). Updates to the cygwin scripts and batch files 
git-svn-id: file:///home/svn/framework3/trunk@7475 4d416f70-5f16-0410-b530-b9f4589650da
 2009-11-12 06:18:32 +00:00
HD Moore
63383842e5 Fixes #496. Adds a Cygwin Shell link (and a pdf icon) 
git-svn-id: file:///home/svn/framework3/trunk@7474 4d416f70-5f16-0410-b530-b9f4589650da
 2009-11-12 05:59:46 +00:00
HD Moore
74eb0ed34c Add the used icons 
git-svn-id: file:///home/svn/framework3/trunk@7472 4d416f70-5f16-0410-b530-b9f4589650da
 2009-11-12 05:41:47 +00:00
HD Moore
879f0b306b Check the cygwin scripts into SVN 
git-svn-id: file:///home/svn/framework3/trunk@7471 4d416f70-5f16-0410-b530-b9f4589650da
 2009-11-12 05:30:58 +00:00
Stephen Fewer
8c48a9a3f5 Commit the PassiveX DLL updated to build with Visual Studio C++ 2008. Removed some compiler warnings. Use VirtualProtect to make second stage RWX. Use WSASocketA() over socket() for second stage compatibility. Seems to now work with the shell stage (Tested on XPSP2/IE7) but still not working with meterpreter. 
git-svn-id: file:///home/svn/framework3/trunk@7461 4d416f70-5f16-0410-b530-b9f4589650da
 2009-11-11 00:39:38 +00:00
HD Moore
4321b992dc Improved the msfupdate script, retry on dirty svn directories, warn the user if automatic updates are disabled, and indicate the msfconsole is in the system path after the install 
git-svn-id: file:///home/svn/framework3/trunk@7437 4d416f70-5f16-0410-b530-b9f4589650da
 2009-11-10 01:26:46 +00:00
pusscat
9e85a3bf0f Update binaries and readme file 
git-svn-id: file:///home/svn/framework3/trunk@7433 4d416f70-5f16-0410-b530-b9f4589650da
 2009-11-09 20:16:05 +00:00
pusscat
a8576a584f Initial import of David Weston's "smart file" loading that allows (among other things) importation of buffers annotated with 010's map files! 
git-svn-id: file:///home/svn/framework3/trunk@7431 4d416f70-5f16-0410-b530-b9f4589650da
 2009-11-09 19:56:33 +00:00
HD Moore
1a094cec0d Update for 3.3 
git-svn-id: file:///home/svn/framework3/trunk@7424 4d416f70-5f16-0410-b530-b9f4589650da
 2009-11-09 07:02:43 +00:00
HD Moore
a87fc61a63 Updated banners 
git-svn-id: file:///home/svn/framework3/trunk@7414 4d416f70-5f16-0410-b530-b9f4589650da
 2009-11-09 00:54:53 +00:00
HD Moore
dbdf4df415 Minor tweaks to the Linux installers 
git-svn-id: file:///home/svn/framework3/trunk@7410 4d416f70-5f16-0410-b530-b9f4589650da
 2009-11-09 00:14:18 +00:00
HD Moore
7b8d08a635 Fixes #466 and #467. Binaries and source to be stored outside the tree 
git-svn-id: file:///home/svn/framework3/trunk@7372 4d416f70-5f16-0410-b530-b9f4589650da
 2009-11-06 02:55:18 +00:00
HD Moore
df9a43ac61 See #376 
git-svn-id: file:///home/svn/framework3/trunk@7344 4d416f70-5f16-0410-b530-b9f4589650da
 2009-11-04 03:21:14 +00:00
HD Moore
ea54f3e013 Minor tweaks for formatting 
git-svn-id: file:///home/svn/framework3/trunk@7343 4d416f70-5f16-0410-b530-b9f4589650da
 2009-11-04 01:18:37 +00:00
pusscat
bcc8d5d8ca Update all binaries 
git-svn-id: file:///home/svn/framework3/trunk@7341 4d416f70-5f16-0410-b530-b9f4589650da
 2009-11-03 21:52:00 +00:00
pusscat
c7030e7705 Add tenketsu heap logging 
git-svn-id: file:///home/svn/framework3/trunk@7340 4d416f70-5f16-0410-b530-b9f4589650da
 2009-11-03 21:49:24 +00:00
HD Moore
21e82d8b69 This patch implements a much more flexible executable creation scheme at the cost of exe size. This also adds the "-x" option to msfencode, allowing the user to specify their own executable template for generation. 
git-svn-id: file:///home/svn/framework3/trunk@7315 4d416f70-5f16-0410-b530-b9f4589650da
 2009-11-01 04:11:43 +00:00
HD Moore
e5e89906d0 Switch the meterpreter to SSLv3 and try to generate a slightly more realistic CN for the certificate. The goal is to work through a wider range of inline proxies. 
git-svn-id: file:///home/svn/framework3/trunk@7311 4d416f70-5f16-0410-b530-b9f4589650da
 2009-10-31 20:44:23 +00:00
HD Moore
31276e1626 Fixes #427. Finally found a solution that works for 1.8 and 1.9, this allows lorcon modules to run in the background or foreground and handle interrupts from the console gracefully. Its still a hack 
git-svn-id: file:///home/svn/framework3/trunk@7293 4d416f70-5f16-0410-b530-b9f4589650da
 2009-10-28 00:19:17 +00:00
HD Moore
7b22b2cc04 Mostly working codebase, still hanging on some instances, depends on latest svn of lorcon2. See #427 
git-svn-id: file:///home/svn/framework3/trunk@7292 4d416f70-5f16-0410-b530-b9f4589650da
 2009-10-27 20:13:20 +00:00
HD Moore
5234fe8ff8 Fixes 416. Adds the rm/del commands to meterpreter, fixes build problems triggered by the POSIX code merge 
git-svn-id: file:///home/svn/framework3/trunk@7291 4d416f70-5f16-0410-b530-b9f4589650da
 2009-10-27 02:31:07 +00:00
HD Moore
276a3f8052 Use _WIN32 instead of __WIN32__ to be consistent 
git-svn-id: file:///home/svn/framework3/trunk@7290 4d416f70-5f16-0410-b530-b9f4589650da
 2009-10-27 01:13:35 +00:00
HD Moore
3b99a513ec Fixes #352 and fixes #350. Can no longer reproduce memory corruption or packet loss with this code 
git-svn-id: file:///home/svn/framework3/trunk@7287 4d416f70-5f16-0410-b530-b9f4589650da
 2009-10-26 22:49:43 +00:00
HD Moore
b662d044a6 Fixes #412. Still an issue with lorcon not yielding back when there is no traffic, but this is a different bug 
git-svn-id: file:///home/svn/framework3/trunk@7286 4d416f70-5f16-0410-b530-b9f4589650da
 2009-10-26 22:36:24 +00:00
HD Moore
ddeb80e0da See #412. Fix compile warnings and errors on 1.9, still needs testing 
git-svn-id: file:///home/svn/framework3/trunk@7285 4d416f70-5f16-0410-b530-b9f4589650da
 2009-10-26 21:09:40 +00:00
HD Moore
7d7c565a37 Merge in the POSIX stdapi extension, still some work left to finish 
git-svn-id: file:///home/svn/framework3/trunk@7266 4d416f70-5f16-0410-b530-b9f4589650da
 2009-10-26 04:34:20 +00:00
HD Moore
9fda642939 Prevent the packet loop from blocking ruby 
git-svn-id: file:///home/svn/framework3/trunk@7234 4d416f70-5f16-0410-b530-b9f4589650da
 2009-10-23 15:58:09 +00:00
HD Moore
070f85d6b5 Adds Lorcon::Device.write() for compatibility with Lorcon1 
git-svn-id: file:///home/svn/framework3/trunk@7233 4d416f70-5f16-0410-b530-b9f4589650da
 2009-10-23 14:40:47 +00:00
HD Moore
1acf372dce Roll Lorcon2 into the metasploit tree, still testing the modules. See #378 
git-svn-id: file:///home/svn/framework3/trunk@7228 4d416f70-5f16-0410-b530-b9f4589650da
 2009-10-23 04:32:26 +00:00
HD Moore
21de84f6ad Adds ruby-lorcon2 to the tree, (from lorcon2 trunk). Still some bugs to go, see #378 
git-svn-id: file:///home/svn/framework3/trunk@7227 4d416f70-5f16-0410-b530-b9f4589650da
 2009-10-22 15:46:01 +00:00
HD Moore
e07bce0101 Copyright updates reflecting the news 
git-svn-id: file:///home/svn/framework3/trunk@7222 4d416f70-5f16-0410-b530-b9f4589650da
 2009-10-21 12:58:56 +00:00
HD Moore
00b2915554 Fixes #342. Set ReverseConnectRetries to a value between 1 and 255 (default is 5). On failure it will ExitProcess (still better than a cpu spin) 
git-svn-id: file:///home/svn/framework3/trunk@7217 4d416f70-5f16-0410-b530-b9f4589650da
 2009-10-20 20:31:14 +00:00
HD Moore
62b06f5e16 Add Alexander Sotirov's metsvc to svn 
git-svn-id: file:///home/svn/framework3/trunk@7213 4d416f70-5f16-0410-b530-b9f4589650da
 2009-10-20 18:42:47 +00:00
kris
93dd1f2901 Fix pcaprub compilation errors (not warnings) for Ruby 1.9 
git-svn-id: file:///home/svn/framework3/trunk@7119 4d416f70-5f16-0410-b530-b9f4589650da
 2009-10-03 02:45:15 +00:00
HD Moore
bf5068f6b1 Fixes #288 and #320. This should fix the BSoD issue with the sniffer module (other than the mac filter change, this matches the vendor's example) and confirmed that the keyscan_dump fix works 
git-svn-id: file:///home/svn/framework3/trunk@7066 4d416f70-5f16-0410-b530-b9f4589650da
 2009-09-26 16:26:05 +00:00
et
a89914d448 Finally screenshot capture. BMP at this time 
git-svn-id: file:///home/svn/framework3/trunk@7063 4d416f70-5f16-0410-b530-b9f4589650da
 2009-09-26 04:05:09 +00:00
James Lee
6a7a023844 I will not commit when sleep deprived. I will not commit when sleep deprived. I will not commit... 
git-svn-id: file:///home/svn/framework3/trunk@7061 4d416f70-5f16-0410-b530-b9f4589650da
 2009-09-25 06:40:42 +00:00
James Lee
bc2c38c332 shave an instruction from the new allports stager 
git-svn-id: file:///home/svn/framework3/trunk@7060 4d416f70-5f16-0410-b530-b9f4589650da
 2009-09-25 06:13:13 +00:00
HD Moore
ee9a8f4f76 Adds support for the reverse_tcp_allports stager for Windows. This payload tries to connect back on all ports, one at a time, from LPORT to 65535. This is incredibly slow (depends on the default socket timeout) and requires the user to forward all TCP ports of LHOST to a single listening port in the handler. Inspired by a few user requests and this blog post: http://clinicallyawesome.com/post/196352889/blind-connect-back-through-restrictive-firewall 
git-svn-id: file:///home/svn/framework3/trunk@7058 4d416f70-5f16-0410-b530-b9f4589650da
 2009-09-25 05:44:50 +00:00
James Lee
e30e850ba7 shave a few bytes off of the windows stagers 
git-svn-id: file:///home/svn/framework3/trunk@7035 4d416f70-5f16-0410-b530-b9f4589650da
 2009-09-14 08:45:01 +00:00
Stephen Fewer
1937839e79 Patch meterpreter's sysinfo command to resolve the system language and architecture. 
git-svn-id: file:///home/svn/framework3/trunk@7028 4d416f70-5f16-0410-b530-b9f4589650da
 2009-09-10 13:09:48 +00:00
Stephen Fewer
36d60d5d12 Commit the x64 build of the meterpreter incognito extension. 
git-svn-id: file:///home/svn/framework3/trunk@7009 4d416f70-5f16-0410-b530-b9f4589650da
 2009-09-07 09:25:25 +00:00
Stephen Fewer
ff9efacffa Commit the x64 build of the meterpreter priv extension. 
git-svn-id: file:///home/svn/framework3/trunk@7008 4d416f70-5f16-0410-b530-b9f4589650da
 2009-09-07 09:17:29 +00:00
Stephen Fewer
402608ec6f Commit the openssl x64 static libraries required for compilation. These are freshly built using the latest stable release (openssl-0.9.8k). Instructions for re-building the libraries also included. 
git-svn-id: file:///home/svn/framework3/trunk@7001 4d416f70-5f16-0410-b530-b9f4589650da
 2009-09-04 01:58:17 +00:00
Stephen Fewer
5dee5819b1 Commit the source code for the cross compilable reflective dll injection module. Some minor modifications to the stdapi extension were also required. All the projects (.vcproj) now have an x64 debug/release target as well as an x86 counterpart. 
git-svn-id: file:///home/svn/framework3/trunk@7000 4d416f70-5f16-0410-b530-b9f4589650da
 2009-09-04 01:53:58 +00:00
Stephen Fewer
1cb3c42589 First commit! update vnc server with the new exitfunk hash values as well as modify ReflectiveLoader to retrieve kernel32 base address dynamically ala its meterpreter counterpart. 
git-svn-id: file:///home/svn/framework3/trunk@6989 4d416f70-5f16-0410-b530-b9f4589650da
 2009-08-31 10:28:26 +00:00
HD Moore
87ea275a17 Fixes #299 - corrects the win32 build environment and source to build properly again 
git-svn-id: file:///home/svn/framework3/trunk@6987 4d416f70-5f16-0410-b530-b9f4589650da
 2009-08-30 01:57:25 +00:00
pusscat
4361028a45 New binaries 
git-svn-id: file:///home/svn/framework3/trunk@6984 4d416f70-5f16-0410-b530-b9f4589650da
 2009-08-28 16:01:36 +00:00
HD Moore
97725a489c Round 3 of x64 support from Stephen Fewer - new payloads! 
git-svn-id: file:///home/svn/framework3/trunk@6980 4d416f70-5f16-0410-b530-b9f4589650da
 2009-08-27 19:29:54 +00:00
HD Moore
cf10a62dcc Merge in the beginnings of x64 support from Stephen Fewer 
git-svn-id: file:///home/svn/framework3/trunk@6972 4d416f70-5f16-0410-b530-b9f4589650da
 2009-08-23 23:47:33 +00:00
pusscat
56881d35d2 Fix a pile of identBuf parsing issues that occur if you forget an argument for a specific buf type 
git-svn-id: file:///home/svn/framework3/trunk@6970 4d416f70-5f16-0410-b530-b9f4589650da
 2009-08-21 12:48:16 +00:00
pusscat
1bfd5a1cd6 Add new winxp bins 
git-svn-id: file:///home/svn/framework3/trunk@6969 4d416f70-5f16-0410-b530-b9f4589650da
 2009-08-20 13:13:11 +00:00
pusscat
f3131404b9 Replace # wih REM for xp 
git-svn-id: file:///home/svn/framework3/trunk@6967 4d416f70-5f16-0410-b530-b9f4589650da
 2009-08-19 17:37:20 +00:00
HD Moore
a811f28535 Patch from snfernandez to fix posix extension loading 
git-svn-id: file:///home/svn/framework3/trunk@6954 4d416f70-5f16-0410-b530-b9f4589650da
 2009-08-12 23:15:08 +00:00
pusscat
d61860eda0 Add searchVtptr readme info 
git-svn-id: file:///home/svn/framework3/trunk@6953 4d416f70-5f16-0410-b530-b9f4589650da
 2009-08-12 21:51:42 +00:00
pusscat
c3011bd07c Addition of searchVtptr 
git-svn-id: file:///home/svn/framework3/trunk@6952 4d416f70-5f16-0410-b530-b9f4589650da
 2009-08-12 21:31:45 +00:00
HD Moore
41121f5870 Major merge of Meterpreter POSIX codebase from JR, Win32 projects may need a few more fixes to work properly 
git-svn-id: file:///home/svn/framework3/trunk@6949 4d416f70-5f16-0410-b530-b9f4589650da
 2009-08-10 02:02:16 +00:00
HD Moore
d5ffcc1907 fix the posix build (patch from JR) 
git-svn-id: file:///home/svn/framework3/trunk@6945 4d416f70-5f16-0410-b530-b9f4589650da
 2009-08-09 17:28:44 +00:00
HD Moore
79df0ab405 Merge in JR's ulibc code 
git-svn-id: file:///home/svn/framework3/trunk@6944 4d416f70-5f16-0410-b530-b9f4589650da
 2009-08-09 02:27:52 +00:00
HD Moore
da32f1bdea Updated meterpreter code/binaries to scrub memory after use, works around Peter's memoryze signatures from BH/DC 2009 
git-svn-id: file:///home/svn/framework3/trunk@6942 4d416f70-5f16-0410-b530-b9f4589650da
 2009-08-08 14:22:32 +00:00
pusscat
b9c2d57630 Update heap modeler coalesce functionality, as well as searchOpcode 
git-svn-id: file:///home/svn/framework3/trunk@6941 4d416f70-5f16-0410-b530-b9f4589650da
 2009-08-06 20:09:38 +00:00
HD Moore
9a1e07c4f3 First round of posix meterpreter commits from jr 
git-svn-id: file:///home/svn/framework3/trunk@6934 4d416f70-5f16-0410-b530-b9f4589650da
 2009-08-01 14:21:58 +00:00
HD Moore
26ca5ec646 Nuke the compiled bins 
git-svn-id: file:///home/svn/framework3/trunk@6926 4d416f70-5f16-0410-b530-b9f4589650da
 2009-08-01 03:21:22 +00:00
HD Moore
c173bff563 Updated reflective stuff to match the new hashing function 
git-svn-id: file:///home/svn/framework3/trunk@6923 4d416f70-5f16-0410-b530-b9f4589650da
 2009-07-31 17:57:51 +00:00
HD Moore
49b7dcb30c Overhaul of the metasploit payloads from Stephen Fewer - smaller/cleaner/new hashing/support for WinNT 4.0 -> Win7 with size reductions for the stagers and minimal size increases for the singles 
git-svn-id: file:///home/svn/framework3/trunk@6922 4d416f70-5f16-0410-b530-b9f4589650da
 2009-07-31 17:50:10 +00:00
HD Moore
a97abcf837 Cleaning up pcaprub, interface closing will still be handled by the GC 
git-svn-id: file:///home/svn/framework3/trunk@6859 4d416f70-5f16-0410-b530-b9f4589650da
 2009-07-21 19:36:37 +00:00
pusscat
4fd458a309 Update some identBuf documentation 
git-svn-id: file:///home/svn/framework3/trunk@6853 4d416f70-5f16-0410-b530-b9f4589650da
 2009-07-21 14:54:34 +00:00
James Lee
0044635e3b remove a temp commit leftover 
git-svn-id: file:///home/svn/framework3/trunk@6834 4d416f70-5f16-0410-b530-b9f4589650da
 2009-07-18 20:59:10 +00:00
HD Moore
5577fac39e Closes #297. Switches to the dnet headers for the sniffer packet decodes 
git-svn-id: file:///home/svn/framework3/trunk@6822 4d416f70-5f16-0410-b530-b9f4589650da
 2009-07-17 19:39:31 +00:00
HD Moore
9db072b2e4 cleans up the pcaprub code a little bit during packet receives 
git-svn-id: file:///home/svn/framework3/trunk@6820 4d416f70-5f16-0410-b530-b9f4589650da
 2009-07-17 16:14:07 +00:00
HD Moore
697d89c8cf Wait on the pcap file handle to reduce cpu consumption during sniffing 
git-svn-id: file:///home/svn/framework3/trunk@6814 4d416f70-5f16-0410-b530-b9f4589650da
 2009-07-17 02:24:21 +00:00
HD Moore
2c4acca92a Fixes #296. Removes polarssl references 
git-svn-id: file:///home/svn/framework3/trunk@6811 4d416f70-5f16-0410-b530-b9f4589650da
 2009-07-16 16:00:29 +00:00
HD Moore
975093efca Updated VC++ project files to fix the directory paths/includes for OpenSSL 
git-svn-id: file:///home/svn/framework3/trunk@6774 4d416f70-5f16-0410-b530-b9f4589650da
 2009-07-13 03:14:20 +00:00
HD Moore
148ca687f5 Updated libraries and source code now using OpenSSL 
git-svn-id: file:///home/svn/framework3/trunk@6773 4d416f70-5f16-0410-b530-b9f4589650da
 2009-07-13 03:10:39 +00:00
HD Moore
6b0974f618 Goodbye PolarSSL (your license stinks). 
git-svn-id: file:///home/svn/framework3/trunk@6772 4d416f70-5f16-0410-b530-b9f4589650da
 2009-07-13 03:03:53 +00:00
HD Moore
e8784d68fb Fixes up the sniffer to handle large packet captures better, fixes a regression in the sysinfo command. 
git-svn-id: file:///home/svn/framework3/trunk@6768 4d416f70-5f16-0410-b530-b9f4589650da
 2009-07-12 13:17:37 +00:00
HD Moore
f76d73a823 Free packet memory when the capture is stopped 
git-svn-id: file:///home/svn/framework3/trunk@6765 4d416f70-5f16-0410-b530-b9f4589650da
 2009-07-11 18:19:42 +00:00
HD Moore
4989f9bdbe Fixes a bug where if the sniffer SDK could not initialize, it would still be treated as initialized the next time it was checked. 
git-svn-id: file:///home/svn/framework3/trunk@6764 4d416f70-5f16-0410-b530-b9f4589650da
 2009-07-11 17:52:40 +00:00
HD Moore
645ca020e9 Fixes a memory corruption issue with the SSL file descriptor (was using a stack reference instead of the Remote->fd reference), adds the source code sans the Packet SDK for the sniffer module 
git-svn-id: file:///home/svn/framework3/trunk@6763 4d416f70-5f16-0410-b530-b9f4589650da
 2009-07-11 17:32:50 +00:00
HD Moore
608ca7aae8 This patch removes some of the meterpreter compiler warnings and fixes migration over SSL 
git-svn-id: file:///home/svn/framework3/trunk@6761 4d416f70-5f16-0410-b530-b9f4589650da
 2009-07-09 22:44:33 +00:00
HD Moore
7b516e06fe Transfer the migration payload over SSL, still working on a crash bug after migration completes 
git-svn-id: file:///home/svn/framework3/trunk@6756 4d416f70-5f16-0410-b530-b9f4589650da
 2009-07-09 03:22:10 +00:00
HD Moore
48e1e5f351 Merge Stephen Fewer's patches to enable support for Windows 7 (fixes support for NT and 2000 as well) 
git-svn-id: file:///home/svn/framework3/trunk@6744 4d416f70-5f16-0410-b530-b9f4589650da
 2009-07-05 20:24:37 +00:00
HD Moore
0ad96dd656 Adds a top-level SEH handler around the initialization stub, prevents a fatal error from preventing EXITFUNC from being called. 
git-svn-id: file:///home/svn/framework3/trunk@6722 4d416f70-5f16-0410-b530-b9f4589650da
 2009-06-27 19:39:10 +00:00
HD Moore
43372de9f0 Fix a bug in the new SSL code that broke large transfers 
git-svn-id: file:///home/svn/framework3/trunk@6720 4d416f70-5f16-0410-b530-b9f4589650da
 2009-06-27 01:52:36 +00:00
HD Moore
aaff989294 Add the PolarSSL lib file and output directory to make building easier 
git-svn-id: file:///home/svn/framework3/trunk@6719 4d416f70-5f16-0410-b530-b9f4589650da
 2009-06-26 23:22:07 +00:00
HD Moore
a74d3a3f38 Switches meterpreter to SSL by default, using the PolarSSL library. To build this, just place polarssl.lib into an workspace/common/Release/ 
git-svn-id: file:///home/svn/framework3/trunk@6718 4d416f70-5f16-0410-b530-b9f4589650da
 2009-06-26 23:18:53 +00:00
HD Moore
1fba3f678b Adds Windows 7 support for the primary stagers: http://www.harmonysecurity.com/blog/2009/06/retrieving-kernel32s-base-address.html 
git-svn-id: file:///home/svn/framework3/trunk@6677 4d416f70-5f16-0410-b530-b9f4589650da
 2009-06-20 04:35:44 +00:00
HD Moore
b8efb1bbf9 Add Stephen Fewer's shiny exploit for the Java deserialization flaw 
git-svn-id: file:///home/svn/framework3/trunk@6664 4d416f70-5f16-0410-b530-b9f4589650da
 2009-06-16 17:19:44 +00:00
James Lee
0a8235eb44 removing them 
git-svn-id: file:///home/svn/framework3/trunk@6570 4d416f70-5f16-0410-b530-b9f4589650da
 2009-05-20 17:51:45 +00:00
James Lee
1ab4a0457b preparing to remove unnecessary exes trigger AV 
git-svn-id: file:///home/svn/framework3/trunk@6569 4d416f70-5f16-0410-b530-b9f4589650da
 2009-05-20 17:50:49 +00:00
et
746a3c533a ext. sample dll. not ready for production enviroments 
git-svn-id: file:///home/svn/framework3/trunk@6506 4d416f70-5f16-0410-b530-b9f4589650da
 2009-04-29 03:38:42 +00:00
et
205a57da77 ext code and project adjustments 
git-svn-id: file:///home/svn/framework3/trunk@6500 4d416f70-5f16-0410-b530-b9f4589650da
 2009-04-27 04:34:28 +00:00
et
03d8541b3f espia early stages 
git-svn-id: file:///home/svn/framework3/trunk@6499 4d416f70-5f16-0410-b530-b9f4589650da
 2009-04-27 03:43:22 +00:00
HD Moore
f059fbece7 Source code and VS project changes for cleaner build and new keyboard logging code 
git-svn-id: file:///home/svn/framework3/trunk@6374 4d416f70-5f16-0410-b530-b9f4589650da
 2009-03-23 05:26:11 +00:00
HD Moore
67ed4d2b68 Commit the patched reflective DLL injection tree for VNC from Stephen Fewer 
git-svn-id: file:///home/svn/framework3/trunk@6373 4d416f70-5f16-0410-b530-b9f4589650da
 2009-03-23 05:19:33 +00:00
HD Moore
678370d57f Swapping out the old code for the new reflective DLL based tree 
git-svn-id: file:///home/svn/framework3/trunk@6372 4d416f70-5f16-0410-b530-b9f4589650da
 2009-03-23 05:18:22 +00:00