William Vu
8e3933bed7
Revert "Undo commit for #441 "
...
This reverts commit 8361d5367adb3d5f0896
2020-10-11 20:49:06 -05:00
William Vu
8c5ab95cd2
Revert "Land #441 - Fix missing TLV migration from string to int"
...
This reverts commit eb1d51b94eb6ce0dff18
2020-10-11 20:08:15 -05:00
Justin Steven
68e3e0cb4e
Fix missing TLV migration from strings -> ints
...
Fixes #440
2020-10-11 13:57:13 +10:00
Justin Steven
5387ff7629
Fix typo
2020-08-17 17:17:33 +10:00
Justin Steven
46b8c5fda1
Fix #428 PHP 5.1.6 unexpected '['
2020-08-17 16:31:00 +10:00
OJ
5fc2117325
Adjust the tlv raw function and remove some unnecessary headers
2020-06-09 10:57:43 +10:00
OJ
53dc79f384
Update PHP to use DER instead of PEM for RSA
2020-06-09 10:57:43 +10:00
OJ
fc0079e98a
Update enumeration commands to support the id range
2020-05-01 15:55:43 +10:00
OJ
d3f3a513de
Update command id maps for php, java and python
2020-05-01 15:42:45 +10:00
OJ
c9284388d9
Update PHP meterpreter to support UINT command IDs
2020-04-29 15:42:25 +10:00
Adam Cammack
390c52f755
Let PHP Meterpreter renegotiate CryptTLV
2019-06-12 15:51:42 -05:00
Tim W
0492872cd9
fix #330 , fix php ls
2019-03-13 19:20:19 +08:00
Brent Cook
7e2181700a
update stat struct sizes
2019-02-06 17:51:21 -06:00
Jeffrey Martin
2a4a764969
Land #234 , Implement TLS transport for PHP meterpreter
2018-10-22 15:23:40 -05:00
William Vu
ceb05b8dc4
Add PHP Meterpreter chmod
2018-09-21 00:38:01 -05:00
Pearce Barry
6c9bf01346
Minor tweak to ensure last requested length is accurate.
2018-03-01 17:26:52 -06:00
Brent Cook
913e254fea
fix reliability for PHP packet dispatch
...
A bug in the read function would cause a too-large read when there are multiple
packets or other things in the control channel. This would cause the subsequent
packet to fail to parse, leading to the current message getting discarded.
2018-02-27 06:51:44 -06:00
Brent Cook
96fb621adc
add missing semicolon
2018-01-26 17:26:45 -06:00
Brent Cook
27fe856cb4
whitespace
2018-01-16 10:26:00 -06:00
Brent Cook
7f4dc5e525
you say potato, I say cononical
2018-01-16 10:16:15 -06:00
Brent Cook
bc22f457a3
remove read-only attribute on delete
2018-01-16 10:16:03 -06:00
Brent Cook
0429040ff5
a little more simplification
2017-10-27 05:09:22 -07:00
Brent Cook
f85caa2738
minor cleanup
2017-10-27 05:01:56 -07:00
RageLtMan
d216d47c53
Implement TLS transport for PHP meterpreter
...
This is the payloads section of MSF #7669
Implement SSL transport via streams, atop the current version of
PHP meterpreter (with GUIDs and all).
This version does everything in a single file, relying on the MSF
payload generation component to perform string substitution in
order to convert the "connect($ipaddr, $port, $proto='tcp')" to
"function connect($ipaddr, $port, $proto='ssl')."
2017-10-27 05:01:56 -07:00
2dimka
31d45584b5
Fix unexpected syntax error '[' in PHP 5.2.4 on Metasploitable2 VM
2017-10-03 20:54:36 +03:00
Anant Shrivastava
f5f594192b
fix for php create_function errors
...
based on findings listed https://github.com/rapid7/metasploit-framework/issues/8858 it was identified that the php webshell was not working at all. Hence a fix to get it to work in both suhosin and non suhosin environment.
2017-08-20 12:19:14 +05:30
OJ
b363584648
Merge branch 'upstream/master' into transport-agnostic-packet-encryption
2017-08-08 17:37:25 +10:00
jvoisin
5c0e0bdb42
Add an alternative to eval to bypass suhosin
2017-07-13 15:18:09 +02:00
OJ
73985d150c
Update PHP meterpreter to support 32 bit encryption flags
2017-07-03 17:15:10 +10:00
OJ
4204e798de
Add encryption of AES key to php meterp
2017-06-28 20:17:14 +10:00
OJ
d75ddcdb2c
Add AES support to PHP
...
Still doesn't take into account the given public key, but we're getting
there.
2017-06-28 20:07:42 +10:00
OJ
df6748130d
Update php meterpreter to support new packet header
...
This doesn't enable support for AES encryption PHP meterp yet, that's
coming later.
2017-06-26 16:48:01 +10:00
OJ
813760a9e2
Remove support for the crypto context
...
Crypto context stuff appears to have only ever been supported in
Meterpreter on Windows. The only thing it allowed for is XOR, which is
redundant given that we have packet level XOR in place. Also, it would
appear that MSF didn't have support for it anyway!
With the move torwards packet-level encryption, this is unnecessary so
it needs to go bye bye.
2017-06-19 16:51:54 +10:00
OJ
cf575a05dd
Add session GUID support to Meterpreter payloads
2017-06-06 17:24:36 +10:00
OJ
6872495da6
Remove Migrate TLVs from php/py, adjust for Java
2017-01-24 07:38:59 +10:00
Brent Cook
bce9060160
Land #150 , Change PHP Meterpreter header comment style
2016-12-06 04:56:15 -06:00
OJ
b7d6038b63
Change PHP meterpreter header comment style
...
This commit fixes cases where stageless meterpreter payloads may not run
if they are loaded within a PHP context that's already inside the
opening and closing <?php ... ?> tags. While this is rare, it's possible
that this may happen. This approach matches that which we use for staged
payloads.
2016-11-29 19:43:34 +10:00
Tim
db85f099c3
stdapi_fs_file_copy
2016-11-29 13:58:46 +08:00
Brent Cook
cf27142b25
Revert "Update php xor ordering"
...
This reverts commit 7ed9f24ef4
2016-11-17 05:56:10 -06:00
Brent Cook
79cff67de4
Merge remote-tracking branch 'upstream/master' into fix-143
2016-11-14 12:01:31 -06:00
OJ
4d145d78a7
Merge upstream/master into uuid-to-tlv
2016-10-29 15:25:21 +10:00
OJ
70812fd1ce
Remove core_uuid and add core_set_uuid
2016-10-29 12:42:36 +10:00
Tim
e2e7aa0c93
stdapi_fs_file_move
2016-10-22 15:38:28 +08:00
OJ
8cbfcbfcc4
Remove check from PHP meterp, force add UUID each packet
2016-10-14 13:28:50 +10:00
OJ
439877ed79
Add UUID to all packets in PHP meterp
2016-10-14 11:58:49 +10:00
OJ
7ed9f24ef4
Update php xor ordering
2016-10-10 15:06:57 +10:00
OJ
0cbb86c59b
Add localtime support to php, tidy python and c
2016-10-03 15:26:54 +10:00
James Lee
8cbd68b056
Add missing semicolon
2016-04-26 14:53:11 -05:00
wchen-r7
94d33b9207
Fix #95 , unexpected syntax error '[' in PHP 5.3.6-13
...
Fix #95
2016-04-25 19:45:06 -05:00
OJ
29f88366ac
Merge branch 'upstream/master' into default-xor
2016-01-13 07:34:40 +10:00
