github/metasploit-payloads
1
Fork 0
mirror of https://github.com/rapid7/metasploit-payloads synced 2024-12-15 02:35:54 +01:00
Code Releases Activity
3,212 Commits 6 Branches 259 Tags 71 MiB
624a976086
Commit Graph

291 Commits

Author SHA1 Message Date
Tim W
dce10d9c9e python meterpreter chmod command 2018-09-12 19:27:46 +08:00
Spencer McIntyre
6a24c38e2b Fix unbound UDP sockets by not requiring the peer 2018-04-22 19:45:43 -04:00
Spencer McIntyre
e4b2e7f812 Use the proto field from getaddrinfo 2018-04-08 14:27:46 -04:00
Spencer McIntyre
408d0ff212 Use getaddrinfo for udp channels too 2018-04-08 12:29:16 -04:00
Spencer McIntyre
c9905cd177 Fix IPv6 support by using getaddrinfo 2018-04-08 12:29:16 -04:00
Spencer McIntyre
1f953580b1 Fix a bug when accepting a connection 2018-03-29 17:28:34 -04:00
Spencer McIntyre
d8d97e55e8 Process channel events with a higher priority 2018-03-19 11:15:23 -04:00
Spencer McIntyre
76168ba186 Add and use a new tlv_pack_request function 2018-03-19 10:36:21 -04:00
Spencer McIntyre
99aac30459 Add UDP channel support to the python meterpreter 2018-03-18 19:22:08 -04:00
Spencer McIntyre
7a3da787b1 Fix bugs introduced by the channel refactoring 2018-03-18 18:13:54 -04:00
Spencer McIntyre
38db1218dd Major refactoring for channel objects 2018-03-18 17:31:23 -04:00
Spencer McIntyre
8153648aab Refactor socket class names with the family 2018-03-17 19:02:05 -04:00
Spencer McIntyre
0e06102549 Add debug statements for channel open dispatching 2018-03-17 18:29:40 -04:00
Tim W
c373b2fafe fix tabs to spaces 2018-03-09 00:45:42 +08:00
Tim W
9db18dc8a3 catch termios exceptions 2018-03-09 00:45:01 +08:00
bwatters
16b82ed9cc
Add the attrib to all file deletes 2018-01-18 12:08:01 -06:00
Brent Cook
d9ed8004d8 remove readonly attributes for python meterpreter 2018-01-16 10:35:09 -06:00
Brent Cook
39277d10bc
switch to pythonic whitespace 2018-01-09 15:44:54 -05:00
Jonas Lieb
cd433fb2cf Fix meterpreter.py indentation 
Commit b5372d2a98 messed up the indentation
(mixing spaces and tabs) for some parts of the code. This commit fixes it.
 2018-01-09 10:43:26 +01:00
Jeffrey Martin
b9ecf579ef
fix scope when a transport has headers 2017-12-20 13:09:23 -06:00
Brent Cook
b5372d2a98 on exception from URLLib, don't spin 100% cpu 2017-12-10 11:55:35 -06:00
OJ
e88cb61839
Small python http header fix 2017-09-11 17:20:22 +10:00
OJ
e1efa94b06
Transport creation for headers, and starting on python support 2017-09-11 14:39:15 +10:00
OJ
b363584648
Merge branch 'upstream/master' into transport-agnostic-packet-encryption 2017-08-08 17:37:25 +10:00
OJ
03a88ff4ad
Land #215 - Fix python meterpreter sleep 
Fixes #202
 2017-07-13 07:53:20 +10:00
William Webb
cbe6f7783c
Land #212, Add OSX Railgun support to Python Meterpreter 2017-07-11 15:51:32 -05:00
Spencer McIntyre
cb8c2fd009 Adjust how trasnport sleep is handled 2017-07-10 20:32:59 -04:00
OJ
afdd75a25c
Update python meterpreter to support 32 bit enc flags 
Both python3 and python2 tested.
 2017-07-03 17:33:08 +10:00
Spencer McIntyre
8c9c38ba4b Add export and use a debug_traceback function 2017-06-28 19:44:49 -04:00
OJ
eeeecd7234
Fix python3 support for the session GUID header 
Updates the code so that the GUID is handled as a hex-encoded value,
just like the payload UUID. This avoids what appeared to be encoding
issues when the value was packed into the header, resulting in more than
16 bytes appearing and hence screwing it all up!
 2017-06-28 17:57:07 +10:00
OJ
60c751c27d
Fix py meterp to support python3 when generating raw headers 
Thanks to @zeroSteiner for this.
 2017-06-28 12:54:41 +10:00
Spencer McIntyre
1a0f47603b Add debgging around get and send packet for pymet 2017-06-27 20:15:04 -04:00
OJ
445db818be
Update Python meterpreter's packet header handling 
This doesn't add AES encryption, just adds support for the new packet
header. AES encryption will come later.
 2017-06-26 15:26:27 +10:00
Spencer McIntyre
9538e2d03f Add an option to disable forking in pymet 2017-06-22 10:55:59 -05:00
Spencer McIntyre
c320233e86 Try to use find_library for OSX railgun_api 2017-06-21 08:50:57 -04:00
Spencer McIntyre
d48b48df94 Implement pymet osx rg api and api_multi 2017-06-19 11:13:42 -04:00
OJ
813760a9e2
Remove support for the crypto context 
Crypto context stuff appears to have only ever been supported in
Meterpreter on Windows. The only thing it allowed for is XOR, which is
redundant given that we have packet level XOR in place. Also, it would
appear that MSF didn't have support for it anyway!

With the move torwards packet-level encryption, this is unnecessary so
it needs to go bye bye.
 2017-06-19 16:51:54 +10:00
Spencer McIntyre
e0c26186c1 Implement pymet osx rg memread and memwrite 2017-06-15 10:56:47 -04:00
OJ
cf575a05dd
Add session GUID support to Meterpreter payloads 2017-06-06 17:24:36 +10:00
Spencer McIntyre
9aac25b522 Fix some more pymet backwards compat issues 2017-04-25 17:05:15 -04:00
Spencer McIntyre
7e06057ca9 Add linux railgun support to the pymet 2017-04-20 13:52:59 -04:00
Spencer McIntyre
b9b7545be0 Improve pymet helper functions 2017-04-19 14:59:53 -04:00
Spencer McIntyre
71132cc00c Refactor pymet wreg functions and reg decorator 2017-04-19 14:25:07 -04:00
Spencer McIntyre
974fcda43e Add railgun memread and memwrite for Linux 3.2+ 2017-04-19 13:31:14 -04:00
ouahib-el-hanchi
6401c6ae03 Fixed stdapi_fs_mount_show to show full mapped drive path for Windows in Python meterpreter 2017-04-15 02:49:59 +01:00
ouahib-el-hanchi
32faaf5549 Added stdapi_net_config_get_proxy for Windows in Python meterpreter 2017-04-14 07:52:25 +01:00
Ouahib El Hanchi
7db0847d87 Fixed whitespace, can't seem to get them right 2017-04-14 06:44:28 +01:00
ouahib-el-hanchi
dae985f66f Fixed whitespace and replaced string buffers with unicode buffers for unicode functions 2017-04-14 06:40:45 +01:00
ouahib-el-hanchi
242d2bf936 Added stdapi_sys_eventlog_* functions for Windows 2017-03-25 22:25:13 +00:00
ouahib-el-hanchi
0d58e33f74 Added stdapi_fs_mount_show for Windows 2017-03-19 02:32:45 +00:00
Brent Cook
9367642288
Land #180, Pymet add stdapi_ui_get_idle_time for Windows 2017-03-17 12:52:19 -05:00
Spencer McIntyre
68a09bb8c3 Pymet add stdapi_ui_get_idle_time for windows 2017-03-04 11:52:49 -05:00
Spencer McIntyre
c9f791bbe3 Pymet add an exported debug function and use it 2017-03-01 21:15:30 -05:00
Spencer McIntyre
96ee7819cc Fix a couple of bugs for Python 3 railgun 2017-03-01 18:39:23 -05:00
Spencer McIntyre
9cd556e31b Add pymet api_multi support to railgun 2017-03-01 17:44:45 -05:00
Spencer McIntyre
9ad4f887c0 Free the last error message buffer 2017-02-28 09:08:22 -05:00
Spencer McIntyre
04f6fa04de Add pymet last error message support to railgun 2017-02-28 09:08:22 -05:00
Spencer McIntyre
5786a9802c Add pymet railgun api support 2017-02-28 09:08:22 -05:00
Spencer McIntyre
0a515b78e5 Add pymet railgun memread 2017-02-28 09:08:22 -05:00
Spencer McIntyre
77d6ea0161 Add pymet core_native_arch method 2017-02-26 13:15:27 -05:00
bwatters
f736b91531
Land #171, Python Meterpreter Bug Fixes For Python3 On Windows x64 2017-02-24 19:07:40 -06:00
Spencer McIntyre
e54e35f70d Fix pymet bugs in getsid and ls for py3 on Windows 2017-02-17 19:51:30 -05:00
Spencer McIntyre
f1be7b2b0b Refactor pymet for native arch addition 2017-02-17 18:10:57 -05:00
Spencer McIntyre
2f2b0f66ad Fix a pymet argtypes bug for getuid in py3 2017-02-17 18:09:06 -05:00
Spencer McIntyre
c5a41cfc18 Use old style str formatting for pymet 2.5 2017-02-15 21:11:22 -05:00
Spencer McIntyre
c78eb1d785 Remove an accidential change from debugging 2017-02-14 13:28:50 -05:00
Spencer McIntyre
85c16b04b3 Fix XOR logic for Python3 compatibility 2017-02-14 13:18:57 -05:00
Spencer McIntyre
a79ef8d1f4 Set the system language from $LANG when available 2017-02-09 19:19:11 -05:00
OJ
6872495da6
Remove Migrate TLVs from php/py, adjust for Java 2017-01-24 07:38:59 +10:00
Brent Cook
8e4af5500a Windows 2016 is released 2016-12-29 13:31:05 -06:00
Spencer McIntyre
261b3b4ceb Fix Python meterpreter ctypes sysinfo for WOW64 2016-12-11 13:16:00 -05:00
Spencer McIntyre
f114ec5301 Add the system language for windows via ctypes 2016-12-10 17:18:39 -05:00
Spencer McIntyre
29d59cea1d Use ctypes to get the windows version 2016-12-10 17:03:00 -05:00
Tim
0800265d07
update python stdapi_fs_file_copy to use shutil.copyfile 2016-11-29 19:12:14 +08:00
Tim
db85f099c3
stdapi_fs_file_copy 2016-11-29 13:58:46 +08:00
OJ
7a58d43572
Add response return parameter in fail case 
This fixes a small issue where Python meterpreter crashes when MSF
(incorrectly) uses a session type that assumes that Python meterpreter
supports compression when it doesn't. The return value for the function
did not include the response parameter, resulting in Python not being
happy when the function returns as the result was being bound to two
values while only returning one.
 2016-11-28 09:04:45 +10:00
Brent Cook
75b59d7b0d
Land #145, switch to ifconfig parsing on OS X 2016-11-17 16:08:06 -06:00
Brent Cook
a98d4fbd52 Revert "Fix python meterp xor ordering" 
This reverts commit 5c1f729ba3.
 2016-11-17 05:56:28 -06:00
Spencer McIntyre
38a3faa452 Fix an issue with netmask calculations on OSX 2016-11-15 15:24:06 -05:00
Spencer McIntyre
774cbe07a4 Fix regexs for trailing whitespace 2016-11-15 14:34:18 -05:00
Spencer McIntyre
9c8b5342e5 Initial change to ifconfig parsing for OSX 2016-11-15 14:34:18 -05:00
OJ
4d145d78a7
Merge upstream/master into uuid-to-tlv 2016-10-29 15:25:21 +10:00
OJ
70812fd1ce
Remove core_uuid and add core_set_uuid 2016-10-29 12:42:36 +10:00
OJ
1ebff41fed
Fix python meterp UUID sending 2016-10-27 02:58:54 +10:00
OJ
af106766b8
Add UUID to each message in python meterp 2016-10-14 13:28:19 +10:00
OJ
5c1f729ba3
Fix python meterp xor ordering 2016-10-10 15:06:34 +10:00
OJ
0cbb86c59b
Add localtime support to php, tidy python and c 2016-10-03 15:26:54 +10:00
OJ
00bebbbd46
Add localtime command to python meterp 2016-10-03 15:26:54 +10:00
root
a26e97b63d Fixed OSX crashes for python meterpreter 2016-05-23 23:00:25 +00:00
krzys-h
cad2ecf2b9 Fixed reconnecting of staged Python meterpreter 
See rapid7/metasploit-framework#6842
 2016-05-03 14:44:04 +02:00
Spencer McIntyre
c96eaae547 Do not reissue closed channel ids in the pymet 2016-03-01 13:09:16 -05:00
OJ
29f88366ac
Merge branch 'upstream/master' into default-xor 2016-01-13 07:34:40 +10:00
OJ
a8935d8f39 Add XOR to python 2015-12-08 20:29:40 +10:00
Spencer McIntyre
5a785a5e04 Support patching an http transport uri's path 2015-11-28 17:22:09 -05:00
Spencer McIntyre
000eb77f11 Add patch points for stageless python meterpreter 2015-10-21 18:16:19 -04:00
Brent Cook
dba1784c10 check if a process still exists before deleting it 
patch from 1db376bed8
 2015-08-25 18:04:18 -05:00
Jon Cave
387addf846 Pymet fix search_root always being set to '.' 2015-08-15 18:44:26 +01:00
Spencer McIntyre
07dfdd9464 Pymet immediately change transports on tcp failure 2015-07-16 11:00:43 -04:00
Spencer McIntyre
52cf468205 Pymet use incremental backoff for http recv pkt 2015-07-16 10:29:36 -04:00
Spencer McIntyre
3deb273cfa Pymet fix the new transport position 2015-07-15 19:45:34 -04:00
Spencer McIntyre
c099b56e74 Pymet fix transport automatic roll over 2015-07-14 15:18:11 -04:00
Spencer McIntyre
683179f4a2 Pymet fix previous transport index logic 2015-07-14 14:32:57 -04:00
Spencer McIntyre
76e649ef5e Pymet fix the order in which transports are added 2015-07-14 14:26:27 -04:00
Spencer McIntyre
92ed457a4d Pymet fix send uuid logic for Python 3.x 2015-07-06 11:20:34 -04:00
Spencer McIntyre
2c26bbd38f Pymet fix packet polling interval 2015-07-02 11:51:53 -04:00
Spencer McIntyre
5e7ec516e6 Pymet fix reverse_tcp transport for IPv6 addresses 2015-07-02 08:33:11 -04:00
Spencer McIntyre
368cb94bee Pymet fix transport next and prev for one transport 2015-07-02 08:23:02 -04:00
Spencer McIntyre
62ba1610d1 Pymet fixes for Python 3.x 2015-07-01 14:32:12 -04:00
Spencer McIntyre
b4d44bd079 Pymet transport stabilty and correction 2015-07-01 11:12:30 -04:00
Spencer McIntyre
aa5076ae6f Pymet support for core_transport_remove 2015-06-30 15:46:33 -04:00
Spencer McIntyre
b55f1247a9 Pymet fix bind and tcp socket cleanup logic 2015-06-30 15:25:23 -04:00
Spencer McIntyre
7f0d4fa1ce Pymet support for core_transport_sleep 2015-06-29 18:34:35 -04:00
Spencer McIntyre
2047958c1c Pymet transport changing improvements 2015-06-29 14:00:07 -04:00
Spencer McIntyre
1ff059a461 Pymet cleaner transport switching with responses 2015-06-28 13:16:00 -04:00
Spencer McIntyre
0b64d22704 Pymet support for changing transports 2015-06-27 20:57:45 -04:00
Spencer McIntyre
d9f9fc7bc6 Pymet support for creating and listing transports 2015-06-26 16:52:55 -04:00
Spencer McIntyre
68db19d3d4 Refactor the pymet to use transport objects 2015-06-26 14:56:31 -04:00
Spencer McIntyre
43c63a1639 Add pymet support for core_enumextcmd 2015-06-26 11:32:51 -04:00
OJ
84f5698c9d PHP meterpreter refactoring in prep for uuid work 2015-05-18 17:40:48 +10:00
OJ
281ebf1ca8 Stage UUIDs, generation options, php and python meterp uuid 2015-05-18 13:29:46 +10:00
Tim
3d3a2d475d Add TLV_TYPE_FILE_HASH 2015-05-10 14:18:16 +01:00
Brent Cook
5f52fefbef expand glob match 2015-05-04 03:56:15 -05:00
Brent Cook
b85528720b teach pymet how to glob on ls as well 2015-05-04 03:56:14 -05:00
Brent Cook
a1b2e2c327 fix crash on fork with OSX Python meterpreter using SystemConfiguration 
Calling into SystemConfiguration before forking seems to allow the child
process to use it without a null pointer dereference.
 2015-04-21 17:17:27 -05:00
Meatballs
221e6c6a74 Dont fork on OSX 2015-04-17 11:43:07 +01:00
OJ
b56bc0b513 Code fixes as per suggestions, fix build 
* Use of `ERROR_FAILURE_WINDOWS` in python meterpreter.
* Moving of constants/logic to client_core instead of
command_dispatcher.
* Fix spec include.
 2015-04-02 09:05:38 +10:00
OJ
684d178fe6 Merge branch 'upstream/master' into dynamic-transport 2015-04-01 18:53:20 +10:00
OJ
2f575ca273 Add machine_id functionality to python meterpreter 2015-04-01 17:50:50 +10:00
Spencer McIntyre
bd8441d963 Pymet dont validate ssl certs for 2.7.9/3.4.3 2015-03-25 19:49:42 -04:00
Spencer McIntyre
b847592cf5 Python reverse HTTPS stager 2015-03-21 12:43:14 -04:00
Brent Cook
5e547929be do not die if the uid/gid of a file is > 65535 
The meterpreter stat command is a little broken in that it assumes uid/gids
16-bit. Prevent this from erroring with python meterpreter on a system with a
large uid/gid.
 2015-03-20 22:34:01 -05:00
Spencer McIntyre
a8d7805644 Pymet support for creating and renaming unicode paths 2015-03-20 08:49:23 -04:00
Spencer McIntyre
bc53c1e843 Pymet improved unicode support for working directories 2015-03-19 18:31:42 -04:00
Spencer McIntyre
c521077984 Fix pymet for unicode files and directories 
Closes #4958
 2015-03-19 17:23:00 -04:00
Brent Cook
e507c71699 use the correct implementation for query_value_direct 2015-03-03 22:29:23 -06:00
Brent Cook
f3139b9316 add support for direct reg access to pymeterpreter 
When testing this, I found that the python meterpreter hangs running the
following, with or without these changes.

```
use exploit/multi/handler
set payload python/meterpreter/reverse_tcp
set PythonMeterpreterDebug true
set lhost 192.168.43.1
exploit -j
sleep 5
use exploit/windows/local/trusted_service_path
set SESSION 1
check
```

This turned out to be that pymeterpreter ate all the rest of the data in the
recv socket by consuming 4k unconditionally. This would only be exposed if
there were multiple simultaneous requests so the recv buffer filled beyond a
single request, e.g. when using the registry enumeration functions.
 2015-02-17 06:11:20 -06:00
eyalgr
eda0711014 Update meterpreter.py 
Read until exactly pkt_length bytes
 2015-01-18 15:45:28 +02:00
eyalgr
de666d9ade Update meterpreter.py 
Read exactly pkt_length from socket, prevents over-reading.
 2015-01-18 15:29:23 +02:00
Spencer McIntyre
ceb6d55837 Remove file exists check from stdapi_fs_delete_file 2014-12-09 11:03:57 -06:00
Spencer McIntyre
07f9d037ad Error messages for the python meterpreter 2014-12-09 11:03:57 -06:00
Spencer McIntyre
e9293ad4ef Fix stdapi_sys_config_getenv for Python3 2014-12-04 15:58:17 -06:00
Spencer McIntyre
f4bd471ee4 Prefer the pwd module for getuid when available 2014-12-04 15:58:17 -06:00
Spencer McIntyre
b5b1c9f832 Fix pymeterp bugs from testing in osx and python3 2014-11-17 14:04:30 -05:00
Spencer McIntyre
c91d594b73 Pymeterp http proxy and user agent support 2014-11-16 14:29:20 -05:00
Spencer McIntyre
bf55d98f32 Escape inserted vars and fix core_loadlib 2014-11-15 15:06:18 -05:00
Spencer McIntyre
5bacde2dee Patch pymeterp http settings 2014-11-14 17:12:23 -05:00
Spencer McIntyre
bdff25656f Pymet reverse_http stager basic implementation 2014-11-14 14:15:46 -05:00
Spencer McIntyre
529549d13a Prepare for a reverse_http stager 2014-11-14 11:15:22 -05:00
Spencer McIntyre
2b87421748 Don't fail if username_from_token returns None 2014-11-10 09:15:16 -05:00
Spencer McIntyre
796133af57 Add getsid to the python meterpreter 2014-11-08 20:57:24 -05:00