1
mirror of https://github.com/rapid7/metasploit-payloads synced 2024-12-08 23:33:07 +01:00
Commit Graph

2428 Commits

Author SHA1 Message Date
Matthew Kienow
336d154ca9
Land #294, audio output for windows meterpreter 2018-08-27 15:20:52 -04:00
Metasploit
f765e09517 Bump to 1.3.44 2018-08-17 11:53:15 -07:00
bwatters
b79b7a5933
Land #296, Update kiwi to match Mimikatz 2.1.1
Merge branch 'land-296' into upstream-master
2018-08-17 13:45:08 -05:00
OJ
3c26a76ec4
Update kiwi to match Mimikatz 2.1.1 (TBAL) 2018-08-17 09:36:24 +10:00
Metasploit
5429e84fb1 Bump to 1.3.43 2018-08-10 11:07:21 -07:00
bwatters
2387c81d8b
Land #295, Fix packet pivoting in HTTP transports
Merge branch 'land-0295' into upstream-master
2018-08-10 12:59:14 -05:00
OJ
5da10e97e9
Fix packet pivoting in HTTP transports
Windows Meterpreter that uses http/s-based transports wasn't correctly checking for cases where pivoted packets were handled. When pivoted packets are forwarded to the correct handler, the packet is set to NULL. For TCP transports, a check already existed to carry on when the packet was NULL, but this wasn't the case for HTTP/S.

This commit fixes this problem and so the pivot session no longer dies when Meterpreter is using an HTTP/S transport.

For funzies, the fix for this was implemented on a live stream to help other people learn some of Meterp's internals. That video can be found here: https://www.youtube.com/watch?v=de-UYWnafow
2018-08-09 21:51:53 +10:00
Metasploit
b3d4495ef8 Bump to 1.3.42 2018-07-27 14:04:59 -07:00
Brent Cook
260cc9f196
Land #293, improve java/android download speed 2018-07-27 14:10:18 -05:00
Tim W
1e97ef7c90 fix playing of > 8MB wavs 2018-07-15 02:39:19 +08:00
Tim W
01d8aacc0f audio output for windows 2018-07-14 23:40:34 +08:00
Tim W
ecb83e5760 fix java/android download speed 2018-07-06 18:56:54 +08:00
Metasploit
18ed237c1d Bump to 1.3.41 2018-06-25 08:55:38 -07:00
bwatters
5f748a19b4
Land #287, Add powershell transport scripts
Merge branch 'land-287' into upstream-master
2018-06-25 10:47:46 -05:00
Metasploit
ca09ce33fe Bump to 1.3.40 2018-06-19 13:54:37 -07:00
Brent Cook
42346a1ac1
Land #288, add playback support for android 2018-06-19 15:43:57 -05:00
Metasploit
840dd508a8 Bump to 1.3.39 2018-06-04 03:15:22 -07:00
OJ
ec311b52b8
Merge upstream/master 2018-06-04 20:07:20 +10:00
OJ
76d5583ae7
Land #289 - disable javapayload shelltest 2018-06-04 20:06:14 +10:00
Tim W
c7097f933d disable ShellTest 2018-05-31 13:18:54 +08:00
Tim W
9ce6d39146 add audio output for Android 2018-05-28 20:04:01 +08:00
OJ
3dc014e8ad
Add powershell transport scripts
This commit adds two new scripts and modifies some of the powershell transport binding functionality.

Code has been added that generates valid Metasploit URIs for use with stageless listeners. This means that it's possible to add HTTP/S transports on the fly and have a URL generated that will work with the current architecture of the process.

Two new scripts will appear in each of the powershell sessions:

* Add-WebTransport - adds http/s transports to the session.
* Add-TcpTransport - adds TCP transports to the session.

These two scripts are just abstractions on top of the built-in Meterpreter transport binding functionality, but it makes it a lot easier to interact with the feature and makes it more.. er.. Powershelly.

The functions come with documnetation, so `Get-Help Add-WebTransport -Full` will show how it's used.

From here, people can do some more fun stuff, such as adding init scripts to their stageless payloads that add support for more transports.
2018-05-28 12:45:29 +10:00
Metasploit
f79c160d04 Bump to 1.3.38 2018-05-21 01:03:25 -07:00
Brent Cook
6d6dc80050
Land #285, fix pointer handling on wow64 processes 2018-05-21 02:38:15 -05:00
OJ
71edb392ea
Fix issue with pointer handling on WOW64 processes
I stuffed up when dealing with values that are being passed back and forth across components when in x86 processes. I was passing 64 bit ints around even in 32 bit mode, which resulted in some natstiness. This commit fixes that problem by forcing everything to be 64 bit regardless of arch, and casting to the appropriate pointer at the right time.
2018-05-21 12:45:21 +10:00
Metasploit
7077d0b791 Bump to 1.3.37 2018-05-16 23:09:16 -07:00
Brent Cook
f23186a282
Land #284, Add ability to dcsync & hashdump via Powershell 2018-05-17 00:27:10 -05:00
OJ
1e175da8b1
Change hash output to use LM hash if present
The previous commit hard coded the LM hash to the empty value. This commit changes this so that if the LM hash isn't present it'll manually specify the empty one, but use the existing one if it is present.
2018-05-17 09:06:35 +10:00
OJ
90265c5a0f
Rework powershell_shell to work with "streaming"
This commit changes the channel functionality within the powershell extension so that commands do execute behind the scenes and stream the results to the UI in the current channel.

This comes with the caveat that users are patient. I haven't yet made sure that running separate commands while long running ones are running will not cause problems. We'll have to see.
2018-05-07 21:13:08 +10:00
OJ
f44877ae29
Add ability to dcsync & hashdump via Powershell
DCSync functionality is exposed, and from this it is possible to enumerate all users in the domain and dump each user's hash one by one. This code has a few extension functions built into the runner, and also has some baked-in powershell functions that are available in every powershell runner session in the host.

I've also added a powershell version of the build command that lets us generate the source to the powershell assembly wiring from PSH as well as Python.
2018-05-07 16:36:21 +10:00
Metasploit
55db89997b Bump to 1.3.36 2018-05-04 03:50:04 -07:00
Brent Cook
bf6f0d813a
Land #283, update to Mimikatz 2.1.1 20180502 2018-05-04 05:43:00 -05:00
OJ
d9cb58050d
Update kiwi to match mimikatz 2.1.1 20180502 2018-05-04 16:59:03 +10:00
Metasploit
07ba8e25a2 Bump to 1.3.35 2018-04-27 10:54:14 -07:00
Brent Cook
fd6643ae8a
Land #279, Utilize socket.getaddrinfo For IPv6 Channels Support 2018-04-27 12:44:22 -05:00
Spencer McIntyre
6a24c38e2b Fix unbound UDP sockets by not requiring the peer 2018-04-22 19:45:43 -04:00
Spencer McIntyre
e4b2e7f812 Use the proto field from getaddrinfo 2018-04-08 14:27:46 -04:00
Spencer McIntyre
408d0ff212 Use getaddrinfo for udp channels too 2018-04-08 12:29:16 -04:00
Spencer McIntyre
c9905cd177 Fix IPv6 support by using getaddrinfo 2018-04-08 12:29:16 -04:00
Metasploit
ed001c9230 Bump to 1.3.34 2018-04-07 12:09:20 -07:00
Brent Cook
5f09a324bf
Land #276, add UDP channel support to Python meterpreter 2018-04-06 16:42:13 -05:00
Spencer McIntyre
1f953580b1 Fix a bug when accepting a connection 2018-03-29 17:28:34 -04:00
Metasploit
67c93e6bba Bump to 1.3.33 2018-03-25 05:02:00 -07:00
Brent Cook
4cfa36cfa1
Land #272, fix android screenshot error on failure 2018-03-25 06:52:18 -05:00
Spencer McIntyre
d8d97e55e8 Process channel events with a higher priority 2018-03-19 11:15:23 -04:00
Spencer McIntyre
76168ba186 Add and use a new tlv_pack_request function 2018-03-19 10:36:21 -04:00
Spencer McIntyre
99aac30459 Add UDP channel support to the python meterpreter 2018-03-18 19:22:08 -04:00
Spencer McIntyre
7a3da787b1 Fix bugs introduced by the channel refactoring 2018-03-18 18:13:54 -04:00
Spencer McIntyre
38db1218dd Major refactoring for channel objects 2018-03-18 17:31:23 -04:00
Spencer McIntyre
8153648aab Refactor socket class names with the family 2018-03-17 19:02:05 -04:00