1
mirror of https://github.com/rapid7/metasploit-payloads synced 2025-05-12 19:04:32 +02:00

739 Commits

Author SHA1 Message Date
OJ
9f4a66ba8a Fix small issue with return results 2013-11-25 16:28:47 +10:00
OJ
db764771a2 Add check_key_exists registry function
MSF side has been attempting to open keys to see if they exist, which isn't
fantastic as it results in an error. This change adds a function which indicates
to the caller if the given reg key exists.
2013-11-25 16:17:32 +10:00
OJ
6d68699012 Add basic clipboard monitor plumbing 2013-11-22 13:28:14 +10:00
OJ
ce9c5713fa Set warnings as errors on extapi 2013-11-22 13:27:57 +10:00
OJ
79ac562f9f Added stops for monitoring
Small commit to save interim work, way more to come.
2013-11-22 13:27:43 +10:00
OJ
5812d59059 Fix meterpreter not shutting down properly
The work that was done a while back to fix up command dispatching allowed
inline commands to run so that the server could be told to shutdown. Those
commands that want the server to terminate (such as migrate and shutdown)
should have returned `FALSE` instead of `TRUE` to tell the server thread to
stop.

I have no idea why those values were incorrect, but it's my work so it's
definitely my fault. I will have to sick back and lick my wounds for a while.
I hate it when I'm stupid.

Thanks to Kevin Mitnick for the bug, and @todb-r7 for the investigating the
history.

Redmine: [FixRM ]
2013-11-22 12:38:50 +10:00
OJ
c947f9d1f6 Add more documnetation, tidying
More of the usual, added during investigations.
2013-11-22 12:22:48 +10:00
OJ
f3eaadd184 Change POSIX macros to avoid exit and abort
I found that the BREAK_* macros behaved differently on POSIX and in
some cases this was causing a brutal exit of POSIX meterpteter in
cases where it should just gracefully fail.

After talking to egypt, we decided to use `break` statements instead
given that's how it should function.
2013-11-22 09:07:05 +10:00
OJ
0864ef2e34 Fix incorrect error usage and bind issue
During the call which establishes a TCP client channel, the call
to `connect` can sometimes fail if the settings that are used are
incorrect (such as an invalid port number). When this call fails
the result was being set to `GetLastError()`, which isn't correct.

On Windows it should be `WSAGetLastError()` and on POSIX the `errno`
value should be used instead. This wasnt causing issues on Windows
but on POSIX it was causing problems because the `GetLastError()`
call was returning zero, which was returned to the function that
invokes `create_tcp_client_channel()`.

Given that `ERROR_SUCCESS` == 0, the caller believed the function
had completed successfully and hence relied on context being set up
correctly. This was resulting crashes because this obviously wasn't
the case.

I also added a code chance which makes meterpreter attempt to bind
to `0.0.0.0` if binding to the specified address fails.
2013-11-22 09:02:06 +10:00
James Lee
3fd2153027 Land , extapi 2013-11-21 11:35:26 -06:00
OJ
48f9ae5116 Fix commands to properly invoke base and extensions
In previous work done during the command refactor the mechanism for overriding
commands changed such that it wasn't invoking commands if they were overriden
by an extension. This, it would appear, broke some stuff. Badly.

This commit fixes this issue by reinstating the way things were done before.
If a base command exists, it is always executed. If an extension also exists
which overrides this command then the base command result is ignored, the
extension command is executed, and the result of that command is returned.
2013-11-21 13:40:54 +10:00
OJ
5a1d5bbbe9 Set "warnings as errors"
Now that the build is clean, warnings are now errors to keep it clean.
2013-11-20 11:35:43 +10:00
OJ
d781fde35c Bring POSIX stuff up to date with correct commands
Fix issue where the correct macros weren't being used for
command declarations.
2013-11-20 09:32:58 +10:00
OJ
ad6a0f33ad Code fixes and tidies
Fixed up the cusom command declarations in the sniffer extension so
that they're using the new macros. I don't know how they were missed.

Various bits of tidying up, while trying to sort out the sniffer prob.
2013-11-19 06:51:35 +10:00
Tod Beardsley
b309e30a9f Land , be cool about pssdk being missing 2013-11-14 12:35:58 -06:00
Tod Beardsley
93ab2412f1 Be more explicit about why this is okay.
Also get rid of the quotes, windows ECHO don't care.
2013-11-14 12:23:07 -06:00
jvazquez-r7
a1130e76e1 Land @OJ's fix for something which recover clean builds 2013-11-14 09:02:44 -06:00
jvazquez-r7
fb7a00ec35 Land , @OJ deletion of kitrap0d from getsystem 2013-11-14 08:41:31 -06:00
OJ
8ef0a425f1 Make builds 100% clean 2013-11-14 19:45:09 +10:00
OJ
35fad79cf0 Merge branch 'warning_removal' into ext_server_extapi 2013-11-14 19:34:44 +10:00
OJ
70d958b729 Remove last of the warnings/errors after merging 2013-11-14 19:33:20 +10:00
OJ
1c09ac08d5 Merge branch 'master' into warning_removal 2013-11-14 19:20:27 +10:00
James Lee
572af2c761 Land, doc updates 2013-11-14 02:57:16 -06:00
James Lee
454e56adb3 Land , fix webcam crashes 2013-11-14 02:50:28 -06:00
James Lee
b391792bd1 Land , scheduler and channel refactor 2013-11-14 01:04:45 -06:00
kernelsmith
3662795176 fix typo in comment 2013-11-14 10:23:42 +09:00
OJ
f5090d6697 Fix POSIX crash on unsupported command and channel term
Crashes were occuring when the underlying channel had no more output
because the value of the `bytesRead` variable was not set to zero.
Consumers of the function assumed that bytesRead was value if non-zero.

POSIX would also hang when unsupported commands are executed, this
commit changes this so that a response is returned when the command
isn't supported.
2013-11-13 14:05:08 +10:00
OJ
a9abe738a1 Remove evidence of kitrap0d
This exploit has been causing crashes and BSODs on various systems and
hence is deemed too unstable to be included in the default deployment of
Meterpreter. `getsystem` should only contain code which attempts to get
SYSTEM privileges via safe means; it should not have exploits in it.

This commit removes kitrap0d from `getsystem`. The code will be moved to a
windows local exploit in MSF instead.
2013-11-08 11:34:46 +10:00
OJ
016d24aec0 Fix double-free issue resulting crash
Note: webcam stuff doesn't work on Windows 2012. Work needs to be done to
make it work on this platform because the DX classes used to do the webcam
capture are not present on the system.
2013-11-08 08:49:21 +10:00
OJ
6571b25905 Update make to be more sensible with PSSDK
Messages are output at the end of the build if PSSDK dependency not met.
2013-11-08 08:07:29 +10:00
OJ
407fce7ef8 Fix call to thread_create 2013-11-08 07:22:59 +10:00
OJ
49461c0382 Merge branch 'master' into webcam_crash_fix 2013-11-08 07:21:11 +10:00
James Lee
07aec8068b Land , fix for ipv6 ipconfig 2013-11-07 14:44:27 -06:00
OJ
d93a78e305 Merge branch 'upstream/master' into channel_refactor_2
Conflicts:
	source/common/arch/posix/scheduler.c
	source/common/arch/win/scheduler.c
2013-11-07 08:09:51 +10:00
James Lee
3cbf7486d4 Land , command refactor 2013-11-06 15:33:52 -06:00
James Lee
11d39347b4 Fix typo 2013-11-06 15:30:11 -06:00
OJ
927ca7812e Thanks to @brandont-r7 for catching the last of the issues 2013-11-07 06:52:16 +10:00
OJ
cc862ea96e Final fixes to previous mistake 2013-11-06 20:07:12 +10:00
OJ
6bd447a5fe Update bare extension to VS2013 and no warnings 2013-11-06 19:58:09 +10:00
OJ
0656a34115 Last tiday of extapi project file 2013-11-06 19:53:37 +10:00
OJ
419078c966 Remove final warning from the build 2013-11-06 19:44:10 +10:00
OJ
7702724fd2 Remove all warnings resulting in totally clean builds
Does as it says on the tin. Various tweaks made to source and to project
files to make the builds come out with ZERO warnings.

Let's keep it clean from here!
2013-11-06 19:02:50 +10:00
Tod Beardsley
8eebd631f0 Minor README update warning against VS2012. 2013-11-06 19:02:45 +10:00
Tod Beardsley
dcdbb4228e Land , containing , , and
This lands , , and .  still needs work.
2013-11-05 20:07:26 -06:00
Tod Beardsley
ca20beb447 Post V2013, Land , getproxy
See also 
2013-11-05 20:00:29 -06:00
Tod Beardsley
8f3dfc575d Post V2013, Land , update incognito
See also 
2013-11-05 19:59:56 -06:00
OJ
2495933d2b Docs for list, xor and remote 2013-11-06 11:38:22 +10:00
OJ
afc88f9437 Remove use of BREAK_ON_ERROR from posix code
POSIX no likey BREAK_ON_ERROR, it fails at runtime. Replaced with portable code.
2013-11-05 10:42:49 +10:00
OJ
fb4b6f6398 Remove unused forward declarations 2013-11-05 07:52:04 +10:00
OJ
227335c312 Clean, tidy and add documentation
This commit tidies up the webcam code, adds documentation and adds a
couple of small clean-ups and optimisations around resource usage.

`audio.h` is not included in `webcam.h` any more as it's not needed at all
by that code, however it has been added to `precomp.h` so that `stdapi.c`
can use and see it along with the other files.
2013-11-03 20:00:35 +10:00