github/metasploit-payloads
1
Fork 0
mirror of https://github.com/rapid7/metasploit-payloads synced 2024-11-26 17:41:08 +01:00
Code Releases Activity
3,124 Commits 6 Branches 258 Tags 70 MiB
d7005e679e
Commit Graph

355 Commits

Author SHA1 Message Date
Rich Whitcroft
8435383cc3 updated VS2013 configs 2015-02-06 13:33:36 -05:00
Brent Cook
0d59fc7447 support building on newer Linux systems and Makefile cleanups 
- try to share some bits between different makefiles, make modifying
   global compiler flags not such a huge pain.
 - directly specify we should be using the gold rather than bpf linker
 - make compiler output largely quiet except where we care - allow
   warnings to actually be visible
 - don't delete downloaded tarballs with --really-clean
 - add missing dependencies between libraries
   (--no-add-needed/--no-copy-dt-needed-entries causes lots of trouble)
 - update readme to show what to install to build

I made minimal changes to the loader makefile - it breaks easily.
 -Os prevents if from being able to load libc, for instance
 2015-01-13 16:33:56 -06:00
jvazquez-r7
74bac30dc8 Add support for linux migrate 2014-07-31 13:45:11 -05:00
OJ
420ca2861a Remove lots of stuff that Kiwi doesn't need 
mimilib and mimidrv aren't required in MSF.
 2014-07-10 13:26:33 +10:00
OJ
2d37f71fd7 Update to Mimikatz commit be342ebba59fe9f940a26cbb0e7fab5ee7b6f56b 2014-05-26 10:06:12 +10:00
OJ
421dbf89dd Added support for wifi profile cred extraction 2014-04-02 17:18:02 +10:00
OJ
51d831ac20 Merge r109 from the Mimikatz source 2014-04-02 12:32:59 +10:00
OJ
637e839de2 Merge branch 'upstream/master' into ext_server_kiwi 2014-03-20 09:17:18 +10:00
OJ
32c7126793 Fixes, documentation and tidying of kiwi code 2014-03-19 17:48:44 +10:00
OJ
1791ab8a3a Add kerberos ticket dump support 
Also fix up a few other niggles.
 2014-03-19 14:26:55 +10:00
OJ
43d362fb1e Enable LSA secret dumping 2014-03-14 19:51:35 +10:00
OJ
d8f86c1806 Merge branch 'upstream/master' into wmi_query_support 
Conflicts:
	make.bat
	workspace/ext_server_extapi/ext_server_extapi.vcxproj
 2014-03-07 08:11:35 +10:00
OJ
2b2508b8c9 Merge from source r104, fix silly typo in file name 2014-03-04 11:07:58 +10:00
OJ
9622deaddf Merge changes from source r102 2014-03-04 10:41:31 +10:00
OJ
d8760fdf9a Merge branch 'upstream/master' into ext_server_kiwi 2014-03-03 17:30:37 +10:00
James Lee
7ea5d4d35a Land #72, create_remote_thread fixes 2014-02-19 16:14:09 -06:00
OJ
633851be56 Updated other uses of CreateRemoteThread 
Make use of the new create_remote_thread function so that it
is used by other areas of the code, including migration.
 2014-01-24 23:11:47 +10:00
OJ
a7f2458a4e Force "warnings as errors" in stdapi 
This should have been done ages ago, not sure why I need to do it again.
 2014-01-24 21:53:50 +10:00
OJ
5b1007e940 Merge branch 'upstream/master' into clipboard_monitor 
Conflicts:
	source/ReflectiveDLLInjection
	source/extensions/extapi/extapi.c
	source/extensions/extapi/extapi.h
	workspace/ext_server_extapi/ext_server_extapi.vcxproj
 2014-01-22 22:53:29 +10:00
OJ
c6f516da4c Merge branch 'upstream/master' into ext_server_kiwi 2014-01-17 11:55:46 +10:00
OJ
af5d6bd908 First pass of WMI support 
Not quite working, but a good deal done.
 2014-01-16 13:34:15 +10:00
OJ
1b0be5f3c5 Remove unused param, force 'treat warnings as error' 
For some reason this project setting wasn't present in incognito.
 2014-01-15 15:53:02 +10:00
OJ
eca73429f3 Initial integration of Mimikatz 2.0 
This is a seprate extension because the old Mimikatz supports more
operating systems, while the new Mimikatz has more features for
less operating systems.
 2014-01-10 16:51:51 +10:00
OJ
015c92ddf6 Merge branch 'master' into basic_asdi_support 
Conflicts:
	source/ReflectiveDLLInjection
 2013-12-20 10:36:48 +10:00
OJ
7b19766f3c Add support for computer and user enum via ADSI 2013-12-07 00:15:19 +10:00
OJ
71c864cc11 Update bare extension template to use RDI submodule 2013-11-27 14:15:48 +10:00
OJ
c6bdc26a55 Update Meterpreter to use the RDI submodule 2013-11-27 14:01:45 +10:00
OJ
ce9c5713fa Set warnings as errors on extapi 2013-11-22 13:27:57 +10:00
James Lee
3fd2153027 Land #45, extapi 2013-11-21 11:35:26 -06:00
OJ
5a1d5bbbe9 Set "warnings as errors" 
Now that the build is clean, warnings are now errors to keep it clean.
 2013-11-20 11:35:43 +10:00
jvazquez-r7
a1130e76e1 Land #49 @OJ's fix for something which recover clean builds 2013-11-14 09:02:44 -06:00
OJ
35fad79cf0 Merge branch 'warning_removal' into ext_server_extapi 2013-11-14 19:34:44 +10:00
OJ
1c09ac08d5 Merge branch 'master' into warning_removal 2013-11-14 19:20:27 +10:00
OJ
a9abe738a1 Remove evidence of kitrap0d 
This exploit has been causing crashes and BSODs on various systems and
hence is deemed too unstable to be included in the default deployment of
Meterpreter. `getsystem` should only contain code which attempts to get
SYSTEM privileges via safe means; it should not have exploits in it.

This commit removes kitrap0d from `getsystem`. The code will be moved to a
windows local exploit in MSF instead.
 2013-11-08 11:34:46 +10:00
James Lee
07aec8068b Land #40, fix for ipv6 ipconfig 2013-11-07 14:44:27 -06:00
OJ
927ca7812e Thanks to @brandont-r7 for catching the last of the issues 2013-11-07 06:52:16 +10:00
OJ
cc862ea96e Final fixes to previous mistake 2013-11-06 20:07:12 +10:00
OJ
6bd447a5fe Update bare extension to VS2013 and no warnings 2013-11-06 19:58:09 +10:00
OJ
0656a34115 Last tiday of extapi project file 2013-11-06 19:53:37 +10:00
OJ
419078c966 Remove final warning from the build 2013-11-06 19:44:10 +10:00
OJ
7702724fd2 Remove all warnings resulting in totally clean builds 
Does as it says on the tin. Various tweaks made to source and to project
files to make the builds come out with ZERO warnings.

Let's keep it clean from here!
 2013-11-06 19:02:50 +10:00
Tod Beardsley
ca20beb447 Post V2013, Land #43, getproxy 
See also #46
 2013-11-05 20:00:29 -06:00
OJ
5986ccf235 Add the getproxy command 
This allows for system proxy setting to be pulled out. Windows-only at
this point.
 2013-10-30 17:25:51 +10:00
OJ
103eedf550 Merge branch 'master' into ipconfig_ipv6 2013-10-30 13:42:54 +10:00
OJ
524b61eb80 Update to VS2013 
This brings things up to date with the VS2013 main line.
 2013-10-29 20:07:10 +10:00
OJ
ae71841817 Merge branch 'vs2013' into ext_server_extapi 2013-10-29 20:05:18 +10:00
OJ
46f64a8f69 Update incognito to v2 
Pulled the latest version of the incognito code from:
http://labs.mwrinfosecurity.com/blog/2012/07/18/incognito-v2-0-released/

This included a fix for Windows 2003 x64, which was reported as a bug in
RM 8281.
 2013-10-29 19:48:40 +10:00
OJ
288b2bad41 Upgrade to VS 2013 2013-10-29 13:46:46 +10:00
OJ
8fe249dd52 Fix ipconfig command to show IPv6 
This commit also contains fixes for proper extraction of subnet masks
based on operating system.
 2013-10-29 10:21:09 +10:00
OJ
aca306f8ce Implement CF_DIB support 
The clipboard code now supports the `CF_DIB` format on the clipboard. When
found, it takes the data and uses GDI+ to convert it into a JPEG. GDI+ was
used because:

* It's on every Windows machine from XP SP0 onwards (Win2k doesn't work).
* It requires linking to a small gdiplus.lib instead of a massive jpeg
  library.
* It's a really easy interface to use that interops easily with the
  Windows bitmap header information structures.

I think it'd be worth considering this approach for the other screenshot
applications as well, as it'd reduce the jpeg lib dependency and simplify
the codebase.
 2013-10-21 00:02:16 +10:00
OJ
123010c76b Add clipboard text get/set functionality 
This commit adds the beginnings of clipboard munging support. Getting and
setting of text-based data is supported. Over time, more formats will be
supported.
 2013-10-15 23:55:46 +10:00
OJ
f720ca7bdb Add service_enum to the ext_server_extapi extension 
This commit adds the ability to enumerate services on the target machine,
showing the PID, the service name, the display name and an indication of
the service's ability to interact with the desktop.

Some other small code tidies were done too.
 2013-10-10 21:20:23 +10:00
OJ
52e13ad2d3 New extended API extension with window enum 
Decided to kick off a new extended API extension with mubix and
kernelsmith to include some more advanced enumeration stuff. The goal of
this extension is to take stuff that wouldn't be part of the std api but
is rather useful for enumeration of a target once meterpreter has been
established.

This commit kicks things off with enumeration of top level windows on the
current desktop.
 2013-10-09 22:16:47 +10:00
OJ
35aada915f Fix debug build of various components 
No idea why they were broken, but they shouldn't have been. This fixes
them up and tidies a few other things up, especially the guts of the
stdapi project.
 2013-10-09 17:20:58 +10:00
OJ
bab7340a3f Doc changes, project fixes 2013-10-09 15:54:39 +10:00
OJ
7f2fc483dc New ext docs, remove boiler from solution 
Documentation now includes how to create a new extension using the bare
extension as a sample.
 2013-10-09 15:26:19 +10:00
OJ
a10ee71e1c Remove boiler extension and create 'bare' extension 
The boiler extension wasn't used and was old so it was removed. I've added
a new "bare" extension which is, as it says, just bare and doesn't do
anything. This can be used to create new extension projets just by copying
and pasting, then editing a couple of small things.

This will be added to the documentation.
 2013-10-09 15:08:09 +10:00
Tod Beardsley
0406a2f336 Land #20, update docs and project files. 
Tested by merging and running a build, as proscribed by the README.md.
12 succeeded, 0 dailed, 2 skipped.
 2013-09-30 16:15:31 -05:00
OJ
1c07b8650b Remove unused sniffer config, add PssdkVersion setting 
* Rather than having various places where the PSSDK path is set scattered
  through the solution I created a property which contains the version.
  This means we can update that version property in the project and it'll
  take effect everywhere it's required.
* Removed debug and release configurations from ext_server_sniffer.
 2013-09-18 18:09:32 +10:00
Meatballs
4090e197aa Merge branch 'master' of github.com:rapid7/meterpreter into ip_resolv 2013-09-17 19:19:51 +01:00
Meatballs
4f1c2fe1ed Dont build in nix 2013-09-17 19:18:44 +01:00
James Lee
e031cc37f1 Land #19, add 'x86' to output filenames 
Conflicts:
	workspace/ext_server_mimikatz/ext_server_mimikatz.vcxproj
	workspace/ext_server_sniffer/ext_server_sniffer.vcxproj
 2013-09-16 23:56:52 -05:00
James Lee
51fa8f3b7d Land #18, sniffer fixes 2013-09-16 23:46:44 -05:00
OJ
b442d17082 Change output file names 
As per @jlee-r7's request I've changed the output of both 32 and 64 bit
components so that the platform is included in the file name.

I also added "make clean" to the make script.
 2013-09-17 07:24:27 +10:00
OJ
b9e58daa96 Remove unused project 
* Accidentally added a project to the FS, this commit removes it.
 2013-09-16 16:05:33 +10:00
OJ
73c3a2cfcd Support Rapid7 internal builds, fix sniffer ext 
* r7_debug and r7_release configurations added.
* Make now detects if the appropriate libraries are on disk and will build
  whatever it can. If PSSDK is present in the appropriate location then it
  will attempt to build ext_server_sniffer.
* ext_server_sniffer is now buildable with VS 2012 with all the settings
  correct.
* ext_server_sniffer was failing to load once built. The cause of this was
  that the hMetSrv handle wasn't being set to a valid value prior to the
  command_register calls happening, it was being set too late. I'm not
  sure why this results in a crash, but moving this one call to a location
  prior to the command_register calls does resolve that problem.
 2013-09-15 00:00:20 +10:00
OJ
101788efa0 VS 2012 doc improvements 
* Removed the old README.md from the `workspace` folder.
* Adjusted the build documentation in the main README.md.
* Added details of how to make sure VS2012 has beeen updated so that
  things are able to be build.
 2013-09-14 16:21:10 +10:00
OJ
03706b842f Reflective DLL Injection update, bugfix and tidy 
* Pulled source from Stephen Fewer which contains a few updates including
  support for Windows RT.
* Added Stephen Fewer's fix which includes a correct pointer size for the
  reflective DLL loader function.
* Added ENABLE_STOPAGING to allow toggling of VirtualLock() call (defined
  by default).
* Added ENABLE_OUTPUTDEBUG to allow toggling of calls to pOutputDebug
  (undefined by default).
* Remove more warnings in some areas of the code.
 2013-09-10 17:36:49 +10:00
OJ
7ce3766b11 Updated readme, fix make 
* Tweak to the make.bat file.
* Updated README to indicate how to build with VS express.
 2013-09-04 00:05:08 +10:00
OJ
fbb84f4718 Basic command line builds 2013-09-03 22:31:38 +10:00
OJ
35bef0be11 Post-build event changes 
* Copy output to different locations for different builds
 2013-09-03 17:22:18 +10:00
OJ
87031e0d00 Work towards a clean build 
* Various code fixes to keep the compiler warnings down.
* Adjustments to project files.
 2013-09-03 16:49:09 +10:00
OJ
8ae670cfaf Fix C++11 make_pair errors and U_CHAR problem 
* make_pair() changed in C++11 so this change fixes the code so that the
  compiler doesn't complain any more.
* Compiler was also complaining about redefinition of U_CHAR. Undefining
  before redefining resolves the issue.
 2013-09-02 12:07:50 +10:00
OJ
89d2326901 Fix winmm library inclusion issue 
* ext_server_stdapi wasn't including winmm.lib, despite the pragma
  included in the source of audio.c. Adding the library as a link
  input resolves the problem.
 2013-09-02 11:37:45 +10:00
OJ
30928305e9 Fix project platform settings 
* Make all the debug builds use /MTd instead of /MT.
* Make all builds use v110_xp for the platform (allows XP support).
 2013-09-02 10:28:21 +10:00
OJ
5c5e95eb73 Upgrade from VS2010 to VS 2012 
* Perform the upgrade of the projects using the VS wizard.
* Exclude the ext_server_pivot project for now as it doesn't exist on
  disk.

Note: this changeset will not compile.
 2013-09-02 09:49:50 +10:00
James Lee
6b6860e33f Make 64-bit project compile 
Fixes VS's inability to find psapi.lib for 64-bit builds
 2013-04-29 14:47:46 -05:00
Meatballs
f06807c4d5 Fix x64 2013-04-22 10:42:50 +01:00
Meatballs
da4c1fc650 Refactor to support custom commands 2013-04-22 10:06:35 +01:00
Meatballs
1899c7ca63 Add project to solution! 2013-04-21 14:59:11 +01:00
Meatballs
7ab128960b x64 release compilation 2013-04-21 14:52:34 +01:00
Meatballs
18a2760d38 Moved sekurlsa.cpp to top dir 2013-04-21 10:55:57 +01:00
Meatballs
997cbe64ce tidy and add notes 2013-04-21 00:28:39 +01:00
Meatballs
a6083f76fd Debug compile and doesnt crash! 2013-04-21 00:04:45 +01:00
Meatballs
817ebd0fc0 Fix debug compilation 2013-04-20 23:38:44 +01:00
Meatballs
37101896e9 Update licencing 2013-04-20 23:20:52 +01:00
Meatballs
09f2085e97 Working output to file 2013-04-20 01:26:57 +01:00
Meatballs
21e2b1fecf Tidy 2013-04-19 21:45:33 +01:00
Meatballs
979e22f774 Compiles with Release 2013-04-19 19:36:40 +01:00
James Lee
7cafff29f5 Fix compilation on Linux 
Doesn't work, but at least it compiles
 2013-04-17 18:08:14 -05:00
Meatballs
87dae3d449 Add file and project changes 2013-04-14 11:09:12 +01:00
James Lee
ade4bcedca Unbreak the Debug target 
Some mass-overwrite insanity made all the individual projects under
Debug actually compile for Release.
 2013-04-03 14:32:10 -05:00
James Lee
fcab1fbe55 Use libs from the Configuration instead of hardcoded Release 2013-04-03 14:04:09 -05:00
James Lee
bdf7ae3acd Make the Debug config work 
Also changes the output filename for most projects to make x86 match
x64, e.g. ext_server_stdapi.x86.dll
 2013-04-03 13:33:04 -05:00
James Lee
eff9e9a558 omg crlf 2013-04-01 15:25:36 -05:00
James Lee
b3f9cd0d18 Merge branch 'master' into omfg-crlf 
Conflicts:
	workspace/ext_server_incognito/ext_server_incognito.vcxproj
 2013-04-01 15:24:03 -05:00
James Lee
e3b74bcfe7 omg crlf 2013-04-01 15:22:28 -05:00
James Lee
0e80fe7e24 Add platform toolset 
I hope this doesn't break other versions of Visual Studio
 2013-04-01 15:06:20 -05:00
James Lee
925051af89 Standardize on config/platform for output dir 2013-04-01 15:04:35 -05:00
HD Moore
b59289ded7 Fix the include paths for new pssdk directory location 
Conflicts:
	workspace/ext_server_sniffer/ext_server_sniffer.vcxproj
 2013-04-01 13:32:06 -05:00
James Lee
bc69af44a3 Merge branch 'build/vcxproj-cleanup' 2013-04-01 13:21:40 -05:00
James Lee
0dd1f598fc Fix CRLF to help smooth conflicts with build/vcxproj-cleanup 2013-04-01 13:14:32 -05:00
James Lee
e1e02a094c Fix CRLF to help smooth conflicts with master 2013-04-01 13:13:47 -05:00
James Lee
60d4830707 Merge branch 'master' into rapid7 2013-04-01 13:06:55 -05:00
James Lee
da3a8052ec Fix CRLF to help smooth conflicts with rapid7/master 2013-04-01 13:06:50 -05:00
HD Moore
4e67f658ea Fix the include paths for new pssdk directory location 2013-03-31 14:47:14 -05:00
James Lee
3b2880bf4e Statically link libc for all configs 2013-03-29 15:08:16 -05:00
James Lee
238d992ef7 DRY up some vcxproj cruft 
Changes the output directory for all the projects to be dependent on the
target platform (which is really the architecture, but that's a story
for another time).

Also makes all the vcxproj files use variables for the output directory so
changing it isn't so painful next time.
 2013-03-27 18:02:05 -05:00
James Lee
bfb3df620e Merge branch 'build/vcxproj-cleanup' of github.com:jlee-r7/meterpreter into build/vcxproj-cleanup 2013-03-27 15:01:06 -05:00
James Lee
0587335279 Slashes to whacks 2013-03-27 15:00:16 -05:00
James Lee
2e38ae917f Fix a few slashes 2013-03-25 15:21:17 -05:00
James Lee
7e32976039 Make everything inherit RuntimeLibrary 
Corresponds to the /MD or /MT flag
 2013-03-25 12:45:06 -05:00
James Lee
f934e6b4d7 Make Debug look more like Release 2013-03-25 12:36:32 -05:00
James Lee
4f0fd9beac Add pssdk to the sniffer includes 
pssdk source and libs must live in the same directory as the meterpreter
repo checkout.
 2013-03-24 16:54:57 -05:00
James Lee
e004437a02 More Makefile clean up 
You can now type 'make && make install' if your framework checkout is in
the same directory as meterpreter.
 2013-03-19 17:10:13 -05:00
James Lee
7283131279 Initial source import from metasploit-framework 2012-11-19 16:46:07 -06:00
jlee-r7
964bae0c49 Initial commit 2012-11-19 14:40:03 -08:00
m m
5059a1f3cc netstat and arp commands in win32/posix meterpreter 2012-08-28 17:02:37 -05:00
HD Moore
d0b740d2c6 Add support for user-agent control 2012-06-30 23:00:08 -05:00
HD Moore
5184f3f718 Update project 2012-06-24 14:03:58 -05:00
HD Moore
7faaa653ba Update project 2012-06-24 14:03:57 -05:00
HD Moore
8a1193cef1 Add missing project files 2012-06-24 14:03:54 -05:00
HD Moore
be60c294d0 Checkin new code 2012-06-24 14:03:53 -05:00
HD Moore
cfa29916ce Move builds to VC10 2012-06-21 23:51:46 -05:00
MM
e7864ad96c Squashed commit of the following: 
commit df6eef12147a294d7f198d057c27e87ed4ffbeb3
Author: MM <gaspmat@gmail.com>
Date:   Tue Mar 20 18:01:50 2012 +0100

    ps support for linux meterpreter

[Closes #250]
 2012-05-15 16:57:17 -06:00
James Lee
4d4757c0a8 No need for pcap in stdapi anymore 
Pcap used to be required for the ipconfig command but since the fix
for #6328, it is no longer necessary.

[See #6328]
 2012-02-18 12:46:13 -07:00
James Lee
6aa879e800 Ensure output paths exist for compiled object files 
Fixes build on clean checkout
 2012-02-18 11:42:27 -07:00
James Lee
46c1073bea Remove unnecessary -gstabs and fix a logic error 
This drops the sniffer extension to a size of around 55k bytes.
 2012-02-10 15:57:01 -07:00
James Lee
d493848e40 Add a 'debug' target for posix meterpreter build 
This new target adds debugging symbols and doesn't strip binaries. New
bins are considerably bigger, but may be more helpful when diagnosing
problems or adding new features.

[Fixes #6343]
 2012-02-10 15:57:01 -07:00
James Lee
3ded02ae3e Add -m32 to all the Makefiles 
This is in an attempt to get it compilation working on 64-bit hosts.
 2012-01-27 17:20:36 -07:00
James Lee
ff05a305da Force gcc to compile for i386 
Makes meterpreter for linux work on older CPUs.

Fixes #6268
 2012-01-23 15:20:36 -07:00
Matt Buck
fb6927849a Add empty directories from svn repo. 2011-11-09 18:41:40 -06:00
Matt Weeks
7ce649587b whoops. Use these, not the dhcpserv.cpp/h 
git-svn-id: file:///home/svn/framework3/trunk@13633 4d416f70-5f16-0410-b530-b9f4589650da
 2011-08-25 01:41:57 +00:00
Matt Weeks
d3aef86f22 More PXE dust for extra magic! 
git-svn-id: file:///home/svn/framework3/trunk@13493 4d416f70-5f16-0410-b530-b9f4589650da
 2011-08-05 17:10:27 +00:00
James Lee
808dd72cc5 meterpreter compiles on modern linux! see #2418 
git-svn-id: file:///home/svn/framework3/trunk@13333 4d416f70-5f16-0410-b530-b9f4589650da
 2011-07-25 07:59:51 +00:00
HD Moore
a2da008614 Add md5/sha1 
git-svn-id: file:///home/svn/framework3/trunk@13060 4d416f70-5f16-0410-b530-b9f4589650da
 2011-06-29 06:12:15 +00:00
HD Moore
118d6b2bfb Merge in some recent meterpreter work, still a ways off before this is ready to use. 
git-svn-id: file:///home/svn/framework3/trunk@13044 4d416f70-5f16-0410-b530-b9f4589650da
 2011-06-28 05:57:36 +00:00
HD Moore
b461ad297f Fix up the sniffer build environment, add the pivot project to the solution (even though its not part of the OSS tree). 
git-svn-id: file:///home/svn/framework3/trunk@12916 4d416f70-5f16-0410-b530-b9f4589650da
 2011-06-11 22:42:59 +00:00
Matt Weeks
9c2adb0e65 Add audio (microphone) recording support to stdapi. 
git-svn-id: file:///home/svn/framework3/trunk@11087 4d416f70-5f16-0410-b530-b9f4589650da
 2010-11-22 00:32:39 +00:00
Matt Weeks
a9d2817d01 Merge webcam extension into stdapi. 
git-svn-id: file:///home/svn/framework3/trunk@10997 4d416f70-5f16-0410-b530-b9f4589650da
 2010-11-11 22:36:54 +00:00
Matt Weeks
44fe0b8f80 Add functional in-memory webcam support. 
git-svn-id: file:///home/svn/framework3/trunk@10954 4d416f70-5f16-0410-b530-b9f4589650da
 2010-11-09 02:24:28 +00:00
pks
155854e533 Implement a sniffer for posix meterpreter using libpcap. 
This version of the sniffer supports packet filtering after the packet count variable, like so:

meterpreter > sniffer_interfaces

1 - 'eth0' ( type:0 mtu:1514 usable:false dhcp:false wifi:false )
2 - 'any' ( type:0 mtu:1514 usable:false dhcp:false wifi:false )
3 - 'lo' ( type:0 mtu:1514 usable:false dhcp:false wifi:false )

meterpreter > use sniffer
Loading extension sniffer...success.
meterpreter > sniffer_start 1 500000 icmp <-- picks up only icmp packets.
[*] Capture started on interface 1 (500000 packet buffer)
meterpreter > sniffer_stop 1
[*] Capture stopped on interface 1

git-svn-id: file:///home/svn/framework3/trunk@10424 4d416f70-5f16-0410-b530-b9f4589650da
 2010-09-21 11:43:30 +00:00
pks
c1153272b2 Initial import of networkpug, a pivoting interface using libpcap to monitor/inject packets on a interface on the remote machine. 
git-svn-id: file:///home/svn/framework3/trunk@10423 4d416f70-5f16-0410-b530-b9f4589650da
 2010-09-21 09:35:46 +00:00
Stephen Fewer
95f43bf9c2 Delete the railgun meterpreter extension and add railgun support directly into stdapi. Support now includes Windows x64. Update meterpreter packet core to handle QWORD TLV's. 
git-svn-id: file:///home/svn/framework3/trunk@10317 4d416f70-5f16-0410-b530-b9f4589650da
 2010-09-14 23:21:36 +00:00
Joshua Drake
b7c3b14dd9 merge in another posix meterpreter update from philip, see #2418 
git-svn-id: file:///home/svn/framework3/trunk@10307 4d416f70-5f16-0410-b530-b9f4589650da
 2010-09-13 14:44:00 +00:00
Joshua Drake
466153da06 commit some fixes from philip, see #2418 
git-svn-id: file:///home/svn/framework3/trunk@10272 4d416f70-5f16-0410-b530-b9f4589650da
 2010-09-09 15:39:28 +00:00
Joshua Drake
88822d3991 sync up with Philip's code, see #2418 
git-svn-id: file:///home/svn/framework3/trunk@10202 4d416f70-5f16-0410-b530-b9f4589650da
 2010-08-31 15:10:41 +00:00
Stephen Fewer
04656703a1 Commit the source for meterpreter file searching... 
git-svn-id: file:///home/svn/framework3/trunk@10165 4d416f70-5f16-0410-b530-b9f4589650da
 2010-08-27 14:44:42 +00:00
Joshua Drake
5893c7586d update additional files, see #2418 
git-svn-id: file:///home/svn/framework3/trunk@10156 4d416f70-5f16-0410-b530-b9f4589650da
 2010-08-26 07:25:15 +00:00
Joshua Drake
4b10b7b0ee first attempt to merge in Philip Sanderson's work on the POSIX meterpreter 
git-svn-id: file:///home/svn/framework3/trunk@10154 4d416f70-5f16-0410-b530-b9f4589650da
 2010-08-26 05:16:27 +00:00
HD Moore
197a5684a2 New bins, implements the server side of multi-call railgun 
git-svn-id: file:///home/svn/framework3/trunk@9806 4d416f70-5f16-0410-b530-b9f4589650da
 2010-07-13 19:19:21 +00:00
HD Moore
15ff9acb1c Merge railgun, tweak configurations 
git-svn-id: file:///home/svn/framework3/trunk@9709 4d416f70-5f16-0410-b530-b9f4589650da
 2010-07-07 16:29:03 +00:00
James Lee
a664572f5b meterpreter now compiles on 64-bit linux in a 32-bit chroot. still need payload handlers and some stdapi love to make it useable 
git-svn-id: file:///home/svn/framework3/trunk@9468 4d416f70-5f16-0410-b530-b9f4589650da
 2010-06-10 06:10:15 +00:00
Stephen Fewer
6f25e39b27 Commit all the code for the new 'screenshot' command in the stdapi extension. Screenshot will now work on NT4 - 7 on both x86 and x64 and on newer versions of Windows we can break out of session isolation (e.g. session 0 isolation for services) to screenshot the active desktop (or logon screen) without the need to migrate meterpreter. The majority of the migration code-injection stuff has been refactored out into base_inject.c so it can be shared with the new ps_inject() functionality to inject dlls. The 'ps' command now reports what session each process belongs to (if this is too verbose we can remove it or add a -v verbose switch to the ps command). The 'execute' command can now take a -s switch in order to create a process in a users session under the users privs (assuming you have the privs to do this). 
git-svn-id: file:///home/svn/framework3/trunk@8787 4d416f70-5f16-0410-b530-b9f4589650da
 2010-03-11 17:09:55 +00:00
Stephen Fewer
795faa0295 Commit snojobs jpeg patch for espia with an x64 build and some minor changes on the ruby side (The 'screenshot' command is now 'screengrab' to avoid a future conflict with changes happening in stdapi). 
git-svn-id: file:///home/svn/framework3/trunk@8726 4d416f70-5f16-0410-b530-b9f4589650da
 2010-03-05 15:50:24 +00:00
Stephen Fewer
2bcfe8f18c Commit the meterpreter C side (and bins) for transparent zlib (zlib.c copied from the posix meterpreter source) compression of TLV's and channels. To use transparent compression with channels, create them with CHANNEL_FLAG_COMPRESS. To use transparent compression with any TLV value, bitwise or the TLV type with TLV_META_TYPE_COMPRESSED (Don't create the TLV type with TLV_META_TYPE_COMPRESSED as the compressed flag is removed on the remote end after compression). For consistency with the ruby side we could at a later stage add a boolean compress parameter to all the packet_add_tlv_* functions so you don't have to manually specify TLV_META_TYPE_COMPRESSED flag. 
git-svn-id: file:///home/svn/framework3/trunk@8515 4d416f70-5f16-0410-b530-b9f4589650da
 2010-02-16 14:56:24 +00:00
Stephen Fewer
5a0d64211e Commit the Meterpreter C side for the UDP socket pivoting. (+1 bug fix for the TCP client socket notify event function) 
git-svn-id: file:///home/svn/framework3/trunk@8430 4d416f70-5f16-0410-b530-b9f4589650da
 2010-02-09 16:43:33 +00:00
Stephen Fewer
85ed7baa43 Commit the new TCP server channel support on the meterpreter end as well as some fixes to TCP client channels. 
git-svn-id: file:///home/svn/framework3/trunk@8383 4d416f70-5f16-0410-b530-b9f4589650da
 2010-02-06 17:55:41 +00:00
Stephen Fewer
d0d1bce6c9 ...update the project files. I have added in an extra post build step for elevator.dll so it can work on NT4 (when used with rundll32.exe for getsystem technique #2). The post build step uses the editbin.exe to set the major OS/Subsystem version to 4 instead of 5 so NT4 will load it, (visual c++ 2008 cant build NT4 binaries, only 2000 and above). 
git-svn-id: file:///home/svn/framework3/trunk@8318 4d416f70-5f16-0410-b530-b9f4589650da
 2010-01-29 01:12:35 +00:00
HD Moore
be80aa81b9 Fixes #744. The core issue was the migrate code waiting on SetEvent, but the migrate stub was blocked on a WSASocket due to a pending packet_receive in the main server thread. Simply settin the thread termination signal did not work, as the SSL_read was already in progress. This change forcible terminates the main server thread before waiting on the event in order to bypass this deadlock. The downside is a failed migrate has no way to recover if it makes it this far. 
git-svn-id: file:///home/svn/framework3/trunk@8309 4d416f70-5f16-0410-b530-b9f4589650da
 2010-01-28 22:55:41 +00:00
Stephen Fewer
c80fcf9558 modularize the source for each technique, making it cleaner to add in new techniques at a later stage. 
git-svn-id: file:///home/svn/framework3/trunk@8298 4d416f70-5f16-0410-b530-b9f4589650da
 2010-01-28 15:04:27 +00:00
Stephen Fewer
e081adaaf3 update the workspace files. 
git-svn-id: file:///home/svn/framework3/trunk@8295 4d416f70-5f16-0410-b530-b9f4589650da
 2010-01-28 13:46:51 +00:00
Stephen Fewer
ff9d9f48aa updated stapi project file. 
git-svn-id: file:///home/svn/framework3/trunk@8158 4d416f70-5f16-0410-b530-b9f4589650da
 2010-01-19 11:07:21 +00:00
Stephen Fewer
3c9eb16fe0 Replace the use of Critical Sections for locking with Mutex's (thread.c). This appears to resolve a deadlock issue with OpenSSL on some Windows systems. This commit resolves a bug in interactive processes where an interactive waiter thread will chew cpu due to a tight loop introduced by anonymous pipes not blocking (process.c). Dynamic lock creation for OpenSSL has been re-enabled should a future version of OpenSSL require it, AFAIK the current version used, v0.8.9, does not use dynamic lock creation (server_setup.c). Channels have been given locks to help synchronize concurrent access to a single channel. 
git-svn-id: file:///home/svn/framework3/trunk@7732 4d416f70-5f16-0410-b530-b9f4589650da
 2009-12-07 13:04:41 +00:00
Stephen Fewer
0a5c87b678 Initial commit of the multi-threaded meterpreter. 
git-svn-id: file:///home/svn/framework3/trunk@7698 4d416f70-5f16-0410-b530-b9f4589650da
 2009-12-04 17:37:21 +00:00
HD Moore
a0b6ee7885 Merge in the POSIX stdapi extension, still some work left to finish 
git-svn-id: file:///home/svn/framework3/trunk@7266 4d416f70-5f16-0410-b530-b9f4589650da
 2009-10-26 04:34:20 +00:00
et
18f0d3588c Finally screenshot capture. BMP at this time 
git-svn-id: file:///home/svn/framework3/trunk@7063 4d416f70-5f16-0410-b530-b9f4589650da
 2009-09-26 04:05:09 +00:00
Stephen Fewer
5ad901fdb1 Commit the x64 build of the meterpreter incognito extension. 
git-svn-id: file:///home/svn/framework3/trunk@7009 4d416f70-5f16-0410-b530-b9f4589650da
 2009-09-07 09:25:25 +00:00
Stephen Fewer
245bb65c54 Commit the x64 build of the meterpreter priv extension. 
git-svn-id: file:///home/svn/framework3/trunk@7008 4d416f70-5f16-0410-b530-b9f4589650da
 2009-09-07 09:17:29 +00:00
Stephen Fewer
96bf84163d Commit the source code for the cross compilable reflective dll injection module. Some minor modifications to the stdapi extension were also required. All the projects (.vcproj) now have an x64 debug/release target as well as an x86 counterpart. 
git-svn-id: file:///home/svn/framework3/trunk@7000 4d416f70-5f16-0410-b530-b9f4589650da
 2009-09-04 01:53:58 +00:00
HD Moore
e47be2ef4f Fixes #299 - corrects the win32 build environment and source to build properly again 
git-svn-id: file:///home/svn/framework3/trunk@6987 4d416f70-5f16-0410-b530-b9f4589650da
 2009-08-30 01:57:25 +00:00
HD Moore
109991ecd1 Patch from snfernandez to fix posix extension loading 
git-svn-id: file:///home/svn/framework3/trunk@6954 4d416f70-5f16-0410-b530-b9f4589650da
 2009-08-12 23:15:08 +00:00
HD Moore
071f888b16 Major merge of Meterpreter POSIX codebase from JR, Win32 projects may need a few more fixes to work properly 
git-svn-id: file:///home/svn/framework3/trunk@6949 4d416f70-5f16-0410-b530-b9f4589650da
 2009-08-10 02:02:16 +00:00
HD Moore
8f3db3cb8b fix the posix build (patch from JR) 
git-svn-id: file:///home/svn/framework3/trunk@6945 4d416f70-5f16-0410-b530-b9f4589650da
 2009-08-09 17:28:44 +00:00
HD Moore
34580b5785 Merge in JR's ulibc code 
git-svn-id: file:///home/svn/framework3/trunk@6944 4d416f70-5f16-0410-b530-b9f4589650da
 2009-08-09 02:27:52 +00:00
HD Moore
d5476de6cf First round of posix meterpreter commits from jr 
git-svn-id: file:///home/svn/framework3/trunk@6934 4d416f70-5f16-0410-b530-b9f4589650da
 2009-08-01 14:21:58 +00:00
HD Moore
81e434af80 Updated VC++ project files to fix the directory paths/includes for OpenSSL 
git-svn-id: file:///home/svn/framework3/trunk@6774 4d416f70-5f16-0410-b530-b9f4589650da
 2009-07-13 03:14:20 +00:00
HD Moore
0f9246b4bf Goodbye PolarSSL (your license stinks). 
git-svn-id: file:///home/svn/framework3/trunk@6772 4d416f70-5f16-0410-b530-b9f4589650da
 2009-07-13 03:03:53 +00:00
HD Moore
8bbbd84aeb Fixes a memory corruption issue with the SSL file descriptor (was using a stack reference instead of the Remote->fd reference), adds the source code sans the Packet SDK for the sniffer module 
git-svn-id: file:///home/svn/framework3/trunk@6763 4d416f70-5f16-0410-b530-b9f4589650da
 2009-07-11 17:32:50 +00:00
HD Moore
2a365951cd This patch removes some of the meterpreter compiler warnings and fixes migration over SSL 
git-svn-id: file:///home/svn/framework3/trunk@6761 4d416f70-5f16-0410-b530-b9f4589650da
 2009-07-09 22:44:33 +00:00
HD Moore
b42efcb965 Add the PolarSSL lib file and output directory to make building easier 
git-svn-id: file:///home/svn/framework3/trunk@6719 4d416f70-5f16-0410-b530-b9f4589650da
 2009-06-26 23:22:07 +00:00
HD Moore
3c022997cc Switches meterpreter to SSL by default, using the PolarSSL library. To build this, just place polarssl.lib into an workspace/common/Release/ 
git-svn-id: file:///home/svn/framework3/trunk@6718 4d416f70-5f16-0410-b530-b9f4589650da
 2009-06-26 23:18:53 +00:00
et
85ec1dec7d ext code and project adjustments 
git-svn-id: file:///home/svn/framework3/trunk@6500 4d416f70-5f16-0410-b530-b9f4589650da
 2009-04-27 04:34:28 +00:00
et
35620d0bea espia early stages 
git-svn-id: file:///home/svn/framework3/trunk@6499 4d416f70-5f16-0410-b530-b9f4589650da
 2009-04-27 03:43:22 +00:00
HD Moore
d6f629ad19 Source code and VS project changes for cleaner build and new keyboard logging code 
git-svn-id: file:///home/svn/framework3/trunk@6374 4d416f70-5f16-0410-b530-b9f4589650da
 2009-03-23 05:26:11 +00:00
HD Moore
fa51ea5d15 Swapping in the latest patched copy of Meterpreter. See #275 
git-svn-id: file:///home/svn/framework3/trunk@6357 4d416f70-5f16-0410-b530-b9f4589650da
 2009-03-22 18:56:28 +00:00
HD Moore
a3fa8e90cb Swapping out old Meterpreter code for Stephen Fewer's latest patched copy 
git-svn-id: file:///home/svn/framework3/trunk@6356 4d416f70-5f16-0410-b530-b9f4589650da
 2009-03-22 18:55:36 +00:00
Matt Miller
5812c4cf15 better support for nx with dllinject payloads/meterp 
git-svn-id: file:///home/svn/framework3/trunk@5510 4d416f70-5f16-0410-b530-b9f4589650da
 2008-05-26 06:34:12 +00:00
Matt Miller
b52c7bc814 fix portfwd command not functioning properly 
git-svn-id: file:///home/svn/framework3/trunk@5075 4d416f70-5f16-0410-b530-b9f4589650da
 2007-08-10 23:54:26 +00:00
Matt Miller
b82a1a0422 fix DEP issue with meterp, fixes #48 
git-svn-id: file:///home/svn/framework3/trunk@4703 4d416f70-5f16-0410-b530-b9f4589650da
 2007-04-19 03:14:49 +00:00
Matt Miller
4d294dd6cb proj file updates 
git-svn-id: file:///home/svn/framework3/trunk@4604 4d416f70-5f16-0410-b530-b9f4589650da
 2007-04-01 22:12:03 +00:00
Matt Miller
0ec4eaf357 updated meterp stdapi to properly detect windows vista 
git-svn-id: file:///home/svn/framework3/trunk@4603 4d416f70-5f16-0410-b530-b9f4589650da
 2007-04-01 22:04:24 +00:00
Matt Miller
bc9c10e898 support for meterpreter scripts 
git-svn-id: file:///home/svn/framework3/trunk@3916 4d416f70-5f16-0410-b530-b9f4589650da
 2006-09-19 03:15:25 +00:00
Matt Miller
ecd0afd28b timestomp integration 
git-svn-id: file:///home/svn/incoming/trunk@3219 4d416f70-5f16-0410-b530-b9f4589650da
 2005-12-14 00:34:05 +00:00
Matt Miller
eb621baaf2 initial import of the priv esc extension 
git-svn-id: file:///home/svn/incoming/trunk@3209 4d416f70-5f16-0410-b530-b9f4589650da
 2005-12-13 05:59:59 +00:00
Matt Miller
d037bdf5cc remove bogus files 
git-svn-id: file:///home/svn/incoming/trunk@3178 4d416f70-5f16-0410-b530-b9f4589650da
 2005-12-06 03:40:07 +00:00
Matt Miller
c12f50545f updated workspace 
git-svn-id: file:///home/svn/incoming/trunk@3177 4d416f70-5f16-0410-b530-b9f4589650da
 2005-12-06 03:38:04 +00:00
Matt Miller
8456a63351 fix module dependency problem, made it so the server sock in meterp isn't inherited 
git-svn-id: file:///home/svn/incoming/trunk@2842 4d416f70-5f16-0410-b530-b9f4589650da
 2005-08-22 01:42:13 +00:00
Matt Miller
49d2eef5cf a few things I needed to commit 
git-svn-id: file:///home/svn/incoming/trunk@2839 4d416f70-5f16-0410-b530-b9f4589650da
 2005-08-12 14:45:54 +00:00
Matt Miller
73eebb42b2 migration now enables the debug privilege first so it can migrate to system services, added reboot/shutdown wrappers 
git-svn-id: file:///home/svn/incoming/trunk@2834 4d416f70-5f16-0410-b530-b9f4589650da
 2005-07-26 04:52:59 +00:00