github/metasploit-payloads
1
Fork 0
mirror of https://github.com/rapid7/metasploit-payloads synced 2025-01-02 11:36:22 +01:00
Code Releases Activity
3,349 Commits 7 Branches 259 Tags 71 MiB
v2.0.141
Commit Graph

493 Commits

Author SHA1 Message Date
OJ
9bb22ad251
Add 32 bit encrypt flag support to Java meterp 2017-07-03 17:58:07 +10:00
OJ
2c2583b975
Add support to java for new packet header 2017-06-26 19:28:09 +10:00
OJ
813760a9e2
Remove support for the crypto context 
Crypto context stuff appears to have only ever been supported in
Meterpreter on Windows. The only thing it allowed for is XOR, which is
redundant given that we have packet level XOR in place. Also, it would
appear that MSF didn't have support for it anyway!

With the move torwards packet-level encryption, this is unnecessary so
it needs to go bye bye.
 2017-06-19 16:51:54 +10:00
OJ
cf575a05dd
Add session GUID support to Meterpreter payloads 2017-06-06 17:24:36 +10:00
Tim
e9ba356db8 android in-app screenshot 2017-03-22 12:38:37 +08:00
Tim
473400bb48 don't wait for Context object 2017-03-01 18:31:58 +08:00
Tim
49a34c1212 reduce android AV signatures in Payload 2017-03-01 12:31:06 +08:00
OJ
6872495da6
Remove Migrate TLVs from php/py, adjust for Java 2017-01-24 07:38:59 +10:00
Brent Cook
bab6ede821
Land #165, fix android_dump_contacts display name duplicated in phone numbers list 2017-01-22 09:31:31 -06:00
Tim
6608944236
fix android_dump_contacts display name duplicated in phone numbers list 2017-01-21 18:03:36 +08:00
Tim
80e8083e23
add a simpler smali injection function 2017-01-19 14:47:20 +07:00
Tim
54bf92db26
android_wakelock 2017-01-05 19:17:05 +07:00
Brent Cook
fb95be3315 Use the correct spelling of ACCESS_COARSE_LOCATION 
Noted by @PsychoBit
 2017-01-02 22:05:30 -06:00
Tim
db85f099c3
stdapi_fs_file_copy 2016-11-29 13:58:46 +08:00
Brent Cook
bd6fcb0eeb Revert "Adjust the XOR packet handling in Java" 
This reverts commit 2e69e8f0ef.
 2016-11-17 06:23:18 -06:00
Brent Cook
79cff67de4
Merge remote-tracking branch 'upstream/master' into fix-143 2016-11-14 12:01:31 -06:00
Brent Cook
d1c7961668 resolve ambiguity with java and android getuid implementations 2016-11-14 00:43:49 -06:00
Brent Cook
9d21ece6fe
Land #142, stdapi_fs_file_move for php, java and android 2016-11-14 00:21:02 -06:00
Brent Cook
a1a1597c96
Land #139, extend core_loadlib on java/android to support Runtime.load() 2016-11-14 00:15:07 -06:00
OJ
4d145d78a7
Merge upstream/master into uuid-to-tlv 2016-10-29 15:25:21 +10:00
OJ
70812fd1ce
Remove core_uuid and add core_set_uuid 2016-10-29 12:42:36 +10:00
Tim
e2e7aa0c93
stdapi_fs_file_move 2016-10-22 15:38:28 +08:00
Tim
dcebd86704
fix metasploit-framework/issues/7458 2016-10-19 17:14:02 +08:00
Tim
38435c314b
extend core_loadlib on java/android to support load of shared object libraries 2016-10-18 02:48:48 +08:00
Tim
b33437027c
hide app icon 2016-10-17 19:03:25 +08:00
Brent Cook
d9bba3c5b1
Land #138, fix core_enumextcmd by prefixing android commands 2016-10-16 22:54:49 -05:00
Tim
7487c2f68a
fix core_enumextcmd by prefixing android commands 2016-10-16 00:03:36 +08:00
Tim
5d49f15e8d
include shared classes inside java meterpreter jar 2016-10-15 19:05:57 +08:00
OJ
b96eaff14f
Remove check for UUID, force add without check 2016-10-14 13:27:45 +10:00
OJ
e2d226c24c
Add UUID to each packet in Java meterp 2016-10-14 11:42:25 +10:00
Tim
946526ab26
obfuscate Android payload with proguard 2016-10-13 22:35:17 +08:00
Tim
79992309f2
Revert "Revert "Land #134, Refactor Android payload configuration into a byte array"" 
This reverts commit 38313ee292.
 2016-10-13 22:35:00 +08:00
Brent Cook
38313ee292
Revert "Land #134, Refactor Android payload configuration into a byte array" 
This reverts commit 82c38488fd, reversing
changes made to 5620acab1b.
 2016-10-13 09:11:06 -05:00
Brent Cook
79a3379698
Land #135, minor fixes to the java/Makefile 2016-10-13 00:48:31 -05:00
Tim
3d2cee140e
minor fixes to the java/Makefile 2016-10-13 13:39:09 +08:00
Tim
5c6c1106e8
pass config as byte array 2016-10-11 17:11:51 +08:00
Tim
7e6c043b0c
use stage package 2016-10-11 14:27:25 +08:00
Tim
d6cd73e2bc
store Payload config as byte array 2016-10-11 14:27:25 +08:00
Tim
92a598101f
remove duplicated PayloadTrustManager 2016-10-11 14:27:25 +08:00
Tim
d411bfc90b
add shared module 2016-10-11 14:27:25 +08:00
OJ
2e69e8f0ef
Adjust the XOR packet handling in Java 2016-10-11 15:18:34 +10:00
Brent Cook
4cf8f6df1f
Land #126, add static method to MainService to aid apk injection 2016-10-10 23:36:50 -05:00
Brent Cook
f302463f94
Land #133, add local time command 2016-10-10 23:28:20 -05:00
Tim
233bd96b5a
add localtime for java/android 2016-10-10 17:03:15 +08:00
Tim
fbb12450c6
add static method to MainService to aid apk injection 2016-10-07 01:31:33 +08:00
Tim
ca30cad1e8
Revert "hide activity after launch" 
This reverts commit 8c752b46f0.
 2016-10-03 17:12:51 +08:00
Jeffrey Martin
ceb00a8a34
Land #118, add android stageless payload 2016-09-28 15:40:41 -05:00
Brent Cook
4da27ca405
Land #117, fix check_root on android 6.0 and up 2016-09-15 21:04:08 -05:00
Brent Cook
e794b6d868
Land #116, add the extapi_clipboard apis for android 2016-09-15 20:27:43 -05:00
Tim
941bed5f6a update the Readme.md 2016-09-15 15:52:41 +01:00
Tim
aecc818890 fix the comment 2016-09-15 15:52:41 +01:00
Tim
4895ecf72c fix android java version (for IntelliJ) 2016-09-15 15:52:41 +01:00
Tim
35c491ebc0 android-api10 -> android-api 2016-09-15 15:52:41 +01:00
Tim
de8924e9f0 update android library version 2016-09-15 15:52:41 +01:00
Tim
07cf905733 add core_patch_url, fix android stageless http 2016-09-15 15:50:44 +01:00
Tim
dbeb5c2cb2 android stageless reverse_tcp 2016-09-15 15:50:44 +01:00
Tim
59e428b149 fix check_root on android 6.0 and up 2016-09-05 17:40:10 +01:00
Tim
126f6d0e3c add core_enumextcmd 2016-09-05 16:57:08 +01:00
Tim
febbb16933 clipboard_monitor basically working 2016-09-04 15:12:26 +01:00
Tim
8c752b46f0 hide activity after launch 2016-05-24 14:56:31 +01:00
Tim
d2f54e6d45 fix android service restarting on exit 2016-03-17 12:16:36 +00:00
Tim
d1aafbf668 run as android service 2016-03-17 11:17:28 +00:00
Tim
bc0a5dc3c4 Merge branch 'master' into android_sqlite_read 2016-03-10 02:04:54 +00:00
Tim
a7e992c6f9 Close the cursor before the database 2016-03-10 01:51:01 +00:00
Tim
381eda7b70 sqlite_query 2016-03-04 11:57:02 +00:00
Tim
e66b5c7105 sqlite_write 2016-03-04 10:47:53 +00:00
Tim
aa880fda83 android sqlite_read command 2016-02-29 15:06:10 +00:00
Rohit Shampur
c41a1446e4 Added Read and write permissions for call log 2016-02-26 15:42:40 +05:30
Brent Cook
3f07e220ec
Land #75, hide verbose connection retry messages in android logs 2016-02-25 22:32:55 -06:00
Brent Cook
c1498abfe1 add a few more comments around what this is for 2016-02-25 22:32:34 -06:00
Brent Cook
e6b0ee9f6f Merge branch 'upstream-master' to fix conflicts 2016-02-25 22:26:31 -06:00
Brent Cook
9baee1c2ad
Land #74, add missing activity_start 2016-02-25 22:23:37 -06:00
Brent Cook
4c3c579339
Land #71, add uses-feature manifest entries, possibly useful for app stores 2016-02-25 22:23:09 -06:00
HD Moore
a235d7ec9b Wrap up WIP sqlite_read 2016-02-25 18:06:18 +00:00
HD Moore
be50f443dd Stub out the skeleton for sqlite_read & sqlite_write 2016-02-25 18:06:18 +00:00
Tim
9561638a1a fix #61, suppress error when Android meterpreter handler down 2016-02-23 05:42:43 +00:00
Tim
62c8b32275 fix activity_start 2016-02-23 05:37:07 +00:00
Tim
710a7ca83b add ability to set max volume 2016-02-20 11:48:22 +00:00
Brent Cook
9407980766 use correct style 2016-02-15 14:42:04 -06:00
Artem
52a9ce2338 Update AndroidMeterpreter.java 2016-02-15 14:38:59 -06:00
Artem
c4b2760720 Create set_audio_mode_android.java 
Add Ringer Mode Change
 2016-02-15 14:37:10 -06:00
Artem
7975064ca0 Update AndroidManifest.xml 2016-02-14 16:46:46 +03:00
Tim
ee1eed2abc android set wallpaper 2016-02-11 06:13:25 +00:00
Brent Cook
d9ac068bc3
Land #66, add ability to start arbitrary android activities 2016-02-10 23:01:09 -06:00
Brent Cook
08e008fc77
Land #64, add xor encoding to TLV messages 2016-02-10 21:32:43 -06:00
Adam Cammack
6f9f3e4ee9
Land #67 don't crash when timeout settings are nil 
Fix handling the timeout settings generated by android/shell/reverse_tcp
 2016-02-03 17:56:53 -06:00
Brent Cook
4919551688 add support for conditionally emitting mac addresses 2016-02-03 05:24:20 -06:00
Tim
d620856589 remove socket timeout 2016-01-31 17:39:51 +00:00
Tim
d2f2de7f59 fix shell payload crash 2016-01-31 17:39:51 +00:00
Tim
09e02fc4d6 fix error returning 2016-01-31 15:13:46 +00:00
Tim
bf57b706d2 fix GET vs POST 2016-01-18 18:53:48 +00:00
Tim
98545dbd1a fix xor endianness? 2016-01-18 17:49:18 +00:00
OJ
29f88366ac
Merge branch 'upstream/master' into default-xor 2016-01-13 07:34:40 +10:00
Tim
a7da40dc34 send startActivity result back 2016-01-12 07:48:55 +00:00
Tim
7a491e68e9 activity_start 2016-01-07 09:23:50 +00:00
Tim
5ac7d20905 quick fix for geo interval_collect 2015-12-24 08:46:09 +00:00
Brent Cook
4688223917
Land #55, update Android API version, interval collection updates 2015-12-23 02:40:54 -06:00
HD Moore
99cd0bbb1d Handle errors better (with corrupt storage data) 2015-12-11 11:45:34 -06:00
OJ
6e40df1d56 Interim commit while getting java working 2015-12-09 13:08:26 +10:00
Brent Cook
cac498be22
Land #49, add BOOT_COMPLETED android meterpreter hook 2015-11-25 21:29:43 -06:00
Joshua J. Drake
196c11e47d Switch to Utils.runCommand per timwr's suggestion 2015-11-18 10:47:28 -06:00
Joshua J. Drake
f12e49a085 Improve the implementation of the getuid command 2015-11-17 21:38:44 -06:00
Tim
0cc7a3ac94 add BOOT_COMPLETED receiver that starts the Payload 2015-11-13 07:51:21 +00:00
HD Moore
21f0ea13a1 Fix up Geo types 2015-11-02 22:04:21 -06:00
HD Moore
3ce9cdaf17 Finish up first rework of CellCollector 2015-11-02 21:52:39 -06:00
HD Moore
c6b4956ebd Cleanup CellLocation 2015-11-02 19:38:08 -06:00
HD Moore
3f2ea326b2 Needed to actually build against API 10 (android version has to match) 2015-11-02 19:28:43 -06:00
HD Moore
57824d37bc Merge branch 'master' into feature/interval-collection 2015-11-02 19:18:13 -06:00
HD Moore
f4e1f5aa69 Switch to network location, overhaul Cell collector (step 1) 2015-11-02 18:04:22 -06:00
HD Moore
f58a7321e9 Target API 17 (for future back-compat features) 2015-11-02 18:02:38 -06:00
Brent Cook
e9626281ee
Land #42, add support for building with maven 3.3+ 2015-11-02 17:24:32 -06:00
HD Moore
c0fa49bec2 Refactor of Geolocation codebase 2015-11-02 13:19:18 -06:00
HD Moore
743de41c6a Refactor of the exception handler in flush() 2015-11-02 13:18:47 -06:00
HD Moore
711ed85de3 Cleanup 2015-11-02 13:08:36 -06:00
HD Moore
30915d2d46 General cleanup 2015-11-02 12:08:50 -06:00
HD Moore
9b8b7a2205 Whitespace 2015-11-02 11:51:49 -06:00
HD Moore
e764f53951 Revert "Maven build system channges to support API level 17" 
This reverts commit 1ca6d586aa.
 2015-10-31 09:00:11 -05:00
Narendra
1ca6d586aa Maven build system channges to support API level 17 
-To get Cell signal strenght it needs minimum
android version of 17
-changed all build dependencies
-in host it should be compitable and all jar files
to be availiable in ~/m2 directory to run this proper
 2015-10-30 23:48:15 -07:00
Narendra
1d7f5a13d4 Cell Collector and Geolocation Collector changes 
-Added cell collector
-fixed Geolocation issues
-added in interval collection new types
-declarations in interval collect manager
 2015-10-30 23:45:15 -07:00
Narendra
97499087df Fix for Loadfrom Memory time stamp 
-Added timestamp which takes time by the time of storing the data
 2015-10-27 10:01:26 -07:00
HD Moore
4f1815eea7 Changes to support maven 3.3+ (Ubuntu 15.10+) 2015-10-24 21:18:33 -05:00
Narendra
7c37c22ba3 Additional fixes for Geolocation collector 
-Lat and Lang to string
-loadfromMemroy support
 2015-10-24 11:30:41 -07:00
HD Moore
87627f8dbb Add Utils.getHostname, a more robust alternative 2015-10-23 20:26:54 -05:00
Narendra
98a6bd4429 Removed Run method 
-Debug messages added
-needs to format and clean up
 2015-10-23 14:21:24 -07:00
Narendra
45f718a482 Added Run method for handling location manager callbacks 2015-10-22 16:31:57 -07:00
Narendra
7a4f6cc824 GeolocationCollector changes 2015-10-21 19:08:13 -07:00
Tim
a767858919 fix running without context 2015-09-26 15:07:06 +01:00
wchen-r7
7a1c64051d Allow Android Meterpreter to be launched from a browser 2015-08-27 12:29:23 -05:00
OJ
726bc5b721 Add support for writing to storage, and restarting 
This commit adds support for simple writing to disk functioanlity. It
means that the collectors can continue to collect and write to disk
while offline, and if they stop, they can restart and regather
information stored on disk. These files are removed when the application
is removed, so the content doesn't survive new installations of the
payload.
 2015-08-19 00:20:33 +10:00
OJ
567ffadf5a First pass of interval collection 2015-08-18 00:55:29 +10:00
Brent Cook
9fd1a1e83d
whitespace tweak 2015-08-02 22:13:45 -05:00
Brent Cook
a0eb43b1a3
Land #12, add send_sms and wlan_geolocate to android meterpreter 2015-08-02 22:10:21 -05:00
Brent Cook
4f5ef507c5 whitespace / formatting fixes 2015-08-01 18:20:13 -05:00
Joao Pena Gil
a206e966a1 add new permissions to manifest 2015-07-24 04:09:24 +01:00
Joao Pena Gil
ef39dd2663 bug fixes 2015-07-23 16:58:43 +01:00
Joao Pena Gil
ffee6557ed minor fixes 2015-07-20 00:41:38 +01:00
Joao Pena Gil
898adfa31d minor fixes 2015-07-20 00:39:34 +01:00
Brent Cook
0ec1e99e55 fileInstalled should check for a file, not a package 2015-07-19 17:27:43 -06:00
Joao Pena Gil
e157b4e3cf send_sms + wlan_geolocate 2015-07-19 22:59:59 +01:00
Brent Cook
dc2779380a
Land #3, fix bytes/bytesRead confusion 2015-07-01 22:26:41 -05:00
Brent Cook
2d00913542 update minSDK version to 10, update compat check for Android 2.3.3 2015-07-01 21:57:46 -05:00
OJ
bc6b2d98be Fix STUPID mistake in config string handling 2015-07-01 17:11:46 +10:00
OJ
bb4615b29c Add appropriate encoding for reading strings from the config block 2015-07-01 08:17:01 +10:00
OJ
397ae397f7 Few tweaks to readme files, updated gitignore 2015-06-29 11:55:20 +10:00
Brent Cook
42b143f92b
Merged java 2015-06-28 13:30:03 -05:00
Brent Cook
03215edaf9 Land #45, add transport resiliency, sleep and UUIDs to java/android payloads 2015-06-28 13:24:09 -05:00
Brent Cook
e5e27c4d4d enable output for http and https 2015-06-28 13:17:56 -05:00
OJ
08551a0e8f Remove old java versions, update readme 2015-06-27 14:46:26 +10:00
OJ
34db0d71bb Merge branch 'upstream/master' into transport-refactor 2015-06-27 12:01:16 +10:00
OJ
3e551a8b9d Land #46 : update android API to level 10 2015-06-27 11:45:54 +10:00
Brent Cook
d48beb4782 simplify package checks, add test for _su as well 2015-06-26 18:09:23 -05:00
Brent Cook
d1eb125688 update to android API level 10 2015-06-26 14:57:52 -05:00
OJ
801b48aa1e Merge branch 'upstream/master' into transport-refactor 2015-06-26 15:23:58 +10:00
OJ
d107004a88 Add the uuid command support 2015-06-26 14:48:40 +10:00
OJ
b6a3c41e40 Last print statements removed 2015-06-26 14:27:45 +10:00
OJ
3afca8dc40 Remove log statements 2015-06-26 14:24:38 +10:00
OJ
e69933b540 Remove lots of debug output 2015-06-26 14:08:31 +10:00
OJ
c8aeb38847 Small tweaks to support both java and android 2015-06-26 13:58:20 +10:00
Joao Pena Gil
c1fd2340c2 fixing fixes 2015-06-25 23:47:43 +01:00
Joao Pena Gil
89c3da95d3 fix accidental run of su 2015-06-25 23:04:12 +01:00
Joao Pena Gil
3e3202bb71 fixed check_root file extensions 2015-06-25 16:57:33 +01:00
OJ
2fcfa92387 Add support for transport remove 2015-06-25 21:59:31 +10:00
OJ
c96724fab5 Better edgecase handling, process termination on exit 2015-06-25 21:38:01 +10:00
OJ
0455f5271d Add transport change, next, prev, sleep 
Along with a few other tweaks to make things clean up properly and keep
the MSF side happy.
 2015-06-25 21:17:45 +10:00
OJ
1d67e972f6 Add transport adding functionality 2015-06-25 15:17:23 +10:00
OJ
986b99abac Add the rest of the code that supports transport list 2015-06-25 14:54:38 +10:00
OJ
c0a72715cd Add transport list support 2015-06-25 14:09:03 +10:00
OJ
b62971d265 Implemented proper timeout modification 
Also added the socket poll timeout to the stager
 2015-06-25 13:29:13 +10:00
OJ
691559e641 Initial wiring for stageless URL switching 
This actually started because of something else, and I realised that
I didn't need to do it. But this will be useful for stageless stuff, so
it's staying in there for now until the commands and other wiring are in
place to make the magic happen.
 2015-06-24 22:36:33 +10:00
OJ
85f2e12165 Reconnect vs connet handling for HTTP/S 2015-06-24 21:57:08 +10:00
OJ
fbbff1e7b4 Add support for HTTP/S transports 
Still need to add certificate hash validation, proxy support, and
modifiable user agent.
 2015-06-24 21:25:23 +10:00
OJ
f03ad14292 Move new classes into the proper locations 2015-06-24 20:22:09 +10:00
OJ
bbe1ab529b Transport refactoring, dispatch functionality, and more 
This commit adds a new idea to the dispatch loop that allows commands to
exit. It also adds the core_shutdown command so that it functions
correct. There are a bunch of other changes around transports as well,
and this commit adds a "resilient" TCP transport.

HTTP/S to come. progress being made. This commit is messy with debug
statements all through it, and they'll get removed down the track.
 2015-06-24 19:57:09 +10:00
OJ
4ed2b484f0 Modify the staging process 2015-06-24 13:20:25 +10:00
Joao Pena Gil
b47ed549c8 Added SuperSU.apk to check_root 2015-06-23 15:25:08 +01:00
Brent Cook
82087dfbb9 Adjust java install paths 2015-06-22 15:02:47 -05:00
Tim
ac3d244538 add machine_id and fix sysinfo as root 2015-06-03 08:12:38 +01:00
Brent Cook
e4af7abf22 Land #38, fix thread race condition 2015-06-01 08:00:26 -05:00
Tim
cd0d091eb0 fix race condition 2015-06-01 07:15:19 +01:00
Tim
4cef8cfbb1 fix http sluggishness 2015-05-27 13:13:33 +01:00
Tim
509e67b27a add ssl cert validation 2015-05-20 07:28:20 +01:00
Tim
d02a5e41e4 add ability to change retry_wait/retry_total at runtime 2015-05-19 20:03:58 +01:00
Tim
7bbe4f5794 Merge branch 'master' into retry_options 
Conflicts:
	androidpayload/app/src/com/metasploit/stage/Payload.java
 2015-05-19 17:31:44 +01:00
Tim
5c362ad256 cleaner contextless meterpreter 2015-05-19 17:19:38 +01:00
Tim
ba2433a16f fix termination 2015-05-19 17:19:11 +01:00
Brent Cook
8a6e26af80 fix a little more whitespace, remove superfluous ; 2015-05-19 10:33:34 -05:00
Tim
57adddb803 fix http 2015-05-19 16:14:37 +01:00
Tim
6101c78a5b code formatting 2015-05-18 07:03:15 +01:00
Tim
a66ec09285 wait for the context object 2015-05-18 06:55:31 +01:00
Tim
d1e69b2d43 format all code with the default intellij java formatter 2015-05-17 19:05:21 +01:00
Tim
5fce838afc add support for configurable retry options 2015-05-17 18:56:30 +01:00
Brent Cook
3ba13e719a Land #32, switch FILE_HASH to use RAW, strings to use UTF-8 2015-05-15 09:58:38 -05:00
Tim
98aa4babbf fix Payload.start 2015-05-12 04:25:33 +01:00
Tim
6586bd0df8 add TLV_TYPE_FILE_HASH 2015-05-10 15:05:45 +01:00
Brent Cook
5998658155 wait up to 5 seconds for shell output before checking the result. 
otherwise, we can jumpt the gun and fail the test randomly
 2015-03-26 01:14:38 -05:00
Brent Cook
fdebac9f9d Land #28, @timwr switch back to background thread after finding Context 2015-03-22 21:48:20 -05:00
Brent Cook
d0ef907199 Land #27 @jlee-r7 handle broken isHidden with GCJ 2015-03-22 17:34:47 -05:00
Brent Cook
e891c7fcd0 treat strings in TLV packets as UTF-8 2015-03-19 15:21:08 -05:00
Tim Wright
3b59d513b5 Fix AndroidMeterpreter when running on Main thread 2015-03-13 23:29:42 +00:00
James Lee
78084a2d20 Fix stat when isHidden() is broken 
Works around a bug in GCJ
 2015-03-09 01:39:00 -05:00