metasploit-payloads 2.0.56 → 2.0.57
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- checksums.yaml.gz.sig +0 -0
- data/data/android/meterpreter.dex +0 -0
- data/data/android/meterpreter.jar +0 -0
- data/data/android/metstage.jar +0 -0
- data/data/android/shell.jar +0 -0
- data/data/meterpreter/elevator.x64.dll +0 -0
- data/data/meterpreter/elevator.x86.dll +0 -0
- data/data/meterpreter/ext_server_espia.x64.dll +0 -0
- data/data/meterpreter/ext_server_espia.x86.dll +0 -0
- data/data/meterpreter/ext_server_extapi.x64.dll +0 -0
- data/data/meterpreter/ext_server_extapi.x86.dll +0 -0
- data/data/meterpreter/ext_server_incognito.x64.dll +0 -0
- data/data/meterpreter/ext_server_incognito.x86.dll +0 -0
- data/data/meterpreter/ext_server_kiwi.x64.dll +0 -0
- data/data/meterpreter/ext_server_kiwi.x86.dll +0 -0
- data/data/meterpreter/ext_server_lanattacks.x64.dll +0 -0
- data/data/meterpreter/ext_server_lanattacks.x86.dll +0 -0
- data/data/meterpreter/ext_server_peinjector.x64.dll +0 -0
- data/data/meterpreter/ext_server_peinjector.x86.dll +0 -0
- data/data/meterpreter/ext_server_powershell.x64.dll +0 -0
- data/data/meterpreter/ext_server_powershell.x86.dll +0 -0
- data/data/meterpreter/ext_server_priv.x64.dll +0 -0
- data/data/meterpreter/ext_server_priv.x86.dll +0 -0
- data/data/meterpreter/ext_server_python.x64.dll +0 -0
- data/data/meterpreter/ext_server_python.x86.dll +0 -0
- data/data/meterpreter/ext_server_sniffer.x64.dll +0 -0
- data/data/meterpreter/ext_server_sniffer.x86.dll +0 -0
- data/data/meterpreter/ext_server_stdapi.jar +0 -0
- data/data/meterpreter/ext_server_stdapi.php +29 -9
- data/data/meterpreter/ext_server_stdapi.py +21 -2
- data/data/meterpreter/ext_server_stdapi.x64.dll +0 -0
- data/data/meterpreter/ext_server_stdapi.x86.dll +0 -0
- data/data/meterpreter/ext_server_unhook.x64.dll +0 -0
- data/data/meterpreter/ext_server_unhook.x86.dll +0 -0
- data/data/meterpreter/ext_server_winpmem.x64.dll +0 -0
- data/data/meterpreter/ext_server_winpmem.x86.dll +0 -0
- data/data/meterpreter/metsrv.x64.dll +0 -0
- data/data/meterpreter/metsrv.x86.dll +0 -0
- data/data/meterpreter/screenshot.x64.dll +0 -0
- data/data/meterpreter/screenshot.x86.dll +0 -0
- data/lib/metasploit-payloads/version.rb +1 -1
- data.tar.gz.sig +3 -2
- metadata +2 -2
- metadata.gz.sig +0 -0
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 828c2137d88b9ecf8a48064976e436f178a4e69bfc3a01b2aac2e880f605e78e
|
4
|
+
data.tar.gz: b5ee9b456a820e72fa918aafb258347b812469de22f47e0bc01d4ea039100d07
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 19d25d6d1db9e626ea6746c59a4d7344a72435e0c36b46357b2e8dfb27361383b3264b38f24038aaeb9fba6607fbbbcbeef017f81437b3dae9c11dcb2c927506
|
7
|
+
data.tar.gz: a7810ce9c9f07f4438450fb9f2a611a7c4aed844d14035a263784f241074ed773ff4661cf550386839eb939c9ec9adf143d8202161ba969a7f341c2f712ae2e3
|
checksums.yaml.gz.sig
CHANGED
Binary file
|
Binary file
|
Binary file
|
data/data/android/metstage.jar
CHANGED
Binary file
|
data/data/android/shell.jar
CHANGED
Binary file
|
Binary file
|
Binary file
|
Binary file
|
Binary file
|
Binary file
|
Binary file
|
Binary file
|
Binary file
|
Binary file
|
Binary file
|
Binary file
|
Binary file
|
Binary file
|
Binary file
|
Binary file
|
Binary file
|
Binary file
|
Binary file
|
Binary file
|
Binary file
|
Binary file
|
Binary file
|
Binary file
|
@@ -27,7 +27,9 @@ define("TLV_TYPE_SEARCH_RECURSE", TLV_META_TYPE_BOOL | 1230);
|
|
27
27
|
define("TLV_TYPE_SEARCH_GLOB", TLV_META_TYPE_STRING | 1231);
|
28
28
|
define("TLV_TYPE_SEARCH_ROOT", TLV_META_TYPE_STRING | 1232);
|
29
29
|
define("TLV_TYPE_SEARCH_RESULTS", TLV_META_TYPE_GROUP | 1233);
|
30
|
-
|
30
|
+
define("TLV_TYPE_SEARCH_MTIME", TLV_META_TYPE_UINT | 1235);
|
31
|
+
define("TLV_TYPE_SEARCH_M_START_DATE", TLV_META_TYPE_UINT | 1236);
|
32
|
+
define("TLV_TYPE_SEARCH_M_END_DATE", TLV_META_TYPE_UINT | 1237);
|
31
33
|
define("TLV_TYPE_FILE_MODE_T", TLV_META_TYPE_UINT | 1234);
|
32
34
|
|
33
35
|
##
|
@@ -340,7 +342,7 @@ define('GLOB_RECURSE',2048);
|
|
340
342
|
* GLOB_NODOTS, GLOB_RECURSE
|
341
343
|
*/
|
342
344
|
if (!function_exists('safe_glob')) {
|
343
|
-
function safe_glob($pattern, $flags=0) {
|
345
|
+
function safe_glob($pattern, $flags=0, $start_date=null, $end_date=null) {
|
344
346
|
$split=explode('/',str_replace('\\','/',$pattern));
|
345
347
|
$mask=array_pop($split);
|
346
348
|
$path=implode('/',$split);
|
@@ -356,14 +358,21 @@ function safe_glob($pattern, $flags=0) {
|
|
356
358
|
&& (!is_link($path."/".$file))
|
357
359
|
)
|
358
360
|
) {
|
359
|
-
$
|
360
|
-
|
361
|
+
$newglob = safe_glob($path.'/'.$file.'/'.$mask, $flags, $start_date, $end_date);
|
362
|
+
if ($newglob !== false) {
|
363
|
+
$glob = array_merge($glob, array_prepend($newglob,
|
364
|
+
($flags&GLOB_PATH?'':$file.'/')));
|
365
|
+
}
|
361
366
|
}
|
362
367
|
// Match file mask
|
363
368
|
if (fnmatch($mask,$file)) {
|
369
|
+
$tmp_f_stat = stat($path.'/'.$file);
|
370
|
+
$mtime = $tmp_f_stat['mtime'];
|
364
371
|
if ( ( (!($flags&GLOB_ONLYDIR)) || is_dir("$path/$file") )
|
365
372
|
&& ( (!($flags&GLOB_NODIR)) || (!is_dir($path.'/'.$file)) )
|
366
|
-
&& ( (!($flags&GLOB_NODOTS)) || (!in_array($file,array('.','..'))) )
|
373
|
+
&& ( (!($flags&GLOB_NODOTS)) || (!in_array($file,array('.','..'))) )
|
374
|
+
&& ( ($start_date === null) || ($start_date <= $mtime))
|
375
|
+
&& ( ($end_date === null) || ($end_date >= $mtime)) )
|
367
376
|
$glob[] = ($flags&GLOB_PATH?$path.'/':'') . $file . ($flags&GLOB_MARK?'/':'');
|
368
377
|
}
|
369
378
|
}
|
@@ -682,27 +691,38 @@ function stdapi_fs_search($req, &$pkt) {
|
|
682
691
|
$glob = canonicalize_path($glob_tlv['value']);
|
683
692
|
$recurse_tlv = packet_get_tlv($req, TLV_TYPE_SEARCH_RECURSE);
|
684
693
|
$recurse = $recurse_tlv['value'];
|
694
|
+
$start_date_tlv = packet_get_tlv($req, TLV_TYPE_SEARCH_M_START_DATE);
|
695
|
+
$start_date = null;
|
696
|
+
if ($start_date_tlv) {
|
697
|
+
$start_date = $start_date_tlv['value'];
|
698
|
+
}
|
699
|
+
$end_date_tlv = packet_get_tlv($req, TLV_TYPE_SEARCH_M_END_DATE);
|
700
|
+
$end_date = null;
|
701
|
+
if ($end_date_tlv) {
|
702
|
+
$end_date = $end_date_tlv['value'];
|
703
|
+
}
|
685
704
|
|
686
705
|
if (!$root) {
|
687
706
|
$root = '.';
|
688
707
|
}
|
689
708
|
|
690
709
|
my_print("glob: $glob, root: $root, recurse: $recurse");
|
691
|
-
$flags = GLOB_PATH;
|
710
|
+
$flags = GLOB_PATH | GLOB_NODOTS;
|
692
711
|
if ($recurse) {
|
693
712
|
$flags |= GLOB_RECURSE;
|
694
713
|
}
|
695
|
-
$files = safe_glob($root ."/". $glob, $flags);
|
714
|
+
$files = safe_glob($root ."/". $glob, $flags, $start_date, $end_date);
|
696
715
|
if ($files and is_array($files)) {
|
697
716
|
dump_array($files);
|
698
717
|
foreach ($files as $file) {
|
699
718
|
$file_tlvs = "";
|
700
719
|
$s = stat($file);
|
701
|
-
$p = dirname($file);
|
702
|
-
$f = basename($file);
|
720
|
+
$p = canonicalize_path(dirname($file));
|
721
|
+
$f = canonicalize_path(basename($file));
|
703
722
|
$file_tlvs .= tlv_pack(create_tlv(TLV_TYPE_FILE_PATH, $p));
|
704
723
|
$file_tlvs .= tlv_pack(create_tlv(TLV_TYPE_FILE_NAME, $f));
|
705
724
|
$file_tlvs .= tlv_pack(create_tlv(TLV_TYPE_FILE_SIZE, $s['size']));
|
725
|
+
$file_tlvs .= tlv_pack(create_tlv(TLV_TYPE_SEARCH_MTIME, $s['mtime']));
|
706
726
|
packet_add_tlv($pkt, create_tlv(TLV_TYPE_SEARCH_RESULTS, $file_tlvs));
|
707
727
|
}
|
708
728
|
}
|
@@ -474,6 +474,9 @@ TLV_TYPE_SEARCH_ROOT = TLV_META_TYPE_STRING | 1232
|
|
474
474
|
TLV_TYPE_SEARCH_RESULTS = TLV_META_TYPE_GROUP | 1233
|
475
475
|
|
476
476
|
TLV_TYPE_FILE_MODE_T = TLV_META_TYPE_UINT | 1234
|
477
|
+
TLV_TYPE_SEARCH_MTIME = TLV_META_TYPE_UINT | 1235
|
478
|
+
TLV_TYPE_SEARCH_M_START_DATE = TLV_META_TYPE_UINT | 1236
|
479
|
+
TLV_TYPE_SEARCH_M_END_DATE = TLV_META_TYPE_UINT | 1237
|
477
480
|
|
478
481
|
##
|
479
482
|
# Net
|
@@ -1518,20 +1521,36 @@ def stdapi_fs_search(request, response):
|
|
1518
1521
|
search_root = unicode(search_root)
|
1519
1522
|
glob = packet_get_tlv(request, TLV_TYPE_SEARCH_GLOB)['value']
|
1520
1523
|
recurse = packet_get_tlv(request, TLV_TYPE_SEARCH_RECURSE)['value']
|
1524
|
+
start_date = packet_get_tlv(request,TLV_TYPE_SEARCH_M_START_DATE)
|
1525
|
+
end_date = packet_get_tlv(request,TLV_TYPE_SEARCH_M_END_DATE)
|
1521
1526
|
if recurse:
|
1522
1527
|
for root, dirs, files in os.walk(search_root):
|
1523
1528
|
for f in filter(lambda f: fnmatch.fnmatch(f, glob), files):
|
1529
|
+
file_stat = os.stat(os.path.join(root, f))
|
1530
|
+
mtime = int(file_stat.st_mtime)
|
1531
|
+
if start_date and start_date['value'] > mtime:
|
1532
|
+
continue
|
1533
|
+
if end_date and end_date['value'] < mtime:
|
1534
|
+
continue
|
1524
1535
|
file_tlv = bytes()
|
1525
1536
|
file_tlv += tlv_pack(TLV_TYPE_FILE_PATH, root)
|
1526
1537
|
file_tlv += tlv_pack(TLV_TYPE_FILE_NAME, f)
|
1527
|
-
file_tlv += tlv_pack(TLV_TYPE_FILE_SIZE,
|
1538
|
+
file_tlv += tlv_pack(TLV_TYPE_FILE_SIZE, file_stat.st_size)
|
1539
|
+
file_tlv += tlv_pack(TLV_TYPE_SEARCH_MTIME, mtime)
|
1528
1540
|
response += tlv_pack(TLV_TYPE_SEARCH_RESULTS, file_tlv)
|
1529
1541
|
else:
|
1530
1542
|
for f in filter(lambda f: fnmatch.fnmatch(f, glob), os.listdir(search_root)):
|
1543
|
+
file_stat = os.stat(os.path.join(search_root, f))
|
1544
|
+
mtime = int(file_stat.st_mtime)
|
1545
|
+
if start_date and start_date['value'] > mtime:
|
1546
|
+
continue
|
1547
|
+
if end_date and end_date['value'] < mtime:
|
1548
|
+
continue
|
1531
1549
|
file_tlv = bytes()
|
1532
1550
|
file_tlv += tlv_pack(TLV_TYPE_FILE_PATH, search_root)
|
1533
1551
|
file_tlv += tlv_pack(TLV_TYPE_FILE_NAME, f)
|
1534
|
-
file_tlv += tlv_pack(TLV_TYPE_FILE_SIZE,
|
1552
|
+
file_tlv += tlv_pack(TLV_TYPE_FILE_SIZE, file_stat.st_size)
|
1553
|
+
file_tlv += tlv_pack(TLV_TYPE_SEARCH_MTIME, mtime)
|
1535
1554
|
response += tlv_pack(TLV_TYPE_SEARCH_RESULTS, file_tlv)
|
1536
1555
|
return ERROR_SUCCESS, response
|
1537
1556
|
|
Binary file
|
Binary file
|
Binary file
|
Binary file
|
Binary file
|
Binary file
|
Binary file
|
Binary file
|
Binary file
|
Binary file
|
data.tar.gz.sig
CHANGED
@@ -1,2 +1,3 @@
|
|
1
|
-
|
2
|
-
|
1
|
+
�*�A�x̭��XS�y�'wp��5��3�2�X�:C��(��$ִR'�Z����t�x[d��N�6��3���m6�����Y�����'~XRiҨ�8�OH����6����{��/����?�v���np��;��̝�8��;������adP�Ә)Q�
|
2
|
+
�����QW�dt��/d��y��X��+�q��_}1]��v��@��b�5�;�_>��� �ʈ�?
|
3
|
+
���U�ޢ�f�tgX���U���oJ�$�����;4
|
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: metasploit-payloads
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 2.0.
|
4
|
+
version: 2.0.57
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- OJ Reeves
|
@@ -96,7 +96,7 @@ cert_chain:
|
|
96
96
|
EknWpNgVhohbot1lfVAMmIhdtOVaRVcQQixWPwprDj/ydB8ryDMDosIMcw+fkoXU
|
97
97
|
9GJsSaSRRYQ9UUkVL27b64okU8D48m8=
|
98
98
|
-----END CERTIFICATE-----
|
99
|
-
date: 2021-09-
|
99
|
+
date: 2021-09-27 00:00:00.000000000 Z
|
100
100
|
dependencies:
|
101
101
|
- !ruby/object:Gem::Dependency
|
102
102
|
name: rake
|
metadata.gz.sig
CHANGED
Binary file
|