pkgsrc-Changes-HG archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

[pkgsrc/trunk]: pkgsrc/security/msf Upgrade to 2.3



details:   https://anonhg.NetBSD.org/pkgsrc/rev/4a21f8fa2b07
branches:  trunk
changeset: 487480:4a21f8fa2b07
user:      adrianp <adrianp%pkgsrc.org@localhost>
date:      Fri Jan 14 23:36:38 2005 +0000

description:
Upgrade to 2.3

- Complete overhaul of the Framework payload collection
+ Win32 ordinal-stagers are now included (92-byte reverse connect)
+ A handful of new sparc payloads have been added (sol, linux, bsd)
+ Reliability problems have been resolved in bsd, linux, and win32
+ New udp-based linux shell stagers and shell payloads
+ New size-optimized Mac OS X encoders and payloads

- Includes the win32 version of the Meterpreter
+ Dynamically load new features over the network w/o disk access
+ In-memory dll injection of the basic meterpreter shell
+ Current extensions include Fs, Process, Net, and Sys
+ Extensive documentation is available online:
* http://metasploit.com/projects/Framework/docs/meterpreter.pdf

- Complete rewrite of the 'msfweb' user interface
+ Generate and encode stand-alone shellcode from the web interface
+ The interface is skinnable and includes three different themes
+ Streaming HTTP is used to provide a 100% web-based shell
+ Ability to set advanced options in the web interface

- Massive speed enhancements in msfconsole and msfweb
+ Snappier response and quicker load times on older systems
+ Optimizations made to various sort/search algorithms
+ Modules are no longer reloaded after each exploit

- New exploits
+ Microsoft WINS Service Memory Overwrite (MS04-045)
+ Samba trans2open() Buffer Overflow (Mac OS X)
+ 4D WebSTAR FTP Server Buffer Overflow (Mac OS X)
+ Veritas Name Service Registration Buffer Overflow
+ AOL Instant Messenger 'goaway' Buffer Overflow
+ IPSwitch IMail IMAPD 'delete' Buffer Overflow
+ Seattle Labs Mail Server POP3 Buffer Overflow
+ UoW IMAPD Buffer Overflow (sparc, ia32)
+ IRIX lpdsched Remote Command Execution
+ CDE dtspcd Buffer Overflow (Solaris)
+ IIS 4.0 ism.dll HTR Buffer Overflow
+ IIS w3who.dll ISAPI Buffer Overflow

diffstat:

 security/msf/Makefile |   25 +-
 security/msf/PLIST    |  508 ++++++++++++++++++++++++++++++++++++++++++++-----
 security/msf/distinfo |    6 +-
 3 files changed, 469 insertions(+), 70 deletions(-)

diffs (truncated from 745 to 300 lines):

diff -r b4aa97daf4d5 -r 4a21f8fa2b07 security/msf/Makefile
--- a/security/msf/Makefile     Fri Jan 14 22:21:26 2005 +0000
+++ b/security/msf/Makefile     Fri Jan 14 23:36:38 2005 +0000
@@ -1,8 +1,8 @@
-# $NetBSD: Makefile,v 1.1.1.1 2004/10/19 16:38:22 adrianp Exp $
+# $NetBSD: Makefile,v 1.2 2005/01/14 23:36:38 adrianp Exp $
 #
 
-DISTNAME=      framework-2.2
-PKGNAME=       msf-2.2
+DISTNAME=      framework-2.3
+PKGNAME=       msf-2.3
 CATEGORIES=    security
 MASTER_SITES=  http://www.metasploit.com/tools/
 
@@ -10,6 +10,8 @@
 HOMEPAGE=      http://www.metasploit.com/
 COMMENT=       Platform for developing, testing, and using exploit code
 
+LICENSE=       inlineegg-license
+
 DEPENDS+=      p5-Net-SSLeay>=1.23:../../security/p5-Net-SSLeay
 DEPENDS+=      p5-Term-ReadLine>=1.14:../../devel/p5-Term-ReadLine
 
@@ -20,9 +22,9 @@
 PERL5_REQD=    5.6.0
 USE_PERL5=     YES
 PERL_FILES=    msfcli msfconsole msfdldebug msfencode msflogdump msfpayload \
-               msfpayload.cgi msfpescan msfweb msfupdate
+               msfpayload.cgi msfpescan msfweb msfupdate msfelfscan
 REPLACE_PERL+= ${PERL_FILES} tools/socketNinja.pl sdk/formatGen.pl \
-               sdk/patternOffset.pl sdk/spitCode.pl
+               sdk/patternOffset.pl sdk/spitCode.pl src/shellcode/import.pl
 
 NO_BUILDLINK=  YES
 NO_BUILD=      YES
@@ -40,7 +42,8 @@
                        payloads/external/linx86bind_ie.py \
                        payloads/external/linx86reverse_ie.py \
                        payloads/external/linx86reverse_xor.py \
-                       payloads/external/win32_stg_winexec.py
+                       payloads/external/win32_stg_winexec.py \
+                       payloads/external/inlineegg.py
 .include "../../lang/python/application.mk"
 .include "../../lang/python/extension.mk"
 .endif
@@ -49,6 +52,8 @@
        ${INSTALL_DATA_DIR} ${MSFDIR}
        ${INSTALL_DATA_DIR} ${MSFDIR}/docs
        ${INSTALL_DATA_DIR} ${MSFDIR}/data
+       ${INSTALL_DATA_DIR} ${MSFDIR}/data/meterpreter
+       ${INSTALL_DATA_DIR} ${MSFDIR}/data/msfweb
        ${INSTALL_DATA_DIR} ${MSFDIR}/encoders
        ${INSTALL_DATA_DIR} ${MSFDIR}/exploits
        ${INSTALL_DATA_DIR} ${MSFDIR}/extras
@@ -57,11 +62,14 @@
        ${INSTALL_DATA_DIR} ${MSFDIR}/payloads
        ${INSTALL_DATA_DIR} ${MSFDIR}/payloads/external
        ${INSTALL_DATA_DIR} ${MSFDIR}/sdk
+       ${INSTALL_DATA_DIR} ${MSFDIR}/src
        ${INSTALL_DATA_DIR} ${MSFDIR}/tools
-       ${INSTALL_DATA_DIR} ${MSFDIR}/src
 
        ${INSTALL_DATA} ${WRKSRC}/docs/* ${MSFDIR}/docs
-       ${INSTALL_DATA} ${WRKSRC}/data/* ${MSFDIR}/data
+       ${INSTALL_PROGRAM} ${WRKSRC}/data/shelldemo ${MSFDIR}/data
+       ${INSTALL_DATA} ${WRKSRC}/data/vncdll.dll ${MSFDIR}/data
+       ${INSTALL_DATA} ${WRKSRC}/data/meterpreter/*.dll \
+               ${MSFDIR}/data/meterpreter
        ${INSTALL_DATA} ${WRKSRC}/encoders/*.pm ${MSFDIR}/encoders
        ${INSTALL_DATA} ${WRKSRC}/exploits/*.pm ${MSFDIR}/exploits
        ${INSTALL_DATA} ${WRKSRC}/extras/*.tar.gz ${MSFDIR}/extras
@@ -71,6 +79,7 @@
        cd ${WRKSRC}/sdk && ${PAX} -rw . ${MSFDIR}/sdk
        cd ${WRKSRC}/tools && ${PAX} -rw . ${MSFDIR}/tools
        cd ${WRKSRC}/src && ${PAX} -rw . ${MSFDIR}/src
+       cd ${WRKSRC}/data/msfweb && ${PAX} -rw . ${MSFDIR}/data/msfweb
 
        ${INSTALL_DATA} ${WRKSRC}/nops/*.pm ${MSFDIR}/nops
        ${INSTALL_DATA} ${WRKSRC}/payloads/*.pm ${MSFDIR}/payloads
diff -r b4aa97daf4d5 -r 4a21f8fa2b07 security/msf/PLIST
--- a/security/msf/PLIST        Fri Jan 14 22:21:26 2005 +0000
+++ b/security/msf/PLIST        Fri Jan 14 23:36:38 2005 +0000
@@ -1,28 +1,66 @@
-@comment $NetBSD: PLIST,v 1.1.1.1 2004/10/19 16:38:22 adrianp Exp $
+@comment $NetBSD: PLIST,v 1.2 2005/01/14 23:36:38 adrianp Exp $
+share/doc/msf
 share/msf/docs/7f8d5320.0
 share/msf/docs/BUGS
 share/msf/docs/COPYING
 share/msf/docs/COPYING.Artistic
 share/msf/docs/COPYING.GNU
 share/msf/docs/COPYING.InlineEgg
-share/msf/docs/CrashCourse.doc
-share/msf/docs/CrashCourse.html
-share/msf/docs/CrashCourse.pdf
-share/msf/docs/CrashCourse.sxw
+share/msf/docs/CrashCourse_IT.doc
+share/msf/docs/CrashCourse_IT.html
+share/msf/docs/CrashCourse_IT.pdf
+share/msf/docs/CrashCourse_IT.sxw
+share/msf/docs/CrashCourse_BR.sxw
+share/msf/docs/CrashCourse_FR.pdf
 share/msf/docs/Environment.txt
-share/msf/docs/QUICKSTART.cygwin
 share/msf/docs/QUICKSTART.impurity
 share/msf/docs/QUICKSTART.msfcli
 share/msf/docs/QUICKSTART.msfconsole
 share/msf/docs/QUICKSTART.msfweb
-share/msf/docs/QUICKSTART.ssl
-share/msf/docs/QUICKSTART.tabcompletion
 share/msf/docs/SECURITY
 share/msf/docs/VERSION
+share/msf/docs/RELEASE_2.3.txt
+share/msf/docs/meterpreter.pdf
+share/msf/docs/userguide.pdf
+share/msf/docs/userguide.tex
 share/msf/docs/cacert.pem
-share/doc/msf
 share/msf/data/shelldemo
 share/msf/data/vncdll.dll
+share/msf/data/meterpreter/ext_server_fs.dll
+share/msf/data/meterpreter/ext_server_net.dll
+share/msf/data/meterpreter/ext_server_process.dll
+share/msf/data/meterpreter/ext_server_sys.dll
+share/msf/data/meterpreter/metsrv.dll
+share/msf/data/msfweb/icons/favicon.ico
+share/msf/data/msfweb/icons/amiga.gif
+share/msf/data/msfweb/icons/cisco.gif
+share/msf/data/msfweb/icons/win32.gif
+share/msf/data/msfweb/icons/be.gif
+share/msf/data/msfweb/icons/sun.gif
+share/msf/data/msfweb/icons/irix.gif
+share/msf/data/msfweb/icons/aix.gif
+share/msf/data/msfweb/icons/unknown.gif
+share/msf/data/msfweb/icons/hpux.gif
+share/msf/data/msfweb/icons/any.gif
+share/msf/data/msfweb/icons/os2.gif
+share/msf/data/msfweb/icons/osx.gif
+share/msf/data/msfweb/icons/novell.gif
+share/msf/data/msfweb/icons/bsd.gif
+share/msf/data/msfweb/icons/linux.gif
+share/msf/data/msfweb/themes/default/style.css
+share/msf/data/msfweb/themes/default/credits.txt
+share/msf/data/msfweb/themes/default/logo.jpg
+share/msf/data/msfweb/themes/gblack/style.css
+share/msf/data/msfweb/themes/gblack/credits.txt
+share/msf/data/msfweb/themes/gblack/logo.jpg
+share/msf/data/msfweb/themes/gwhite/style.css
+share/msf/data/msfweb/themes/gwhite/credits.txt
+share/msf/data/msfweb/themes/gwhite/logo.jpg
+share/msf/encoders/Alpha2.pm
+share/msf/encoders/Countdown.pm
+share/msf/encoders/JmpCallAdditive.pm
+share/msf/encoders/OSXPPCLongXOR.pm
+share/msf/encoders/OSXPPCLongXORTag.pm
 share/msf/encoders/None.pm
 share/msf/encoders/Pex.pm
 share/msf/encoders/PexAlphaNum.pm
@@ -33,15 +71,30 @@
 share/msf/encoders/Sparc.pm
 share/msf/exploits/Credits.pm
 share/msf/exploits/Tester.pm
-share/msf/exploits/Win32Tester.pm
+share/msf/exploits/aim_goaway.pm
+share/msf/exploits/backupexec_ns.pm
+share/msf/exploits/icecast_header.pm
+share/msf/exploits/iis40_htr.pm
+share/msf/exploits/iis_fp30reg_chunked.pm
+share/msf/exploits/iis_nsiislog_post.pm
+share/msf/exploits/iis_w3who_overflow.pm
+share/msf/exploits/imail_imap_delete.pm
+share/msf/exploits/irix_lpsched_exec.pm
+share/msf/exploits/mssql2000_preauthentication.pm
+share/msf/exploits/openview_omniback.pm
+share/msf/exploits/samba_trans2open_osx.pm
+share/msf/exploits/seattlelab_mail_55.pm
+share/msf/exploits/solaris_dtspcd_noir.pm
+share/msf/exploits/uow_imap4_copy.pm
+share/msf/exploits/uow_imap4_lsub.pm
+share/msf/exploits/webstar_ftp_user.pm
+share/msf/exploits/wins_ms04_045.pm
 share/msf/exploits/afp_loginext.pm
 share/msf/exploits/apache_chunked_win32.pm
 share/msf/exploits/blackice_pam_icq.pm
 share/msf/exploits/distcc_exec.pm
 share/msf/exploits/exchange2000_xexch50.pm
-share/msf/exploits/frontpage_fp30reg_chunked.pm
 share/msf/exploits/ia_webmail.pm
-share/msf/exploits/iis50_nsiislog_post.pm
 share/msf/exploits/iis50_printer_overflow.pm
 share/msf/exploits/iis50_webdav_ntdll.pm
 share/msf/exploits/imail_ldap.pm
@@ -67,33 +120,22 @@
 share/msf/extras/Term-ReadLine-Gnu-1.14.tar.gz
 share/msf/lib/Msf/PayloadComponent/InlineEggPayload.pm
 share/msf/lib/Msf/PayloadComponent/CommandPayload.pm
-share/msf/lib/Msf/PayloadComponent/Win32Execute.pm
-share/msf/lib/Msf/PayloadComponent/Win32StagePayload.pm
 share/msf/lib/Msf/PayloadComponent/SolarisShellStage.pm
 share/msf/lib/Msf/PayloadComponent/ReverseConnection.pm
 share/msf/lib/Msf/PayloadComponent/SolarisStagePayload.pm
 share/msf/lib/Msf/PayloadComponent/DoubleReverseConnection.pm
 share/msf/lib/Msf/PayloadComponent/Console.pm
-share/msf/lib/Msf/PayloadComponent/Win32ShellStage.pm
 share/msf/lib/Msf/PayloadComponent/ConnectionHandler.pm
 share/msf/lib/Msf/PayloadComponent/SolarisPayload.pm
 share/msf/lib/Msf/PayloadComponent/NoConnection.pm
 share/msf/lib/Msf/PayloadComponent/TextConsole.pm
-share/msf/lib/Msf/PayloadComponent/Win32StagePayloadIE.pm
 share/msf/lib/Msf/PayloadComponent/ExternalPayload.pm
 share/msf/lib/Msf/PayloadComponent/BindConnection.pm
 share/msf/lib/Msf/PayloadComponent/FindRecvConnection.pm
-share/msf/lib/Msf/PayloadComponent/Win32UploadExecStage.pm
-share/msf/lib/Msf/PayloadComponent/Win32ReverseStagerIE.pm
 share/msf/lib/Msf/PayloadComponent/SolarisFindStager.pm
 share/msf/lib/Msf/PayloadComponent/SolarisBindStager.pm
-share/msf/lib/Msf/PayloadComponent/Win32BindStagerIE.pm
 share/msf/lib/Msf/PayloadComponent/FindConnection.pm
-share/msf/lib/Msf/PayloadComponent/Win32BindStager.pm
 share/msf/lib/Msf/PayloadComponent/SolarisReverseStager.pm
-share/msf/lib/Msf/PayloadComponent/Win32InjectLibStage.pm
-share/msf/lib/Msf/PayloadComponent/Win32ReverseStager.pm
-share/msf/lib/Msf/PayloadComponent/Win32Payload.pm
 share/msf/lib/Msf/PayloadComponent/WebConsole.pm
 share/msf/lib/Msf/Base.pm
 share/msf/lib/Msf/UI.pm
@@ -118,6 +160,88 @@
 share/msf/lib/Msf/WebUI.pm
 share/msf/lib/Msf/Config.pm
 share/msf/lib/Msf/Encoder.pm
+share/msf/lib/Pex/SPARC.pm
+share/msf/lib/Pex/Meterpreter/RemoteDispatch.pm
+share/msf/lib/Pex/Meterpreter/Packet.pm
+share/msf/lib/Pex/Meterpreter/LocalDispatch.pm
+share/msf/lib/Pex/Meterpreter/Extension/Client/Sys.pm
+share/msf/lib/Pex/Meterpreter/Extension/Client/Process.pm
+share/msf/lib/Pex/Meterpreter/Extension/Client/Net.pm
+share/msf/lib/Pex/Meterpreter/Extension/Client/Fs.pm
+share/msf/lib/Pex/Meterpreter/Extension/Client/Boiler.pm
+share/msf/lib/Pex/Meterpreter/Crypto/Xor.pm
+share/msf/lib/Pex/Meterpreter/Client.pm
+share/msf/lib/Pex/Meterpreter/Channel.pm
+share/msf/lib/Pex/Meterpreter/Buffer.pm
+share/msf/lib/Pex/Meterpreter/Base.pm
+share/msf/lib/Pex/Meterpreter/Arguments.pm
+share/msf/lib/Pex/Encoding/XorWord.pm
+share/msf/lib/Pex/Encoding/XorDwordFeedbackN.pm
+share/msf/lib/Pex/Encoding/XorDwordFeedback.pm
+share/msf/lib/Pex/Encoding/XorDword.pm
+share/msf/lib/Pex/ELFInfo.pm
+share/msf/lib/Pex/Alpha.pm
+share/msf/lib/Msf/PayloadComponent/Windows/ia32/UploadExecStage.pm
+share/msf/lib/Msf/PayloadComponent/Windows/ia32/ShellStage.pm
+share/msf/lib/Msf/PayloadComponent/Windows/ia32/ReverseStagerIE.pm
+share/msf/lib/Msf/PayloadComponent/Windows/ia32/ReverseStager.pm
+share/msf/lib/Msf/PayloadComponent/Windows/ia32/ReverseOrdinalStager.pm
+share/msf/lib/Msf/PayloadComponent/Windows/ia32/PipedShellStage.pm
+share/msf/lib/Msf/PayloadComponent/Windows/ia32/InjectVncStage.pm
+share/msf/lib/Msf/PayloadComponent/Windows/ia32/InjectMeterpreterStage.pm
+share/msf/lib/Msf/PayloadComponent/Windows/ia32/InjectLibStage.pm
+share/msf/lib/Msf/PayloadComponent/Windows/ia32/FindRecvOrdinalStager.pm
+share/msf/lib/Msf/PayloadComponent/Windows/ia32/ExecuteCommand.pm
+share/msf/lib/Msf/PayloadComponent/Windows/ia32/BindStagerIE.pm
+share/msf/lib/Msf/PayloadComponent/Windows/ia32/BindStager.pm
+share/msf/lib/Msf/PayloadComponent/Windows/StagePayloadIE.pm
+share/msf/lib/Msf/PayloadComponent/Windows/StagePayload.pm
+share/msf/lib/Msf/PayloadComponent/Windows/ReverseStager.pm
+share/msf/lib/Msf/PayloadComponent/Windows/Payload.pm
+share/msf/lib/Msf/PayloadComponent/Windows/FindRecvStager.pm
+share/msf/lib/Msf/PayloadComponent/Windows/BindStager.pm
+share/msf/lib/Msf/PayloadComponent/OSX/ppc/ShellStage.pm
+share/msf/lib/Msf/PayloadComponent/OSX/ppc/ReverseStager.pm
+share/msf/lib/Msf/PayloadComponent/OSX/ppc/ReverseNFStager.pm
+share/msf/lib/Msf/PayloadComponent/OSX/ppc/FindRecvStager.pm
+share/msf/lib/Msf/PayloadComponent/OSX/ppc/FindRecvPeekStager.pm
+share/msf/lib/Msf/PayloadComponent/OSX/ppc/BindStager.pm
+share/msf/lib/Msf/PayloadComponent/OSX/StagePayload.pm
+share/msf/lib/Msf/PayloadComponent/OSX/ReverseStager.pm
+share/msf/lib/Msf/PayloadComponent/OSX/Payload.pm
+share/msf/lib/Msf/PayloadComponent/OSX/FindRecvStager.pm
+share/msf/lib/Msf/PayloadComponent/OSX/BindStager.pm
+share/msf/lib/Msf/PayloadComponent/Linux/ia32/ShellStage.pm
+share/msf/lib/Msf/PayloadComponent/Linux/ia32/ReverseStager.pm
+share/msf/lib/Msf/PayloadComponent/Linux/ia32/FindRecvStager.pm
+share/msf/lib/Msf/PayloadComponent/Linux/ia32/BindStager.pm
+share/msf/lib/Msf/PayloadComponent/Linux/StagePayload.pm
+share/msf/lib/Msf/PayloadComponent/Linux/ReverseStager.pm
+share/msf/lib/Msf/PayloadComponent/Linux/Payload.pm
+share/msf/lib/Msf/PayloadComponent/Linux/FindRecvStager.pm
+share/msf/lib/Msf/PayloadComponent/Linux/BindStager.pm
+share/msf/lib/Msf/PayloadComponent/BSDi/ia32/ShellStage.pm
+share/msf/lib/Msf/PayloadComponent/BSDi/ia32/ReverseStager.pm
+share/msf/lib/Msf/PayloadComponent/BSDi/ia32/BindStager.pm
+share/msf/lib/Msf/PayloadComponent/BSDi/StagePayload.pm
+share/msf/lib/Msf/PayloadComponent/BSDi/ReverseStager.pm
+share/msf/lib/Msf/PayloadComponent/BSDi/Payload.pm
+share/msf/lib/Msf/PayloadComponent/BSDi/FindRecvStager.pm
+share/msf/lib/Msf/PayloadComponent/BSDi/BindStager.pm
+share/msf/lib/Msf/PayloadComponent/BSD/ia32/ShellStage.pm



Home | Main Index | Thread Index | Old Index