Skip to content

Releases: hatRiot/clusterd

v0.5 - Bug Release

19 Nov 07:35
Compare
Choose a tag to compare

Fixed a bunch of bugs, added SEAM2 deployer for JBoss.

Major Release - GlassFish support, Coldfusion updates, etc.

14 Sep 21:06
Compare
Choose a tag to compare

Added Oracle Glassfish, Coldfusion 5.x support, and Railo RCE/LFI modules.

Features

  • Oracle Glassfish now supported; this includes versions 3.0, 3.1, and 4.x Not all functions are supported for the platform yet, as it's kind of a crappy platform, but it's still in progress. Early support stable.
  • Platform-specific flags no longer included in the default help output. This was primarily done to improve help readability and prevent overflowing the user with potentially irrelevant information.
  • The --aux-list and --deployer-list flags now support a platform argument to print only platform-specific modules. All platforms/modules may still be printed by not providing an argument.
  • Significant modules added for Railo; pre-authentication LFI and pre-authentication RCE added.
  • Another post-authentication deployer (log_injection.py) added for Railo.
  • ColdFusion 5 fingerprint and support added

Enhancements

  • Payload invocation now tied to --timeout.
  • Coldfusion 6 now fully supported in all modules.

Bugs

  • Issue #25 revealed three separate bugs in JBoss invokes. All have now been patched.
  • Added Axis2 output for failed/already deployed payloads.
  • Fixed a bug with incorrectly invoking JBoss 7.0+ payloads.

Minor Release - Bugs

14 Jun 05:50
Compare
Choose a tag to compare

Largely a maintenance release, with some newer features.

Features

  • Added WebLogic support for --invoke
  • Added JBoss 8.1 fingerprints
  • JBoss undeployer now supports 7.x/8.x
  • New flag --rand-payload can be used to randomly generate a payload name for deployment

Enhancements

  • Now prompt for JSP payloads during JMX/EJB invoker servlet deploys
  • Better exception handling for Java deployers
  • Refreshed the README to better reflect clusterd's current state

Bugs

  • Fixed a bug in the Coldfusion task scheduler deployer
  • Updated the requirements file to actually work
  • Fixed a missing auth import on JBoss Status fingerprint
  • We're now catching all exceptions thrown by fingerprints, so we shouldn't die miserably during a timeout

Major Release - Features and stuff

15 May 19:17
Compare
Choose a tag to compare

Added support for Axis2, plenty of bug fixes, tons of coffee, etc.

Features

  • Added support for Axis2, a Java-based web services platform
  • Added support for Railo 4.2
  • Added support for ColdFusion 11
  • For deployers that require the remote host to connect back, we now allow the connecting port to be configured in the state.py file
  • Tomcat 3.x credential fetch auxiliary module
  • Added a Tomcat deployer that uses only the manager-gui role

Enhancements

  • Updated check support for the -sSV flag in --discover
  • Confirm the user knows that an external port needs to be open when using deployers that require it
  • Added --invoke support for Railo
  • Support invokes for JSP payloads
  • Axis2 payload generation now supported

Bugs

  • Fixed a Railo authentication bug
  • Fixed a missing import in the jmx_deploy deployer
  • Fixed a bug in the DFS deployer for JBoss that was mishandling paths

0.2.1 - Minor Enhancement Release

03 Apr 05:08
Compare
Choose a tag to compare

Support for Railo, plenty of bug fixes, features, et al

Features

  • Support for the Railo platform, a CFML engine
  • New discovery flag --discover for parsing nmap grep output. See the wiki for more information
  • ColdFusion 7-9 now supports pass the hash for authentication. The hash can be retrieved via --cf-hash
  • New deployer for ColdFusion 6-8 that exploits LFI and log poisoning to obtain a shell; this is a preauth deployer that does not require valid credentials
  • Added Tomcat 5.0 fingerprints
  • New --listen flag now accepts an adapter to listen on for any reverse HTTP connections (a la deployers)
  • Invoker servlets now support version 5.x of JBoss

Enhancements

  • (JBoss) If the user is attempting to deploy a WAR via the EJB/JMXInvokerServlets, emit an error. These deployers only support jsp's.
  • (JBoss) Force HTTP header fingerprint to a specific version
  • (JBoss) EJB|JMXInvokerServlet deployers now only use the DFS method. This is much more reliable and less error prone than using the MainDeployer.
  • (ColdFusion) Cleaned up the hash retrieval module to be more reliable
  • Moved all shells into /src/lib/resources
  • Added a small CFML web shell
  • clusterd header now only prints the number of supported platforms

Bugs

  • (JBoss) If we could not capture the version of a remote host and only get an Any fingerprint, prompt for entry of the version
  • (JBoss) Fixed invoker servlets for version 3.x by packaging up old libraries
  • Payload generator now fixed

Major Release - bugs, features, coffee

05 Mar 06:57
Compare
Choose a tag to compare

Rehaul of WebLogic (no longer requires enormous libs), significant beefing up of Coldfusion, undeployers, and more.

  • WebLogic received a significant overhaul; all functionality now moves through the web server
  • Now supports undeploying applications from Tomcat/WebLogic/JBoss
  • Added JRun path traversal for Coldfusion and updated the deployer for CF 7 and 8
  • Added FCKEditor deployer for ColdFusion
  • Moved RDS module into the main authentication routine for CF
  • Added JBoss fingerprinting for HTTP headers
  • EJBInvokerServlet now supported
  • EJB/JMXInvokerServlet now deploys to JBoss 5.x
  • Switched --gen-payload to use java/jsp_shell_reverse_tcp for all platforms

Bugs:

  • Fixed a bug with unsupported platforms
  • No longer crashes with bad auxiliary modules
  • Updated output emission in a few places

Minor release, bug fixes

14 Feb 02:27
Compare
Choose a tag to compare

Added support for JBoss 8.0, several major bug fixes, other features.

  • Added fingerprint for JBoss 8.0 (WildFly)
  • SMB modules now timeout if not sent to a Windows box, or the Windows box never sends its hashes
  • Added an EJBInvokerServlet for JBoss
  • Fixed a critical bug in the ColdFusion deployer
  • Added ColdFusion 10.x deployment support
  • Now detects if the deploying WAR is already deployed to the remote Tomcat server

Minor release

10 Feb 06:40
Compare
Choose a tag to compare

This update removes WebLogic libraries that cannot be distributed by clusterd due to licensing issues. This reduces the bundle from 55mb to 4mb.