Added managedBy to group acquisition

bug/bundler_fix
Stuart Morgan 2015-12-20 20:16:18 +00:00
parent d79fd9a9f3
commit 28e563659f
1 changed files with 5 additions and 3 deletions

View File

@ -44,7 +44,7 @@ class Metasploit3 < Msf::Post
# Download the list of groups from Active Directory # Download the list of groups from Active Directory
vprint_status "Retrieving AD Groups" vprint_status "Retrieving AD Groups"
begin begin
group_fields = ['distinguishedName', 'objectSid', 'samAccountType', 'sAMAccountName', 'whenChanged', 'whenCreated', 'description', 'groupType', 'adminCount', 'comment'] group_fields = ['distinguishedName', 'objectSid', 'samAccountType', 'sAMAccountName', 'whenChanged', 'whenCreated', 'description', 'groupType', 'adminCount', 'comment', 'managedBy']
if datastore['GROUP_FILTER'].empty? if datastore['GROUP_FILTER'].empty?
group_query = "(objectClass=group)" group_query = "(objectClass=group)"
else else
@ -106,6 +106,7 @@ class Metasploit3 < Msf::Post
g_groupType: grouptype_int, g_groupType: grouptype_int,
g_adminCount: individual_group[8][:value].to_i, g_adminCount: individual_group[8][:value].to_i,
g_comment: individual_group[9][:value].encode('UTF-8'), g_comment: individual_group[9][:value].encode('UTF-8'),
g_managedBy: individual_group[10][:value].encode('UTF-8'),
# Specifies a group that is created by the system. # Specifies a group that is created by the system.
g_GT_GROUP_CREATED_BY_SYSTEM: (grouptype_int & 0x00000001).zero? ? 0 : 1, g_GT_GROUP_CREATED_BY_SYSTEM: (grouptype_int & 0x00000001).zero? ? 0 : 1,
# Specifies a group with global scope. # Specifies a group with global scope.
@ -166,7 +167,7 @@ class Metasploit3 < Msf::Post
u_badPwdCount: group_user[12][:value].to_i, u_badPwdCount: group_user[12][:value].to_i,
u_comment: group_user[13][:value].encode('UTF-8'), u_comment: group_user[13][:value].encode('UTF-8'),
u_title: group_user[14][:value].encode('UTF-8'), u_title: group_user[14][:value].encode('UTF-8'),
u_accountExpires: group_user[15][:value].to_i, u_cn: group_user[15][:value].to_s.encode('UTF-8'),
# Indicates that a given object has had its ACLs changed to a more secure value by the # Indicates that a given object has had its ACLs changed to a more secure value by the
# system because it was a member of one of the administrative groups (directly or transitively). # system because it was a member of one of the administrative groups (directly or transitively).
u_adminCount: group_user[16][:value].to_i, u_adminCount: group_user[16][:value].to_i,
@ -446,6 +447,7 @@ class Metasploit3 < Msf::Post
'g_adminCount INTEGER,'\ 'g_adminCount INTEGER,'\
'g_description TEXT,'\ 'g_description TEXT,'\
'g_comment TEXT,'\ 'g_comment TEXT,'\
'g_managedBy TEXT,'\
'g_whenChanged TEXT,'\ 'g_whenChanged TEXT,'\
'g_whenCreated TEXT,'\ 'g_whenCreated TEXT,'\
'g_GT_GROUP_CREATED_BY_SYSTEM INTEGER,'\ 'g_GT_GROUP_CREATED_BY_SYSTEM INTEGER,'\
@ -481,7 +483,7 @@ class Metasploit3 < Msf::Post
'u_logonCount INTEGER,'\ 'u_logonCount INTEGER,'\
'u_userAccountControl INTEGER,'\ 'u_userAccountControl INTEGER,'\
'u_primaryGroupID INTEGER,'\ 'u_primaryGroupID INTEGER,'\
'u_accountExpires INTEGER,'\ 'u_cn TEXT,'\
'u_adminCount INTEGER,'\ 'u_adminCount INTEGER,'\
'u_badPwdCount INTEGER,'\ 'u_badPwdCount INTEGER,'\
'u_userPrincipalName TEXT UNIQUE,'\ 'u_userPrincipalName TEXT UNIQUE,'\