infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

New modules with edit for authors

bug/bundler_fix
benpturner 2015-05-08 19:51:17 +01:00
parent fffed7ccbb
commit e9c8ebb3e0
5 changed files with 114 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

32
modules/post/windows/gather/powershell/enum_domain_controllers.rb Normal file
View File

@ -0,0 +1,32 @@
##
# This module requires Metasploit: http://metasploit.com/download
# Current source: https://github.com/rapid7/metasploit-framework
##
require 'msf/core'
require 'msf/core/auxiliary/report'
class Metasploit3 < Msf::Post
include Msf::Auxiliary::Report
def initialize(info={})
super( update_info( info,
'Name' => 'Enum Domain Controllors via PowerShell',
'Description' => %Q{ This module will enumerate Domain Controllors },
'License' => MSF_LICENSE,
'Author' => [ 'Ben Turner <benpturner[at]yahoo.com>','Dave Hardy <davehardy20[at]gmail.com>'],
'Platform' => [ 'win' ],
'SessionTypes' => [ 'powershell' ]
))
end
# Run Method called when command run is issued
def run
print_good("Running the post module: #{name} on" + session.shell_command('$env:COMPUTERNAME'))
pscommand='$root = New-Object DirectoryServices.DirectoryEntry "LDAP://RootDSE"; $root.Properties["dnsHostName"][0].ToString()'
print(session.shell_command(pscommand))
end
end

8
modules/post/windows/gather/powershell/enum_domain_pass_policy.rb
View File

@ -16,7 +16,7 @@ class Metasploit3 < Msf::Post
'Name' => 'Enum Domain Password Policy', 'Name' => 'Enum Domain Password Policy',
'Description' => %Q{ This module will enumerate the domain password policy }, 'Description' => %Q{ This module will enumerate the domain password policy },
'License' => MSF_LICENSE, 'License' => MSF_LICENSE,
'Author' => [ 'Ben Turner <@benpturner>','Dave Hardy <@davehardy20>'], 'Author' => [ 'Ben Turner <benpturner[at]yahoo.com>','Dave Hardy <davehardy20[at]gmail.com>'],
'Platform' => [ 'win' ], 'Platform' => [ 'win' ],
'SessionTypes' => [ 'powershell' ] 'SessionTypes' => [ 'powershell' ]
)) ))
@ -24,9 +24,9 @@ class Metasploit3 < Msf::Post
# Run Method called when command run is issued # Run Method called when command run is issued
def run def run
#enumerate the domain password policy
print_good("Running the post module: #{name} on" + session.shell_command('$env:COMPUTERNAME')) print_good("Running the post module: #{name} on" + session.shell_command('$env:COMPUTERNAME'))
pscommand='net accounts'
pscommand='net accounts /domain'
print(session.shell_command(pscommand)) print(session.shell_command(pscommand))
end end
end end

35
modules/post/windows/gather/powershell/enum_domain_users.rb Normal file
View File

@ -0,0 +1,35 @@
##
# This module requires Metasploit: http://metasploit.com/download
# Current source: https://github.com/rapid7/metasploit-framework
##
require 'msf/core'
require 'msf/core/auxiliary/report'
class Metasploit3 < Msf::Post
include Msf::Auxiliary::Report
def initialize(info={})
super( update_info( info,
'Name' => 'Enum Domain Users via Powershell',
'Description' => %Q{ This module will enumerate the domain users via powershell },
'License' => MSF_LICENSE,
'Author' => [ 'Ben Turner <benpturner[at]yahoo.com>','Dave Hardy <davehardy20[at]gmail.com>'],
'Platform' => [ 'win' ],
'SessionTypes' => [ 'powershell' ]
))
end
# Run Method called when command run is issued
def run
print_good("Running the post module: #{name} on" + session.shell_command('$env:COMPUTERNAME'))
# Find all domain users
pscommand = '$searcher = new-object System.DirectoryServices.DirectorySearcher ; $searcher.filter = "(&(objectClass=user)(sAMAccountName=*))"; $colResults = $searcher.findall()'
print(session.shell_command(pscommand))
pscommand = '"`nDomain Users`n=============";foreach ($objResult in $colResults) {$objItem = $objResult.Properties; $objItem.samaccountname } ; "`n"'
print(session.shell_command(pscommand))
end
end

9
modules/post/windows/gather/powershell/enum_powershell_version.rb
View File

@ -16,7 +16,7 @@ class Metasploit3 < Msf::Post
'Name' => 'Enum PowerShell Version', 'Name' => 'Enum PowerShell Version',
'Description' => %Q{ This module will enumerate the local powershell version }, 'Description' => %Q{ This module will enumerate the local powershell version },
'License' => MSF_LICENSE, 'License' => MSF_LICENSE,
'Author' => [ 'Ben Turner <@benpturner>','Dave Hardy <@davehardy20>'], 'Author' => [ 'Ben Turner <benpturner[at]yahoo.com>','Dave Hardy <davehardy20[at]gmail.com>'],
'Platform' => [ 'win' ], 'Platform' => [ 'win' ],
'SessionTypes' => [ 'powershell' ] 'SessionTypes' => [ 'powershell' ]
)) ))
@ -24,11 +24,10 @@ class Metasploit3 < Msf::Post
# Run Method called when command run is issued # Run Method called when command run is issued
def run def run
#enumerate the powershell version
print_good("Running the post module: #{name} on" + session.shell_command('$env:COMPUTERNAME')) print_good("Running the post module: #{name} on" + session.shell_command('$env:COMPUTERNAME'))
# Powershell version # Enumerate powershell version
pscommand='$psversiontable' pscommand='$psversiontable'
print(session.shell_command(pscommand)) print(session.shell_command(pscommand))
end end
end end

39
modules/post/windows/gather/powershell/enum_services.rb Normal file
View File

@ -0,0 +1,39 @@
##
# This module requires Metasploit: http://metasploit.com/download
# Current source: https://github.com/rapid7/metasploit-framework
##
require 'msf/core'
require 'msf/core/auxiliary/report'
class Metasploit3 < Msf::Post
include Msf::Auxiliary::Report
def initialize(info={})
super( update_info( info,
'Name' => 'Enum Service Permissions via PowerShell',
'Description' => %Q{ This module will enumerate the ALL services running or stopped },
'License' => MSF_LICENSE,
'Author' => [ 'Ben Turner <benpturner[at]yahoo.com>','Dave Hardy <davehardy20[at]gmail.com>'],
'Platform' => [ 'win' ],
'SessionTypes' => [ 'powershell' ]
))
end
# Run Method called when command run is issued
def run
print_good("Running the post module: #{name} on" + session.shell_command('$env:COMPUTERNAME'))
# Get all the services that are not in "C:\Windows\System32\"
pscommand = '$services = Get-WmiObject win32_service | ?{$_} | where {($_.pathname -ne $null) -and ($_.pathname -notmatch ".*system32.*")} ; $servicepaths = New-Object System.Collections.ArrayList'
print(session.shell_command(pscommand))
pscommand = 'foreach ($service in $services) { if ($service.PathName -Match "^(.+?)\.exe") {$servicepaths.Add($Matches[0].Replace(\'"\',\'\')) > $null} }'
print(session.shell_command(pscommand))
pscommand = 'foreach ($service in $servicepaths) { "`n"+$service; get-acl $service | select-object -expandproperty AccessToString }'
print(session.shell_command(pscommand))
end
end