infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
30,511 Commits
7 Branches
556 Tags
421 MiB
Commit Graph

2095 Commits (06485d8c89783fea413d3a1f19b5efd780fd00ae)

Author SHA1 Message Date
wez3 435c6eef81 Add Windows post module for reading/searching Outlook e-mail #3 2014-11-18 16:27:33 +01:00
wez3 91a53dc36c Add Windows post module for reading/searching Outlook e-mail 2014-11-18 12:41:24 +01:00
jvazquez-r7 54de805b7a Report credentials 
* Even when we are not associating them to hosts
* It's a post module so maybe we cannot solve some names
 2014-11-17 12:49:18 -06:00
wez3 7a2b7208e7 Add Windows post module for reading/searching Outlook e-mail 2014-11-17 19:38:55 +01:00
jvazquez-r7 b3b37c7c9f Use longer description lines 2014-11-17 12:23:22 -06:00
jvazquez-r7 145e610c0f Avoid shadowing new method 2014-11-17 12:22:30 -06:00
Jon Hart d5afb2b766 %q 2014-11-17 09:01:14 -08:00
Jon Hart ce73e32673 Doc and named captures 2014-11-17 09:01:14 -08:00
Jon Hart bf05fe1389 Refactoring, simplification, better print_* 2014-11-17 09:01:14 -08:00
Jon Hart 6e1cdfde36 Rip out create_credential* stuff. Use what works 2014-11-17 09:01:14 -08:00
Jon Hart e5bb13a609 If remmina config files are missing data for creds, tell me what 2014-11-17 09:01:14 -08:00
Jon Hart 875d1f9ea0 Convert Remmina credential gatherer to use new credentials model 2014-11-17 09:01:14 -08:00
Jon Hart 086f0c02d6 Remove excessive logging 2014-11-17 09:01:14 -08:00
Jon Hart 90e58e9e71 Binary encoding 2014-11-17 09:01:14 -08:00
Jon Hart e76373340e Correct some Rubocop things that I agree with 2014-11-17 09:01:14 -08:00
Jon Hart f729a6cf02 Add Remmina RDP/SSH/VNC password gathering 2014-11-17 09:01:13 -08:00
Peregrino Gris 80a9fa4b5d Ports default values added, is_internal REX function added, reference added 2014-11-13 10:10:25 +01:00
Peregrino Gris 529f749abb Add post-exploitation module to get FW filtering rules 2014-11-12 17:38:49 +01:00
Jon Hart c765100efd
Land #4004, @martinvigo's LastPass master password extraction module 2014-10-22 16:34:54 -07:00
Jon Hart 29b61984c5 Update to use correctly joined path 2014-10-22 16:34:17 -07:00
Tim Wright b8c3fadb9e python 3 is supported now too :) 2014-10-22 20:10:48 +01:00
Tim Wright 8c3c73a72d inline the error message 2014-10-22 20:08:14 +01:00
Tim Wright 2ab73688dc use framework.threads to launch cleanup thread 2014-10-22 19:40:29 +01:00
Tim Wright 22fc6496ac Merge branch 'pr/3401' into landing-3401 2014-10-22 19:23:01 +01:00
Jon Hart 88c1647c80 Loot the passwords, obviously 2014-10-19 13:11:10 -07:00
Jon Hart 0971d7c3ac Remove ... from prints, only map a browser if we found something 2014-10-19 13:05:11 -07:00
Jon Hart 967800eed0 Track account name for more useful table and prints 2014-10-19 12:59:51 -07:00
Jon Hart 5a05246682 Consistent case in *print_* 2014-10-19 12:30:50 -07:00
Jon Hart a30663e412
Fix multiuser LastPass extraction, print/vprint cleanup 2014-10-17 17:40:19 -07:00
Jon Hart d2a00b208e Minor style cleanup to appease Rubocop 2014-10-17 12:50:18 -07:00
Jon Hart d97fe548b9 Store the browser name in LastPass loot 2014-10-17 11:33:31 -07:00
Jon Hart 43238c7324 Simplify LastPass extraction. Track what browser that puked creds 2014-10-17 11:19:36 -07:00
Jon Hart 9177b931fd Refactoring of LastPass module to use correct Firefox path on *nix 2014-10-17 10:20:55 -07:00
URI Assassin 35d3bbf74d
Fix up comment splats with the correct URI 
See the complaint on #4039. This doesn't fix that particular
issue (it's somewhat unrelated), but does solve around
a file parsing problem reported by @void-in
 2014-10-17 11:47:33 -05:00
Martin Vigo 36d6220f8f Make use of Rex::Ui::Text::Table 2014-10-15 23:13:53 -07:00
Martin Vigo bb421859d3 Refactor code and add support for all Windows 2014-10-15 22:15:54 -07:00
Martin Vigo c7e0ced02b Remove useless conditions 2014-10-15 21:29:47 -07:00
Martin Vigo 2bdc703930 Remove useless condition 2014-10-15 21:16:06 -07:00
Martin Vigo 5fa39782b8 Fix unused variable 2014-10-15 21:10:50 -07:00
Martin Vigo 8fc0f0955e Add support for Firefox 2014-10-15 20:44:20 -07:00
Martin Vigo 47794510c3 Add support for Firefox in XP 2014-10-15 20:44:19 -07:00
Martin Vigo 484d98d0a8 Meet rubocop and msftify rules 2014-10-15 20:17:36 -07:00
Martin Vigo 85e6febe09 Add module to extract/decrypt LastPass credentials 2014-10-15 20:17:36 -07:00
jvazquez-r7 520e1bccca
Land #3692, @TomSellers's support for Metasploit Credential on enum_snmp 2014-10-09 15:18:44 -05:00
James Lee a65ee6cf30
Land #3373, recog 
Conflicts:
	Gemfile
	Gemfile.lock
	data/js/detect/os.js
	lib/msf/core/exploit/remote/browser_exploit_server.rb
	modules/exploits/android/browser/webview_addjavascriptinterface.rb
 2014-10-03 18:05:58 -05:00
James Lee a21752bc9c
Fix NoMethodError on os, mark DCs as 'server' 2014-10-01 16:02:46 -05:00
Joe Vennix 5d234c0e01
Pass #send in this so jsobfu is not confused. 2014-09-24 15:07:14 -05:00
sinn3r 50fa5745bb Rm print_debug line 
I forgot to remove this line while testing the module
 2014-09-16 16:46:40 -05:00
sinn3r 07c14f5ee8
Land #3388 - Post mod to check Win32_QuickFixEngineering 2014-09-16 16:18:04 -05:00
sinn3r 36a3abe036 Add a reference 2014-09-16 16:17:22 -05:00
Tod Beardsley bd17c96a6e
Dropped a hyphen in the title 2014-09-16 12:47:44 -05:00
jvazquez-r7 83bf220a10
Land #3730, @TomSellers's post module for Remote Desktop Connection Manager 2014-09-12 15:38:33 -05:00
jvazquez-r7 5da6a450f1 fix find condition 2014-09-12 15:21:50 -05:00
jvazquez-r7 1749fc73c2 Change module filename 2014-09-12 15:05:33 -05:00
jvazquez-r7 95b6529579 Fix run method 2014-09-12 14:27:25 -05:00
William Vu 60b29cbd5e
Fix word splitting problem 2014-09-12 06:50:53 -05:00
William Vu 131401f024
Remove unused method 2014-09-12 05:48:11 -05:00
cx 1b5e40ff78 New Creds model added 2014-09-08 11:42:05 +03:00
cx aaeb5a2f5f jhart-r7 suggestions added 2014-09-02 12:05:54 +03:00
Tom Sellers 20a02a9d29 Cleanup 2014-08-31 14:01:13 -05:00
Tom Sellers 6f7bc94db4 Creation of rdcmanager_creds.rb 2014-08-31 13:38:08 -05:00
cx bd9417490e Merge branch 'master' into linux-post-enum-psk 2014-08-29 15:50:28 +03:00
cx eaf73f9f84 Linux Gather 802-11-Wireless Security Credentials 2014-08-29 11:08:08 +03:00
Tom Sellers 0b820c59b1 Fix to self.refname 2014-08-27 18:34:15 -05:00
Tod Beardsley 6d45f75b47
Land #3690, credential_collect refactor 
@TomSellers strikes again!
 2014-08-27 18:31:59 -05:00
Tom Sellers 9b0c5dfb0c Minor fix 2014-08-27 18:31:13 -05:00
Tom Sellers fa502c9c69 Minor adjustments 2014-08-24 17:39:13 -05:00
Tom Sellers 601c5515f8 Corrected 3 issues identified by jlee-r7 2014-08-24 17:18:31 -05:00
jvazquez-r7 c20b4dc0ff
Land #3645, @jlee-r7's fix for mremoge credentials gather module 2014-08-24 15:53:29 -05:00
Meatballs d2bc0baa87
Merge remote-tracking branch 'upstream/master' into extapi_service_post 
Conflicts:
	lib/msf/core/post/windows/services.rb
 2014-08-24 19:46:19 +01:00
Tom Sellers 081a3437a4 Refactor for Credentials gem 2014-08-24 09:38:15 -05:00
Tom Sellers 1fa43bfe64 Rework for Credential lib update 2014-08-23 10:53:55 -05:00
Brandon Turner 05f0d09828
Merge branch staging/electro-release into master 
On August 15, shuckins-r7 merged the Metasploit 4.10.0 branch
(staging/electro-release) into master.  Rather than merging with
history, he squashed all history into two commits (see
149c3ecc63 and
82760bf5b3).

We want to preserve history (for things like git blame, git log, etc.).
So on August 22, we reverted the commits above (see
19ba7772f3).

This merge commit merges the staging/electro-release branch
(62b81d6814) into master
(48f0743d1b).  It ensures that any changes
committed to master since the original squashed merge are retained.

As a side effect, you may see this merge commit in history/blame for the
time period between August 15 and August 22.
 2014-08-22 10:50:38 -05:00
Brandon Turner 19ba7772f3
Revert "Various merge resolutions from master <- staging" 
This reverts commit 149c3ecc63.

Conflicts:
	lib/metasploit/framework/command/base.rb
	lib/metasploit/framework/common_engine.rb
	lib/metasploit/framework/require.rb
	lib/msf/core/modules/namespace.rb
	modules/auxiliary/analyze/jtr_postgres_fast.rb
	modules/auxiliary/scanner/smb/smb_login.rb
	msfconsole
 2014-08-22 10:17:44 -05:00
William Vu b748cee760
Land #3664, enum_osx dump_hash removal 2014-08-19 11:29:23 -05:00
Tod Beardsley cad281494f
Minor caps, grammar, desc fixes 2014-08-18 13:35:34 -05:00
joev 5654370316
Remove hashdump functionality from enum_osx. 
There is a specific hashdump module that is more up-to-date, no need to duplicate
functionality (and code).
 2014-08-18 11:40:11 -05:00
HD Moore 6d92d701d7 Merge feature/recog into post-electro master for this PR 2014-08-16 01:19:08 -05:00
Samuel Huckins 149c3ecc63
Various merge resolutions from master <- staging 
* --ask option ported to new location
* --version option now works
* MSF version updated
* All specs passing
 2014-08-15 11:33:31 -05:00
James Lee b7e4bd4080
Fix 'domain\user' reporting in mremote 2014-08-12 18:01:42 -05:00
Brandon Turner 91bb0b6e10 Metasploit Framework 4.9.3-2014072301 
-----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1
 
 iQIcBAABAgAGBQJT0CeVAAoJEJMMBVMNnmqO/7AP/0CBRHjtgiR9VnFKSQ+iWTQV
 iPNMBevn0mpSRq/gpoKCeFBZ6b+YQYrOLXDKVk62VV9LCslkr/P8LW8ul+m+JtB0
 mM6V5esUXM1XhgGEyTnTLRx6BR/WQU1RHlb56ae3nZjQlwCuH/5zEmcy5toZxpsY
 6HO46zE0GGBoLr/VgyYlfT08bfoQ+ICyJN0H5ixoovCc3iW0K1MNqLMfdani8zBJ
 gYJaMysV7XtepumWWQMSC+b/EuertdXXzWDy2bwe0Q3cQXNXzrkPAvtMqucWG+gy
 783OLKCPtVoEZiX87xAptkwmVCRdNGPclaWH7YRZDAh1tqBfRQUg72V/TIrOHCP1
 /lYO7yp5pBQg+1UNnpH+xI2YePFfYdHpYDNT5FSQGOnQjJg30ll4SqCm7cVmo2h5
 BRSYXkPCsQeXGaFarxGERNb8e+qN/WzSrHzY45tQw8mDuhg94tlf3VtDag3FXxhj
 zCxd6bu+tdboVm7FERS85T46kxzmeIycZ4p+Sf7d8gXitl2RKbBdKFNDi1gzeK1T
 yN7bDl4sL7qtDgZLXjFrnyC8vXyAqIrAgmFr2JywMBRm6TiCGQvgnrs+sScU3RFU
 W2tblGbKQq+CwDeC59uQPqxRkm72SMUrKX9448VEQ+9XbKE3TMQ5Q4qCxmnw31Op
 aJ0QgKJz8thZgafZc89I
 =e1z9
 -----END PGP SIGNATURE-----
gpgsig -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1
 
 iQIcBAABCgAGBQJT4pb8AAoJEA+Ckxyj7hsHn+8P/3FlEYCmoqQ/JzsVtmP3Yi4Q
 gBRva+crY831mCCQXFrPJBvWfmy5HOzVh+Zh7zWF0GQ1WuuMppHfR5ARFVwmiDs3
 qwndhXwziDzBnznf0JKSgT5eJsH23s/ots1lyWymKJvPuT6hn6MRAHUawgnNmYR9
 ttnawmHvCM9Iha2oz3nmkLcNd+83bdBfEWi5l8AQ7jJxwMC2/8VPpMscVVwXqPzd
 CoQugAYZW5VeaEiGio5+19Ix9EPkIDvs6wnfGBtfPfeaOIDZV4XOFoIFUtEeZd5o
 olvEpYvdqscy4Qujzn4C++3wX3bUxkIbHTJHgrKmlD83dI7Cu1JH716G+yfLoJo0
 pQBWTGeWYKEh6leK/9J5Bo1/tOJ/ylbcbvH0Y0tmdu4icHar6uYe1QBrCB9xIdh1
 F+xo4guYnVo616DXJQSwjIye83b5dBxACrfA3bqCnFVFgTM5jXGV1cqiBgs9Dl++
 tIDPgUJkCe/bIdQ7PntlGRzxKihHahlxhCa++YaGKqSq7gXie8Rl4qgloIrbfNZ/
 z3XsoOLNdbMGO7ip88Zjwq4Khj5WZu7ijfCtXO7GU1UJZL1tJ2yK2ic7ZDLc251Y
 8EGMSTG53+6yvZYFtWMZeQzjwD2cpuF04dOmHOKi6KGJJ7KRPhn6gpsbc6U1mbH9
 AjGcfOzhhcsY+WAQ7OG+
 =Pjob
 -----END PGP SIGNATURE-----

Merge tag '2014072301' into staging/electro-release

Conflicts:
	Gemfile.lock
	modules/post/windows/gather/credentials/gpp.rb

This removes the active flag in the gpp.rb module.  According to Lance,
the active flag is no longer used.
 2014-08-06 15:58:12 -05:00
Tod Beardsley 4de59ad7d1
Add reasonable description for gnome-commander 2014-08-04 12:35:34 -05:00
Tom Sellers 6315710697 Update for most recent PowerShell.rb 
This update makes the module compatible with Meatballs' march PowerShell changes mentioned earlier (lines 112/113).  It also includes changes recommended by Timwr and about 2/3 of the issues mentioned by Rubocop.  I didn't make some of the Rubocop changes based on HD's comments in IRC that it was still being tuned to meet the project's requirements.
 2014-08-02 15:32:45 -05:00
James Lee 62240537db
Refactor sso to use Credential::Creation 2014-07-31 16:06:23 -05:00
William Vu 0208420a67
Land #3565, GNOME Commander post module 2014-07-28 17:28:36 -05:00
William Vu f4bd44d9c6
Fix outstanding issues 2014-07-28 17:28:15 -05:00
David Bloom a904ed8507 Update gnome_commander_creds.rb 2014-07-28 22:49:13 +02:00
David Bloom b121bf6d6c Update gnome_commander_creds.rb 2014-07-28 22:46:50 +02:00
David Bloom e35ee1f037 Update gnome_commander_creds.rb 2014-07-24 23:36:32 +02:00
David Bloom f4440680b6 Update gnome_commander_creds.rb 2014-07-24 23:30:26 +02:00
David Bloom 9dc37c3cc7 Update gnome_commander_creds.rb 2014-07-24 23:18:26 +02:00
David Bloom 48982b3b89 Update gnome_commander_creds.rb 2014-07-24 23:16:45 +02:00
David Bloom 2e5c2a514b Update gnome_commander_creds.rb 2014-07-24 23:16:10 +02:00
David Bloom 9aa1b86d8f Update gnome_commander_creds.rb 2014-07-24 23:10:00 +02:00
David Bloom 718c401472 Update gnome_commander_creds.rb 2014-07-24 23:01:30 +02:00
David Bloom 8a6fa178d6 Update gnome_commander_creds.rb 2014-07-24 08:10:28 +02:00
David Bloom 41e5e24b19 Update gnome_commander_creds.rb 2014-07-23 20:26:43 +02:00
David Bloom 30c00f4fd6 gnome-commander credentials add 2014-07-23 20:20:29 +02:00
sinn3r 6048f21875
Land #3552 - Correct DbVisualizer title name 2014-07-21 13:07:33 -05:00
sinn3r 73e665b863
Land #3542 - Multi Manage DbVisualizer Query 2014-07-21 13:02:19 -05:00
sinn3r fbbaaf2e2a Fix spaces and module description 2014-07-21 13:01:18 -05:00
Tod Beardsley a41768fd7d
Correct DbVisualizer title name 
I think "DbVis Software" is the name of the company and the product
itself is called DbVisualizer.

Also fixed the description on the WPTouch module.
 2014-07-21 12:35:01 -05:00
scriptjunkie 8fe508207c Merge Meatballs' gpp_again pull into new branch 2014-07-19 11:10:14 -05:00
sinn3r c59d72b0c6
Land #3530 - dbvis database administrator 2014-07-17 14:36:34 -05:00
sinn3r 6d35867f7f Update module description 2014-07-17 14:24:57 -05:00
sinn3r 8e7361d952 Fix indent again 2014-07-17 14:12:04 -05:00
sinn3r aed8af3abc Retabbed 2014-07-17 14:03:27 -05:00
sinn3r d6ab418d6f Fix spaces 2014-07-17 13:52:00 -05:00
David Bloom b4e68a7c25 Update dbvis_query.rb 2014-07-17 19:21:35 +02:00
David Bloom 0f92b73f1a Update dbvis_add_db_admin.rb 2014-07-17 10:14:28 +02:00
David Bloom 561ef427cc Update dbvis_query.rb 2014-07-17 10:13:58 +02:00
David Bloom 60c71b2681 Update dbvis_add_db_admin.rb 2014-07-17 10:11:13 +02:00
David Bloom 8f9a1e485c Delete dbvis_query.rb 2014-07-17 08:05:18 +02:00
David Bloom 1c8cac359c Added video link 2014-07-17 08:02:27 +02:00
David Bloom 7bee4db1d7 dbvis_query.rb add 2014-07-17 07:48:17 +02:00
Trevor Rosen bebf11c969
Resolves some Login::Status migration issues 
MSP-10730
 2014-07-16 21:52:08 -05:00
David Bloom 4a25bb4247 Update dbvis_add_db_admin.rb 2014-07-17 02:01:50 +02:00
William Vu 25f74b79b8
Land #3484, bad pack/unpack specifier fix 2014-07-16 14:52:23 -05:00
David Bloom 52bdc5364c Update dbvis_query.rb 2014-07-16 18:52:27 +02:00
David Bloom 200c122ecd Update dbvis_query.rb 2014-07-16 18:48:15 +02:00
David Bloom 31e38cee23 Update dbvis_add_db_admin.rb 2014-07-16 18:45:38 +02:00
David Bloom 5f38ad5e10 Update dbvis_add_db_admin.rb 2014-07-16 18:30:23 +02:00
David Bloom c3b87e2e6c Update rigth on dbviscmd check 2014-07-16 18:27:19 +02:00
David Maloney 52a29856b3
Merge branch 'master' into staging/electro-release 
Conflicts:
	Gemfile
	Gemfile.lock
 2014-07-16 09:38:44 -05:00
David Bloom 90932116f8 Update dbvis_query.rb 
Minor changes
 2014-07-16 15:44:48 +02:00
David Bloom b4aca68406 Update dbvis_query.rb 2014-07-16 15:10:07 +02:00
David Bloom 17b2169b9d Create dbvis_query.rb 
Dbvisulaizer offers a command line functionality to execute SQL pre-configured databases (With GUI).
The remote database can be accessed from the command line without the need to authenticate.
The module abuses this functionality to query the remote database and store the result.
 2014-07-16 14:51:24 +02:00
David Bloom b602fc89a3 Update dbvis_add_db_admin.rb 
Corrections
 2014-07-16 13:42:58 +02:00
David Bloom 875c024243 create dbvis_add_db_admin.rb 
Dbvisulaizer offers a command line functionality to execute SQL pre-configured databases (With GUI).
The remote database can be accessed from the command line without the need to authenticate.
The module abuses this functionality to create an administrator in the database if DB user rights allow it.
 2014-07-15 21:43:14 +02:00
sinn3r 1d6f088eab Pass msftidy 2014-07-15 11:31:37 -05:00
David Bloom 526538ecd6 Added dbvis version find and print 2014-07-15 15:04:46 +02:00
David Bloom 97dcc56225 Update dbvis_enum.rb 2014-07-15 14:23:40 +02:00
David Bloom 400b0f4276 parse url to report host in old config 2014-07-15 14:21:09 +02:00
David Bloom f3d953f829 Old config file update 
Added functions to parse old and new config files.
 2014-07-15 14:00:29 +02:00
David Bloom ac3d453002 Update dbvis_enum.rb 2014-07-15 12:33:07 +02:00
David Bloom a53341f520 Added compatibility with dbvis <= 6 
Checking for "config" folder existence if "config70" is not found.
 2014-07-15 12:14:38 +02:00
sinn3r cc1ba265cb Change module name for consistency 2014-07-14 15:49:19 -05:00
sinn3r 4d7bffd713 Change header 2014-07-14 15:45:17 -05:00
sinn3r 5a821cea9d Account for EOFError condition 2014-07-14 15:27:40 -05:00
sinn3r 89a877031f I mean "unless", not "if" 2014-07-14 15:24:53 -05:00
sinn3r bec32a01ab For for missing an end 2014-07-14 15:17:54 -05:00
sinn3r cecdcef2e2 + not preferred 2014-07-14 15:14:54 -05:00
sinn3r 0737deb2a3 Remove the last exception handler 
We're already checking the file path with file?(), so we don't need
to use exception handling for this task anymore.
 2014-07-14 15:02:23 -05:00
sinn3r 8fe3f1a077 File should be checked for existence before reading 2014-07-14 15:01:03 -05:00
sinn3r 20e5803592 Author's Twitter handle should be a comment 
msfconsole treats whatever is in <> as the author's email, not
twitter handle
 2014-07-14 14:57:36 -05:00
sinn3r 3b6947c1d7 Use Rex to check IPv4 instead of using resolv 2014-07-14 14:56:38 -05:00
sinn3r b5e556519b Change = to == 
This is an if condition, not an assignment
 2014-07-14 14:53:27 -05:00
sinn3r 8f51fd0e45 Retabbed and reformatted 2014-07-14 14:39:34 -05:00
David Bloom 72d9587a50 DbVisualizer stores the user database configuration in dbvis.xml 
This module retrieves the connections settings from this file
 2014-07-14 20:08:48 +02:00
David Bloom 667b1363f3 Delete dbvis_enum.rb 2014-07-14 10:57:53 +02:00