Brendan
9b678c2bdd
Land #7685 , Add mosule to change user passwords by editing SAM registry
2016-12-16 13:11:40 -06:00
Brent Cook
52346c3fa8
fix renamed rex text
2016-12-15 15:31:00 -06:00
p3nt4
deec6eccdf
Update hashcarve.rb
2016-12-12 17:09:04 +11:00
p3nt4
3e80ee1d6a
Better Error Handling
2016-12-12 17:07:47 +11:00
p3nt4
7b4dce5e7e
One left!
2016-12-09 16:27:40 +11:00
p3nt4
74c48f5fa4
I'll get there!
2016-12-09 16:24:49 +11:00
p3nt4
c898e768f6
Struggling with tidyness
2016-12-09 16:00:32 +11:00
p3nt4
586b2d92e2
Corrected status prints
2016-12-09 15:45:30 +11:00
p3nt4
fb360e69c0
Initial Commit
...
This module "carves" a hash in the registries to set it as a user password.
The benefits are:
1/ It doesn't change the password last change field
2/ You can set a hash directly, so you can change a user's password and revert it without cracking its hash.
I have tested it in Windows 7, and 8.1. Should work on every version though.
Usage:
run post/windows/manage/hashcarve user=test pass=<password>
run post/windows/manage/hashcarve user=test pass=<nthash>
run post/windows/manage/hashcarve user=test pass=<lmhash:nthash>
This work is based on the hashdump implementation.
2016-12-09 15:41:01 +11:00
Javier Godinez
0d41160b03
Sanity checks, errors out with nil ptr if API call fails
2016-12-08 16:14:10 -08:00
Javier Godinez
a17d1a7e19
Added options for setting the PASSWORD and GROUPNAME
2016-12-08 16:13:31 -08:00
Jon Hart
4614b7023d
Land #7604 , @godinezj's post module for creating AWS IAM accounts
2016-12-08 14:26:22 -08:00
Jon Hart
aa29fcad80
Update docs and pretty print the loot
2016-12-08 14:25:07 -08:00
Jon Hart
70668c289f
Use better loot args
2016-12-08 13:14:36 -08:00
Jon Hart
162204b338
Support creating a password for the user, etc
2016-12-08 12:56:00 -08:00
Javier Godinez
a9cb08a352
Token should be passed as nil if not set
2016-12-07 10:16:41 -08:00
Jon Hart
1c3f0437ed
Move some options back to non-advanced
2016-12-06 17:39:37 -08:00
Jon Hart
a13382c80b
Address most of rubocop's nits
2016-12-06 17:10:34 -08:00
Jon Hart
8f21a1f68c
move most options to advance, since they never change
...
Also, doc empty username
2016-12-06 16:29:00 -08:00
Javier Godinez
497e02955b
Fixed checking for access keys being retrieved
2016-11-29 11:08:55 -08:00
Javier Godinez
cb0313642b
Fixed setting IAM_USERNAME
2016-11-29 00:54:49 +00:00
Javier Godinez
46ce1dfaab
Now using random string as IAM_USERNAME unless specified
2016-11-28 16:32:53 -08:00
Javier Godinez
f8789fef38
Moved METADATA_IP to advanced options
2016-11-28 16:32:26 -08:00
William Vu
b6fe6c1d38
Fix #7597 , minor changes to enum_messages
2016-11-28 17:37:32 -06:00
Javier Godinez
b4add59a3d
Moved metadata_creds() so Client can be included in Aux/Post modules
2016-11-24 21:03:38 -08:00
root
dc64f63517
Removed useless comments
2016-11-24 01:33:20 +00:00
root
5284e20a52
Optimised SQL vars, removed unneeded requires and changed the "exec" function name
2016-11-24 01:27:03 +00:00
Javier Godinez
c48587066d
Added reference and minor fixes
2016-11-23 10:58:37 -08:00
Javier Godinez
43e1b5bdd1
Adds module to create an AWS IAM user from a pwned AWS host
2016-11-22 14:55:03 -08:00
root
ce514ed3e5
Fixed broken fail_with function call and whitespace on line ending
2016-11-22 03:04:12 +00:00
root
e0f8d622ec
Added metasploit module for access OSX messages database
2016-11-22 02:53:38 +00:00
Brent Cook
f313389be4
Merge remote-tracking branch 'upstream/master' into land-7507-uuid-arch
2016-11-20 19:08:56 -06:00
David Maloney
8e3888f20c
the template ref in this module was missed
...
when we cleaned up all the other powershell template refs
we missed the one in this module which seems to e replicating
large ammounts of library code
7533
2016-11-11 14:24:33 -06:00
dmohanty-r7
2b5517f597
Land #7506 , Add gather AWS keys post module
2016-11-11 13:56:12 -06:00
OJ
e5ea4a53d3
Fix typo in windows cred phish module
2016-11-04 13:26:10 +10:00
OJ
47ec362148
Small fixes for dbvis enum
2016-11-01 07:35:36 +10:00
OJ
ffb53b7ca3
Tidy arch check in meterpreter inject
2016-11-01 01:51:12 +10:00
OJ
557424d2ec
Small tidy of the multiport_egress_traffic module
2016-11-01 01:46:58 +10:00
OJ
ec8536f7e9
Fix firefox module to use symbols where appopriate
2016-11-01 01:43:25 +10:00
OJ
b9bbb5e857
Replace regex use with direct string checks in dbvis module
2016-11-01 01:35:01 +10:00
Konrads Smelkovs
f754adad0c
Fix typo PAYLOAD_OVERWRITE vs PAYLOAD_OVERRIDE
2016-10-29 11:20:32 +01:00
OJ
640827c24b
Final pass of regex -> string checks
2016-10-29 14:59:05 +10:00
OJ
57eabda5dc
Merge upstream/master
2016-10-29 13:54:31 +10:00
OJ
8b97183924
Update UUID to match detected platform, fail exploit on invalid session
2016-10-29 13:45:28 +10:00
OJ
0737d7ca12
Tidy code, remove regex and use comparison for platform checks
2016-10-29 13:41:20 +10:00
Jon Hart
8173e87756
Add references
2016-10-28 16:12:46 -07:00
Jon Hart
96c204d1ea
Add aws_keys docs; correct description
2016-10-28 15:27:47 -07:00
OJ
751742face
Fix typo in arch check for inject script
2016-10-29 08:25:23 +10:00
OJ
1ca2fe1398
More platform/arch/session fixes
2016-10-29 08:11:20 +10:00
Jon Hart
7dea613507
Initial commit of module for snagging AWS key material from shell/meterpreter sessions
2016-10-28 14:48:55 -07:00