sinn3r
8a787f8342
typo
2012-08-08 14:04:49 -05:00
sinn3r
5f46a1e239
Based on #676 , with some changes
2012-08-08 12:44:39 -05:00
sinn3r
7cff1365a2
Merge branch 'master' of https://github.com/ipwnstuff/metasploit-framework into osx_keychain
2012-08-08 11:12:07 -05:00
Erran Carey
189a4ffb78
Edited spaceing
2012-08-08 10:40:33 -05:00
Erran Carey
bb588d338b
Add Keychain Enumeration Mac OS X Post Module
...
Based off my `Keyjacker` script this module runs through an account's
keychains and returns internet accounts associated.
Setting the GETPASS option to true will return both many plain text
passwords given that the user allows their system to use the keychain
when prompted.
2012-08-08 03:03:19 -05:00
sinn3r
b46fb260a6
Comply with msftidy
...
*Knock, knock!* Who's there? Me, the msftidy nazi!
2012-08-07 15:59:01 -05:00
David Maloney
94c7415653
Remove typo
2012-07-31 16:30:41 -05:00
sinn3r
716028c907
Catch exceptions that are expected when a host isn't pingable.
2012-07-23 18:34:03 -05:00
sinn3r
bc176b4148
Merge branch 'pingsweep_fix' of https://github.com/darkoperator/metasploit-framework into darkoperator-pingsweep_fix
2012-07-23 17:37:01 -05:00
Carlos Perez
cdee09b5cd
Fixes in threading and for Java Meterpreter on OSX
2012-07-23 18:34:05 -04:00
sinn3r
4efe84c609
Merge branch 'Fix_Threading' of https://github.com/darkoperator/metasploit-framework into darkoperator-Fix_Threading
2012-07-23 02:58:30 -05:00
Carlos Perez
4042275421
Fixed threading and added verbose print for each attempt
2012-07-22 00:26:37 -04:00
Carlos Perez
2f85f57922
Fixed threading and added new SRV records to enumerate.
2012-07-22 00:12:32 -04:00
Carlos Perez
7fc9d57f89
Fixed the threading for the reverse DNS lookup and improvements when ran against a Java Meterpreter session.
2012-07-21 23:54:29 -04:00
Carlos Perez
2941755576
Fixed the threading for ARP Scanner and skipped making a note is OUI is not known
2012-07-21 23:38:41 -04:00
James Lee
cccd3754a4
Fix load order problem
...
[FIXRM #7151 ]
2012-07-20 15:58:57 -06:00
HD Moore
9bff1c913b
Merge pull request #592 from alexmaloteaux/ipv6arpfix
...
ipv6 and arp_scanner fix
2012-07-18 20:40:27 -07:00
sinn3r
fbe0cb7471
Merge branch 'post_win_gather_creds_gpp_pass' of https://github.com/Meatballs1/metasploit-framework into Meatballs1-post_win_gather_creds_gpp_pass
2012-07-17 08:28:19 -05:00
HD Moore
b3eb7b1358
Clean up unicode names
2012-07-17 00:46:28 -05:00
HD Moore
8fef1479ed
Trim string fields at first null
2012-07-15 23:12:40 -05:00
Alexandre Maloteaux
81ba60169f
ipv6 and arp_scanner fix
2012-07-10 18:28:24 +01:00
sinn3r
0fbfa8e6f7
Merge branch 'enum_unattend_ii' of https://github.com/wchen-r7/metasploit-framework into wchen-r7-enum_unattend_ii
2012-07-09 10:14:30 -05:00
sinn3r
5586aa6c1b
Move some code around
2012-07-09 09:44:22 -05:00
sinn3r
5db26beef7
Add more features
...
Please see the following ticket:
http://dev.metasploit.com/redmine/issues/7041
2012-07-09 05:17:40 -05:00
HD Moore
442eccd1d6
Merge pull request #578 from claudijd/master
...
Bug Fix to "Stamp Out" LM and NTLM Hash Corruption in Hashdump Code
2012-07-08 12:24:46 -07:00
Jonathan Claudius
5938771e6c
Bug Fix to "Stamp Out" LM and NTLM Hash Corruption
...
-This commit Addresses Metasploit Bug #4402 that notes corrupted (aka:
incorrect) hashes yielded from hashdump
-Fail case can be reliably reproduced on a Windows system where (1) a
user is not storing an LM hash and (2) password histories are enabled
on the system
-This issue along with other extraction tools that are affected in a
similar way will be discussed at BlackHat USA 2012 and DEFCON 20 in 2
weeks.
If you have questions, please let us know.
-Jonathan Claudius (@claudijd)
-Ryan Reynolds (@reynoldsrb)
2012-07-08 14:02:22 -05:00
Meatballs1
fc58e485c3
Added further protection to enum_dcs method to prevent crashes
2012-07-05 14:27:45 +01:00
Meatballs1
a513b41283
Couple of readability changes suggested by TLC
2012-07-05 14:19:41 +01:00
Loic Jaquemet
cadbeafc4b
match dot and not any character
2012-07-03 20:41:03 -03:00
Loic Jaquemet
5bba81b738
or something equivalent... if enum_dcs returns nil
2012-07-03 20:38:26 -03:00
Meatballs1
c30b2de35b
Removed comments in code!
2012-07-03 21:34:33 +01:00
Meatballs1
9998ca928d
msftidy, bugfixes, and protection to prevent DNS style domains going into the DC enumeration (which causes a meterpreter crash)
2012-07-03 21:28:45 +01:00
Meatballs1
bdd9364fa4
Refactored registry DC enumeration to occur by default, fixed nil DomainCaches exception
2012-07-03 21:08:12 +01:00
Loic Jaquemet
f74fe39280
fix error message to a more helpful one.
2012-07-03 12:54:02 -03:00
Loic Jaquemet
12e24dbd99
failback to target's PDC to get policies
2012-07-03 12:49:34 -03:00
sinn3r
7cfb7c1915
Update description
2012-07-03 10:26:02 -05:00
Loic Jaquemet
5fff195eba
DomainCache is a list of domainName = dnsDomainName
2012-07-03 12:20:00 -03:00
sinn3r
7262faac57
Correct a typo
2012-07-02 16:02:14 -05:00
sinn3r
fa0422c88a
Must respect the PlainText field to extract password info properly
2012-07-02 15:56:25 -05:00
sinn3r
e2a2789f78
Support Ruby 1.8 syntax. Thanks M M.
2012-07-02 14:15:14 -05:00
Meatballs1
4eec5a5288
msftidy
2012-07-02 16:51:15 +01:00
Meatballs1
261989dddf
Fixed get_domain_reg where value returned was '.'
2012-07-02 16:46:02 +01:00
Meatballs1
bd2368d6ab
Added specific details for each policy type to output table, modified REX:Ui:Table to prevent sorting when SortIndex == -1
2012-07-02 11:47:44 +01:00
Meatballs1
299ed9d1d5
Local loot storage of retrieved XML files with option to disable storage
2012-07-02 10:48:04 +01:00
Meatballs1
5c2c1ccc39
Added extra logic and fixes for user supplied domains option
2012-07-02 10:15:58 +01:00
Meatballs1
b549c9b767
Added a number of registry locations to enumerate the domain as this was inconsistant across testing environments
2012-07-02 09:35:47 +01:00
Meatballs1
994074948a
Removed @enumed_domains which inadvertantly skipped processing after the first file on a domain
2012-07-02 09:17:29 +01:00
Meatballs1
21776697b2
Merged with upstream
2012-07-02 08:57:54 +01:00
sinn3r
1b02f17d52
Shamelessly add my name too, because I made a lot of changes.
2012-07-01 19:23:34 -05:00
sinn3r
e1c43c31bd
Title change
2012-07-01 16:43:25 -05:00
sinn3r
326230b34b
Don't need to print the xml path twice
2012-07-01 13:58:04 -05:00
sinn3r
fcf5e02708
Be aware of bad XML format
2012-07-01 13:50:43 -05:00
sinn3r
ac52b0cc9f
Filter out 'AdministratorPassword' and 'Password'
2012-07-01 13:45:12 -05:00
sinn3r
61983b21b9
Add documentation about unattend.xml's specs
2012-07-01 04:15:11 -05:00
sinn3r
bf03995e30
Add veritysr's unattend.xml collector. See #548 .
2012-07-01 04:08:18 -05:00
sinn3r
e37a71192d
Make msftidy happy
2012-06-28 12:10:38 -05:00
Rob Fuller
77326edc45
fixed tcpnetstat table displaying
2012-06-28 12:56:29 -04:00
Rob Fuller
6f37ccbcae
tcp netstat post module via railgun
2012-06-28 09:17:05 -04:00
Tod Beardsley
94e28933c8
Whitespace fixes. msftidy.rb yall
2012-06-27 10:06:15 -05:00
HD Moore
2dd51690c2
Add a missing require
2012-06-27 00:47:32 -05:00
James Lee
891400fdbb
Array#select! is only in 1.9
2012-06-26 15:32:39 -06:00
HD Moore
348a0b8f6e
Merge branch 'master' into feature/vuln-info
2012-06-24 23:00:13 -05:00
dmaloney-r7
46dd286cc8
Merge pull request #519 from rapid7/gpp-passwords
...
Gpp passwords
2012-06-24 16:18:34 -07:00
David Maloney
6e19dddf2a
Alleviate duplicated work in gpp module
2012-06-24 16:21:35 -05:00
David Maloney
aa09cd7f82
More collaboration stuff on gpp module
2012-06-24 13:08:19 -05:00
David Maloney
eefea8d9d3
Add newname attr in gpp module
2012-06-23 17:51:58 -05:00
David Maloney
7bcb9d1a45
Reintegrated extra options into gpp module
...
reintegrated meatballs control options into the gpp module
2012-06-23 17:38:07 -05:00
David Maloney
b320679d1f
Exception message fix for gpp
2012-06-23 12:56:12 -05:00
David Maloney
5497d091fc
fix gpp attribution and description
2012-06-23 12:45:56 -05:00
David Maloney
534008b010
Major rework of the gpp module
...
Took the combination work Meatballs did
on pulling togetehr the three seperate gpp modules.
Cleaned it up and cut it down to a smaller, smoother form.
2012-06-23 12:42:33 -05:00
Meatballs1
26d99c6e41
Added more detail to description and stop execution if no DCs are enumerated.
2012-06-22 22:36:52 +01:00
Meatballs1
6a80b21124
Final tidyup
2012-06-22 19:12:42 +01:00
Meatballs1
27b884ca87
Fixed drives userName match
2012-06-22 18:47:44 +01:00
Meatballs1
90eaceef70
Fixed enum_domains exception when domains found = 0
2012-06-22 18:45:56 +01:00
Meatballs1
141195a5ae
Adjusted attribute strings to match MSDN cases
2012-06-22 18:33:54 +01:00
Meatballs1
3519aff146
Added protection for division by 0 in the enum_domain code
2012-06-22 18:20:45 +01:00
Meatballs1
0d4feb9fce
Various fixed suggested by trolldbois
2012-06-22 18:11:15 +01:00
Meatballs1
ca2c401cac
Modified username to userName in XML parsing
2012-06-22 17:46:19 +01:00
Meatballs1
19a37c28b8
Fixed and added paths for user preferences
2012-06-22 17:21:32 +01:00
Meatballs1
506a91f7a8
Changed runas to runAs for scheduled tasks
2012-06-22 16:04:17 +01:00
Meatballs1
91cad8ee77
Fixed printer path
2012-06-22 14:41:51 +01:00
Meatballs1
7a4bd26132
Fixed msftidy eol
2012-06-22 14:36:29 +01:00
Meatballs1
b2cb5c1c8e
Included other policy files for enumeration
2012-06-22 14:31:54 +01:00
Meatballs1
15a020dbda
Clear EOL chars
2012-06-22 11:36:27 +01:00
Meatballs1
391a92ccfd
More verbose and specific exception handling
2012-06-22 11:27:06 +01:00
Meatballs1
0ed49998e2
Allowed to run as SYSTEM
2012-06-22 11:17:24 +01:00
Meatballs1
2a3cd6e343
References
2012-06-22 11:14:19 +01:00
Meatballs1
9da2dd816c
Fixed changed time to point to parent node
2012-06-22 11:03:34 +01:00
Meatballs1
e0966d5a3a
Incorporated trolldbois comments about SYSTEM and changed date
2012-06-21 19:20:34 +01:00
Meatballs1
6768549c6d
Fixed msftidy error
2012-06-21 18:46:20 +01:00
Meatballs1
5e64c2fb2e
Will only enumerate one DC for each domain using the DOMAINS arg
2012-06-21 18:28:06 +01:00
Tod Beardsley
2729f33ff2
Merge Justin's TortoiseSVN module
...
This adds Justin's TortoiseSVN module with minor edits.
[Closes #508 ]
2012-06-21 11:56:08 -05:00
Tod Beardsley
504d3d477e
Resolve http_proxy_host before reporting, too.
2012-06-21 11:55:13 -05:00
Tod Beardsley
c795c2e438
Resolve hosts for tortoisesvn module reporting
...
report_host() does not expect a DNS name, but an IPv4 or IPv6 address.
In many cases, an SVN password is going to be associated with only a
hostname.
This may be a bug in report_host -- it's certainly inconveninent.
However, we don't usually wnat report_host to be making tons of DNS
lookups when importing hosts, so this forced step is likely intended.
Also, begin/rescue/end blocks that don't hint at what errors are
intended to be caught are rarely a good idea, so this at least informs
the user which exception was raised.
2012-06-21 11:47:37 -05:00
Meatballs1
9b943bc763
Removed redundant file
2012-06-21 17:29:52 +01:00
Meatballs1
82318f0dac
Merge branch 'post_win_gather_creds_gpp_pass' of github:Meatballs1/metasploit-framework into post_win_gather_creds_gpp_pass
2012-06-21 17:27:45 +01:00
Meatballs1
81411374bc
Removed old file
2012-06-21 17:23:14 +01:00
Meatballs1
56a8dda739
Reworking of module to incorporate all contributions
2012-06-21 17:23:13 +01:00
Meatballs1
bb60eacde7
Added store_loot
2012-06-21 17:23:12 +01:00
Meatballs1
be255d53c0
Initial post/windows/gather/credentials Windows Group Policy Preferences Passwords
2012-06-21 17:23:12 +01:00