Jonathan Claudius
eed9fbe024
Lose assignment in conditional
2015-01-26 23:48:08 -05:00
Jonathan Claudius
c496d2c987
Remove nil check
2015-01-26 23:43:31 -05:00
Jonathan Claudius
c29b7488b2
Fix double new line
2015-01-26 23:40:19 -05:00
Jonathan Claudius
d77f112e82
Minor Formatting
2015-01-26 23:31:36 -05:00
Jonathan Claudius
06485d8c89
Fix naming of things
2015-01-26 23:17:44 -05:00
Jonathan Claudius
685c4804e5
Add trailing return
2015-01-26 23:15:00 -05:00
Jonathan Claudius
6b6e47a237
Fix sessiontypes, again
2015-01-26 23:13:17 -05:00
Jonathan Claudius
747349a57a
Fix sessiontypes
2015-01-26 23:11:48 -05:00
Jonathan Claudius
ee7ecb349d
Fix description
2015-01-26 23:10:08 -05:00
Jonathan Claudius
106170eddc
Add multi to name
2015-01-26 23:08:43 -05:00
Jonathan Claudius
a3c7cf70f8
Make MSF Tidy more happy
2015-01-26 22:30:26 -05:00
Jonathan Claudius
d37b3cf0c3
Use next instead of return
2015-01-26 22:26:56 -05:00
Jonathan Claudius
f58dc2789f
Remove creds
2015-01-26 22:13:15 -05:00
Jonathan Claudius
a27c376ae7
Add service port and host
2015-01-26 22:06:07 -05:00
Jonathan Claudius
dd34b58e49
Add add loot
2015-01-26 22:01:38 -05:00
Jonathan Claudius
3889ed5784
Add cred login
2015-01-26 21:50:10 -05:00
Jonathan Claudius
eead063375
Add RubyGems API Post Gather Module
2015-01-26 20:53:39 -05:00
sinn3r
d7375e84ea
Move modules/post/windows/escalate/net_runtime_modify.rb
...
This module was scheduled to be removed on 01/08/2015.
Please use exploit/windows/local/service_permissions instead.
2015-01-26 00:29:43 -06:00
Jon Hart
e7c21f3205
Land #4503 , @m7x's post module for extracting McAfee VSE hashes
2015-01-21 20:44:41 -08:00
Jon Hart
9cc58a8d69
Lastly, rename the file so that it is specific to McAfee VSE
2015-01-21 20:44:34 -08:00
Jon Hart
683a541064
Tighten up prints to make it specific to VSE, not McAfee in general
2015-01-21 20:33:54 -08:00
Jon Hart
52be3d80b7
Minor ruby style cleanup
2015-01-21 20:27:38 -08:00
Jon Hart
ceed293969
Remove unnecessary requires
2015-01-21 20:23:03 -08:00
Jon Hart
f73052710d
Correct recent msftidy change in outlook gather
2015-01-21 13:27:48 -08:00
Jon Hart
46a0ec8a68
Make timeout for Powershell scripts configurable
2015-01-21 13:24:43 -08:00
wez3
bd0a20a717
Update outlook.rb execute_script time_out
...
I have been using the script in real life cases which have bigger e-mailboxes then in the testing environment. Because of execute_script default time_out no results return, as the powershell scripts run longer then 15 seconds. Changed the timeout to 120.
2015-01-20 11:16:37 +01:00
jvazquez-r7
43e0afeaed
Delete 's' typo
2015-01-19 12:55:35 -06:00
jvazquez-r7
79a24f80b8
Use constant for play options
2015-01-19 12:50:40 -06:00
jvazquez-r7
652400451e
Delete extra k
2015-01-19 12:35:26 -06:00
IMcPwn
50d43f118b
Make URLs better
...
Removes YouTube logo, loops, hides video controls at bottom, disables keyboard controls, doesn't show info about the video on the top, hides video annotations, and doesn't show related videos at the end.
2015-01-19 12:27:18 -05:00
root
3a5d6b4717
Store password hash as loot
2015-01-17 14:17:41 +00:00
Tod Beardsley
375a7e1fe9
Typo. Filtering.
2015-01-16 16:30:52 -06:00
Jon Hart
8889f95920
Correct McAfee credential storage, prepare for store_loot
2015-01-16 12:10:01 -08:00
root
f4f4787efe
Move run method
2015-01-14 23:54:02 +00:00
David Maloney
f42bda1a51
refactor parsing the results
...
moved the result parsing into its own method
cleaned up run method a bit more, added YARD docs
to the new methods
2015-01-14 14:15:57 -06:00
David Maloney
c687ecca2e
refactor filter building
...
move the filter_string into a seperate method
and use shovel oeprator to keep it a little cleaner
2015-01-14 14:04:28 -06:00
David Maloney
9b344a9605
move query fields to a constant
...
these fields should never change, so put the array
in a constant and freeze it to prevent accidental tampering
2015-01-14 13:20:00 -06:00
David Maloney
82939595f8
Merge branch 'master' into feature/metaballs1/enum_ad_users
2015-01-14 13:06:18 -06:00
root
52b929c5ca
Fix https://github.com/m7x/metasploit-framework/pull/1#issuecomment-69454590
2015-01-10 14:15:53 +00:00
Jon Hart
5c12f9da75
More cleanup
...
Handle multiple versions
Better print_
Actually extract
2015-01-09 18:01:17 -08:00
Jon Hart
35fd17c4f1
Cleanup style
2015-01-09 11:00:25 -08:00
Brent Cook
fb5170e8b3
Land #2766 , Meatballs1's refactoring of ExtAPI services
...
- Many code duplications are eliminated from modules in favor of shared
implementations in the framework.
- Paths are properly quoted in shell operations and duplicate operations are
squashed.
- Various subtle bugs in error handling are fixed.
- Error handling is simpler.
- Windows services API is revised and modules are updated to use it.
- various API docs added
- railgun API constants are organized and readable now.
2015-01-08 16:54:01 -06:00
Brent Cook
e447a17795
bump deprecated date
2015-01-08 16:20:06 -06:00
EricGershman
0496bb16bc
Minor spelling fix
2015-01-07 23:43:59 -05:00
Meatballs
0b0ac1455a
Merge remote-tracking branch 'upstream/master' into extapi_service_post
...
Conflicts:
test/modules/post/test/services.rb
2015-01-07 20:53:34 +00:00
m7x
89699d1549
Typo workspace_id
2015-01-07 10:58:59 +00:00
William Vu
46aa165ca5
Land #4481 , enum_users_history improvements
2015-01-06 01:52:38 -06:00
William Vu
745bfb2f35
Clean things up
2015-01-06 01:48:18 -06:00
Meatballs
dd5c638ab0
Merge remote-tracking branch 'upstream/master' into extapi_service_post
2015-01-05 22:18:44 +00:00
sinn3r
44dfa746eb
Resolve #4513 - Change #inspect to #to_s
...
Resolve #4513
2015-01-05 11:50:51 -06:00
sinn3r
d45cdd61aa
Resolve #4507 - respond_to? + send = evil
...
Since Ruby 2.1, the respond_to? method is more strict because it does
not check protected methods. So when you use send(), clearly you're
ignoring this type of access control. The patch is meant to preserve
this behavior to avoid potential breakage.
Resolve #4507
2015-01-02 13:29:17 -06:00
root
c348663204
Add McAfee Hashdump
2015-01-02 10:22:11 +00:00
Tod Beardsley
264d3f9faa
Minor grammar fixes on modules
2014-12-31 11:45:14 -06:00
Brendan Coles
cc75c33d60
Use user home directories
...
Replace hard-coded '/home/' and '/root/' with `~username` shorthand.
2014-12-31 09:12:35 +11:00
Brendan Coles
013e45e83d
Add support for MongoDB history
2014-12-31 08:38:58 +11:00
Brendan Coles
d2e6f90569
Use a list of users
2014-12-31 08:12:16 +11:00
Brendan Coles
897e993971
Update description
2014-12-30 08:05:53 +11:00
Brendan Coles
8719a36d84
DRY status messages
2014-12-30 08:03:40 +11:00
Brendan Coles
0de80e9c76
Minor changes to style
2014-12-30 07:58:54 +11:00
Brendan Coles
0085bcf075
Use `blank?' instead of `nil?'
2014-12-30 07:38:34 +11:00
Brendan Coles
a50ac4050c
Add support for PostgreSQL history
2014-12-30 07:33:22 +11:00
Brendan Coles
4ebe0fc0a8
Add support for different shells
2014-12-30 07:26:12 +11:00
Mark Judice
30228bcfe7
Added underscore to user regex in smart_hashdump.rb to support usernames that contain underscores. Issue #4349 .
2014-12-23 22:36:11 -06:00
jvazquez-r7
01cf14d44e
Fix banner
2014-12-23 01:02:09 -06:00
jvazquez-r7
4928cd36e4
Land #4187 , @BorjaMerino's post module to get output rules
2014-12-23 01:01:03 -06:00
jvazquez-r7
49fef9e514
Do minor module clean up
2014-12-23 01:00:21 -06:00
Meatballs
6a822cca61
Move code out of begin/rescue block
2014-12-17 06:45:00 +00:00
Meatballs
dd63d793e5
Bring in @darkoperator's filters
2014-12-17 06:14:21 +00:00
Meatballs
8c7ff728ef
Gather some more info
2014-12-17 05:46:01 +00:00
sinn3r
4c714b3eaf
Land #4386 - Fix issue #3852 (support for other languages for enable_rdp)
2014-12-15 11:37:05 -06:00
root
6480ae2c03
Show message at the end
2014-12-15 16:26:39 +01:00
root
288954afa0
recvfrom allocation changed
2014-12-14 18:58:48 +01:00
Meatballs
00b802cc68
Reindent description
2014-12-14 10:04:18 +00:00
Meatballs
6ecf537f40
Grab user creds to database
2014-12-13 20:30:20 +00:00
Meatballs
e914061745
Gsub out funny character when storing to database
2014-12-13 18:35:31 +00:00
Meatballs
316710329b
Fix field.value
2014-12-13 18:31:29 +00:00
Meatballs
d3d744a7cb
Make sure we get the field :value
2014-12-13 18:13:36 +00:00
jvazquez-r7
5eb510f7bc
Use the correct variable for the filename
2014-12-12 17:40:26 -06:00
jvazquez-r7
27323bcaa5
Fix #3852 , make enable_rdp with other languages
2014-12-12 17:30:14 -06:00
wez3
3b6e92726c
Update outlook rb, "NL" to "nl_NL"
...
Update outlook rb, "NL" to "nl_NL"
2014-12-12 20:09:34 +01:00
Christian Mehlmauer
0f27c63720
fix msftidy warnings
2014-12-12 13:16:21 +01:00
Jon Hart
65b316cd8c
Land #4372
2014-12-11 18:48:16 -08:00
Jon Hart
e5e40307e6
Land #4373
2014-12-11 18:45:53 -08:00
Christian Mehlmauer
544f75e7be
fix invalid URI scheme, closes #4362
2014-12-11 23:34:10 +01:00
Christian Mehlmauer
de88908493
code style
2014-12-11 23:30:20 +01:00
Tod Beardsley
af9979d30b
Ruby style on methods please
...
Introduced in #4220 . This ain't no JavaScript!
2014-12-11 15:24:30 -06:00
Tod Beardsley
909971e0bf
Margins on description, PowerShell not Powershell
2014-12-08 10:57:49 -06:00
Tod Beardsley
80dc781625
Email over E-mail
...
While I believe "e-mail" is the actually correct spelling, we tend to
say "email" everywhere else. See:
````
todb@mazikeen:~/git/rapid7/metasploit-framework$ grep -ri "print.*email"
modules/ | wc -l
19
[ruby-2.1.5@metasploit-framework](fixup-grammar)
todb@mazikeen:~/git/rapid7/metasploit-framework$ grep -ri
"print.*e-mail" modules/ | wc -l
1
````
2014-12-08 10:55:26 -06:00
Christian Mehlmauer
738fc78883
Land #4220 , outlook gather post module
2014-12-07 22:41:28 +01:00
Christian Mehlmauer
cc63d435c7
another whitespace
2014-12-06 09:32:22 +01:00
Christian Mehlmauer
f0a47f98bc
final formatting
2014-12-06 00:38:05 +01:00
Christian Mehlmauer
f1f743804e
more formatting
2014-12-06 00:31:38 +01:00
Christian Mehlmauer
9187a409ec
outlook post module fixes
2014-12-06 00:28:44 +01:00
wez3
7c62fa5c95
Add Windows post module for reading/searching Outlook e-mail #8
2014-12-04 14:28:40 +01:00
wez3
3cadcb942a
Add Windows post module for reading/searching Outlook e-mail #7
2014-12-03 18:30:22 +01:00
wez3
611e8c72eb
Add Windows post module for reading/searching Outlook e-mail #6
2014-12-02 14:05:08 +01:00
peregrino
84bb5b5215
Rex::Socket.to_sockaddr changed
2014-11-26 17:51:38 +01:00
peregrino
16b64ff42a
Rex::Socket.to_sockaddr changed
2014-11-26 17:51:05 +01:00
peregrino
16a9450d43
session.tunnel_peer changed by session.session_host. Other minor changes
2014-11-26 12:08:54 +01:00
jvazquez-r7
5615d65aee
Do minor cleanup
2014-11-25 17:35:07 -06:00
wez3
5294594379
dd Windows post module for reading/searching Outlook e-mail #5 Add DE
2014-11-25 14:36:14 +01:00
jvazquez-r7
71669b9f9e
Change module filename
2014-11-24 20:34:12 -06:00
jvazquez-r7
5c4b1b0283
Output some information
2014-11-24 20:31:26 -06:00
jvazquez-r7
6e9cd331b3
Modify description
2014-11-24 20:28:38 -06:00
jvazquez-r7
261da9306e
Use store_loot
2014-11-24 20:22:21 -06:00
jvazquez-r7
cf52dd895f
Refactor search
2014-11-24 20:20:37 -06:00
jvazquez-r7
2fa5223d3b
move check out of the begin block
2014-11-24 19:28:53 -06:00
jvazquez-r7
90bdc770b5
Use literal creation notation
2014-11-24 19:27:50 -06:00
jvazquez-r7
2c4caeed29
Clean metadata
2014-11-24 19:26:12 -06:00
jvazquez-r7
443dd7b6c0
Use constants
2014-11-24 19:04:02 -06:00
jvazquez-r7
250250beb0
Fix indentation
2014-11-24 18:58:07 -06:00
jvazquez-r7
88ccffacb4
Update from upstream master
2014-11-24 18:32:35 -06:00
wez3
53b69583f4
Add Windows post module for reading/searching Outlook e-mail #4
2014-11-21 20:00:30 +01:00
wez3
435c6eef81
Add Windows post module for reading/searching Outlook e-mail #3
2014-11-18 16:27:33 +01:00
wez3
91a53dc36c
Add Windows post module for reading/searching Outlook e-mail
2014-11-18 12:41:24 +01:00
jvazquez-r7
54de805b7a
Report credentials
...
* Even when we are not associating them to hosts
* It's a post module so maybe we cannot solve some names
2014-11-17 12:49:18 -06:00
wez3
7a2b7208e7
Add Windows post module for reading/searching Outlook e-mail
2014-11-17 19:38:55 +01:00
jvazquez-r7
b3b37c7c9f
Use longer description lines
2014-11-17 12:23:22 -06:00
jvazquez-r7
145e610c0f
Avoid shadowing new method
2014-11-17 12:22:30 -06:00
Jon Hart
d5afb2b766
%q
2014-11-17 09:01:14 -08:00
Jon Hart
ce73e32673
Doc and named captures
2014-11-17 09:01:14 -08:00
Jon Hart
bf05fe1389
Refactoring, simplification, better print_*
2014-11-17 09:01:14 -08:00
Jon Hart
6e1cdfde36
Rip out create_credential* stuff. Use what works
2014-11-17 09:01:14 -08:00
Jon Hart
e5bb13a609
If remmina config files are missing data for creds, tell me what
2014-11-17 09:01:14 -08:00
Jon Hart
875d1f9ea0
Convert Remmina credential gatherer to use new credentials model
2014-11-17 09:01:14 -08:00
Jon Hart
086f0c02d6
Remove excessive logging
2014-11-17 09:01:14 -08:00
Jon Hart
90e58e9e71
Binary encoding
2014-11-17 09:01:14 -08:00
Jon Hart
e76373340e
Correct some Rubocop things that I agree with
2014-11-17 09:01:14 -08:00
Jon Hart
f729a6cf02
Add Remmina RDP/SSH/VNC password gathering
2014-11-17 09:01:13 -08:00
Peregrino Gris
80a9fa4b5d
Ports default values added, is_internal REX function added, reference added
2014-11-13 10:10:25 +01:00
Peregrino Gris
529f749abb
Add post-exploitation module to get FW filtering rules
2014-11-12 17:38:49 +01:00
Jon Hart
c765100efd
Land #4004 , @martinvigo's LastPass master password extraction module
2014-10-22 16:34:54 -07:00
Jon Hart
29b61984c5
Update to use correctly joined path
2014-10-22 16:34:17 -07:00
Tim Wright
b8c3fadb9e
python 3 is supported now too :)
2014-10-22 20:10:48 +01:00
Tim Wright
8c3c73a72d
inline the error message
2014-10-22 20:08:14 +01:00
Tim Wright
2ab73688dc
use framework.threads to launch cleanup thread
2014-10-22 19:40:29 +01:00
Tim Wright
22fc6496ac
Merge branch 'pr/3401' into landing-3401
2014-10-22 19:23:01 +01:00
Jon Hart
88c1647c80
Loot the passwords, obviously
2014-10-19 13:11:10 -07:00
Jon Hart
0971d7c3ac
Remove ... from prints, only map a browser if we found something
2014-10-19 13:05:11 -07:00
Jon Hart
967800eed0
Track account name for more useful table and prints
2014-10-19 12:59:51 -07:00
Jon Hart
5a05246682
Consistent case in *print_*
2014-10-19 12:30:50 -07:00
Jon Hart
a30663e412
Fix multiuser LastPass extraction, print/vprint cleanup
2014-10-17 17:40:19 -07:00
Jon Hart
d2a00b208e
Minor style cleanup to appease Rubocop
2014-10-17 12:50:18 -07:00
Jon Hart
d97fe548b9
Store the browser name in LastPass loot
2014-10-17 11:33:31 -07:00
Jon Hart
43238c7324
Simplify LastPass extraction. Track what browser that puked creds
2014-10-17 11:19:36 -07:00
Jon Hart
9177b931fd
Refactoring of LastPass module to use correct Firefox path on *nix
2014-10-17 10:20:55 -07:00
URI Assassin
35d3bbf74d
Fix up comment splats with the correct URI
...
See the complaint on #4039 . This doesn't fix that particular
issue (it's somewhat unrelated), but does solve around
a file parsing problem reported by @void-in
2014-10-17 11:47:33 -05:00
Martin Vigo
36d6220f8f
Make use of Rex::Ui::Text::Table
2014-10-15 23:13:53 -07:00
Martin Vigo
bb421859d3
Refactor code and add support for all Windows
2014-10-15 22:15:54 -07:00
Martin Vigo
c7e0ced02b
Remove useless conditions
2014-10-15 21:29:47 -07:00