Commit Graph

666 Commits (500451518740f10d4e212796a29009cac44a0781)

Author SHA1 Message Date
ohdae b635019d56 saves each config to loot instead of notes 2012-03-16 09:14:48 -04:00
sinn3r 9f0a293a53 Correct variable name 2012-03-16 01:17:39 -05:00
ohdae 13b92b97e9 Fixed incorrect variable within get_sql_history 2012-03-16 01:40:12 -03:00
ohdae f6a2e2b890 Enumerate important and interesting configuration files 2012-03-15 22:59:42 -04:00
sinn3r e53938b9d7 Merge branch 'ohdae-post-mods' 2012-03-15 14:30:23 -05:00
sinn3r 2770199d28 enum_protections is now find_apps 2012-03-15 14:27:40 -05:00
sinn3r e5c420b676 File rename, as well as design and cosmetic changes 2012-03-15 14:22:23 -05:00
sinn3r 8b91cc54c3 Merge branch 'post-mods' of https://github.com/ohdae/metasploit-framework into ohdae-post-mods 2012-03-15 13:50:43 -05:00
ohdae 7e7b220b70 added report_note, removed store_loot function, cleaned up info/author 2012-03-15 15:29:52 -03:00
ohdae b88af39f74 fixed output newline issue 2012-03-15 12:18:29 -03:00
ohdae 32002c595d fixed save line 2012-03-15 01:05:35 -03:00
ohdae c165b7b7c2 removed unneeded comments 2012-03-15 01:02:07 -03:00
ohdae 58b2d570c9 fixed output issue 2012-03-15 01:00:55 -03:00
ohdae ffc41bf265 removed unneeded dependency 2012-03-14 18:26:53 -03:00
Jonathan Cran c38aaede03 duplicate of enum_users_history.rb 2012-03-14 16:07:49 -05:00
ohdae 5c74b7741b locates installed 3rd part av, fws, etc 2012-03-14 13:30:16 -04:00
sinn3r d1efb40d2d Fix bad path for Windows (bug #6523) - Thanks Francesco 2012-03-14 12:27:40 -05:00
sinn3r 3b880359fe Change module name to better describe the purpose of it. Also some cosmetic corrections. 2012-03-14 11:44:03 -05:00
sinn3r 704f8e391d Remove the line that's commented out 2012-03-14 11:37:43 -05:00
ohdae 60b3ee7b16 Added user specific tasks to enum_users, removed bash_hist from enum_sys, added disk space info to enum_system 2012-03-14 09:06:51 -04:00
sinn3r 50f8b6088b Fix cosmetic problems 2012-03-14 05:20:19 -05:00
sinn3r 4872e80385 Cleanup whitespace and author format 2012-03-14 05:18:00 -05:00
sinn3r 9d7e22876c Merge branch 'my-branch' of https://github.com/ohdae/metasploit-framework 2012-03-14 05:14:33 -05:00
ohdae fbd076e749 removed old/ folder 2012-03-13 22:49:01 -04:00
ohdae b86fa5c85b Combined network tasks into enum_network.rb, Combined user/system tasks into enum_system.rb 2012-03-13 22:24:49 -04:00
ohdae 0fe26780b9 Merge branch 'my-branch' of github.com:ohdae/metasploit-framework into my-branch 2012-03-13 22:20:59 -04:00
ohdae 96fb9fd458 Combined network tasks into one module, Combined system/user tasks into one module 2012-03-13 22:18:24 -04:00
ohdae f79bda2dc7 Update modules/post/linux/gather/enum_linux.rb 2012-03-13 21:15:47 -03:00
ohdae 3260bc6b65 Update modules/post/linux/gather/enum_linux.rb 2012-03-13 21:14:49 -03:00
ohdae bd5950ea52 added active connections, iwconfig, if-up/down, open ports 2012-03-13 20:09:41 -04:00
ohdae 4b7e380581 Linux post ssh enum, Linux post network info 2012-03-13 17:27:21 -04:00
James Lee 2b9acb61ad Clean up some incosistent verbosity
Modules should use `vprint_*` instead of `print... if
datastore["VERBOSE"]` or similar constructs
2012-03-06 12:01:20 -07:00
James Lee 70162fde73 A few more author typos 2012-03-05 13:28:46 -07:00
James Lee 82c23e95d3 Module author typo 2012-03-05 13:28:46 -07:00
sinn3r 9258cda144 Change :info and file name so it's easier to identify it's a Firefox profile 2012-03-02 16:45:42 -06:00
sinn3r 8f30e5548c Fix bug: "TypeError can't convert nil into String" when fd.read can be nil 2012-03-02 02:18:07 -06:00
sinn3r d06848ba56 Default to token impersonation before migrating to a different process 2012-03-01 18:31:33 -06:00
sinn3r 687c50d0cd Indent level fix 2012-03-01 16:14:29 -06:00
Gregory Man eaf41769ed Fixed gather/apple_ios_backup to work with OSX
Also moved it to post/multi/gather
2012-02-29 10:31:26 +02:00
James Lee f3e0b46e5c Post mods should use session_host when reporting
target_host probably never worked anyway
2012-02-28 18:40:17 -07:00
James Lee 624e19fd8b Merge session-host-rework branch back to master
Squashed commit of the following:

commit 2f4e8df33c5b4baa8d6fd67b400778a3f93482aa
Author: James Lee <egypt@metasploit.com>
Date:   Tue Feb 28 16:31:03 2012 -0700

    Clean up some rdoc comments

    This adds categories for the various interfaces that meterpreter and
    shell sessions implement so they are grouped logically in the docs.

commit 9d31bc1b35845f7279148412f49bda56a39c9d9d
Author: James Lee <egypt@metasploit.com>
Date:   Tue Feb 28 13:00:25 2012 -0700

    Combine the docs into one output dir

    There's really no need to separate the API sections into their own
    directory.  Combining them makes it much easier to read.

commit eadd7fc136a9e7e4d9652d55dfb86e6f318332e0
Author: James Lee <egypt@metasploit.com>
Date:   Tue Feb 28 08:27:22 2012 -0700

    Keep the order of iface attributes the same accross rubies

    1.8 doesn't maintain insertion order for Hash keys like 1.9 does so we
    end up with ~random order for the display with the previous technique.
    Switch to an Array instead of a Hash so it's always the same.

commit 6f66dd40f39959711f9bacbda99717253a375d21
Author: James Lee <egypt@metasploit.com>
Date:   Tue Feb 28 08:23:35 2012 -0700

    Fix a few more compiler warnings

commit f39cb536a80c5000a5b9ca1fec5902300ae4b440
Author: James Lee <egypt@metasploit.com>
Date:   Tue Feb 28 08:17:39 2012 -0700

    Fix a type-safety warning

commit 1e52785f38146515409da3724f858b9603d19454
Author: James Lee <egypt@metasploit.com>
Date:   Mon Feb 27 15:21:36 2012 -0700

    LHOST should be OptAddress, not OptAddressRange

commit acef978aa4233c7bd0b00ef63646eb4da5457f67
Author: James Lee <egypt@metasploit.com>
Date:   Sun Feb 26 17:45:59 2012 -0700

    Fix a couple of warnings and a typo

commit 29d87f88790aa1b3e5db6df650ecfb3fb93c675b
Author: HD Moore <hdm@digitaloffense.net>
Date:   Mon Feb 27 11:54:29 2012 -0600

    Fix ctype vs content_type typo

commit 83b5400356c47dd1973e6be3aa343084dfd09c73
Author: Gregory Man <man.gregory@gmail.com>
Date:   Sun Feb 26 15:38:33 2012 +0200

    Fixed scripts/meterpreter/enum_firefox to work with firefox > 3.6.x

commit 49c2c80b347820d02348d694cc71f1b3028b4365
Author: Steve Tornio <swtornio@gmail.com>
Date:   Sun Feb 26 07:13:13 2012 -0600

    add osvdb ref

commit e18e1fe97b89c3a2b8c22bc6c18726853d2c2bee
Author: Matt Andreko <mandreko@gmail.com>
Date:   Sat Feb 25 18:02:56 2012 -0500

    Added aspx target to msfvenom.  This in turn added it to msfencode as well.
    Ref: https://github.com/rapid7/metasploit-framework/pull/188
    Tested on winxp with IIS in .net 1.1 and 2.0 modes

commit e6aa5072112d79bbf8a4d2289cf8d301db3932f5
Author: Joshua J. Drake <github.jdrake@qoop.org>
Date:   Sat Feb 25 13:00:48 2012 -0600

    Fixes #6308: Fall back to 127.0.0.1 when SocketError is raised from the resolver

commit b3371e8bfeea4d84f9d0cba100352b57d7e9e78b
Author: James Lee <egypt@metasploit.com>
Date:   Tue Feb 28 17:07:42 2012 -0700

    Simplify logic for whether an inner iface has the same address

commit 5417419f35a40d1c08ca11ca40744722692d3b0d
Author: James Lee <egypt@metasploit.com>
Date:   Tue Feb 28 16:58:16 2012 -0700

    Whitespace

commit 9036875c2918439ae23e11ee7b958e30ccc29545
Author: James Lee <egypt@metasploit.com>
Date:   Tue Feb 28 16:53:45 2012 -0700

    Set session info before worrying about address

    get_interfaces can take a while on Linux, grab uid and hostname earlier
    so we can give the user an idea of what they popped as soon as possible.

commit f34b51c6291031ab25b5bfb1ac6307a516ab0ee9
Author: James Lee <egypt@metasploit.com>
Date:   Tue Feb 28 16:48:42 2012 -0700

    Clean up rdoc

commit e61a0663454400ec66f59a80d18b0baff4cb8cd9
Author: HD Moore <hd_moore@rapid7.com>
Date:   Tue Feb 28 04:54:45 2012 -0600

    Ensure the architecture is only the first word (not the full WOW64
    message in some cases)

commit 4c701610976a92298c1182eecc9291a1b301e43b
Author: HD Moore <hd_moore@rapid7.com>
Date:   Tue Feb 28 04:49:17 2012 -0600

    More paranoia code, just in case RHOST is set to whitespace

commit c5ff89fe3dc9061e0fa9f761e6530f6571989d28
Author: HD Moore <hd_moore@rapid7.com>
Date:   Tue Feb 28 04:47:01 2012 -0600

    A few more small bug fixes to handle cases with an empty string target
    host resulting in a bad address

commit 462d0188a1298f29ac83b10349aec6737efc5b19
Author: HD Moore <hd_moore@rapid7.com>
Date:   Tue Feb 28 03:55:10 2012 -0600

    Fix up the logic (reversed by accident)

commit 2b2b0adaec2448423dbd3ec54d90a5721965e2df
Author: HD Moore <hd_moore@rapid7.com>
Date:   Mon Feb 27 23:29:52 2012 -0600

    Automatically parse system information and populate the db, identify and
    report NAT when detected, show the real session_host in the sessions -l
    listing

commit 547a4ab4c62dc3248f847dd5d305ad3b74157348
Author: HD Moore <hd_moore@rapid7.com>
Date:   Mon Feb 27 22:16:03 2012 -0600

    Fix typo introduced

commit 27a7b7961e61894bdecd55310a8f45d0917c5a5c
Author: HD Moore <hd_moore@rapid7.com>
Date:   Mon Feb 27 22:11:38 2012 -0600

    More session.session_host tweaks

commit e447302a1a9915795e89b5e29c89ff2ab9b6209b
Author: HD Moore <hd_moore@rapid7.com>
Date:   Mon Feb 27 22:08:20 2012 -0600

    Additional tunnel_peer changes

commit 93369fcffaf8c6b00d992526b4083acfce036bb3
Author: HD Moore <hd_moore@rapid7.com>
Date:   Mon Feb 27 22:06:21 2012 -0600

    Additional changes to session.session_host

commit c3552f66d158685909e2c8b51dfead7c240c4f40
Author: HD Moore <hd_moore@rapid7.com>
Date:   Mon Feb 27 22:00:19 2012 -0600

    Merge changes into the new branch
2012-02-28 18:29:39 -07:00
James Lee e69c8ca422 LHOST should be OptAddress, not OptAddressRange 2012-02-28 08:16:06 -07:00
HD Moore 139136e033 Fix a handful of typos in the regex/parsing code 2012-02-26 02:10:06 -06:00
Gregory Man 8a158c3a00 Added OSX support to post/multi/gather/firefox_creds
Tested on OSX 10.7.3 and FF 9.0.1
2012-02-24 16:44:42 +02:00
James Lee 9ddca81ab5 Fix test that always evals to false
Meterpreter does not respond_to? extension names, they're magic.
2012-02-23 14:52:48 -07:00
Gregory Man ace28a8388 1.9 compatibility fix
Strings in ruby 1.9 doesn't have #each method
2012-02-22 18:01:17 +02:00
Gregory Man 66fa56cc49 Fixed post/multi/gather/ssh_creds to work with shell session 2012-02-22 15:16:11 +02:00
James Lee 464cf7f65f Normalize service names
Downcases lots and standardizes a few.  Notably, modules that reported a
service name of "TNS" are now "oracle".  Modules that report http
now check for SSL and report https instead.

[Fixes #6437]
2012-02-21 22:59:20 -07:00
David Maloney d3fad51f3a Fix my screwup in winscp for servicename 2012-02-21 20:31:52 -06:00
David Maloney dcf3f3579d Fix to the awful sname in this module 2012-02-21 20:28:27 -06:00
Tod Beardsley 4a631e463c Module title normalization
Module titles should read like titles. For
capitalization rules in English, see:
http://owl.english.purdue.edu/owl/resource/592/01/

The only exceptions are function names (like 'thisFunc()') and specific
filenames (like thisfile.ocx).
2012-02-21 11:07:44 -06:00
HD Moore ceb4888772 Fix up the boilerplate comment to use a better url 2012-02-20 19:40:50 -06:00
sinn3r f09ce04b00 Show where store_loot() saves the info 2012-02-20 14:22:05 -06:00
sinn3r cda9166180 This module should show where store_loot() saves the results 2012-02-20 14:15:55 -06:00
sinn3r 779e3cdcda Correct more post modules for naming style consistency 2012-02-20 13:49:23 -06:00
sinn3r fd283dd95b Correct naming style 2012-02-20 12:38:43 -06:00
sinn3r 3180d75168 Correct naming style 2012-02-20 12:38:31 -06:00
sinn3r 22e40d9da4 Change naming style for consistency 2012-02-20 12:35:53 -06:00
sinn3r 300558e009 Correct post module naming style 2012-02-20 12:34:35 -06:00
sinn3r ef2c261ce9 Change print() to print_line() 2012-02-18 00:22:02 -06:00
sinn3r 1f34c1ffd2 Correct print() and sleep() to print_line and select() 2012-02-18 00:20:52 -06:00
sinn3r afe6bce1c6 More documentation on the file format 2012-02-16 21:58:12 -06:00
Rob Fuller c38ad92ade Post module to upload shortcut (LNK) files with UNC path ICONs for post exploitation 2012-02-16 18:34:19 +00:00
Tod Beardsley ab65a1ad8c Name caps and readability for new post modules 2012-02-14 16:23:12 -06:00
sinn3r 7129ec8e3a Change indent level for the metadata 2012-02-12 17:33:03 -06:00
Jon Hart 49bf9435c2 Post module to loot creds from .fetchmailrc 2012-02-12 11:24:21 -08:00
Rob Fuller 1f1e67cb16 Moved railgun function definitions into central storage and out of individual modules where possible 2012-02-09 04:56:13 +00:00
RageLtMan 858401463d add exec timeout 2012-02-05 14:52:38 -05:00
RageLtMan 53ec982385 download_exec_fix 2012-02-05 14:35:44 -05:00
HD Moore e4faa33517 Fix a typo introduce in the usb dumper 2012-02-04 00:03:20 -06:00
HD Moore 0737ccb8e2 Remove nulls from the unicode drive name 2012-02-04 00:03:03 -06:00
sinn3r 1676bd3c4f Add MSF License header. Use print once to print the whole table instead of running print multiple times. Show where the results are save. 2012-02-02 11:13:08 -06:00
sinn3r d230eeedc0 Merge branch 'mount.smbfs-creds' of https://github.com/jhartftw/metasploit-framework into jhartftw-mount.smbfs-creds 2012-02-02 10:21:21 -06:00
David Maloney 36e37e04fb Fixes to post module cred reporting.
call to session.db_record.id would error if no db
was connected.
Fixes #6325
2012-02-01 12:26:35 -06:00
Tod Beardsley e371f0f64c MSFTidy commits
Whitespace fixes, grammar fixes, and breaking up a multiline SOAP
request.

Squashed commit of the following:

commit 2dfd2472f7afc1a05d3647c7ace0d031797c03d9
Author: Tod Beardsley <todb@metasploit.com>
Date:   Wed Feb 1 10:58:53 2012 -0600

    Break up the multiline SOAP thing

commit 747e62c5be2e6ba99f70c03ecd436fc444fda99e
Author: Tod Beardsley <todb@metasploit.com>
Date:   Wed Feb 1 10:48:16 2012 -0600

    More whitespace and indent

commit 12c42aa1efdbf633773096418172e60277162e22
Author: Tod Beardsley <todb@metasploit.com>
Date:   Wed Feb 1 10:39:36 2012 -0600

    Whitespace fixes

commit 32d57444132fef3306ba2bc42743bfa063e498df
Author: Tod Beardsley <todb@metasploit.com>
Date:   Wed Feb 1 10:35:37 2012 -0600

    Grammar fixes for new modules.
2012-02-01 10:59:58 -06:00
Jon Hart 4aa52203da Renamed, switched partially to store_loot 2012-02-01 08:50:50 -08:00
sinn3r 98fbf84dac Module should inform where the files are saved 2012-02-01 03:41:19 -06:00
sinn3r 06f7165ee6 Add Metasploit license header (it's already MSF licensed) 2012-02-01 00:49:45 -06:00
sinn3r f23ebbc7b5 Change how creds are displayed and saved 2012-02-01 00:48:14 -06:00
sinn3r 187f630283 Merge branch 'netrc-creds' of https://github.com/jhartftw/metasploit-framework into jhartftw-netrc-creds 2012-01-31 22:45:47 -06:00
Jon Hart b0df29c3ff Switch to store_loot, since report_auth_info only works with Host
objects or IPs, currently (see
https://dev.metasploit.com/redmine/issues/6313)
2012-01-30 23:08:02 -08:00
sinn3r 25fbe1c7d0 Merge branch 'master' of https://github.com/darkoperator/metasploit-framework 2012-01-30 19:57:29 -06:00
Tod Beardsley 6068580813 Should fix the report_auth_info call -- needs a host, not a session. Be nice if it handled a session, though.
[See #146]
2012-01-30 19:23:05 -06:00
Carlos Perez 24747e18e3 The directory path for the accounts.xml was not set properly for windows systems 2012-01-30 18:19:17 -04:00
sinn3r 1dec4c0c45 These modules should use vprint_xxx() instead of print_xxx() ... if datastore['VERBOSE'] 2012-01-30 13:08:35 -06:00
Jon Hart 1b03a48540 Use desired [at] format for email 2012-01-30 08:21:58 -08:00
Jon Hart 16610d8852 Update email address to use desired [at] format 2012-01-30 08:05:08 -08:00
sinn3r 21a05ce1d6 Fix bug: NoMethodError undefined method `report_vm' (#6298) 2012-01-30 00:44:45 -06:00
Jon Hart 37d467ea79 Loot .netrc files, generic enum_user_directories 2012-01-29 14:03:57 -08:00
Jon Hart 5294fb57a4 Add post module to obtain SMB credentials stored for mount.smbfs 2012-01-29 12:04:26 -08:00
David Maloney c5e667a1dc Post Module to enumerate VirtualBox VMs for the current user. 2012-01-27 11:12:59 -06:00
David Maloney 0e0aa33c47 Merge branch 'master' of github.com:rapid7/metasploit-framework 2012-01-27 11:12:35 -06:00
David Maloney 56be45f3a4 A few minor fixes to the find vmx module 2012-01-27 11:12:17 -06:00
sinn3r a4c876a424 No need to manually add VERBOSE as an option, it already is (built-in) 2012-01-27 02:17:59 -06:00
sinn3r 3f4dbd9df6 Merge branch 'master' of https://github.com/averagesecurityguy/metasploit-framework 2012-01-27 01:58:42 -06:00
Stephen Haywood efda420e5f Updates to enum_artifacts 2012-01-26 19:35:39 -05:00
sinn3r 9b78b6bd17 Hmm, the indent level of the description looks a bit funny. Fixing. 2012-01-26 17:24:05 -06:00
David Maloney 494c37c659 Adds a Multi-System post module for finding VMWare Virtual Machines 2012-01-26 16:25:50 -06:00
Tod Beardsley 33c53b1f3f Updates vm checking 2012-01-26 13:02:39 -06:00
Dave Hull 76ebbc48ec Update modules/post/windows/gather/dumplinks.rb 2012-01-24 23:16:40 -06:00