infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
44,128 Commits
7 Branches
556 Tags
421 MiB
Commit Graph

469 Commits (52f56527d80b1435c85d832f559d967417c6d007)

Author SHA1 Message Date
James Lee 8217d55e25
Fix display issue when SESSION is -1 2016-03-11 11:37:22 -06:00
Christian Mehlmauer 3123175ac7
use MetasploitModule as a class name 2016-03-08 14:02:44 +01:00
Brent Cook f703fa21d6 Revert "change Metasploit3 class names" 
This reverts commit 666ae14259.
 2016-03-07 13:19:55 -06:00
Christian Mehlmauer 666ae14259
change Metasploit3 class names 2016-03-07 09:56:58 +01:00
Brent Cook c7c0e12bb3 remove various module hacks for the datastore defaults not preserving types 2016-03-05 23:11:39 -06:00
William Vu bfd204ac50 Fix some cosmetic issues 2016-02-19 15:00:56 -06:00
nk bc74ceb8c5 Handle errors when parsing interfaces.xml, add check for several locations 2016-02-11 15:56:58 +01:00
Nicolas Devillers 8118198628 Add vprint of the exception message 2016-02-10 22:47:51 +01:00
nk 1637891ece Add check for the uninstall location in vnc post module 2016-02-10 20:30:41 +01:00
William Vu cf0e982e83
Land #6386, VNC creds module fix 2015-12-28 02:32:26 -06:00
William Vu 6b9c74eec7 Prefer gsub and nix the return 2015-12-28 02:31:47 -06:00
Jon Hart f8943f4821
Remove peer; defined in lib/msf/core/post/common.rb 2015-12-24 07:57:16 -08:00
g0tmi1k 2f71730484 Gather VNC null byte fix + formatting 2015-12-22 17:30:37 +00:00
Brent Cook d551f421f8
Land #5799, refactor WinSCP module and library code to be more useful and flexible 2015-10-01 14:35:10 -05:00
jvazquez-r7 415fa3a244
Fix #5968, some modules not handling Rex::Post::Meterpreter::RequestError exceptions 
* Related to the usage of ADSI on unsupported OSes
 2015-09-21 14:33:00 -05:00
William Vu 5f9f66cc1f Fix nil bug in SSO gather module 2015-09-11 02:21:01 -05:00
jvazquez-r7 e7433b81bd
Reuse architecture check 2015-08-17 10:28:10 -05:00
jvazquez-r7 76f6312fab Fix #3916 Support 64 bits targets on enum_cred_store 2015-08-10 15:16:12 -05:00
Meatballs c197e5224d
Store loot 2015-08-01 20:52:25 +01:00
Meatballs deb6f5638e
Update WinSCP Gather 
* Refactor parsing to common library to support command line tool
* Look in APPDATA not just ProgramFiles
* Iterate over user APPDATA
 2015-08-01 20:44:14 +01:00
William Vu ff9b975576
Land #5701, @g0tmi1k's filezilla_server refactor 2015-07-29 11:13:22 -05:00
g0tmi1k 38e952ba07 Python -> Ruby 2015-07-29 10:55:28 +01:00
Samuel Huckins a818dc4460
Land #5657, misc fixes to domain_hashdump 2015-07-23 16:58:46 -05:00
g0tmi1k 14d0d456f4 Fix FileZilla perm loot bug 2015-07-11 19:11:59 +01:00
g0tmi1k c92d0d9df6 Fix FileZilla Server 2015-07-11 18:14:55 +01:00
Spencer McIntyre 632bcda345
Land #5652, improve LAPS filter to reduce empty results 2015-07-03 15:02:39 -04:00
David Maloney e843db78dc
put rhost option back 
it is needed for the wmic query that
creates the shadowcopy

MSP-12867
 2015-07-02 14:46:40 -05:00
David Maloney 7b2b526ea1
deregister unwated options 
deregister mixin options that we don't need
for this module
 2015-07-02 14:33:21 -05:00
William Vu 8892cbdd10 Fix some minor things 2015-07-02 14:32:16 -05:00
David Maloney cc51d1e8fd
use registry data for VSS grab 
use the location data we got from the registry for copying
the NTDS.dit file correctly with the VSS method
 2015-07-02 14:27:51 -05:00
David Maloney 89d283da09
check registry for ntds location 
check the registry for the location of the ntds.dit
file

MSP-12867
 2015-07-02 14:07:47 -05:00
Tod Beardsley 95f19e6f1f
Minor description edits for clarity 
Edited modules/exploits/multi/browser/adobe_flash_nellymoser_bof.rb
first landed in #5642, Adobe Flash CVE-2015-3113 Nellymoser Audio
Decoding BOF

Edited modules/post/windows/gather/credentials/enum_laps.rb first landed
in #5590, @Meatballs1 adds MS LAPS Enum post mod

Edited modules/post/windows/gather/enum_ad_bitlocker.rb first landed in
Keys from AD
 2015-07-02 13:51:37 -05:00
David Maloney 42daf4d38b
fix up ordering of pre-checks 
i hate early returns, but we need to bail out early
if some of these checks fail

MSP-12867
 2015-07-02 11:52:02 -05:00
Meatballs 8a3873d730
Tweak filter to reduce empty results 2015-07-02 09:53:08 +01:00
Spencer McIntyre a37ac1b089
Land #5590, @Meatballs1 adds MS LAPS Enum post mod 2015-07-01 21:19:15 -04:00
Meatballs 9c4a96761e
Small tidyup 2015-06-23 23:10:29 +01:00
Meatballs 4392b7c1de
Enum LAPS 2015-06-23 23:02:22 +01:00
Brent Cook e696d2f3dc Merge branch 'master' into land-5348-ntds 2015-06-22 17:18:13 -05:00
William Vu 2587595a92
Land #5556, vprint_status fix 2015-06-19 11:24:54 -05:00
jvazquez-r7 b349549754
Land #5464, @wchen-r7 Updates razer_synapse to use the new cred API 2015-06-19 09:42:44 -05:00
jvazquez-r7 6d2b7e05ef
Use downcase 2015-06-19 09:35:20 -05:00
jvazquez-r7 80f6e902b6
Land #5463, @wchen-r7 updates smartermail to use the new cred API 2015-06-19 09:29:34 -05:00
jvazquez-r7 0d7ef6f04e
Pass username as symbol 2015-06-19 09:29:00 -05:00
wchen-r7 fc35a53ac5 Pass options correctly 2015-06-19 00:14:58 -05:00
wchen-r7 fc1417809e Support hash format 2015-06-19 00:09:08 -05:00
g0tmi1k ce9481d2b7 Inconstancy - If datastore['VERBOSE'] vs vprint 2015-06-18 09:27:01 +01:00
jvazquez-r7 f5b9be7814
Land #5468, @wchen-r7's updates razorsql to use the new creds api 
* Also fixes #5469
 2015-06-16 17:51:18 -05:00
jvazquez-r7 eb39eaac1d
Add support to decryption v2 2015-06-15 23:28:10 -05:00
wchen-r7 89d03a1472 Symbol to String 2015-06-12 15:02:36 -05:00
wchen-r7 20170bd630 Report as hash 2015-06-12 13:55:32 -05:00
David Maloney bb56f6043e
explicitly use windows\temp 
instead of using the user temp directory
trying to get around some intermittant permissions
issues

MSP-12358
 2015-06-08 13:17:18 -05:00
David Maloney 2a474c8375
Merge branch 'master' into feature/MSP-12358/ntds-dump-module 2015-06-08 11:42:03 -05:00
jvazquez-r7 a39539f8ef
Land #5457, @wchen-r7 updates spark_im to use the new cred API 2015-06-07 20:45:42 -05:00
HD Moore 25aa96cfc1
Land #5456, removes obsolete comment 2015-06-07 14:25:23 -05:00
jvazquez-r7 dca2607d54
Land #5452, @wchen-r7 Update tortoisesvn to use the new cred API 2015-06-06 01:35:40 -05:00
jvazquez-r7 bf35b9bdf4
Minor fix 2015-06-06 01:35:09 -05:00
root d4f418fe3f Style corrections 
See #5480
 2015-06-04 15:52:07 -05:00
wchen-r7 656f64d9bd Update razorsql to use the new cred API 2015-06-03 13:49:06 -05:00
wchen-r7 b038760be7 Update razer_synapse to use the new cred API 2015-06-03 01:44:20 -05:00
wchen-r7 ef0d6490da Update smartermail to use the new cred API 2015-06-03 00:48:52 -05:00
wchen-r7 c64f025c4e Add module_fullname: fullname 2015-06-02 12:35:06 -05:00
wchen-r7 63708f2bba Add module_fullname: fullname 2015-06-02 12:27:35 -05:00
wchen-r7 28556ea6e2 Update spark_im to use the new cred API 2015-06-02 12:16:07 -05:00
wchen-r7 aac2db826f Remove comment about report_auth_info 
This module isn't using report_auth_info, so this comment is no
longer needed.
 2015-06-02 10:24:55 -05:00
wchen-r7 1ae9265fb9 Update tortoisesvn to use the new cred API 2015-06-02 00:52:43 -05:00
wchen-r7 c3e15059a7 Update total_commander to use the new cred API 2015-06-01 21:17:58 -05:00
Brent Cook 79db696c15 fix EOL character 2015-05-18 15:46:55 -05:00
Donny Maasland (Fox-IT) e1eed6e9d9 single quotes and slashes.. 2015-05-18 16:33:57 +02:00
Donny Maasland (Fox-IT) 7d65095472 fix quotes 2015-05-18 12:20:42 +02:00
Donny Maasland (Fox-IT) 30f7c651c9 use REGISTRY_VIEW_32_BIT 2015-05-18 10:19:32 +02:00
David Maloney fd1a24d6f9
some more minor cleanup noise 
apparently we standardized on using get_env
instead of expand_path in these cases. Not sure
on the effective difference here but no big deal

MSP-12358
 2015-05-15 13:33:48 -05:00
David Maloney 631dfc0a0e
increase timeout on ntdsutil 
default timeout is 15 seconds. we'll give it 90
seconds for now. This may still be too short for
really really large domains, but too long of a timeout
can create other issues

MSP-12358
 2015-05-15 11:19:35 -05:00
David Maloney a3d91dff0b
clean up ntds.dit file when done 
delete the ntds.dit file we copied when
we are done

MSP-12358
 2015-05-15 11:13:19 -05:00
David Maloney ac04b8d1e7
a little bit of cleanup 
constantise some of the magic numbers in
the NTDS Account class

MSP-12358
 2015-05-15 10:47:31 -05:00
Donny Maasland (Fox-IT) 2721be946a also check Wow6432Node keys 2015-05-15 14:28:12 +02:00
David Maloney 724b7c6f16
save the ntlm hases as creds 
the last step is now complete. the current and historical
hashes are all saved to the database for cracking and/or
replay

MSP-12358
 2015-05-14 13:52:11 -05:00
David Maloney 0e666d5732
gaurd against arch mismatch 
this will not work from an x86 proc
on an x64 machine, so guard against that.

MSP-12358
 2015-05-13 15:28:11 -05:00
David Maloney 9308da7956
2003 code path working 
using VSS directly on server 2003 and repairing
the database with esentutl is now working

MSP-12358
 2015-05-13 12:25:44 -05:00
David Maloney 21004046c1
begin parsing of the database 
clean up and begin aprsing the database
after we have copied it

MSP-12358
 2015-05-11 14:48:12 -05:00
David Maloney 3c9c578a3d
ntdsutil method in place 
ntdsutil method built out to make a copy
of ntds.dit on later version of Winbdows Server

MSP-12358
 2015-05-04 15:35:36 -05:00
David Maloney e0c64038a7
start new ddomain hashdump post module 
module checks for all preconditions so far
including that Domain Services are running,
that we are Admin, that we have bypassed uac
and that it is a supported version of windows.

MSP-12358
 2015-05-04 15:07:27 -05:00
jvazquez-r7 4224008709
Delete print_debug/vprint_debug 2015-04-21 11:14:03 -05:00
wchen-r7 a3b0f2e424
Land #5175, Update mcafee_vse_hashdump description 2015-04-20 21:49:24 -05:00
karllll e3ce4eb88e Update mcafee_vse_hashdump.rb 2015-04-17 09:47:02 -04:00
karllll cb2e8f4949 Update mcafee_vse_hashdump description 
The description of this module has been added upon to include cracking details.
 2015-04-16 16:09:43 -04:00
Christian Mehlmauer ba6548db75
be consistent about naming 2015-04-16 21:44:56 +02:00
Jon Cave 7aceb9218e Use bitwise OR to select both primary and backup DCs 
SV_TYPE_DOMAIN_CTRL || SV_TYPE_DOMAIN_BAKCTRL returns
SV_TYPE_DOMAIN_CTRL rather than ORing the bits together.
 2015-04-05 11:05:42 +01:00
Tod Beardsley 6d5bcb93a8
Normalize the SecurityXploded Team credits 
[See #5012]
 2015-04-02 15:15:37 -05:00
Tod Beardsley d1318d1b48
Fixups for release 2015-03-31 11:02:12 -05:00
Meatballs c430e5fab1
@m7x forgot to put a reference in 2015-03-29 02:13:31 +01:00
Meatballs 99f79e8533 Use incognito token stealing rather than process migration if we have 
the privileges required for successful impersonation.
 2015-03-28 20:31:35 +00:00
Meatballs f83f4ae764 Move hashdump to gather 2015-03-28 20:31:35 +00:00
Felix Wehnert 2a525958bd fixed typo 
Does no one tested this script on x64 yet ?
 2015-03-16 20:15:26 +01:00
Sven Vetsch 4d3a1a2f71 fix all duplicated keys in modules 2015-03-14 13:10:42 +01:00
Jon Hart e7c21f3205
Land #4503, @m7x's post module for extracting McAfee VSE hashes 2015-01-21 20:44:41 -08:00
Jon Hart 9cc58a8d69
Lastly, rename the file so that it is specific to McAfee VSE 2015-01-21 20:44:34 -08:00
Jon Hart 683a541064
Tighten up prints to make it specific to VSE, not McAfee in general 2015-01-21 20:33:54 -08:00
Jon Hart 52be3d80b7
Minor ruby style cleanup 2015-01-21 20:27:38 -08:00
Jon Hart ceed293969
Remove unnecessary requires 2015-01-21 20:23:03 -08:00
root 3a5d6b4717 Store password hash as loot 2015-01-17 14:17:41 +00:00