Stuart Morgan
cc3ac3ad95
Removed trailing line spaces
2015-12-16 22:28:27 +00:00
Stuart Morgan
58635be237
Try to unpack the SID from hex to normal cut/paste format. Its a mess.
2015-12-16 22:27:52 +00:00
Stuart Morgan
421a29d998
Added the trust types from MSDN
2015-12-16 22:18:28 +00:00
Stuart Morgan
fbe0cfde8f
Fixed URL for trustDirection reference
2015-12-16 22:16:33 +00:00
Stuart Morgan
fd8405f52d
added trustDirection
2015-12-16 22:15:10 +00:00
Stuart Morgan
4da8859e57
added trustAttributes
2015-12-16 22:13:00 +00:00
Stuart Morgan
207a964117
Loop through results
2015-12-16 21:52:30 +00:00
Stuart Morgan
087a01f27f
Templated table
2015-12-16 21:40:49 +00:00
Stuart Morgan
fdf1a8c235
Updated with the LDAP fields to retrieve
2015-12-16 21:39:33 +00:00
Stuart Morgan
ed4cf71ca8
Initial add (templated from Ben's bitlocker module)
2015-12-16 21:26:02 +00:00
Stuart Morgan
c9c1dd22ee
Added custom LDAP filter to ad_groups and ad_users to save having to use meterpreter's adsi interface
2015-12-16 10:38:38 +00:00
Stuart Morgan
2c29298485
undoing this, put in a separate module
2015-12-15 23:16:21 +00:00
Stuart Morgan
5dd8cb7648
proper type conversions
2015-12-15 23:13:02 +00:00
Stuart Morgan
fef9a84548
rubocop
2015-12-15 23:12:14 +00:00
Stuart Morgan
a2b30ff16e
msftidy
2015-12-15 23:11:40 +00:00
Stuart Morgan
281966023c
Final version
2015-12-15 23:10:06 +00:00
Stuart Morgan
7fa453b7ff
Added module
2015-12-15 22:31:00 +00:00
Stuart Morgan
059de62400
Editing an existing module rather than adding a new one
2015-12-15 21:36:39 +00:00
Stuart Morgan
4a66b487de
Based on putty enum module
2015-12-15 21:28:13 +00:00
William Vu
b085989923
Land #6266 , rsync creds scraper
2015-12-14 11:37:30 -06:00
Jon Hart
39da306b1d
Land #6057 , @danilbaz's module for dumping Bitlocker master key (FVEK)
2015-12-08 18:16:39 -08:00
Jon Hart
ed8076f361
Merge branch 'master' into pr/6197
2015-12-08 12:08:15 -08:00
Jon Hart
2177b979fd
Update SessionTypes command to describe why shell is not listed
2015-12-08 12:06:47 -08:00
Jon Hart
3890961155
Correct SEP client exclusion enumeration
2015-12-08 10:16:25 -08:00
BAZIN-HSC
be5f648969
manage-bde.exe path test if in System32 or sysnative
2015-12-08 16:14:13 +01:00
William Vu
db788d1b7c
Land #6238 , CmdStager BOURNE_{PATH,FILE} options
2015-12-07 12:34:42 -06:00
Jon Hart
f6417df9ba
Update enum_av_excluded to work properly under wow64
2015-12-04 17:13:43 -08:00
Jon Hart
ad60a4118e
Put admin and client exclusions in different tables
2015-12-04 13:01:28 -08:00
Jon Hart
c92365090f
Simpler
2015-12-04 12:38:25 -08:00
Jon Hart
e7d2eb6ad9
Wire in support for showing process and file extension exclusions
2015-12-04 12:35:42 -08:00
Jon Hart
78a303974f
Handle empty exclusions better
2015-12-04 12:19:17 -08:00
Jon Hart
81ee01a93e
Simplify exclusion extraction and printing
2015-12-04 11:42:03 -08:00
Jon Hart
1968a76863
Simplify AV enumeration code
2015-12-04 10:27:14 -08:00
Christian Mehlmauer
fc9d818837
change youtube url
2015-12-04 10:15:56 +01:00
Martin Vigo
b4ade1989a
Add IE support for stored passwords
2015-12-04 00:13:42 -08:00
Jon Hart
28ee056c32
Make enumeration of each individual AV optional
2015-12-03 16:07:49 -08:00
Jon Hart
c007fffbce
Style cleanup
2015-12-03 15:55:12 -08:00
Rory McNamara
15dd18dc4b
use single quotes, remove explicit nil
2015-12-02 09:36:07 +00:00
Jon Hart
366b92a79e
Store rsync creds as creds, not loot
2015-12-01 15:30:39 -08:00
Andrew Smith
59bd88ff70
msftidy
2015-11-27 16:45:52 -05:00
Andrew Smith
9c016343c7
Update to logic and reliability
...
Included support for Windows Defender
Rewrote logic to support hosts with multiple AV products installed
2015-11-27 16:41:40 -05:00
Martin Vigo
9d747e67a3
Fix bugs in new Firefox creds storage
2015-11-25 21:28:07 -08:00
Jon Hart
a692a5d36c
Remove Platform, this should work everywhere; correct grammar
2015-11-25 11:23:18 -08:00
Louis Sato
55b3e10390
Land #6258 , smart_migrate enhancement
2015-11-24 11:30:29 -06:00
William Vu
16e6ced867
Land #6108 , OpenVPN creds scraper
2015-11-23 14:25:19 -06:00
William Vu
601d4fda9f
Add note about --auth-nocache
2015-11-23 14:24:26 -06:00
Jon Hart
718e928fe3
Control per-user config file
2015-11-23 11:11:03 -08:00
Louis Sato
493e476a43
Land #6243 , check nil for sock.read
2015-11-23 11:15:51 -06:00
Jon Hart
93bb31dfa0
Make path to rsyncd configuration file configurable
2015-11-21 19:50:33 -08:00
Martin Vigo
f34c7a8594
Support for new Firefox method to store credentials
2015-11-20 23:42:59 -08:00
Jon Hart
aa962f30a9
Minor style/usability cleanup
2015-11-20 13:51:31 -08:00
Jon Hart
a96102c20a
Minor cleanup
2015-11-20 13:19:38 -08:00
Jon Hart
c75e3c8e84
Initial commit of a post module for looting rsync credentials
2015-11-20 12:57:33 -08:00
BAZIN-HSC
5592e4e4ea
seek_relative suppression (use seek instead)
2015-11-20 18:30:51 +01:00
BAZIN-HSC
dd027982ae
if recovery_key specified, only method that is tried
2015-11-20 18:30:50 +01:00
BAZIN-HSC
f49d6905a6
Fix comments by @jhart-r7
2015-11-20 18:30:50 +01:00
BAZIN-HSC
8f135c07aa
Remove hard coded C:\Windows and use %SYSTEMROOT%
2015-11-20 18:30:49 +01:00
BAZIN-HSC
7d9d74f609
msftidy...
2015-11-20 18:30:49 +01:00
BAZIN-HSC
c8847182d7
Add module to dump Bitlocker master key (FVEK)
2015-11-20 18:30:48 +01:00
sammbertram
f1675f9ae4
Minor enhancement to smart_migrate
...
Adding a check to see if the user is currently already migrated to the "explorer.exe" and "winlogon.exe" processes prior to attempting migration.
2015-11-19 13:30:12 +00:00
Rory McNamara
811167442c
Re-disable debugging nodelete
2015-11-17 13:10:03 +00:00
Roberto Soares
ac99f9c229
Fix condition
2015-11-17 00:52:42 -02:00
Roberto Soares
f69e7c0fb3
Fix condition
2015-11-17 00:49:04 -02:00
Roberto Soares
a48d0b275b
Added check if the commands executed successfully.
2015-11-17 00:07:31 -02:00
wchen-r7
f6fdabfd77
Land #6239 , added Session info display to module output
...
MS-706
2015-11-16 18:10:58 -06:00
wchen-r7
17a1f2ee8a
Fix #6242 , Check nil for sock.read
...
Fix #6242
2015-11-16 14:24:46 -06:00
David Maloney
a1ab8f1dc7
added Session info display to module output
...
output from the mssql_local_auth_bypass module
is now prefixed with the Session id and address
of the target host so it is explicitly clear
where it is performing each action
MS-706
2015-11-16 12:13:26 -06:00
PsychoMario
2b99969f9a
quote paths to allow spaces
2015-11-15 00:14:30 +00:00
PsychoMario
e3f25fd6e2
Add support for specifying path, file in bourne dropper
2015-11-14 18:31:11 +00:00
Jon Hart
38ca943219
Remove unneeded width arg
2015-11-13 11:49:50 -08:00
Jon Hart
4604f8cd83
Move cowsay to Rex::Text so that everyone can enjoy it ;)
2015-11-13 08:57:48 -08:00
Martin Vigo
211da2746e
Support cookie auth key decryption
2015-11-11 16:26:07 -08:00
Jon Hart
15cfa925c8
Document the cloud mess
2015-11-11 12:06:53 -08:00
Jon Hart
a328675f77
Add simulated cowsay support to wall
2015-11-11 11:54:46 -08:00
Jon Hart
8d21a91f3e
Add initial wall module
2015-11-11 09:15:32 -08:00
Jon Hart
8f86b2519f
Resolve 'duplicate key warning' for some modules
2015-11-09 18:40:32 -08:00
Jon Hart
43229c16e7
Correct some authors with unbalanced angle brackets
2015-11-06 13:24:58 -08:00
Andrew Smith
c44ecfeb15
Spacing
2015-11-06 10:55:29 -05:00
jakxx
e4d8909815
Initial Commit
2015-11-05 20:43:30 -05:00
jvazquez-r7
20679ea6c6
Land #5720 , @g0tmi1k's changes to firefox_creds post module
2015-11-05 15:36:08 -06:00
Martin Vigo
b0f92b49a2
Print vault passwords
2015-11-01 21:47:00 -08:00
wchen-r7
95920b7ff6
Bring back more working links
2015-10-29 15:57:16 -05:00
wchen-r7
154fb585f4
Remove bad references (dead links)
...
These links are no longer available. They are dead links.
2015-10-27 12:41:32 -05:00
Martin Vigo
e67065a7e9
Fix Firefox/Opera bugs
2015-10-26 22:40:47 -07:00
Martin Vigo
da9420a915
Retrieve randkey from LastPass
2015-10-26 19:17:09 -07:00
Roberto Soares
0bce90654f
Changed path to save dump data
2015-10-22 15:11:55 -02:00
Roberto Soares
467ae52ec3
Remove redundant check
2015-10-21 13:12:45 -02:00
Brent Cook
0784370b98
more typo and whitespace fixes
2015-10-20 13:09:17 -05:00
Rob Fuller
2f1406e1c8
fix typo
...
not sure how this got in there
2015-10-20 13:48:00 -04:00
Roberto Soares
78d5e52dd6
Add OpenVPN Grab Credentials - Post Module
2015-10-19 23:11:02 -02:00
Brent Cook
20366993e3
Land #5937 , use the Android mixin to get the Android version
2015-10-16 14:23:27 -05:00
jvazquez-r7
c967b60bf8
Land #5948 , @bcook-r7's fix shell_to_meterpreter from powershell
2015-10-02 15:59:43 -05:00
jvazquez-r7
6468eb51b2
Do changes to have into account powershell sesions are not cmd sessions
2015-10-02 15:26:42 -05:00
Brent Cook
d551f421f8
Land #5799 , refactor WinSCP module and library code to be more useful and flexible
2015-10-01 14:35:10 -05:00
William Vu
2e2d27d53a
Land #5935 , final creds refactor
2015-10-01 00:25:14 -05:00
William Vu
8866b15f3b
Fix creds reporting
2015-10-01 00:24:43 -05:00
Brent Cook
f3451eef75
Land #5380 , pageantjacker, an SSH agent proxy
2015-09-26 10:52:44 -04:00
Stuart
853d822992
Merge pull request #1 from bcook-r7/land-5380-pageantjacker
...
update pageantjacker to run as part of extapi
2015-09-23 09:45:53 +01:00
jvazquez-r7
415fa3a244
Fix #5968 , some modules not handling Rex::Post::Meterpreter::RequestError exceptions
...
* Related to the usage of ADSI on unsupported OSes
2015-09-21 14:33:00 -05:00
Stuart Morgan
cdd39f52b1
Merge branch 'master' of https://github.com/rapid7/metasploit-framework into pageant_extension
2015-09-21 14:34:56 +02:00
Stuart Morgan
e8e4f66aaa
Merge branch 'master' of ssh://github.com/stufus/metasploit-framework into pageant_extension
2015-09-21 14:34:38 +02:00
Brent Cook
61e7e1d094
update pageantjacker to run as part of extapi
2015-09-20 20:25:00 -05:00
William Vu
5f9f66cc1f
Fix nil bug in SSO gather module
2015-09-11 02:21:01 -05:00
William Vu
a1a7471154
Land #5949 , is_root? for remove_lock_root
2015-09-11 02:09:14 -05:00
wchen-r7
e9e4b60102
move require 'msf/core/post/android' to post.rb
2015-09-11 01:58:12 -05:00
wchen-r7
f2ccca97e0
Move require 'msf/core/post/android' to post.rb
2015-09-11 01:56:21 -05:00
wchen-r7
90ef9c11c9
Support meterpreter for OS X post modules
2015-09-10 15:57:43 -05:00
jvazquez-r7
30cb93b4df
Land #5940 , @hmoore-r7's fixes for busybox post modules
2015-09-08 15:12:23 -05:00
wchen-r7
122d57fc20
Land #5945 , Add auto-accept to osx/enum_keychain
2015-09-08 10:56:08 -05:00
wchen-r7
13afbc4eae
Properly check root for remove_lock_root (android post module)
...
This uses the Msf::Post::Android::Priv mixin.
2015-09-08 10:40:08 -05:00
joev
1b320bae6a
Add auto-accept to osx/enum_keychain.
2015-09-07 21:17:49 -05:00
HD Moore
ec5cbc842e
Cosmetic cleanups
2015-09-05 22:56:11 -05:00
HD Moore
8c0b0ad377
Fix up jailbreak commands & regex for success detection
2015-09-05 22:54:07 -05:00
wchen-r7
da0752e8c2
use fail_with
2015-09-04 15:12:05 -05:00
wchen-r7
7ab506dc06
Use Msf::Post::Android::System#get_build_prop to get the android ver
...
Instead of grabbing the android version from the module, this
is done by the mixin.
2015-09-04 15:05:45 -05:00
jvazquez-r7
eaf51a2113
Land #5722 , @vallejocc's busybox work
2015-09-04 13:36:44 -05:00
jvazquez-r7
5dd0cee36a
Add comment
2015-09-04 13:30:00 -05:00
jvazquez-r7
8bfa5bcd09
Do some more minor code cleaning
2015-09-04 13:08:27 -05:00
jvazquez-r7
ac49c80367
Do minor code cleanup
2015-09-04 12:46:21 -05:00
jvazquez-r7
60d2856444
Use id instead of whoami
2015-09-04 12:02:21 -05:00
jvazquez-r7
4fa58efaa0
Allow to configure the DOWNLOAD_TIMEOUT
2015-09-04 11:54:22 -05:00
jvicente
2b2dec3531
Fixed typo direcotry.
2015-09-04 18:52:55 +02:00
jvazquez-r7
319bc2d750
Use downcase
2015-09-04 11:18:09 -05:00
wchen-r7
d55757350d
Use the latest credential API, no more report_auth_info
2015-09-04 03:04:14 -05:00
HD Moore
f0ef035a0b
Update the module titles to clarify what these do
2015-09-03 12:53:25 -05:00
HD Moore
630057e23f
Implement suggestions from the PR discussion
2015-09-03 12:42:51 -05:00
HD Moore
57c8038f07
Merge branch 'master' into land-5413
2015-09-03 12:38:19 -05:00
HD Moore
0f1530adc1
Merge branch 'master' into land-5412
2015-09-03 12:22:00 -05:00
jvazquez-r7
9c7f97d124
Fix methods name schema
2015-08-28 13:26:52 -05:00
jvazquez-r7
be7db10e7d
Fix busybox_write_file
2015-08-28 13:15:07 -05:00
jvazquez-r7
c4a3b4f18e
Add busy_box_file_exist?
2015-08-28 11:56:12 -05:00
jvazquez-r7
8faf6f9cd0
Fix require
2015-08-28 11:51:26 -05:00
jvazquez-r7
e62b117fda
Include mixin correctly
2015-08-28 11:50:17 -05:00
jvazquez-r7
132f5c6a20
Review jailbreak
2015-08-28 11:44:57 -05:00
jvazquez-r7
e7f486e43a
Review wget_exec
2015-08-28 11:24:41 -05:00
jvazquez-r7
edc9982c8b
Review smb_share_root
2015-08-28 11:18:49 -05:00
jvazquez-r7
c2639fc138
Review set_dns
2015-08-28 11:00:46 -05:00
jvazquez-r7
4523608bf7
Review set_dmz
2015-08-28 10:43:09 -05:00
Stuart Morgan
b59bc30160
Fixed stupid bracket error
2015-08-28 16:13:22 +01:00
jvazquez-r7
0e810aa8bc
Clean ping_net
2015-08-28 09:53:31 -05:00
Stuart Morgan
8bf815c4bb
rubocop
2015-08-28 15:39:02 +01:00
jvazquez-r7
42b342d615
Clean enum_hosts
2015-08-28 09:37:18 -05:00
jvazquez-r7
dfdb4fe044
Review enum_connections
2015-08-28 09:28:12 -05:00
jvazquez-r7
577656a78e
Change modules location
2015-08-28 09:17:23 -05:00
Stuart Morgan
b8b68983b0
Merge remote-tracking branch 'upstream/master' into adsi_group_enum_improvements
2015-08-28 15:11:27 +01:00
Stuart Morgan
f371a1c4fc
Added the ability to list AD groups by POST module
2015-08-28 15:10:48 +01:00
Stuart Morgan
8682ec77c5
Added group filtering to the enum_ad_users module
2015-08-28 15:10:27 +01:00
g0tmi1k
eb43241425
Firefox_creds more stable/bug fixs (Linux/OSX)
2015-08-27 11:43:53 +01:00
HD Moore
a2d5511e39
Land #5379 , new post modules to load into powershell sessions
2015-08-26 17:11:40 -05:00
Brent Cook
5633c1431f
Land #5821 , add explicit 64-bit pointer support to enum_cred_store
2015-08-24 09:44:36 -05:00
jvicente
b37efd29b0
Modified module busybox_pingnet.rb to avoid sending an ash script but executing each ping command separately. Added some fixes. Modified spec file for busybox.rb.
2015-08-23 12:17:17 +02:00
wchen-r7
fb2adb2e51
Check blank bullprop, also better instructions for the user.
2015-08-23 02:20:51 -05:00
wchen-r7
0f3e96b457
Merge branch 'upstream-master' into pr5416
2015-08-22 22:10:56 -05:00
HD Moore
d264802ce0
Consistency and API conformance changes to LES
2015-08-21 12:38:58 -05:00
wchen-r7
4a91dfdcf5
Land #5873 , report_note for local_exploit_suggester
2015-08-20 17:52:33 -05:00
Mo Sadek
b20a283617
Added report_note to suggester
2015-08-20 13:57:16 -05:00
jvicente
a9ad7b7c6f
Modifications to use cmd_exec instead of session.shell_write.
...
Refactoring of common functions to a new Post mixin /lib/msf/core/post/linux/busybox.rb.
2015-08-17 18:24:22 +02:00
jvazquez-r7
e7433b81bd
Reuse architecture check
2015-08-17 10:28:10 -05:00
Brent Cook
5dd015150c
Land #5748 , refactor google geolocate, add wlan_geolocate and send_sms to android meterpreter
2015-08-16 10:58:17 -05:00
benpturner
8800d89424
Updated to reflect HD's comments on indents and name of local script.
2015-08-16 10:47:20 +01:00
Brent Cook
9720e8e081
normalize osx to darwin so python meterp works
2015-08-15 19:49:55 -05:00
Brent Cook
422bba87d3
style fixes, moved google_geolocate to google/geolocate
2015-08-15 19:49:32 -05:00
Brent Cook
0a4651a553
Land #5359 , add PuTTY session enumeration module
2015-08-14 13:20:05 -05:00
Stuart Morgan
ee7c418ca8
Rubocop and msftidy-ied :-)
2015-08-14 17:19:07 +01:00
Stuart Morgan
02a58d459b
Merge remote-tracking branch 'upstream/master' into pageant_extension
2015-08-14 17:05:38 +01:00
Stuart Morgan
e2b6c11a3e
Update
2015-08-14 16:24:52 +01:00
Tod Beardsley
50041fad2a
Pre-Bloggery cleanup
...
Edited modules/auxiliary/gather/lansweeper_collector.rb first landed in
and minor description word choice changes.
Edited modules/auxiliary/server/browser_autopwn2.rb first landed in
options. Also removed from the description the missing options of
'WhiteList' and 'RealList' -- those don't appear to be available
according to `show options` and `show advanced`, @wchen-r7.
Edited modules/post/multi/recon/local_exploit_suggester.rb first landed
in #5823 , mv local_exploit_{suggestor,suggester} for minor description
cleanup and axing the description of the SHOWDESCRIPTION option (it's
already described identically on the option itself).
2015-08-13 12:33:04 -05:00
William Vu
80f415074b
Land #5823 , mv local_exploit_{suggestor,suggester}
2015-08-11 13:52:55 -05:00
Mo Sadek
7f0d992914
Fixed name typo
2015-08-11 11:51:52 -05:00
jvazquez-r7
76f6312fab
Fix #3916 Support 64 bits targets on enum_cred_store
2015-08-10 15:16:12 -05:00
jvicente
5ff61ca5f3
Added modules to jailbreak and control remotely BusyBox based devices. It was added to a word list with default credentials typically used by commercial routers.
2015-08-10 18:29:41 +02:00
Meatballs
c197e5224d
Store loot
2015-08-01 20:52:25 +01:00
Meatballs
deb6f5638e
Update WinSCP Gather
...
* Refactor parsing to common library to support command line tool
* Look in APPDATA not just ProgramFiles
* Iterate over user APPDATA
2015-08-01 20:44:14 +01:00
Brent Cook
affc86bfd9
Land #5779 , make cachedump / lsa_secrets work on 64-bit windows
2015-07-31 16:25:47 -05:00
wchen-r7
629afd86fc
Land #5788 , local exploit suggestor
...
Good luck getting Mr. Robot, Elliot.
2015-07-31 11:43:53 -05:00
wchen-r7
34279776a6
Minor edit
2015-07-30 18:40:41 -05:00
wchen-r7
fc4fdba482
Merge branch 'suggestor' of https://github.com/MSadek-r7/metasploit-framework into pr5788
2015-07-30 18:31:49 -05:00
wchen-r7
08338b73b2
Add get_target_arch and get_target_os
...
We cannot use session.platform to fingerprint the target's platform
and arch, because it's not really meant to be used that way.
2015-07-30 18:26:41 -05:00
Mo Sadek
af55ef7352
Added session.present?
2015-07-30 10:10:42 -05:00
Mo Sadek
7aa78dfd4e
Revamped os, platform, arch detection. Added count for exploits being tried
2015-07-30 09:36:02 -05:00
Mo Sadek
1521c8f87e
Reworded to no suggestions available
2015-07-29 17:40:27 -05:00
Mo Sadek
66489202fc
Added error message if no exploits are found
2015-07-29 17:31:23 -05:00
Mo Sadek
b58c6248fe
Fixed ShowDescription bug
2015-07-29 16:52:06 -05:00
Mo Sadek
2cddfda0a0
wchen-r7's fixes, fixed indentation, removed newlines, added desc.
2015-07-29 16:13:50 -05:00
Mo Sadek
c725f74d46
Add Local Exploit Suggestor
...
Resolve #5647
2015-07-29 13:19:51 -05:00
Tod Beardsley
a342a9db10
Another sticky keys ref, from @carnal0wnage
2015-07-29 12:32:38 -05:00
Tod Beardsley
8043e5a88e
Add a reference to the sticky keys exploit
2015-07-29 12:31:43 -05:00
Tod Beardsley
ee66cadde2
Don't use bullet points in descriptions
...
They never render correctly in anything other than a text editor.
modules/post/windows/manage/sticky_keys.rb first landed in #5760 ,
Sticky Keys post module
2015-07-29 12:29:09 -05:00
William Vu
ff9b975576
Land #5701 , @g0tmi1k's filezilla_server refactor
2015-07-29 11:13:22 -05:00
jvazquez-r7
e966545e08
Fix mask
2015-07-29 09:13:37 -05:00
g0tmi1k
38e952ba07
Python -> Ruby
2015-07-29 10:55:28 +01:00
Martin Vigo
a3365a9c7f
Add key, 2fa, iterations and otp support
2015-07-28 00:15:08 -07:00
jvazquez-r7
ab7ffb1a08
Fich cachedump
2015-07-27 17:26:53 -05:00
jvazquez-r7
704c8cadd9
Fix lsa_secrets
2015-07-27 16:19:01 -05:00
g0tmi1k
7c3e79f72d
Smarter way to download via meterpreter
...
...less chance of data crupterion
2015-07-27 19:49:06 +01:00
William Vu
4dd2c31b44
Land #5760 , Sticky Keys post module
2015-07-23 17:12:31 -05:00
William Vu
06ed7ba574
Add a comma
2015-07-23 17:12:17 -05:00
OJ
ebdbb179ce
Last of the style fixes
2015-07-24 08:09:25 +10:00
OJ
db7fadfc36
Fix indentation
2015-07-24 08:08:01 +10:00
OJ
616e1ddd68
Change enum to action, a couple of tidies
2015-07-24 08:01:58 +10:00
Samuel Huckins
a818dc4460
Land #5657 , misc fixes to domain_hashdump
2015-07-23 16:58:46 -05:00
OJ
e60f590f09
Add DisplaySwitch.exe support with WINDOWS+P
...
As per @mubix's request.
2015-07-24 07:20:31 +10:00
OJ
1dd765d6e6
Remove trailing spaces
2015-07-23 13:17:34 +10:00
OJ
0f2692f24f
Fix up silly mistake with `fail_with`
2015-07-23 13:14:35 +10:00
OJ
691b13ebd8
Add the sticky_keys module
2015-07-23 12:53:47 +10:00
James Lee
52e4f45ecd
Use the new thing in wlan_geolocate
2015-07-20 20:24:07 -05:00
James Lee
d6e12d431f
Style and whitespace
2015-07-20 19:40:25 -05:00
wchen-r7
425a9dc266
credit OJ
2015-07-17 13:47:17 -05:00
wchen-r7
663bcbe53b
Avoid checking these system process names
2015-07-17 13:46:02 -05:00
g0tmi1k
d5c57d9d6e
Use creds API
2015-07-16 16:05:59 +01:00
OJ
e1b1db9f88
Fix stupid typo
2015-07-16 23:03:49 +10:00
OJ
986463e489
Fix killav post module, handle errors, better output
2015-07-16 11:35:01 +10:00
Marc-Andre Meloche
2735c035b5
fixed issues as requested.
...
fixed.
2015-07-15 20:36:19 -04:00
Marc-Andre Meloche
579fb5fb1f
Fixed
...
Fixed
2015-07-15 20:09:42 -04:00
Marc-Andre Meloche
c762e9e8d6
Fixed as requested.
...
I added the possibility to read from file, instead of modifying the module each time.
2015-07-15 20:02:18 -04:00
Marc-Andre Meloche
7520bc9a8a
Exported Killav into a post-exploitation module
...
I was unsure if this was the place to send the update.
2015-07-15 14:04:37 -04:00
g0tmi1k
074ed20f1c
Fix Firefox_Creds
...
...isn't perfect.
2015-07-14 13:33:48 +01:00
g0tmi1k
d795b2f831
Module cleanup
2015-07-11 19:40:21 +01:00
g0tmi1k
14d0d456f4
Fix FileZilla perm loot bug
2015-07-11 19:11:59 +01:00
g0tmi1k
c92d0d9df6
Fix FileZilla Server
2015-07-11 18:14:55 +01:00
Spencer McIntyre
632bcda345
Land #5652 , improve LAPS filter to reduce empty results
2015-07-03 15:02:39 -04:00
David Maloney
e843db78dc
put rhost option back
...
it is needed for the wmic query that
creates the shadowcopy
MSP-12867
2015-07-02 14:46:40 -05:00
David Maloney
7b2b526ea1
deregister unwated options
...
deregister mixin options that we don't need
for this module
2015-07-02 14:33:21 -05:00
William Vu
8892cbdd10
Fix some minor things
2015-07-02 14:32:16 -05:00
David Maloney
cc51d1e8fd
use registry data for VSS grab
...
use the location data we got from the registry for copying
the NTDS.dit file correctly with the VSS method
2015-07-02 14:27:51 -05:00
David Maloney
89d283da09
check registry for ntds location
...
check the registry for the location of the ntds.dit
file
MSP-12867
2015-07-02 14:07:47 -05:00
Tod Beardsley
95f19e6f1f
Minor description edits for clarity
...
Edited modules/exploits/multi/browser/adobe_flash_nellymoser_bof.rb
first landed in #5642 , Adobe Flash CVE-2015-3113 Nellymoser Audio
Decoding BOF
Edited modules/post/windows/gather/credentials/enum_laps.rb first landed
in #5590 , @Meatballs1 adds MS LAPS Enum post mod
Edited modules/post/windows/gather/enum_ad_bitlocker.rb first landed in
Keys from AD
2015-07-02 13:51:37 -05:00
David Maloney
42daf4d38b
fix up ordering of pre-checks
...
i hate early returns, but we need to bail out early
if some of these checks fail
MSP-12867
2015-07-02 11:52:02 -05:00
Meatballs
8a3873d730
Tweak filter to reduce empty results
2015-07-02 09:53:08 +01:00
Spencer McIntyre
a37ac1b089
Land #5590 , @Meatballs1 adds MS LAPS Enum post mod
2015-07-01 21:19:15 -04:00
William Vu
399b3d2810
Land #5629 , moar cmd_exec refactoring
2015-07-01 00:36:19 -05:00
Martin Vigo
0e5e8032ad
Add Firefox 2FA support
2015-06-30 21:02:10 -07:00
Martin Vigo
5b0647a1f2
Add support to steal 2FA token
2015-06-29 22:20:38 -07:00
jvazquez-r7
656e6f5c73
Fix windows enum modules
2015-06-29 11:56:38 -05:00
jvazquez-r7
834c0e594a
Update multi modules
2015-06-29 11:36:28 -05:00
jvazquez-r7
ae172691f2
Update linux gather post modules
2015-06-29 10:21:13 -05:00
jvazquez-r7
2cbb107bba
Update enum_configs
2015-06-29 09:55:18 -05:00
jvazquez-r7
093f339f6b
Land #5268 , @Meatballs1's post windows module to retrieve Bitlocker Recovery Keys from AD
2015-06-26 17:07:36 -05:00
jvazquez-r7
600a296291
Do minor cleanup
2015-06-26 16:51:00 -05:00
jvazquez-r7
31b7ef49d6
Solve conficts
2015-06-26 11:36:17 -05:00
Meatballs
9c4a96761e
Small tidyup
2015-06-23 23:10:29 +01:00
Meatballs
4392b7c1de
Enum LAPS
2015-06-23 23:02:22 +01:00
Meatballs
221980820a
Committed wrong file
...
This reverts commit 76c2198ef0
.
2015-06-23 23:01:59 +01:00
Meatballs
76c2198ef0
LAPS enum
2015-06-23 22:56:53 +01:00
jvazquez-r7
f216841d01
Update enum_vbox
2015-06-22 17:54:17 -05:00
Brent Cook
e696d2f3dc
Merge branch 'master' into land-5348-ntds
2015-06-22 17:18:13 -05:00
jvazquez-r7
c20d2a1dd9
Update post/multi/gather/env
...
* Use cmd_exec
2015-06-22 16:20:46 -05:00
jvazquez-r7
a309d99da9
Fix enum_osx
...
* Use cmd_exec
2015-06-22 16:09:30 -05:00
jvazquez-r7
4475b7ec8e
Update enum_keychain
...
* Use cmd_exec
2015-06-22 14:30:46 -05:00
wchen-r7
5a548c3792
Land #5453 , Update dbvis_enum to use the new cred API
2015-06-19 11:35:07 -05:00