b320679d1f
Exception message fix for gpp
2012-06-23 12:56:12 -05:00
5497d091fc
fix gpp attribution and description
2012-06-23 12:45:56 -05:00
534008b010
Major rework of the gpp module
...
Took the combination work Meatballs did
on pulling togetehr the three seperate gpp modules.
Cleaned it up and cut it down to a smaller, smoother form.
2012-06-23 12:42:33 -05:00
322e0766a1
Armitage 06.23.12
2012-06-23 13:03:55 -04:00
3e974415d9
Give some verbose feedback if connection failed
2012-06-23 00:58:27 -06:00
b891e868f5
Added actionscript and swf needed
2012-06-23 08:36:35 +02:00
d7d314862f
Need the trigger to actually make it work, duh!
2012-06-22 23:16:12 -05:00
6913440d67
More progress on syscall wrappers
...
Something is still broken, my socket() is returning EAFNOSUPPORT whereas
what looks like the same syscall in wunderbar_emporium's exploit.c is
returning a socket. Similarly, my __mmap2() is returning EFAULT when
trying to map anything, not just NULL.
2012-06-22 17:45:49 -06:00
d708f2526c
Adding ref for APSB12-09 to new Flash sploit
2012-06-22 17:30:52 -05:00
72ef8c91f0
module for CVE-2012-0779 added
2012-06-23 00:21:18 +02:00
26d99c6e41
Added more detail to description and stop execution if no DCs are enumerated.
2012-06-22 22:36:52 +01:00
dfe0e10dc6
Adding kernelsmith's -a datastore opt
...
Works well enough on its own. Note that you cannot mix -g and -a since
set doesn't actually parse out dash options in a OptParse sort of way.
That said, setg -a seems to work well. This mixing options business
will need to be addressed soon, but that day is not today.
[Closes #514 ]
2012-06-22 16:01:38 -05:00
6a80b21124
Final tidyup
2012-06-22 19:12:42 +01:00
27b884ca87
Fixed drives userName match
2012-06-22 18:47:44 +01:00
90eaceef70
Fixed enum_domains exception when domains found = 0
2012-06-22 18:45:56 +01:00
141195a5ae
Adjusted attribute strings to match MSDN cases
2012-06-22 18:33:54 +01:00
3519aff146
Added protection for division by 0 in the enum_domain code
2012-06-22 18:20:45 +01:00
0d4feb9fce
Various fixed suggested by trolldbois
2012-06-22 18:11:15 +01:00
ca2c401cac
Modified username to userName in XML parsing
2012-06-22 17:46:19 +01:00
19a37c28b8
Fixed and added paths for user preferences
2012-06-22 17:21:32 +01:00
506a91f7a8
Changed runas to runAs for scheduled tasks
2012-06-22 16:04:17 +01:00
91cad8ee77
Fixed printer path
2012-06-22 14:41:51 +01:00
7a4bd26132
Fixed msftidy eol
2012-06-22 14:36:29 +01:00
b2cb5c1c8e
Included other policy files for enumeration
2012-06-22 14:31:54 +01:00
315a1707e7
also new version v2.07.16 is vulnerable
2012-06-22 13:18:45 +02:00
15a020dbda
Clear EOL chars
2012-06-22 11:36:27 +01:00
391a92ccfd
More verbose and specific exception handling
2012-06-22 11:27:06 +01:00
0ed49998e2
Allowed to run as SYSTEM
2012-06-22 11:17:24 +01:00
2a3cd6e343
References
2012-06-22 11:14:19 +01:00
9da2dd816c
Fixed changed time to point to parent node
2012-06-22 11:03:34 +01:00
1bcf241ec0
adds the -a (append) option to the console 'set' command
...
if RHOST is currently 192.168.20.1
set -a RHOST 5
appends 5 to RHOST making it 192.168.20.15
2012-06-22 01:23:54 -05:00
fd8b1636b9
Add the first bits of a sock_sendpage exploit
...
This can currently build an executable that creates a socket, opens a
temporary file, truncates that file with ftruncate(2) and calls
sendfile. Still needs to mmap NULL and figure out ring0 shellcode.
Baby steps.
2012-06-22 00:03:29 -06:00
a648c24b4e
Move builds to VC10
2012-06-21 23:51:46 -05:00
c5e9e5d374
Add Windows 8 / Server 2012 support to sysinfo
2012-06-21 23:50:29 -05:00
815d80a2cc
Merge branch 'rapid7' into omg-post-exploits
2012-06-21 17:02:55 -06:00
572fb4cb0c
Permissions fix
2012-06-21 15:39:17 -05:00
e0966d5a3a
Incorporated trolldbois comments about SYSTEM and changed date
2012-06-21 19:20:34 +01:00
6768549c6d
Fixed msftidy error
2012-06-21 18:46:20 +01:00
5e64c2fb2e
Will only enumerate one DC for each domain using the DOMAINS arg
2012-06-21 18:28:06 +01:00
2729f33ff2
Merge Justin's TortoiseSVN module
...
This adds Justin's TortoiseSVN module with minor edits.
[Closes #508 ]
2012-06-21 11:56:08 -05:00
504d3d477e
Resolve http_proxy_host before reporting, too.
2012-06-21 11:55:13 -05:00
c795c2e438
Resolve hosts for tortoisesvn module reporting
...
report_host() does not expect a DNS name, but an IPv4 or IPv6 address.
In many cases, an SVN password is going to be associated with only a
hostname.
This may be a bug in report_host -- it's certainly inconveninent.
However, we don't usually wnat report_host to be making tons of DNS
lookups when importing hosts, so this forced step is likely intended.
Also, begin/rescue/end blocks that don't hint at what errors are
intended to be caught are rarely a good idea, so this at least informs
the user which exception was raised.
2012-06-21 11:47:37 -05:00
9b943bc763
Removed redundant file
2012-06-21 17:29:52 +01:00
82318f0dac
Merge branch 'post_win_gather_creds_gpp_pass' of github:Meatballs1/metasploit-framework into post_win_gather_creds_gpp_pass
2012-06-21 17:27:45 +01:00
81411374bc
Removed old file
2012-06-21 17:23:14 +01:00
56a8dda739
Reworking of module to incorporate all contributions
2012-06-21 17:23:13 +01:00
bb60eacde7
Added store_loot
2012-06-21 17:23:12 +01:00
be255d53c0
Initial post/windows/gather/credentials Windows Group Policy Preferences Passwords
2012-06-21 17:23:12 +01:00
4004b544c0
The condition for "else" doesn't really do anything for us
2012-06-21 02:53:44 -05:00
9d52ecfbb6
Fix a few mistakes (typos & reference)
2012-06-21 02:32:04 -05:00
David Maloney
Raphael Mudge
James Lee
jvazquez-r7
sinn3r
Tod Beardsley
Meatballs1
Meatballs1
m-1-k-3
kernelsmith
HD Moore