sinn3r
919d6daa41
Even if there's password, we should prolly keep the username
2012-12-26 21:14:26 -06:00
sinn3r
4ce1df2214
Change module title for consistency
2012-12-26 21:13:02 -06:00
sinn3r
da49f67079
Only show the password when exists
2012-12-26 21:10:52 -06:00
sinn3r
d3d595da95
Merge branch 'spark_im.rb' of git://github.com/zeknox/metasploit-framework into zeknox-spark_im.rb
2012-12-26 21:08:03 -06:00
Brandon McCann
6e520e7a2a
converted split into a scan
2012-12-26 21:06:48 -06:00
sinn3r
eb424195ca
Merge branch 'spark_im.rb' of git://github.com/zeknox/metasploit-framework into zeknox-spark_im.rb
2012-12-26 20:42:24 -06:00
Brandon McCann
e3c1d5a5c0
fixed config.close bug
2012-12-26 20:40:11 -06:00
sinn3r
17b41adfec
Merge branch 'spark_im.rb' of git://github.com/zeknox/metasploit-framework into zeknox-spark_im.rb
2012-12-26 20:35:46 -06:00
Brandon McCann
b71729bf5f
fixed multi stored creds issue
2012-12-26 20:32:41 -06:00
sinn3r
6ecaabc9cc
Merge branch 'spark_im.rb' of git://github.com/zeknox/metasploit-framework into zeknox-spark_im.rb
2012-12-26 20:08:34 -06:00
Brandon McCann
d70d2c4a19
typo
2012-12-26 19:54:35 -06:00
Brandon McCann
bcc651a1b2
modified password parsing, and utf encoding
2012-12-26 19:49:25 -06:00
sinn3r
c75f48b404
Merge branch 'spark_im.rb' of git://github.com/zeknox/metasploit-framework into zeknox-spark_im.rb
2012-12-26 18:58:34 -06:00
Brandon McCann
073565c001
modified port and sname in db logging
2012-12-26 18:33:10 -06:00
sinn3r
b483e76065
Merge branch 'spark_im.rb' of git://github.com/zeknox/metasploit-framework into zeknox-spark_im.rb
2012-12-26 18:03:24 -06:00
Brandon McCann
7147e7a09b
added spark_im post exploit module
2012-12-26 17:28:23 -06:00
sinn3r
d2e3e5defb
Merge branch 'jlee-r7-cleanup/post-windows-services'
2012-12-22 13:29:48 -06:00
sinn3r
ae4f434691
Handle RequestError
...
Some registry-retrieving functions will return nil when a
RequestError exception is raised, and that's the exception we
should be handling.
2012-12-22 13:10:44 -06:00
sinn3r
e423351de3
Merge branch 'darkoperator_checkvm_more_checks' of git://github.com/darkoperator/metasploit-framework into darkoperator-darkoperator_checkvm_more_checks
2012-12-22 12:40:33 -06:00
Carlos Perez
1ca85e2fff
fix indentation and EOL spaces
2012-12-22 10:42:43 -04:00
Carlos Perez
ddb9871577
refactor for use of registry mixin and will now create a note for the hypervisor
2012-12-22 10:27:54 -04:00
sinn3r
9b768a2c62
Merge branch 'cleanup/post-windows-services' of git://github.com/jlee-r7/metasploit-framework into jlee-r7-cleanup/post-windows-services
2012-12-21 23:42:17 -06:00
Carlos Perez
924f5283ae
Improvements to checkvm
...
- Added additional checks for Hyper-V
- Added additional checks for VMware
- Removed $Id$ and $Revision$ (Confirmed with Todb on it)
2012-12-21 22:11:57 -04:00
sinn3r
e9c00488fa
Return value does not need to be checked, says zeknox
2012-12-21 13:00:08 -06:00
Meatballs1
e8cf26390a
Msftidy
2012-12-20 16:34:10 +00:00
Meatballs1
761d83ac0c
Tidyup and user options
2012-12-20 16:29:21 +00:00
sinn3r
37524c7965
Make sure return vals are handled correctly.
2012-12-19 09:45:01 -06:00
Meatballs1
d91e566d54
Further refactoring
2012-12-19 09:06:58 +00:00
sinn3r
cfcd1ead54
Merge branch 'netlm_downgrade.rb' of git://github.com/zeknox/metasploit-framework into zeknox-netlm_downgrade.rb
2012-12-19 02:22:00 -06:00
sinn3r
592de9b39e
Something tells me charles wanna try 5 times, not 6 times.
2012-12-18 18:10:15 -06:00
sinn3r
ba242e1809
Merge branch 'master' of git://github.com/charles-n2netsec/metasploit-framework into charles-n2netsec-master
2012-12-18 18:01:28 -06:00
Meatballs1
378038afab
Merge remote-tracking branch 'upstream/master' into wldap32_railgun
2012-12-17 17:23:43 +00:00
Meatballs1
6a92bd609a
Tidying and refactoring
2012-12-17 15:29:04 +00:00
Meatballs1
b5fd3463d7
Initial working AD_LDAP lookup
2012-12-17 14:07:35 +00:00
Meatballs1
6dd6174221
Migrate enum_unattend to unattend parser lib
2012-12-13 10:58:05 +00:00
jvazquez-r7
3e81fb2002
last cleanup for steam.rb
2012-12-12 11:48:46 +01:00
jvazquez-r7
87f6b8bc89
Merge branch 'master' of https://github.com/nikolai-r/metasploit-framework into nikolai-r-master
2012-12-12 11:48:26 +01:00
Nikolai Rusakov
f642aa67f9
CLeanup redundant code.
2012-12-12 00:00:27 -05:00
Nikolai Rusakov
f7cf75063d
Cleanup and use Post::File api. Use store_loot for data collection
2012-12-11 23:41:50 -05:00
sinn3r
283d37f2e3
Correct naming style
...
In order to match naming style consistency
2012-12-11 01:12:29 -06:00
Nikolai Rusakov
462766a654
Added Steam client session collector post module
2012-12-08 19:11:57 -05:00
Brandon McCann
433532ddf4
fix OptAddress
2012-12-06 11:21:42 -06:00
Rob Fuller
5e9a5268cd
remove .inspect debug code
...
cosmetic change
2012-12-04 16:24:15 -05:00
Brandon McCann
65f9f8ec2e
fixed net use cmd
2012-12-02 23:43:35 -06:00
Brandon McCann
5be12c1ad3
add verbose output
2012-12-01 12:04:34 -06:00
Brandon McCann
e03ace17d9
typo
2012-12-01 11:57:51 -06:00
Brandon McCann
73b4a9d573
cleaned up rescue statements
2012-12-01 11:09:01 -06:00
Brandon McCann
501224f21f
setup() added
2012-12-01 11:03:11 -06:00
Brandon McCann
16c5879d08
error handling added
2012-12-01 09:09:33 -06:00
sinn3r
7ae8f5b338
Modify name a little
2012-11-30 12:11:06 -06:00
sinn3r
9db84a16fa
Change output
2012-11-30 12:06:21 -06:00
sinn3r
44022baefa
Fix bug: NoMethodError undefined method `empty?' for nil:NilClass
2012-11-30 12:02:32 -06:00
sinn3r
37367bbaa0
Mostly cosmetic changes
2012-11-30 12:01:47 -06:00
bcoles
0472d60c4a
Add FTP Explorer (FTPx) post->gather->credentials module
...
This module finds saved login credentials for the
FTP Explorer (FTPx) FTP client for Windows.
2012-11-30 15:09:14 +10:30
sinn3r
3ae8594f53
Fix typo
2012-11-29 10:17:44 -06:00
Charles Smith
2ccc3f9e71
Fixed mixed tabs that prevented build completion.
2012-11-29 08:43:51 -05:00
Charles Smith
4416f1c7ae
Fixed mixed tabs that prevented build completion.
2012-11-29 08:43:23 -05:00
HD Moore
93a69ea62e
Fix instances of invalid lower-case datastore use
2012-11-29 00:05:36 -06:00
Brandon McCann
d200332b76
removed local_admin_search_enum.rb
2012-11-28 22:11:08 -06:00
Brandon McCann
84fc320c30
added post exploit netlm_downgrade.rb
2012-11-28 22:01:47 -06:00
Charles Smith
ae6dbee42b
Fixed bugs with a few modules.
...
filezilla_server.rb would crash if there was no admin information found.
In smart_hashdump.rb I replicated the changes made in hashdump.rb to handle the race condition. (It works, but is still not as reliable as regular hashdump for XP boxes)
In migrate.rb the option PID is an integer, and the line "elseif datastore['PID']" was evaluating as true, even though PID was set to "". There was also a misspelling of datastore as "datstore" that I fixed.
2012-11-28 12:18:32 -05:00
jvazquez-r7
d130d38bad
Merge branch 'module-rpcapd-start' of https://github.com/bmerinofe/metasploit-framework into bmerinofe-module-rpcapd-start
2012-11-28 12:09:08 +01:00
Borja Merino
cdd9eb19cf
Licence Changed. Return added when RHOST is nil
2012-11-28 10:38:24 +01:00
Brandon McCann
e7a565b474
fixed store loot
2012-11-27 20:02:05 -06:00
Brandon McCann
16ce2c3f94
fixed catch statements
2012-11-27 06:22:50 -06:00
Brandon McCann
62be877f89
fixed run_cmd()
2012-11-27 05:49:19 -06:00
Brandon McCann
c70f1e3698
modified local_admin_search_enum.rb
2012-11-27 05:34:38 -06:00
sinn3r
e235aadcc0
Sometimes we might not be able to access a dir, be aware of that
2012-11-12 18:59:44 -06:00
sinn3r
862dd18b1c
Merge remote-tracking branch 'upstream/master' into enum_dirperms_default_path
...
Conflicts:
modules/post/windows/gather/enum_dirperms.rb
2012-11-12 18:54:47 -06:00
sinn3r
5270487d81
Add credit
2012-11-12 18:35:32 -06:00
sinn3r
be36083097
Make PATH optional, also correct a filtering bug
...
If the PATH option is not specified, the module will try to
enumerate from %PATH%. Also, this commit fixes a bug in the
filtering routine (basically the filtering routine didn't
really work).
2012-11-12 18:29:56 -06:00
sinn3r
222af8c91d
Fix NoMethodError when check_dir fails to enum the permission
...
See the following for more info:
http://dev.metasploit.com/redmine/issues/7452
2012-11-12 16:27:32 -06:00
David Maloney
208e706307
Module title fixes
2012-11-07 10:33:14 -06:00
James Lee
34bc92584b
Refactor WindowsServices
...
* Pulls common code up from several methods into #open_sc_manager
* Deprecates the name Windows::WindowsServices in favor of
Windows::Services. The platform is already clear from the namespace.
* Makes the post/test/services test module actually work
[See #1007 ]
[See #1012 ]
2012-11-06 17:30:04 -06:00
Tod Beardsley
b973927ab2
Msftidy on digi_addp_reboot and pgpass_creds
2012-11-05 16:19:38 -06:00
jvazquez-r7
9166d12179
Merge branch 'WinRM_piecemeal' of https://github.com/dmaloney-r7/metasploit-framework into dmaloney-r7-WinRM_piecemeal
2012-11-05 23:08:59 +01:00
Brandon McCann
98330390d6
added local_admin_search_enum.rb
2012-11-05 12:27:15 -06:00
sinn3r
42b285c7f6
Merge branch '403labs-post-pgpass_creds'
2012-11-02 01:16:37 -05:00
sinn3r
1a162d7dd9
Use Rex table, fix 1.8 syntax issues, format fixes
2012-11-02 01:15:47 -05:00
David Maloney
59f5d9bc5d
Man i'm rusty at writing for framework
...
Fixes up all sinn3r's findings so far
2012-11-01 08:37:21 -05:00
David Maloney
00b9fb3c90
Switc smart mgirate to post mod as it should be
2012-10-31 17:03:49 -05:00
Zach Grace
5c27c9c953
Added a print_good from the results of store_loot
2012-10-29 15:18:13 -05:00
Zach Grace
eda5e8a12f
Changed platform type from windows to win and fixed an indentation error.
2012-10-29 14:23:50 -05:00
sagishahar
8c46c59142
Add support to Windows 8
...
Verified with Windows 8 Enterprise Evaluation
2012-10-29 20:11:27 +02:00
Tod Beardsley
5c0fb2789f
Merge branch 'module-metasploit-pcaplog-privesc' into rapid7-master
2012-10-29 11:32:32 -05:00
Tod Beardsley
65e27ff38a
Warn about the potential to jack up /etc/passwd
...
This needs to be underlined. It's too easy to wang up /etc/passwd by
accident.
This closes PR #632
[Fixes #38593685 ]
2012-10-29 11:28:27 -05:00
Tod Beardsley
5e80e19a4e
Msftidy complaint about EOL spaces
2012-10-29 11:08:03 -05:00
Zach Grace
3746a3ef64
adding pgpass_creds post module
2012-10-25 21:30:54 -05:00
0a2940
2f0c2d76ea
remove load statements
2012-10-24 11:01:26 +02:00
0a2940
32ddd981eb
linux_kernel mixin not required
2012-10-24 10:58:09 +02:00
0a2940
6d5da1662b
Update modules/post/multi/escalate/metasploit_pcaplog.rb
...
Stance is now passive
2012-10-24 10:55:48 +02:00
Tod Beardsley
be9a954405
Merge remote branch 'jlee-r7/cleanup/post-requires'
2012-10-23 15:08:25 -05:00
Michael Schierl
910644400d
References EDB cleanup
...
All other types of references use String arguments, but approximately half
of the EDB references use Fixnums. Fix this by using Strings here too.
2012-10-23 21:02:09 +02:00
Michael Schierl
21f6127e29
Platform windows cleanup
...
Change all Platform 'windows' to 'win', as it internally is an alias
anyway and only causes unnecessary confusion to have two platform names
that mean the same.
2012-10-23 20:33:01 +02:00
James Lee
9c95c7992b
Require's for all the include's
2012-10-23 13:24:05 -05:00
sinn3r
33ce74fe8c
Merge branch 'msftidy-1' of git://github.com/schierlm/metasploit-framework into schierlm-msftidy-1
2012-10-23 02:10:56 -05:00
Tod Beardsley
a9def564e7
Add a missing post require
2012-10-22 17:18:14 -05:00
Rob Fuller
7437d9844b
standardizing author info
2012-10-22 17:01:58 -04:00
Michael Schierl
5b18a34ad4
References cleanup
...
Uppercase MSB, spaces in URLs.
2012-10-22 22:37:01 +02:00
Michael Schierl
e9f7873afc
Version cleanup
...
Remove all values that are neither 0 nor $Revision$.
2012-10-22 20:57:02 +02:00
Michael Schierl
e769abc868
Platform cleanup: platform should be lowercase
2012-10-22 20:14:39 +02:00
Michael Schierl
657d527f8d
DisclosureDate cleanup: Try parsing all dates
...
Fix all dates unparsable by `Date.strptime(value, '%b %d %Y')`
2012-10-22 20:04:21 +02:00
Michael Schierl
70ac7c8345
Author cleanup: fix unmatched angle brackets
2012-10-22 19:45:27 +02:00
sinn3r
469f04d3c4
Merge branch 'mubix-dns_postmods'
2012-10-22 02:04:46 -05:00
Rob Fuller
d5bb7b1e5b
Fix all-inclusive rescue on resolve_hostname as well
2012-10-22 02:32:51 -04:00
Rob Fuller
6a281b22c4
Fix all-inclusive rescue per @wchen-r7 suggestion
2012-10-22 02:22:56 -04:00
sinn3r
997d5b9a22
Merge branch 'post_enum_proxy' of git://github.com/mubix/metasploit-framework into mubix-post_enum_proxy
2012-10-22 00:45:06 -05:00
Rob Fuller
84d1c2315c
change to OptPath
2012-10-21 22:27:20 -04:00
Rob Fuller
5f99f27899
add proxy setting cloning module
2012-10-21 03:13:35 -04:00
Rob Fuller
86c73e92d4
Add ability to remotely start registry for read
2012-10-21 01:34:34 -04:00
Rob Fuller
431dc31eac
proxy parsing post module
2012-10-20 23:25:40 -04:00
Rob Fuller
a16e3704d8
fix HOSTFILE parsing issues
2012-10-20 18:10:51 -04:00
Rob Fuller
fedef90937
Add PTR lookups and extend A to support list in file
2012-10-20 11:32:23 -04:00
Tod Beardsley
cbce2c0fd5
Loop management, timeouts, and verbosity
...
Add a todo for cred recording. Allow the user to determine when to give
up. Changes while true to simply loop. Clear up some of the boolean
checks. Inform the user what's going on.
2012-10-17 17:30:30 -05:00
sinn3r
201518b66f
msftidy corrections
2012-10-17 17:22:26 -05:00
Tod Beardsley
adfced8d0e
Post require on gpg_creds
2012-10-15 06:58:35 -05:00
sinn3r
97ac7fa184
Merge branch 'module-wle-service-permissions' of git://github.com/zeroSteiner/metasploit-framework
2012-10-14 18:27:32 -05:00
sinn3r
7196ca5b5e
Fix bad indent
2012-10-12 18:35:05 -05:00
Raphael Mudge
7aa6776e4b
let's not rejoin threads we've already joined.
2012-10-12 17:12:42 -04:00
Raphael Mudge
694eacfc4b
performance fix for host discovery post modules
2012-10-12 16:43:42 -04:00
Spencer McIntyre
f5302bfc49
add deprication warning to the original module
2012-10-12 13:49:25 -04:00
sinn3r
b8e880bf82
Merge branch 'post-module-sdel' of https://github.com/bmerinofe/metasploit-framework into bmerinofe-post-module-sdel
2012-10-10 13:42:20 -05:00
Borja Merino
21d1a5857a
Adding Iterations options
2012-10-10 12:32:30 +02:00
Borja Merino
7b45ef6038
Applying changes. Blocks -Begin .. End- deleted
2012-10-09 21:52:49 +02:00
sinn3r
a60851e9d1
Merge branch 'mubix-bypassuac_localport'
2012-10-05 14:28:12 -05:00
jvazquez-r7
8b8bfec6b8
Merge branch 'gpg' of https://github.com/kholia/metasploit-framework into kholia-gpg
2012-10-05 09:23:54 +02:00
sinn3r
bcc56cb7cc
Merge branch 'bypassuac_localport' of https://github.com/mubix/metasploit-framework into mubix-bypassuac_localport
2012-10-05 01:05:30 -05:00
Rob Fuller
f3e94d2ee2
extend dep to 3 months and use print_error
2012-10-04 16:42:08 -04:00
Rob Fuller
cf8501775a
re-add bypassuac post mod w/ deprication warning
2012-10-04 16:31:20 -04:00
Rob Fuller
3f2fe8d5b4
port bypassuac from post module to local exploit
2012-10-04 14:31:23 -04:00
James Lee
dc9907da98
Fix load order issue with multi/gather/ssh_creds
...
Make sure Post::Unix exists before including
2012-10-04 11:19:14 -05:00
Dhiru Kholia
d63b5fb9e3
fixes: author format, remove meterpreter support, fix ltype
2012-10-04 21:29:00 +05:30
Dhiru Kholia
80bcf930e3
GnuPG Information Gather Module, tested against Linux
2012-10-02 17:46:57 +05:30
Borja Merino
8473aafdd5
added sdel post meterpreter module
2012-10-02 01:35:53 +02:00
jvazquez-r7
c5f863b0b9
minor fixes and msftidy compliant
2012-09-29 23:35:53 +02:00
Barry Shteiman
19675b3bea
changed report to be more verbose
2012-09-28 19:02:15 +01:00
Barry Shteiman
fa03eddbdc
extended identification technique
2012-09-28 16:44:03 +01:00
Barry Shteiman
ddb3f27035
added Tomacat Server Enumeration Module
2012-09-28 00:40:17 +01:00
Tod Beardsley
e7281e0085
Merge branch 'master' into module-enumdb
...
Fixing up the merge conflicts caused mostly by the CRLF's (fixed in the
parent commit to this one), and probably by failing to merge from
master on sectorix's side.
Conflicts:
modules/post/windows/gather/enum_db.rb
2012-09-26 08:42:24 -05:00
Tod Beardsley
5bd39536a2
Reformatting with Unix linefeeds.
...
For the curious, I like this procedure a lot, it's my new favorite:
http://vim.wikia.com/wiki/File_Format#Converting_the_current_file
2012-09-26 08:40:50 -05:00
Barry Shteiman
3efe9ac761
removed dev comments
2012-09-26 13:37:17 +01:00
Barry Shteiman
f51f4c1e6a
added support for oracle 11g XE
2012-09-26 13:28:16 +01:00
jvazquez-r7
93dd96d4d3
fixing variable name
2012-09-25 15:40:12 +02:00
sinn3r
6939df8d98
Support Spanish thx to Adrian Pulido
...
See redmine feature: #7006
2012-09-24 22:42:17 -05:00
sinn3r
4cd244693f
Tabs
2012-09-24 19:13:44 -05:00
jvazquez-r7
cb099d3431
fixing and cleanup for pull #802
2012-09-24 20:34:26 +02:00
James Lee
91bc573fe8
Remove debug print
2012-09-24 01:26:39 -05:00
Barry Shteiman
b1226ab87c
mysql search config + less verbose
2012-09-21 20:01:32 +01:00
David Maloney
f75ff8987c
updated all my authour refs to use an alias
2012-09-19 21:46:14 -05:00
0a2940
733f656b00
code style improvement - start counter at 0
2012-09-13 11:32:10 +02:00
0a2940
f48f77c0d7
compatibility improvement - backticks not $()
...
For the comments above, and the fact we're using backticks later in the line also (uniformity++)
2012-09-13 11:19:00 +02:00
0a2940
f728d32f60
code style improvement - remove 'then' from 'if's
2012-09-13 11:14:45 +02:00
Borja Merino
eca8555a92
Applying changes
2012-09-07 11:29:42 +02:00
Borja Merino
d16d004969
added windows post module rpcapd service
2012-09-05 19:26:26 +02:00
Tod Beardsley
b8132cae5c
Add the redistribution comment splat
2012-09-04 15:58:43 -05:00
Tod Beardsley
6e7cbe793c
Spamguard e-mail addresses, make auth name consistent
2012-09-04 15:58:43 -05:00
Tod Beardsley
a925eef070
Removed meterpreter reference from desc
...
This post module relies on meterpreter as a SessionType, but the
description shouldn't call this out specifically.
2012-09-04 15:58:42 -05:00
Tod Beardsley
ba0de5acd9
Retitled for consistency and accuracy
2012-09-04 15:58:42 -05:00
Tod Beardsley
f80abaf0d1
Dropping trailing whitespace
2012-09-04 15:58:42 -05:00
nullbind
69b2f95a6f
small update
2012-09-04 15:58:42 -05:00
nullbind
cac1e0a585
small update
2012-09-04 15:58:42 -05:00
nullbind
e1da14f786
access database with local os admin privs
2012-09-04 15:58:42 -05:00
nullbind
a08d2359d7
access database with local os admin privs
2012-09-04 15:58:42 -05:00
Rob Fuller
b0661a33a3
Update modules/post/windows/gather/tcpnetstat.rb
...
forgot to change table name with table code reuse
'connection table' is a better table header than
'routing table'.
2012-08-26 02:34:54 -03:00
sinn3r
433c9f6b28
Final cleanup
2012-08-21 14:17:21 -05:00
Jonathan Claudius
c5623cae4c
Fixing Bug w/ XP Method & Improving formatting for smart_hashdump
...
1.) Addressed obvious bug in registry read for XP hint gathering code
2.) Cleaned up the formatting for smart_hashdump which needed
additional tabs
2012-08-21 07:56:52 -05:00
Jonathan Claudius
a3bad0b3ae
Added XP Support and Changed Output Method for User Password Hints
...
1.) Now grabs clear-text user hint from XP systems in addition to
Win7/Win8 systems
2.) Changes output so it's no longer inline with hashes as not to
affect copy/paste of hashes output
3.) Adding alternate text in cases when no user hints are available
2012-08-20 21:30:12 -05:00
Jonathan Claudius
fbc36b57d0
Adding Windows User Password Hint Decoding to Hashdump Tools
...
* UserPasswordHint, a key that is used to store the users password
hint, can be easily decoded to clear-text to get the users hint
(Example: "My Favorite Color")
* Added decode_windows_hint() method to perform the decode process
* Added decoded hint output for hashdump.rb and smart_hashdump.rb
2012-08-19 23:04:11 -05:00
Tod Beardsley
5cd20357d8
Updating URL for Bypass UAC
2012-08-15 22:34:44 -05:00
Tod Beardsley
9bf1f28c1f
Apostrophe
2012-08-15 14:19:56 -05:00
sinn3r
6a0271fb11
Correct OSX naming. See ticket #7182
2012-08-14 15:29:21 -05:00
Daniel Miller
c8b8d7b8db
Fix handling of PAYLOAD_TYPE in persistence
...
post/windows/manage/persistence incorrectly checked the STARTUP option
to set the payload, which meant it was always the default (reverse_tcp).
Changed to check PAYLOAD_TYPE instead, as intended.
2012-08-10 13:34:09 -05:00
sinn3r
880491c52f
Update description
2012-08-08 14:07:51 -05:00
sinn3r
8a787f8342
typo
2012-08-08 14:04:49 -05:00
sinn3r
5f46a1e239
Based on #676 , with some changes
2012-08-08 12:44:39 -05:00
sinn3r
7cff1365a2
Merge branch 'master' of https://github.com/ipwnstuff/metasploit-framework into osx_keychain
2012-08-08 11:12:07 -05:00
Erran Carey
189a4ffb78
Edited spaceing
2012-08-08 10:40:33 -05:00
Erran Carey
bb588d338b
Add Keychain Enumeration Mac OS X Post Module
...
Based off my `Keyjacker` script this module runs through an account's
keychains and returns internet accounts associated.
Setting the GETPASS option to true will return both many plain text
passwords given that the user allows their system to use the keychain
when prompted.
2012-08-08 03:03:19 -05:00
sinn3r
b46fb260a6
Comply with msftidy
...
*Knock, knock!* Who's there? Me, the msftidy nazi!
2012-08-07 15:59:01 -05:00
0a2940
f5b3886e8c
fix success/fail print statements
2012-08-06 10:41:55 +02:00
0a2940
176f6ea41e
added USERNAME and PASSWORD as options
2012-08-05 18:20:44 +02:00
David Maloney
94c7415653
Remove typo
2012-07-31 16:30:41 -05:00
sinn3r
716028c907
Catch exceptions that are expected when a host isn't pingable.
2012-07-23 18:34:03 -05:00
sinn3r
bc176b4148
Merge branch 'pingsweep_fix' of https://github.com/darkoperator/metasploit-framework into darkoperator-pingsweep_fix
2012-07-23 17:37:01 -05:00
Carlos Perez
cdee09b5cd
Fixes in threading and for Java Meterpreter on OSX
2012-07-23 18:34:05 -04:00
sinn3r
4efe84c609
Merge branch 'Fix_Threading' of https://github.com/darkoperator/metasploit-framework into darkoperator-Fix_Threading
2012-07-23 02:58:30 -05:00
Carlos Perez
4042275421
Fixed threading and added verbose print for each attempt
2012-07-22 00:26:37 -04:00
Carlos Perez
2f85f57922
Fixed threading and added new SRV records to enumerate.
2012-07-22 00:12:32 -04:00
Carlos Perez
7fc9d57f89
Fixed the threading for the reverse DNS lookup and improvements when ran against a Java Meterpreter session.
2012-07-21 23:54:29 -04:00
Carlos Perez
2941755576
Fixed the threading for ARP Scanner and skipped making a note is OUI is not known
2012-07-21 23:38:41 -04:00
0a2940
d148acdce3
added exploit for metasploit pcap_log prov-esc
2012-07-21 12:18:43 +01:00
James Lee
cccd3754a4
Fix load order problem
...
[FIXRM #7151 ]
2012-07-20 15:58:57 -06:00
HD Moore
9bff1c913b
Merge pull request #592 from alexmaloteaux/ipv6arpfix
...
ipv6 and arp_scanner fix
2012-07-18 20:40:27 -07:00
sinn3r
fbe0cb7471
Merge branch 'post_win_gather_creds_gpp_pass' of https://github.com/Meatballs1/metasploit-framework into Meatballs1-post_win_gather_creds_gpp_pass
2012-07-17 08:28:19 -05:00
HD Moore
b3eb7b1358
Clean up unicode names
2012-07-17 00:46:28 -05:00
HD Moore
8fef1479ed
Trim string fields at first null
2012-07-15 23:12:40 -05:00
Alexandre Maloteaux
81ba60169f
ipv6 and arp_scanner fix
2012-07-10 18:28:24 +01:00
sinn3r
0fbfa8e6f7
Merge branch 'enum_unattend_ii' of https://github.com/wchen-r7/metasploit-framework into wchen-r7-enum_unattend_ii
2012-07-09 10:14:30 -05:00
sinn3r
5586aa6c1b
Move some code around
2012-07-09 09:44:22 -05:00
sinn3r
5db26beef7
Add more features
...
Please see the following ticket:
http://dev.metasploit.com/redmine/issues/7041
2012-07-09 05:17:40 -05:00
HD Moore
442eccd1d6
Merge pull request #578 from claudijd/master
...
Bug Fix to "Stamp Out" LM and NTLM Hash Corruption in Hashdump Code
2012-07-08 12:24:46 -07:00
Jonathan Claudius
5938771e6c
Bug Fix to "Stamp Out" LM and NTLM Hash Corruption
...
-This commit Addresses Metasploit Bug #4402 that notes corrupted (aka:
incorrect) hashes yielded from hashdump
-Fail case can be reliably reproduced on a Windows system where (1) a
user is not storing an LM hash and (2) password histories are enabled
on the system
-This issue along with other extraction tools that are affected in a
similar way will be discussed at BlackHat USA 2012 and DEFCON 20 in 2
weeks.
If you have questions, please let us know.
-Jonathan Claudius (@claudijd)
-Ryan Reynolds (@reynoldsrb)
2012-07-08 14:02:22 -05:00
Meatballs1
fc58e485c3
Added further protection to enum_dcs method to prevent crashes
2012-07-05 14:27:45 +01:00
Meatballs1
a513b41283
Couple of readability changes suggested by TLC
2012-07-05 14:19:41 +01:00
Loic Jaquemet
cadbeafc4b
match dot and not any character
2012-07-03 20:41:03 -03:00
Loic Jaquemet
5bba81b738
or something equivalent... if enum_dcs returns nil
2012-07-03 20:38:26 -03:00
Meatballs1
c30b2de35b
Removed comments in code!
2012-07-03 21:34:33 +01:00
Meatballs1
9998ca928d
msftidy, bugfixes, and protection to prevent DNS style domains going into the DC enumeration (which causes a meterpreter crash)
2012-07-03 21:28:45 +01:00
Meatballs1
bdd9364fa4
Refactored registry DC enumeration to occur by default, fixed nil DomainCaches exception
2012-07-03 21:08:12 +01:00
Loic Jaquemet
f74fe39280
fix error message to a more helpful one.
2012-07-03 12:54:02 -03:00
Loic Jaquemet
12e24dbd99
failback to target's PDC to get policies
2012-07-03 12:49:34 -03:00
sinn3r
7cfb7c1915
Update description
2012-07-03 10:26:02 -05:00
Loic Jaquemet
5fff195eba
DomainCache is a list of domainName = dnsDomainName
2012-07-03 12:20:00 -03:00
sinn3r
7262faac57
Correct a typo
2012-07-02 16:02:14 -05:00
sinn3r
fa0422c88a
Must respect the PlainText field to extract password info properly
2012-07-02 15:56:25 -05:00
sinn3r
e2a2789f78
Support Ruby 1.8 syntax. Thanks M M.
2012-07-02 14:15:14 -05:00
Meatballs1
4eec5a5288
msftidy
2012-07-02 16:51:15 +01:00
Meatballs1
261989dddf
Fixed get_domain_reg where value returned was '.'
2012-07-02 16:46:02 +01:00
Meatballs1
bd2368d6ab
Added specific details for each policy type to output table, modified REX:Ui:Table to prevent sorting when SortIndex == -1
2012-07-02 11:47:44 +01:00
Meatballs1
299ed9d1d5
Local loot storage of retrieved XML files with option to disable storage
2012-07-02 10:48:04 +01:00
Meatballs1
5c2c1ccc39
Added extra logic and fixes for user supplied domains option
2012-07-02 10:15:58 +01:00
Meatballs1
b549c9b767
Added a number of registry locations to enumerate the domain as this was inconsistant across testing environments
2012-07-02 09:35:47 +01:00
Meatballs1
994074948a
Removed @enumed_domains which inadvertantly skipped processing after the first file on a domain
2012-07-02 09:17:29 +01:00
Meatballs1
21776697b2
Merged with upstream
2012-07-02 08:57:54 +01:00
sinn3r
1b02f17d52
Shamelessly add my name too, because I made a lot of changes.
2012-07-01 19:23:34 -05:00
sinn3r
e1c43c31bd
Title change
2012-07-01 16:43:25 -05:00
sinn3r
326230b34b
Don't need to print the xml path twice
2012-07-01 13:58:04 -05:00
sinn3r
fcf5e02708
Be aware of bad XML format
2012-07-01 13:50:43 -05:00
sinn3r
ac52b0cc9f
Filter out 'AdministratorPassword' and 'Password'
2012-07-01 13:45:12 -05:00
sinn3r
61983b21b9
Add documentation about unattend.xml's specs
2012-07-01 04:15:11 -05:00
sinn3r
bf03995e30
Add veritysr's unattend.xml collector. See #548 .
2012-07-01 04:08:18 -05:00
sinn3r
e37a71192d
Make msftidy happy
2012-06-28 12:10:38 -05:00
Rob Fuller
77326edc45
fixed tcpnetstat table displaying
2012-06-28 12:56:29 -04:00
Rob Fuller
6f37ccbcae
tcp netstat post module via railgun
2012-06-28 09:17:05 -04:00
Tod Beardsley
94e28933c8
Whitespace fixes. msftidy.rb yall
2012-06-27 10:06:15 -05:00
HD Moore
2dd51690c2
Add a missing require
2012-06-27 00:47:32 -05:00
James Lee
891400fdbb
Array#select! is only in 1.9
2012-06-26 15:32:39 -06:00
HD Moore
348a0b8f6e
Merge branch 'master' into feature/vuln-info
2012-06-24 23:00:13 -05:00
dmaloney-r7
46dd286cc8
Merge pull request #519 from rapid7/gpp-passwords
...
Gpp passwords
2012-06-24 16:18:34 -07:00
David Maloney
6e19dddf2a
Alleviate duplicated work in gpp module
2012-06-24 16:21:35 -05:00
David Maloney
aa09cd7f82
More collaboration stuff on gpp module
2012-06-24 13:08:19 -05:00
David Maloney
eefea8d9d3
Add newname attr in gpp module
2012-06-23 17:51:58 -05:00
David Maloney
7bcb9d1a45
Reintegrated extra options into gpp module
...
reintegrated meatballs control options into the gpp module
2012-06-23 17:38:07 -05:00
David Maloney
b320679d1f
Exception message fix for gpp
2012-06-23 12:56:12 -05:00
David Maloney
5497d091fc
fix gpp attribution and description
2012-06-23 12:45:56 -05:00
David Maloney
534008b010
Major rework of the gpp module
...
Took the combination work Meatballs did
on pulling togetehr the three seperate gpp modules.
Cleaned it up and cut it down to a smaller, smoother form.
2012-06-23 12:42:33 -05:00
Meatballs1
26d99c6e41
Added more detail to description and stop execution if no DCs are enumerated.
2012-06-22 22:36:52 +01:00
Meatballs1
6a80b21124
Final tidyup
2012-06-22 19:12:42 +01:00
Meatballs1
27b884ca87
Fixed drives userName match
2012-06-22 18:47:44 +01:00
Meatballs1
90eaceef70
Fixed enum_domains exception when domains found = 0
2012-06-22 18:45:56 +01:00