Commit Graph

1428 Commits (768294710b58f456788d376583701bc96bbf2dcc)

Author SHA1 Message Date
Jon Cave 7aceb9218e Use bitwise OR to select both primary and backup DCs
SV_TYPE_DOMAIN_CTRL || SV_TYPE_DOMAIN_BAKCTRL returns
SV_TYPE_DOMAIN_CTRL rather than ORing the bits together.
2015-04-05 11:05:42 +01:00
Tod Beardsley 6d5bcb93a8
Normalize the SecurityXploded Team credits
[See #5012]
2015-04-02 15:15:37 -05:00
David Maloney 63da27ece0
add missing HKLM root to regkey
the chevkm windows psot module had HKLM
missing from the front of one of it's reg key
paths. This was missed in Rails 3 due to the
error being swallowed unexpectedly. in rails 4
we actually see this cause a stack trace

MSP-12384
2015-03-31 14:17:18 -05:00
Tod Beardsley d1318d1b48
Fixups for release 2015-03-31 11:02:12 -05:00
Meatballs c430e5fab1
@m7x forgot to put a reference in 2015-03-29 02:13:31 +01:00
Meatballs 2ed9489f38 Delete load line 2015-03-28 20:31:35 +00:00
Meatballs 99f79e8533 Use incognito token stealing rather than process migration if we have
the privileges required for successful impersonation.
2015-03-28 20:31:35 +00:00
Meatballs f83f4ae764 Move hashdump to gather 2015-03-28 20:31:35 +00:00
Meatballs e2af15a0df Refactor MSSQL Post 2015-03-28 20:31:35 +00:00
root 1558190a9d Add module mssql_local_hashdump 2015-03-28 20:31:35 +00:00
sinn3r 9cfafdd8b8
Land #4649, improve post/windows/manage/run_as and as an exploit 2015-03-27 17:31:30 -05:00
Felix Wehnert 2a525958bd fixed typo
Does no one tested this script on x64 yet ?
2015-03-16 20:15:26 +01:00
Sven Vetsch 4d3a1a2f71 fix all duplicated keys in modules 2015-03-14 13:10:42 +01:00
Bazin Danil 1d03b9a166 Maj debug output 2015-02-26 21:06:20 +01:00
BAZIN-HSC a0ba078801 add debug output 2015-02-24 14:15:30 +01:00
William Vu be5a0ee9c2
Land #4777, @todb-r7's release fixes 2015-02-17 13:45:00 -06:00
Tod Beardsley 053de8e62c
Fix whitespace in author name
[See #4777]
2015-02-17 12:57:36 -06:00
Tod Beardsley 214146beaa
Correct author attribution 2015-02-17 10:52:55 -06:00
Meatballs ecefad946e
Spellingz 2015-02-17 14:39:34 +00:00
Meatballs 6559b43f1e
EOL Spaces argh 2015-02-16 15:46:45 +00:00
Meatballs 12f2828829
Allow additional fields 2015-02-16 15:24:28 +00:00
Meatballs b77aed1c56
UPN is optional, should use sAMAccountName 2015-02-16 15:08:09 +00:00
Meatballs 3a894a29de
Dont use magic values and use the userPrincipalName as the
username
2015-02-16 15:02:01 +00:00
Meatballs e42bbcbcbb
Enum_ad modules should retrive userPrincipalName as it may differ
to the sAMAccountName value.
2015-02-16 14:03:15 +00:00
William Vu d7fa06de06 Fix off-by-one whitespace 2015-02-12 13:12:13 -06:00
Tod Beardsley d89eda65fa
Moar fixes, thanks @wvu-r7
See #4755
2015-02-12 12:46:38 -06:00
Tod Beardsley e78d08e20d
Fix up titles, descriptions 2015-02-12 12:11:40 -06:00
Tod Beardsley 02fe57e2a1
Bump out to April, 60ish days 2015-02-11 12:56:37 -06:00
William Vu fd11afff1a Deprecate manage/pxexploit
modules/post/windows/manage/pxeexploit.rb
2015-02-11 12:39:10 -06:00
William Vu 6294cbf4de Fix manage/pxexploit datastore 2015-02-11 12:19:59 -06:00
Meatballs 133ae4cd04
Land #4679, Windows Post Gather File from raw NTFS. 2015-02-08 18:50:50 +00:00
Meatballs 69e53a46cb
Final tidyups, description etc 2015-02-08 18:49:17 +00:00
Meatballs 9518090b8b
Ignore some error conditions 2015-02-08 18:46:48 +00:00
Bazin Danil cc4fc1aefa use GetFileAttributesW and CreateFileW 2015-02-08 17:36:49 +01:00
Tod Beardsley a5b2e99136
Correct punctuation on outlook, too. 2015-02-07 22:26:14 -06:00
wez3 1390c81420 Fix fail_with text
Fix fail_with text, when the target system is locked.
2015-02-07 21:20:24 +01:00
Meatballs 358ab2590e
Small tidyup 2015-02-07 11:35:47 +00:00
Bazin Danil 970c5d115a spellcheck 2015-02-05 22:08:39 +01:00
scriptjunkie 5b2eb986c9
Land #4678 Add post module to phish credentials 2015-02-04 23:43:02 -06:00
William Vu 9e030143e7
Fix slow search due to method name conflict
Changed "search_filter" in enum_ad_users module to "query_filter" to
avoid conflicting with "search_filter" in command_dispatcher/core.rb.
2015-02-02 16:36:20 -06:00
wez3 904a99965d Sleep 1 added
Sleep 1 added to reduce network usage
2015-02-01 11:55:01 +01:00
Bazin Danil 03fcfc496a add a test to check if the file exist 2015-01-31 06:00:02 +01:00
Bazin Danil 2cf9a17f25 variable name clarification (file, file_path, path) 2015-01-31 05:07:07 +01:00
Bazin Danil 5d4a8e2f90 using store_loot 2015-01-31 05:01:28 +01:00
Bazin Danil d6fb445522 add begin...ensure block so that the CloseHandle call occurs 2015-01-31 04:46:02 +01:00
Bazin Danil 1205c0045f using r['ErrorMessage'] 2015-01-31 04:37:16 +01:00
Bazin Danil f7d2e2a27a twitter in comment 2015-01-31 04:36:07 +01:00
jvazquez-r7 c831de35a2
Land #4392, @Meatballs1's post module to enumerate AD users 2015-01-30 17:21:10 -06:00
wez3 25ac9c1ed9 Add post module to phish windows user credentials 2015-01-30 19:50:04 +01:00
Bazin Danil 68b735dbda Add a NTFS parser and a post module to dump files
This commit add a draft of an NTFS Parser and a post module
to gather file using the raw NTFS device (\\.\C:)
bypassing restriction like already open file with lock
Can be used to retreive file like NTDS.DIT without volume shadow copy
2015-01-30 19:16:44 +01:00