2b016e0216
Land #6812 , remove broken OSVDB references
2016-07-11 22:59:11 -05:00
9d13df3a25
Corrected for console width errors causing erroneous carriage returns, resulting in incorrect hash extraction on ms sql server 2012
2016-07-04 16:23:07 -04:00
81f30ca962
Land #6966 , Microsoft Office Trusted Locations Enumeration
2016-06-21 21:45:39 +01:00
95517b4a45
Avoid exception on missing key in prefs.
2016-06-20 09:26:10 -05:00
6cb2a6970e
Fix unused SessionType in two modules
...
Pretty sure it should be "shell."
2016-06-19 23:41:34 -05:00
0451d4f079
Cleanup
2016-06-15 22:41:59 +01:00
8a68e86a0a
Update enum_trusted_locations.rb
...
Changed some colours
2016-06-15 13:42:38 +01:00
48714184f3
Update enum_trusted_locations.rb
...
Added product it found the locations in.
2016-06-15 13:41:19 +01:00
1ba33ff7f8
Fixed MSFTidy
...
Fixed MSFTidy stuff
2016-06-12 13:00:44 +01:00
a2a97d0271
Update enum_trusted_locations.rb
...
Fix some changes, I had emet references.
2016-06-12 11:06:20 +01:00
2e03c3511e
Add enum_trusted_locations.rb
...
Quickly enumerates trusted locations for file planting :)
2016-06-12 10:59:57 +01:00
233186c833
Check presence in local admin group
...
As the "is_admin?" function only checks if the current session effectively has admin rights, I offer to add a check to know if the current user is in the local admin group using the "is_in_admin_group?" function. This information is better suited to check if admin rights are obtainable using the "bypassuac" module.
2016-06-09 17:47:09 +02:00
194a84c793
Modify stdapi so it also uses exist? over exists? for ruby parity
...
Also add an alias for backward compatibility.
2016-04-23 17:31:22 -04:00
816bc91e45
Resolve #6807 , remove all OSVDB references.
...
OSVDB is no longer a vulnerability database, therefore all the
references linked to it are invalid.
Resolve #6807
2016-04-23 12:32:34 -05:00
da9f156913
Print IP in print_*
2016-04-22 16:03:31 -05:00
3aa02891e9
Bring #6801 up to date with upstream-master
2016-04-22 14:04:26 -05:00
16ff74e293
syntax check / code reduce
2016-04-22 10:53:03 +08:00
ca4bcfe62a
Update enum_emet.rb
...
Cleaned up a bit more
2016-04-22 00:41:10 +01:00
c81d0ade3f
Update, implemented
...
Took @bcook-r7's advice
2016-04-22 00:37:03 +01:00
30ac6b4a93
enum_emet
...
A module to enumerate all the EMET wildcard paths.
2016-04-22 00:20:25 +01:00
57ab974737
File.exists? must die
2016-04-21 00:47:07 -04:00
57467b94d9
Fix RegExp evaluation in is_routable? function
2016-04-20 10:22:46 -05:00
48556483b5
Fix a few comments
2016-04-17 19:16:52 -05:00
32590c89b7
Add interface name to routing status message
2016-04-17 14:15:50 -05:00
fb7194c125
Work on autoroute.md
2016-04-17 00:04:42 -05:00
a5e48b6112
Add default option and clean up comments
2016-04-16 19:50:08 -05:00
6550e0bc1b
Finish up autoadd_interface_routes
2016-04-16 18:42:41 -05:00
b3d199c055
Add get_subnet_octet and test
2016-04-16 14:57:39 -05:00
b1064af082
Initial get_subnet testing
2016-04-16 13:50:15 -05:00
018e7807fe
Identify routable networks
2016-04-15 22:21:54 -05:00
e8863ba09d
Initial autoadd_interface_routes work
2016-04-15 22:13:17 -05:00
5f5c330f2b
Initial Testing of Interface Info Gather
2016-04-14 21:59:48 -05:00
c39410a070
Fix autoadd problem
2016-04-13 23:31:27 -05:00
cba7353e1d
Fix another typo?
2016-04-07 17:12:11 -05:00
ff9d94218d
Fix a typo?
2016-04-07 17:11:42 -05:00
a3c390ee9d
Change class name to MetasploitModule
2016-04-07 17:11:08 -05:00
f09637a1c7
Bring #6377 up to date with upstream-master
2016-04-07 17:06:49 -05:00
0d3eb4f055
Change class name to MetasploitModule
2016-04-07 12:15:32 -05:00
0f56dbd858
Bring #6378 up to date with upstream-master
2016-04-07 12:10:55 -05:00
ac051bda7f
Add check is_routable?, and change netmask if needed
2016-04-06 15:28:54 -05:00
d240e0b3a2
Bring #6515 up to date with upstream-master
2016-04-06 11:27:32 -05:00
4074634a13
Land #6713 , Add post exploit module for HeidiSQL's stored passwords
2016-03-30 12:10:30 -05:00
0c6b4d81c8
More proper exception handling
2016-03-30 12:09:40 -05:00
aaa1515ba0
Print rhost:rport
2016-03-30 11:56:09 -05:00
397d5580be
Use MetasploitModule convention
2016-03-30 15:44:37 +01:00
f8628e3438
Merge remote-tracking branch 'upstream/master' into wdigest_enable
2016-03-30 15:44:21 +01:00
9e45f0c104
Minor tidies
2016-03-30 15:29:03 +01:00
976932ed43
Initial commit
2016-03-26 12:00:25 +01:00
d54bbdf9a3
Land #6566 , filezilla xml file locations
2016-03-17 16:27:24 -05:00
115a033036
Fix parsing the Last Server xml
2016-03-17 16:27:02 -05:00
1375600780
Land #6644 , datastore validation on assignment
2016-03-17 11:16:12 -05:00
cd84ac37d6
Land #6569 , check if USERNAME env var exists before using in enum_chrome post module
2016-03-13 15:12:51 -05:00
c89e53d0a3
Land #6666 , fix filezilla_server display bug showing the session ID
2016-03-13 13:56:44 -05:00
51cdb57d42
Fix #6569 , Add a check for USERNAME env var in enum_chrome post mod
...
Fix #6569
Depending on the context, the USERNAME environment variable might
not always be there.
2016-03-11 15:36:44 -06:00
8217d55e25
Fix display issue when SESSION is -1
2016-03-11 11:37:22 -06:00
3123175ac7
use MetasploitModule as a class name
2016-03-08 14:02:44 +01:00
f703fa21d6
Revert "change Metasploit3 class names"
...
This reverts commit 666ae14259
2016-03-07 13:19:55 -06:00
44990e9721
Revert "change Metasploit4 class names"
...
This reverts commit 3da9535e22
2016-03-07 13:19:48 -06:00
3da9535e22
change Metasploit4 class names
2016-03-07 09:57:22 +01:00
666ae14259
change Metasploit3 class names
2016-03-07 09:56:58 +01:00
c7c0e12bb3
remove various module hacks for the datastore defaults not preserving types
2016-03-05 23:11:39 -06:00
c7f9fbcdfa
Change to enable/disable
2016-03-06 04:31:24 +00:00
6b510005da
Reverse os checks
2016-03-06 04:31:23 +00:00
0e52fda708
Initial tidy
2016-03-06 04:31:23 +00:00
8a15c36770
Land #6563 , VNC creds scraper uninstall location
2016-02-19 15:01:23 -06:00
bfd204ac50
Fix some cosmetic issues
2016-02-19 15:00:56 -06:00
bc74ceb8c5
Handle errors when parsing interfaces.xml, add check for several locations
2016-02-11 15:56:58 +01:00
8118198628
Add vprint of the exception message
2016-02-10 22:47:51 +01:00
1637891ece
Add check for the uninstall location in vnc post module
2016-02-10 20:30:41 +01:00
62dd82e653
Make fix easier to read
2016-02-10 11:24:45 -06:00
4653c27167
Fix minor grammar error in description
2016-02-09 21:24:40 -06:00
08a41b0a31
Fix issue when target PID not owned by session
2016-02-09 21:22:50 -06:00
3d4b7af6bb
Update description
2016-01-30 14:35:03 -06:00
413ea53984
Add found flag and touchup code
2016-01-30 14:31:45 -06:00
3abb6feb3f
Add autoadd feature to autoroute.rb
2016-01-29 21:34:22 -06:00
315d079ae8
Land #6402 , Add Post Module for Windows Priv Based Meterpreter Migration
...
We are also replacing smart_migrate with this.
2016-01-13 01:21:32 -06:00
6deb57dca3
Deprecate post/windows/manage/smart_migrate and other things
...
This includes:
* Give credit to thelightcosine in priv_migrate
* Deprecate smart_migrate
* Update InitialAutoRunScript for winrm_script_exec
2016-01-12 23:14:13 -06:00
7128c408c8
Land #6375 , Active Directory Managed Groups Enumeration
2016-01-12 11:21:31 +00:00
4ba2d56f49
Just search on DN for samaccountname
2016-01-12 11:20:20 +00:00
5e6620f2cf
add yard doc and lexical sorting
...
lexical sort methods and add missing YARD docs
2016-01-08 14:36:21 -06:00
536378e023
move datastore kill check to kill method
...
move the datastore check for datatstore['KILL']
into the actual kill method for sake of DRYness
2016-01-08 14:31:42 -06:00
9716b97e1c
split up the migration efforts
...
move admin and suer migrations into
seperate methods for enhanced readability
and maintainability
2016-01-08 14:26:39 -06:00
ad50f9a047
move default targets to constants
...
cleanup the way the target lists get populated
to use constants and be a little cleaner and dryer
2016-01-08 14:03:30 -06:00
4e99c873c8
Fix issue when target_pid == current_pid
2016-01-06 19:58:07 -06:00
60c506d7fb
Replace error handling methods
2016-01-06 18:53:54 -06:00
30a866a85b
Update enable_rdp.rb
...
Fixed some typos.
2016-01-04 09:52:57 +00:00
47f9880690
Land #6395 , grammar fixes for recovery_files.rb
...
Improves grammar and details within the description of /post/windows/gather/forensics/recovery_files.rb
2015-12-28 15:57:41 -06:00
cf0e982e83
Land #6386 , VNC creds module fix
2015-12-28 02:32:26 -06:00
6b9c74eec7
Prefer gsub and nix the return
2015-12-28 02:31:47 -06:00
0de69a9d40
Add post Windows privilege based migrate
2015-12-27 19:26:21 -06:00
f8943f4821
Remove peer; defined in lib/msf/core/post/common.rb
2015-12-24 07:57:16 -08:00
431c6001a8
Fix recovery_files.rb Description grammar errors
2015-12-24 10:10:39 -05:00
391145a4af
Checking if group_filter is empty
2015-12-23 15:14:37 +00:00
2f71730484
Gather VNC null byte fix + formatting
2015-12-22 17:30:37 +00:00
f950633d32
renamed
2015-12-21 18:16:06 +00:00
e09c2944cf
Renamed module to be more descriptive
2015-12-21 18:15:39 +00:00
4c27f381dc
rubocop & msftidy
2015-12-21 18:15:19 +00:00
8438774077
Bug
2015-12-21 18:13:58 +00:00
0b6969afbc
Rubocop. This encoding mess was the only way I could find to deal with a number of parsing errors when testing this against a multilingual domain.
2015-12-21 17:30:32 +00:00
30e283b0ae
fixup
2015-12-21 17:28:36 +00:00
Brent Cook
Stephen Deck
Meatballs
Pearce Barry
William Vu
Vincent Yiu
Crypt0-M3lon
wchen-r7
join-us
Josh Hale
Hans-Martin Münch (h0ng10)
James Lee
Christian Mehlmauer
nk
David Maloney
Kyle Gray
Jon Hart
karllll
Stuart Morgan
g0tmi1k