William Webb
48560d29f3
remove keyscan_extract and modify calling modules
2017-04-13 10:42:28 -05:00
Koen Riepe
9f289bdf52
Fixed error messages and some syntax.
2017-04-12 13:48:11 +02:00
William Vu
288e384164
Land #8189 , irssi password post gather module
2017-04-10 23:34:54 -05:00
Jonathan Claudius
96927b449c
Rework module to grab entire irssi configs
2017-04-11 00:02:40 -04:00
Jonathan Claudius
6a1531da34
Fix loot name attributes
2017-04-10 23:52:31 -04:00
Jonathan Claudius
d92f94e077
Fix grammar issue
2017-04-10 23:44:18 -04:00
Jonathan Claudius
d9e96a8b4f
Consolidate loot into single file
2017-04-10 23:42:50 -04:00
Jonathan Claudius
7f6bbb6ff2
Fix trailing space issue
2017-04-10 21:38:30 -04:00
Jonathan Claudius
9432a3543f
Extend irssi post mod to grab network passwords
2017-04-10 15:35:26 -04:00
Jonathan Claudius
47d74819a5
Update regex per reviewer request
2017-04-10 14:45:10 -04:00
Jonathan Claudius
d816092c56
Fix missing new line
2017-04-10 14:41:25 -04:00
bwatters-r7
dd5a91f153
Land #8008 , Added archmigrate module for windows sessions
2017-04-05 08:55:27 -05:00
Koen Riepe
08b2a97293
Changed styling to be more in line with rubocop.
2017-04-05 10:05:56 +02:00
Jonathan Claudius
b8af7c1db0
Add irssi password post gather module
2017-04-05 00:56:24 -04:00
h00die
823c1a6286
added more verifieds
2017-03-31 16:52:20 -04:00
h00die
23ac9214ea
land #8010 post gather module for tomcat creds
2017-03-31 16:15:55 -04:00
h00die
34a152dc76
handle no sysinfo from ssh_login
2017-03-31 16:15:16 -04:00
Koen Riepe
22b2215d2e
Fixed a typo causing bot to fail.
2017-03-31 16:40:21 +02:00
Koen Riepe
3a674b731c
Added error handling, added documentation and fixed some style issues.
2017-03-31 16:35:25 +02:00
Koen Riepe
628827cda9
Added some documentation and gracefull error handeling.
2017-03-31 12:45:30 +02:00
Koen Riepe
df2a9a4af3
Added documentation file and implemented fixes for output and linux parsing.
2017-03-31 11:19:12 +02:00
Pearce Barry
ac83ff7e48
Land #8155 , Style fixes for HWBridge RF and a couple small bug fixes
2017-03-29 20:37:13 -05:00
bwatters-r7
691811af5a
Land #7994 , Add Windows Gather DynaZIP Saved Password Extraction post module
2017-03-29 16:04:09 -05:00
Pearce Barry
31c03840bb
Style fixes for HWBridge RF and a couple small bug fixes
...
I should have tweaked these earlier, my bad.
2017-03-26 13:45:19 -05:00
bwatters-r7
be41df6de0
Land #8036 , Fix run_as_psh with domain accounts
2017-03-21 09:05:50 -05:00
Pearce Barry
c4279a837a
Minor formatting/spelling/verbiage changes.
2017-03-20 17:37:12 -05:00
Craig Smith
2fde287424
Initial patch for rftransceiver (RfCat / YardstickOne)
2017-03-20 17:36:16 -05:00
Pearce Barry
2acd941b16
Merge branch 'master' into dtc_fix
2017-03-20 14:10:01 -05:00
Craig Smith
0be6b8c905
Fixes #8022
...
Adds detection for ELM327 chips reporting CAN ERROR when vehicle is off.
Addes some enhanced UDS Error codes.
Cleaned up reporting from getvinfo if the vehicle is off or not connected.
2017-03-20 13:49:39 -05:00
Pearce Barry
06ebb22a8f
Land #8065 , Zigbee Hardware Bridge Extension
2017-03-20 10:44:15 -05:00
William Vu
f9ecefe465
Land #8031 , nil fixes for HWBridge
2017-03-19 22:37:28 -05:00
Brent Cook
e2c6f959f4
Land #8129 , s/colom/colon/g
2017-03-19 22:14:38 -05:00
Carter
ae883d7f02
Update multi_meterpreter_inject.rb
2017-03-19 00:27:28 -04:00
Carter
661bf6e492
Update multi_meterpreter_inject.rb
2017-03-19 00:27:03 -04:00
Carter
93a6614ab3
Update multi_meterpreter_inject.rb
2017-03-19 00:25:46 -04:00
Pearce Barry
d55b680394
Land #8088 , Add some binaries to enum_protections
2017-03-17 17:14:59 -05:00
William Webb
1180bd6ed7
Land #8037 , priv_migrate improvements
2017-03-17 13:19:51 -05:00
Pearce Barry
095a110e65
Code and doc tweaks (minor).
...
Only one behavior change in the scan loop of zstumbler.rb to, when doing a scan across all the channels, keep it from retrying channel 11 again one last time just before it exits.
2017-03-16 21:43:36 -05:00
Craig Smith
78586f0dc9
Fixed an extra space at the EOL
2017-03-16 09:22:01 -07:00
William Vu
456ddcebc0
Remove nil values that are default already
...
There are four lights!
2017-03-15 15:51:22 -05:00
Rich Whitcroft
04f11b0bf7
fix migrate by process name
2017-03-14 17:27:46 -04:00
jvoisin
84b9449137
Add some binaries to enum_protections
...
- gradm2 for grsec
- aa-status for apparmor
- getenforce for setlinux
2017-03-10 14:16:58 +01:00
Craig Smith
f60dae0917
Lots of syntax fixups from rubocop
2017-03-08 09:21:33 -08:00
Koen Riepe
c8215e609a
pushing fixes again, something failed.
2017-03-08 10:16:06 +01:00
Koen Riepe
2546263d50
Improved error handling and general fixes
2017-03-08 10:11:05 +01:00
Craig Smith
4e9b8946d8
Fixed some small msftidy issues
2017-03-06 22:47:37 -08:00
Craig Smith
60cd04bc7b
Added module for zstumbler
2017-03-06 16:10:14 -08:00
Louis
759b67c565
Fix ru_as_psh with domain accounts
...
The current versions has too many escape backslashes, as a result, running run_as_psh for domain users does not work.
Also added support for DOMAIN\\User format in the USER parameter.
2017-03-01 13:38:15 +11:00
Craig Smith
d4e5cb7993
Fixes #8022
...
Adds detection for ELM327 chips reporting CAN ERROR when vehicle is off.
Addes some enhanced UDS Error codes.
Cleaned up reporting from getvinfo if the vehicle is off or not connected.
2017-02-27 21:09:57 -08:00
Josh Hale
def5088097
Change NOFAIL default to false
2017-02-27 20:37:58 -06:00
Josh Hale
2f5dd38957
Update Admin target list and module description
2017-02-27 20:19:59 -06:00
Josh Hale
3333019e5f
Check if current admin proc is in target list
2017-02-27 18:55:25 -06:00
Josh Hale
717879f3df
Downcase targets and current proc name
2017-02-27 18:28:46 -06:00
Josh Hale
8e8e7244f4
Add exit language
2017-02-27 18:07:15 -06:00
Josh Hale
e1d76b8ff6
Add more error handling
2017-02-27 17:06:16 -06:00
Josh Hale
ffb54a13fe
Add NOFAIL datastore option
2017-02-27 12:41:18 -06:00
Koen Riepe
df7932bb1b
Added more error handling
2017-02-27 13:30:42 +01:00
Koen Riepe
264cfc9bd4
Added OPTIONS to the module
2017-02-27 13:24:31 +01:00
Josh Hale
81efe096aa
Update Author Handle
2017-02-26 21:01:19 -06:00
Pearce Barry
37066acc03
Try harder to get user id, correctly handle dirs with spaces.
...
Fixes #7817 .
2017-02-25 20:32:53 -06:00
Koen Riepe
b2ad8938ff
Added tomcat_gather modules to Metasploit.
2017-02-24 15:15:55 +01:00
Koen Riepe
4be426df4d
Added jboss_gather module.
2017-02-24 11:18:01 +01:00
Koen Riepe
45b1f796e4
Added archmigrate module to metasploit.
2017-02-24 10:29:19 +01:00
Brendan Coles
0b34efab43
Add documentation
2017-02-23 06:59:05 +00:00
Brendan Coles
dc30dd70da
Add Windows Gather DynaZIP Saved Password Extraction post module
2017-02-22 22:20:19 +00:00
Craig Smith
8f1856c5d1
Fixed a bug with DTC decoding.
...
DTC Codes now print the English error messages next to their code with getvinfo
Frozen DTCs can also be fetched via get_frozen_dtcs()
2017-02-15 16:26:23 -08:00
Tim
9e0cb9797b
python -c payload -> echo payload | python
2017-02-04 17:57:17 +08:00
Pearce Barry
23c2787d57
Land #7795 , Hardware Bridge API.
...
Initial bridge API that supports the HW rest protocol.
2017-02-02 08:47:59 -06:00
Pearce Barry
16de745437
Minor code cleanups/corrections.
2017-02-01 16:12:45 -06:00
Brent Cook
15a4ec629b
remove TRUE
2017-01-22 10:20:03 -06:00
Brent Cook
836da6177f
Cipher::Cipher is deprecated
2017-01-22 10:20:03 -06:00
Brent Cook
f69b4a330e
handle Ruby 2.4 Fixnum/Bignum -> Integer deprecations
2017-01-22 10:20:03 -06:00
bwatters_r7
bcbb7b86d6
Changed encoding on jscript contents before uploading it
2017-01-13 16:19:58 -06:00
Craig Smith
8635925658
Fixed a typo about gathering realtime PIDs.
2017-01-10 13:20:04 -08:00
Brent Cook
cdcf4cce7d
improve zip module windows script fallback
...
- handle non-English locales
- wait more reliably, handle network paths where FS info gets stale
- use absolute paths correctly
2017-01-07 12:27:03 -06:00
Craig Smith
5f07bca775
Hardware Bridge API. Initial bridge API that supports the HW rest protocol specified here:
...
http://opengarages.org/hwbridge Supports an automotive extension with UDS calls for mdoule
development.
2017-01-06 19:51:41 -08:00
Brent Cook
fae4751771
Land #7744 , update kiwi extension to Mimikatz 2.1
2016-12-29 16:22:45 -06:00
OJ
18e69b85af
Update the golden ticket module to work with new kiwi
2016-12-23 10:30:06 +10:00
bwatters_r7
e646a8d5c2
Please the rubocop gods (unless they are dumb)
2016-12-21 16:13:53 -08:00
p3nt4
13ccfd7bb3
Update run_as_psh.rb
2016-12-21 09:44:57 +11:00
p3nt4
a9b78e37d2
Update typos
2016-12-21 09:43:18 +11:00
p3nt4
cc99aaafc6
Corrected as per reviews
2016-12-21 09:42:26 +11:00
p3nt4
b9fd1db5fa
Add module to runas ysing powershell
2016-12-20 14:38:19 +11:00
Brendan
9b678c2bdd
Land #7685 , Add mosule to change user passwords by editing SAM registry
2016-12-16 13:11:40 -06:00
Brent Cook
52346c3fa8
fix renamed rex text
2016-12-15 15:31:00 -06:00
p3nt4
deec6eccdf
Update hashcarve.rb
2016-12-12 17:09:04 +11:00
p3nt4
3e80ee1d6a
Better Error Handling
2016-12-12 17:07:47 +11:00
p3nt4
7b4dce5e7e
One left!
2016-12-09 16:27:40 +11:00
p3nt4
74c48f5fa4
I'll get there!
2016-12-09 16:24:49 +11:00
p3nt4
c898e768f6
Struggling with tidyness
2016-12-09 16:00:32 +11:00
p3nt4
586b2d92e2
Corrected status prints
2016-12-09 15:45:30 +11:00
p3nt4
fb360e69c0
Initial Commit
...
This module "carves" a hash in the registries to set it as a user password.
The benefits are:
1/ It doesn't change the password last change field
2/ You can set a hash directly, so you can change a user's password and revert it without cracking its hash.
I have tested it in Windows 7, and 8.1. Should work on every version though.
Usage:
run post/windows/manage/hashcarve user=test pass=<password>
run post/windows/manage/hashcarve user=test pass=<nthash>
run post/windows/manage/hashcarve user=test pass=<lmhash:nthash>
This work is based on the hashdump implementation.
2016-12-09 15:41:01 +11:00
Javier Godinez
0d41160b03
Sanity checks, errors out with nil ptr if API call fails
2016-12-08 16:14:10 -08:00
Javier Godinez
a17d1a7e19
Added options for setting the PASSWORD and GROUPNAME
2016-12-08 16:13:31 -08:00
Jon Hart
4614b7023d
Land #7604 , @godinezj's post module for creating AWS IAM accounts
2016-12-08 14:26:22 -08:00
Jon Hart
aa29fcad80
Update docs and pretty print the loot
2016-12-08 14:25:07 -08:00
Jon Hart
70668c289f
Use better loot args
2016-12-08 13:14:36 -08:00
Jon Hart
162204b338
Support creating a password for the user, etc
2016-12-08 12:56:00 -08:00
Javier Godinez
a9cb08a352
Token should be passed as nil if not set
2016-12-07 10:16:41 -08:00
Jon Hart
1c3f0437ed
Move some options back to non-advanced
2016-12-06 17:39:37 -08:00