infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
33,742 Commits
7 Branches
556 Tags
421 MiB
Commit Graph

343 Commits (9713fe7f99e7daef4e53da1a2715853e84f6c84e)

Author SHA1 Message Date
David Maloney a1131092b7
fix open rescue 
rescuing all exceptions bad
bad past dave bad
 2014-05-29 16:05:16 -05:00
David Maloney bf3bb63e4a
fix mremote to work on mremoteNG 
fixed the mremote credential post module to work
against the newer mRemoteNG
 2014-05-29 15:43:02 -05:00
Meatballs aeaff16f88
More legible output 2014-05-20 22:27:24 +01:00
Meatballs 92669cd4d6
Use parser 2014-05-20 22:26:13 +01:00
Meatballs fabaf52929
Tidyup of GPP 
Add Security Bulletin Reference
ProgramData is symlink to AllUsers anyway
Use NetAPI
 2014-05-20 21:53:53 +01:00
Tod Beardsley 062175128b
Update @Meatballs and @FireFart in authors.rb 2014-04-09 10:46:10 -05:00
OJ 3ea3968d88
Merge branch 'upstream/master' into stop_abusing_expand_path 
Conflicts:
	lib/msf/core/post/windows/shadowcopy.rb
	modules/exploits/windows/local/bypassuac.rb
	modules/post/windows/gather/wmic_command.rb
	modules/post/windows/manage/persistence.rb
 2014-03-11 23:13:39 +10:00
Meatballs 63751c1d1a
Small msftidies 2014-02-28 22:18:59 +00:00
David Maloney 42a730745e
Land #2418, Use meterpreter hostname resolution 2014-02-28 14:45:39 -06:00
Meatballs 0480ad16aa
No common 2014-02-18 23:09:35 +00:00
Meatballs e290529841
Sadly this url is dead 2014-02-17 22:07:19 +00:00
Meatballs 6c32848b10
Use correct post methods 2014-02-17 22:03:07 +00:00
Meatballs 83d9a1e7c2
Xp Compat? 2014-02-17 21:28:06 +00:00
Meatballs 5e52e48d16
Gather cached GPO 2014-02-17 20:45:56 +00:00
sinn3r e54abb4274
Add support for shell session type 2014-02-02 23:37:56 -06:00
sinn3r ae84e354e8
Be consistent with get_smartermail_creds method's return value 2014-02-02 22:06:14 -06:00
sinn3r 662fbf53b6
Update check_smartermail method 
Instead of using exception handling to determine the right path,
the new method simply uses the file? method. It's also renamed as
"get_mail_config_path" to properly describe its functionality.
 2014-02-02 22:01:38 -06:00
sinn3r 2b2194cee8
Modify prints 2014-02-02 21:58:10 -06:00
bcoles 62dca111f8 Conform to style 2014-02-02 08:07:18 +10:30
bcoles e30195348e Add Windows Gather SmarterMail Password Extraction post module 2014-02-02 05:51:21 +10:30
OJ 1cb671b02e
Merge branch 'adjust_getenv_api' into stop_abusing_expand_path 2014-01-03 08:14:02 +10:00
Meatballs bf8c0b10fa
Dont store n/a creds 2013-12-21 09:04:02 +00:00
OJ 9fb081cb2d Add getenvs, update getenv, change extract_path use 
Stacks of modules were using `extract_path` where it wasn't really semantically correct
because this was the only way to expand environment variables. This commit fixes that
up a bit.

Also, I changed the existing `getenv` function in `stdapi` to `getenvs`, and had it
support the splat operator. I added a `getenv` function which is used just for a
single variable and uses `getenvs` behind the scenes.

The meterpreter console `getenv` command now uses `getenvs`
 2013-12-19 11:54:34 +10:00
Meatballs 23ac7ad75a
Merge remote-tracking branch 'upstream/master' into getaddrinfo 2013-11-24 15:00:00 +00:00
Tod Beardsley 4128aa8c08
Resplat and tabs 2013-10-28 14:03:15 -05:00
sinn3r e1c4aef805
Land #1789 - Windows SSO Post Module 2013-10-22 15:48:15 -05:00
Rob Fuller e447aff0ec Fix misleading statement in Outlook post module 
Since this module doesn't retrieve domain exchange information as it isn't stored there it shouldn't say that Outlook isn't installed at all.
 2013-10-22 11:53:15 -04:00
Tod Beardsley f0aedd932d
More stragglers 2013-10-16 16:29:55 -05:00
Tod Beardsley 5d86ab4ab8
Catch mis-formatted bracket comments. 2013-10-15 14:52:12 -05:00
Tod Beardsley 23d058067a
Redo the boilerplate / splat 
[SeeRM #8496]
 2013-10-15 13:51:57 -05:00
Tod Beardsley c2c6422078
Correct the name of "DynDNS" (not Dyn-DNS) 2013-10-09 09:56:07 -05:00
Meatballs f9359c9d88 Use meterpreter dns resolve 2013-09-24 21:58:04 +01:00
James Lee 58b634dd27 Remove unnecessary requires from post mods 2013-09-12 14:36:01 -05:00
Tab Assassin 26b8364dcb Retab changes for PR #1789 2013-09-05 14:44:21 -05:00
Tab Assassin 789be1fe3e Merge for retab 2013-09-05 14:44:14 -05:00
Tab Assassin 845bf7146b Retab changes for PR #2304 2013-09-05 13:41:25 -05:00
Tab Assassin adf9ff356c Merge for retab 2013-09-05 13:41:23 -05:00
Tab Assassin 41e4375e43 Retab modules 2013-08-30 16:28:54 -05:00
James Lee 63adde2429 Fix load order in posts, hopefully forever 2013-08-29 13:37:50 -05:00
jvazquez-r7 b2e7f61814 Fix path build on total_commander 2013-07-06 10:15:30 -05:00
jvazquez-r7 df7209f28a Land #2067, @wchen-r7's fix for total_commander 2013-07-06 10:14:44 -05:00
sinn3r ca4e11c112 Use check_other more 2013-07-05 12:38:38 -05:00
sinn3r d3000c0066 These funcs want 'filename' 2013-07-05 12:29:16 -05:00
sinn3r 353db0884d Use expand_path from Msf::Post::File 2013-07-05 12:26:59 -05:00
sinn3r 18e5831ca8 Don't use begin/rescue to shut errors up and call it "file not found" 2013-07-05 12:22:05 -05:00
sinn3r dc90904e50 Avoid misleading error 2013-07-05 12:12:30 -05:00
jvazquez-r7 b9dd3df05f Land #2068, @wchen-r7's fix to initialize variables on windows_autologin module 2013-07-05 09:09:17 -05:00
sinn3r 70c472fb7e [FixRM:#8134] - Handle registry_getvaldata return value properly 
registry_getvaldata can return nil, can't always assume it's
gonna throw a string.
 2013-07-03 12:23:14 -05:00
sinn3r 1064c050de [FixRM:#8132] - Fix undefined method '+' in total_commander.rb 
The return value of registry_getvaldata can return nil when a
RequestError occurs, so you can't always assume it's gonna throw
you a string.
 2013-07-03 12:10:23 -05:00
sinn3r 27653b661f [FixRM:#8131] & [FixRM:#8133] - Fix Base64 func usage 
Instead of using Base64, these modules should use Rex.
 2013-07-03 12:06:12 -05:00
sinn3r ecfe083b0e Correct module naming style 
I was just looking at these modules on the web gui, and these names
need to be fixed to maintain style consistency.
 2013-06-25 00:26:53 -05:00
James Lee f4498c3916 Remove $Id tags 
Also adds binary coding magic comment to a few files
 2013-05-20 16:21:03 -05:00
Meatballs a96efb5f0d Small tidy 2013-05-18 16:21:00 +01:00
Meatballs a96739951b Filter out system users 2013-05-18 16:18:34 +01:00
Meatballs b10d216db2 Fix indent 2013-05-12 21:06:26 +01:00
Meatballs 37efad46bb Address feedback and reporting 2013-05-12 20:50:53 +01:00
Meatballs 7fb092c58c Initial commit 2013-05-02 22:08:19 +01:00
Tod Beardsley ba86e14d43 Whitespace and caps fixes 2013-04-09 08:57:53 -05:00
Nathan Einwechter 096ec9a5d7 Fix to print out correct/full username 2013-03-22 10:22:24 -04:00
James Lee 2160718250 Fix file header comment 
[See #1555]
 2013-03-07 17:53:19 -06:00
sinn3r 933f807745 Msftidy cleanup + handling return values better 2013-01-22 23:53:00 -06:00
sinn3r dab2952d60 Merge branch 'picasa' of github.com:charles-n2netsec/metasploit-framework into charles-n2netsec-picasa 2013-01-22 22:54:45 -06:00
Charles Smith 9671df4488 Picasa 2 credentials are now also saved as loot 
This module used to save only Picasa 3 credentials as loot. Picasa
2 creds were displayed, but not saved. I've updated the module to
save Picasa 2 credentials, and I also updated the output code to
use print_good instead of print_status.
 2013-01-22 15:46:47 -05:00
jvazquez-r7 08062597b9 fix data added to table 2013-01-22 12:07:16 +01:00
Charles Smith 892899acd5 Fixed loot formatting so data is under the proper column 
The credentials table was defined with the columns "User", "Password", "Host", "Port", and "SSL".  Credentials were not added in that order, however. They were added in the order "host, port, user, password, ssl" in this line:

credentials << [cred['host'], cred['port'], cred['user'], cred['password'], cred['ssl']]

I changed the order the columns were defined to fix this.

The permissions table had a similar issue. The "FileWrite" column was missing, so I added it. I also moved the "Home" column to after the "AutoCreate" column. Now the line:

permissions << [perm['host'], perm['user'], perm['dir'], perm['fileread'], perm['filewrite'], perm['filedelete'], perm['fileappend'],perm['dircreate'], perm['dirdelete'], perm['dirlist'], perm['dirsubdirs'], perm['autocreate']]

works correctly.
 2013-01-17 16:52:02 -05:00
jvazquez-r7 09b4a09ce1 module razer_synapse cleanup 2013-01-17 16:53:00 +01:00
jvazquez-r7 99296006c1 Merge branch 'razer_synapse.rb' of https://github.com/smilingraccoon/metasploit-framework into smilingraccoon-razer_synapse.rb 2013-01-17 16:52:26 +01:00
smilingraccoon 12e7949183 msftidy change 2013-01-15 21:23:49 -05:00
smilingraccoon b2cd65e283 adding razer_synapse.rb 2013-01-15 21:14:49 -05:00
sinn3r 6508964171 For consistency with other post modules, also do a store_loot 2013-01-15 12:16:32 -06:00
jvazquez-r7 1e64d36320 avoid begin rescue blocks 2013-01-15 02:05:58 +01:00
jvazquez-r7 3eaa07afae documenting magic numbers 2013-01-14 19:43:34 +01:00
jvazquez-r7 530df0acf0 delete comments 2013-01-14 19:22:39 +01:00
jvazquez-r7 57be789f2c Fix comments by egypt 2013-01-14 19:22:02 +01:00
jvazquez-r7 40fc861eee Added post module for BulletProof FTP Client 2013-01-14 13:50:10 +01:00
Christian Mehlmauer 6654faf55e Msftidy fixes 2013-01-04 09:29:34 +01:00
Christian Mehlmauer 8f2dd8e2ce msftidy: Remove $Revision$ 2013-01-04 00:48:10 +01:00
Christian Mehlmauer 25aaf7a676 msftidy: Remove $Id$ 2013-01-04 00:41:44 +01:00
sinn3r 0f6b72dad5 Final touchup 2012-12-26 21:16:04 -06:00
sinn3r 919d6daa41 Even if there's password, we should prolly keep the username 2012-12-26 21:14:26 -06:00
sinn3r 4ce1df2214 Change module title for consistency 2012-12-26 21:13:02 -06:00
sinn3r da49f67079 Only show the password when exists 2012-12-26 21:10:52 -06:00
sinn3r d3d595da95 Merge branch 'spark_im.rb' of git://github.com/zeknox/metasploit-framework into zeknox-spark_im.rb 2012-12-26 21:08:03 -06:00
Brandon McCann 6e520e7a2a converted split into a scan 2012-12-26 21:06:48 -06:00
sinn3r eb424195ca Merge branch 'spark_im.rb' of git://github.com/zeknox/metasploit-framework into zeknox-spark_im.rb 2012-12-26 20:42:24 -06:00
Brandon McCann e3c1d5a5c0 fixed config.close bug 2012-12-26 20:40:11 -06:00
sinn3r 17b41adfec Merge branch 'spark_im.rb' of git://github.com/zeknox/metasploit-framework into zeknox-spark_im.rb 2012-12-26 20:35:46 -06:00
Brandon McCann b71729bf5f fixed multi stored creds issue 2012-12-26 20:32:41 -06:00
sinn3r 6ecaabc9cc Merge branch 'spark_im.rb' of git://github.com/zeknox/metasploit-framework into zeknox-spark_im.rb 2012-12-26 20:08:34 -06:00
Brandon McCann d70d2c4a19 typo 2012-12-26 19:54:35 -06:00
Brandon McCann bcc651a1b2 modified password parsing, and utf encoding 2012-12-26 19:49:25 -06:00
sinn3r c75f48b404 Merge branch 'spark_im.rb' of git://github.com/zeknox/metasploit-framework into zeknox-spark_im.rb 2012-12-26 18:58:34 -06:00
Brandon McCann 073565c001 modified port and sname in db logging 2012-12-26 18:33:10 -06:00
sinn3r b483e76065 Merge branch 'spark_im.rb' of git://github.com/zeknox/metasploit-framework into zeknox-spark_im.rb 2012-12-26 18:03:24 -06:00
Brandon McCann 7147e7a09b added spark_im post exploit module 2012-12-26 17:28:23 -06:00
sinn3r ba242e1809 Merge branch 'master' of git://github.com/charles-n2netsec/metasploit-framework into charles-n2netsec-master 2012-12-18 18:01:28 -06:00
jvazquez-r7 3e81fb2002 last cleanup for steam.rb 2012-12-12 11:48:46 +01:00
Nikolai Rusakov f642aa67f9 CLeanup redundant code. 2012-12-12 00:00:27 -05:00
Nikolai Rusakov f7cf75063d Cleanup and use Post::File api. Use store_loot for data collection 2012-12-11 23:41:50 -05:00
Nikolai Rusakov 462766a654 Added Steam client session collector post module 2012-12-08 19:11:57 -05:00
sinn3r 7ae8f5b338 Modify name a little 2012-11-30 12:11:06 -06:00
sinn3r 9db84a16fa Change output 2012-11-30 12:06:21 -06:00
sinn3r 44022baefa Fix bug: NoMethodError undefined method `empty?' for nil:NilClass 2012-11-30 12:02:32 -06:00
sinn3r 37367bbaa0 Mostly cosmetic changes 2012-11-30 12:01:47 -06:00
bcoles 0472d60c4a Add FTP Explorer (FTPx) post->gather->credentials module 
This module finds saved login credentials for the
FTP Explorer (FTPx) FTP client for Windows.
 2012-11-30 15:09:14 +10:30
Charles Smith 4416f1c7ae Fixed mixed tabs that prevented build completion. 2012-11-29 08:43:23 -05:00
Charles Smith ae6dbee42b Fixed bugs with a few modules. 
filezilla_server.rb would crash if there was no admin information found.
In smart_hashdump.rb I replicated the changes made in hashdump.rb to handle the race condition. (It works, but is still not as reliable as regular hashdump for XP boxes)
In migrate.rb the option PID is an integer, and the line "elseif datastore['PID']" was evaluating as true, even though PID was set to "".  There was also a misspelling of datastore as "datstore" that I fixed.
 2012-11-28 12:18:32 -05:00
Tod Beardsley be9a954405 Merge remote branch 'jlee-r7/cleanup/post-requires' 2012-10-23 15:08:25 -05:00
Michael Schierl 910644400d References EDB cleanup 
All other types of references use String arguments, but approximately half
of the EDB references use Fixnums. Fix this by using Strings here too.
 2012-10-23 21:02:09 +02:00
Michael Schierl 21f6127e29 Platform windows cleanup 
Change all Platform 'windows' to 'win', as it internally is an alias
anyway and only causes unnecessary confusion to have two platform names
that mean the same.
 2012-10-23 20:33:01 +02:00
James Lee 9c95c7992b Require's for all the include's 2012-10-23 13:24:05 -05:00
sinn3r 33ce74fe8c Merge branch 'msftidy-1' of git://github.com/schierlm/metasploit-framework into schierlm-msftidy-1 2012-10-23 02:10:56 -05:00
Rob Fuller 7437d9844b standardizing author info 2012-10-22 17:01:58 -04:00
Michael Schierl e9f7873afc Version cleanup 
Remove all values that are neither 0 nor $Revision$.
 2012-10-22 20:57:02 +02:00
David Maloney f75ff8987c updated all my authour refs to use an alias 2012-09-19 21:46:14 -05:00
sinn3r b46fb260a6 Comply with msftidy 
*Knock, knock!*  Who's there? Me, the msftidy nazi!
 2012-08-07 15:59:01 -05:00
David Maloney 94c7415653 Remove typo 2012-07-31 16:30:41 -05:00
James Lee cccd3754a4 Fix load order problem 
[FIXRM #7151]
 2012-07-20 15:58:57 -06:00
Meatballs1 fc58e485c3 Added further protection to enum_dcs method to prevent crashes 2012-07-05 14:27:45 +01:00
Meatballs1 a513b41283 Couple of readability changes suggested by TLC 2012-07-05 14:19:41 +01:00
Loic Jaquemet cadbeafc4b match dot and not any character 2012-07-03 20:41:03 -03:00
Loic Jaquemet 5bba81b738 or something equivalent... if enum_dcs returns nil 2012-07-03 20:38:26 -03:00
Meatballs1 c30b2de35b Removed comments in code! 2012-07-03 21:34:33 +01:00
Meatballs1 9998ca928d msftidy, bugfixes, and protection to prevent DNS style domains going into the DC enumeration (which causes a meterpreter crash) 2012-07-03 21:28:45 +01:00
Meatballs1 bdd9364fa4 Refactored registry DC enumeration to occur by default, fixed nil DomainCaches exception 2012-07-03 21:08:12 +01:00
Loic Jaquemet f74fe39280 fix error message to a more helpful one. 2012-07-03 12:54:02 -03:00
Loic Jaquemet 12e24dbd99 failback to target's PDC to get policies 2012-07-03 12:49:34 -03:00
Loic Jaquemet 5fff195eba DomainCache is a list of domainName = dnsDomainName 2012-07-03 12:20:00 -03:00
Meatballs1 4eec5a5288 msftidy 2012-07-02 16:51:15 +01:00
Meatballs1 261989dddf Fixed get_domain_reg where value returned was '.' 2012-07-02 16:46:02 +01:00
Meatballs1 bd2368d6ab Added specific details for each policy type to output table, modified REX:Ui:Table to prevent sorting when SortIndex == -1 2012-07-02 11:47:44 +01:00
Meatballs1 299ed9d1d5 Local loot storage of retrieved XML files with option to disable storage 2012-07-02 10:48:04 +01:00
Meatballs1 5c2c1ccc39 Added extra logic and fixes for user supplied domains option 2012-07-02 10:15:58 +01:00
Meatballs1 b549c9b767 Added a number of registry locations to enumerate the domain as this was inconsistant across testing environments 2012-07-02 09:35:47 +01:00
Meatballs1 994074948a Removed @enumed_domains which inadvertantly skipped processing after the first file on a domain 2012-07-02 09:17:29 +01:00
Meatballs1 21776697b2 Merged with upstream 2012-07-02 08:57:54 +01:00
Tod Beardsley 94e28933c8 Whitespace fixes. msftidy.rb yall 2012-06-27 10:06:15 -05:00
dmaloney-r7 46dd286cc8 Merge pull request #519 from rapid7/gpp-passwords 
Gpp passwords
 2012-06-24 16:18:34 -07:00
David Maloney 6e19dddf2a Alleviate duplicated work in gpp module 2012-06-24 16:21:35 -05:00
David Maloney aa09cd7f82 More collaboration stuff on gpp module 2012-06-24 13:08:19 -05:00
David Maloney eefea8d9d3 Add newname attr in gpp module 2012-06-23 17:51:58 -05:00
David Maloney 7bcb9d1a45 Reintegrated extra options into gpp module 
reintegrated meatballs control options into the gpp module
 2012-06-23 17:38:07 -05:00
David Maloney b320679d1f Exception message fix for gpp 2012-06-23 12:56:12 -05:00
David Maloney 5497d091fc fix gpp attribution and description 2012-06-23 12:45:56 -05:00
David Maloney 534008b010 Major rework of the gpp module 
Took the combination work Meatballs did
on pulling togetehr the three seperate gpp modules.
Cleaned it up and cut it down to a smaller, smoother form.
 2012-06-23 12:42:33 -05:00
Meatballs1 26d99c6e41 Added more detail to description and stop execution if no DCs are enumerated. 2012-06-22 22:36:52 +01:00
Meatballs1 6a80b21124 Final tidyup 2012-06-22 19:12:42 +01:00
Meatballs1 27b884ca87 Fixed drives userName match 2012-06-22 18:47:44 +01:00
Meatballs1 90eaceef70 Fixed enum_domains exception when domains found = 0 2012-06-22 18:45:56 +01:00
Meatballs1 141195a5ae Adjusted attribute strings to match MSDN cases 2012-06-22 18:33:54 +01:00