870669bdf7
handle exception in getsystem module
2016-08-15 23:51:05 -05:00
eb73a6914d
replace old rex::ui::text::table refs
...
everywhere we called the class we have now rewritten it
to use the new namespace
MS-1875
2016-08-10 13:30:09 -05:00
b61aaef03e
Fix undercase issue with userlist.dat
...
Remove the 2nd element of the array at line 102.
Add .downcase for line 103.
Fix to find filenames on systems that created the userlist.dat on uppercase.
2016-07-29 15:54:34 -05:00
6c7cc061ea
Minor formatting tweaks.
2016-07-28 16:29:42 -05:00
ef2899dfd4
msftidy updates
2016-07-28 16:29:42 -05:00
7b4bb75294
Create avira_password.rb
2016-07-28 16:29:42 -05:00
df15eebdf8
Land #7106 , multiple keylog_recorder improvements
2016-07-25 14:54:06 -05:00
352d63480d
scriptjunkie's recs and fixes additional issues
2016-07-21 22:54:48 -05:00
722133491d
Wording change in advanced options and doc
2016-07-16 22:57:36 -05:00
9cb9a2f69d
Update for windows keylog_recorder
2016-07-16 22:38:10 -05:00
dcd09f17bd
New Post Module
...
New post module for windows.
It gathers the users and cracks the password of MDaemon Mail server.
NOTE: The module have a bug and I would appreciate help fixing it (problem when storing credentials)
2016-07-16 19:07:27 -05:00
e3801c425b
Fix typo in USB error message
2016-07-16 09:43:48 -04:00
b08d1ad8d8
Revert "Land #6812 , remove broken OSVDB references"
...
This reverts commit 2b016e02167b1d9596c7
2016-07-15 12:00:31 -05:00
2b016e0216
Land #6812 , remove broken OSVDB references
2016-07-11 22:59:11 -05:00
9d13df3a25
Corrected for console width errors causing erroneous carriage returns, resulting in incorrect hash extraction on ms sql server 2012
2016-07-04 16:23:07 -04:00
81f30ca962
Land #6966 , Microsoft Office Trusted Locations Enumeration
2016-06-21 21:45:39 +01:00
95517b4a45
Avoid exception on missing key in prefs.
2016-06-20 09:26:10 -05:00
6cb2a6970e
Fix unused SessionType in two modules
...
Pretty sure it should be "shell."
2016-06-19 23:41:34 -05:00
0451d4f079
Cleanup
2016-06-15 22:41:59 +01:00
8a68e86a0a
Update enum_trusted_locations.rb
...
Changed some colours
2016-06-15 13:42:38 +01:00
48714184f3
Update enum_trusted_locations.rb
...
Added product it found the locations in.
2016-06-15 13:41:19 +01:00
1ba33ff7f8
Fixed MSFTidy
...
Fixed MSFTidy stuff
2016-06-12 13:00:44 +01:00
a2a97d0271
Update enum_trusted_locations.rb
...
Fix some changes, I had emet references.
2016-06-12 11:06:20 +01:00
2e03c3511e
Add enum_trusted_locations.rb
...
Quickly enumerates trusted locations for file planting :)
2016-06-12 10:59:57 +01:00
233186c833
Check presence in local admin group
...
As the "is_admin?" function only checks if the current session effectively has admin rights, I offer to add a check to know if the current user is in the local admin group using the "is_in_admin_group?" function. This information is better suited to check if admin rights are obtainable using the "bypassuac" module.
2016-06-09 17:47:09 +02:00
194a84c793
Modify stdapi so it also uses exist? over exists? for ruby parity
...
Also add an alias for backward compatibility.
2016-04-23 17:31:22 -04:00
816bc91e45
Resolve #6807 , remove all OSVDB references.
...
OSVDB is no longer a vulnerability database, therefore all the
references linked to it are invalid.
Resolve #6807
2016-04-23 12:32:34 -05:00
da9f156913
Print IP in print_*
2016-04-22 16:03:31 -05:00
3aa02891e9
Bring #6801 up to date with upstream-master
2016-04-22 14:04:26 -05:00
16ff74e293
syntax check / code reduce
2016-04-22 10:53:03 +08:00
ca4bcfe62a
Update enum_emet.rb
...
Cleaned up a bit more
2016-04-22 00:41:10 +01:00
c81d0ade3f
Update, implemented
...
Took @bcook-r7's advice
2016-04-22 00:37:03 +01:00
30ac6b4a93
enum_emet
...
A module to enumerate all the EMET wildcard paths.
2016-04-22 00:20:25 +01:00
57ab974737
File.exists? must die
2016-04-21 00:47:07 -04:00
57467b94d9
Fix RegExp evaluation in is_routable? function
2016-04-20 10:22:46 -05:00
48556483b5
Fix a few comments
2016-04-17 19:16:52 -05:00
32590c89b7
Add interface name to routing status message
2016-04-17 14:15:50 -05:00
fb7194c125
Work on autoroute.md
2016-04-17 00:04:42 -05:00
a5e48b6112
Add default option and clean up comments
2016-04-16 19:50:08 -05:00
6550e0bc1b
Finish up autoadd_interface_routes
2016-04-16 18:42:41 -05:00
b3d199c055
Add get_subnet_octet and test
2016-04-16 14:57:39 -05:00
b1064af082
Initial get_subnet testing
2016-04-16 13:50:15 -05:00
018e7807fe
Identify routable networks
2016-04-15 22:21:54 -05:00
e8863ba09d
Initial autoadd_interface_routes work
2016-04-15 22:13:17 -05:00
5f5c330f2b
Initial Testing of Interface Info Gather
2016-04-14 21:59:48 -05:00
c39410a070
Fix autoadd problem
2016-04-13 23:31:27 -05:00
cba7353e1d
Fix another typo?
2016-04-07 17:12:11 -05:00
ff9d94218d
Fix a typo?
2016-04-07 17:11:42 -05:00
a3c390ee9d
Change class name to MetasploitModule
2016-04-07 17:11:08 -05:00
f09637a1c7
Bring #6377 up to date with upstream-master
2016-04-07 17:06:49 -05:00
0d3eb4f055
Change class name to MetasploitModule
2016-04-07 12:15:32 -05:00
0f56dbd858
Bring #6378 up to date with upstream-master
2016-04-07 12:10:55 -05:00
ac051bda7f
Add check is_routable?, and change netmask if needed
2016-04-06 15:28:54 -05:00
d240e0b3a2
Bring #6515 up to date with upstream-master
2016-04-06 11:27:32 -05:00
4074634a13
Land #6713 , Add post exploit module for HeidiSQL's stored passwords
2016-03-30 12:10:30 -05:00
0c6b4d81c8
More proper exception handling
2016-03-30 12:09:40 -05:00
aaa1515ba0
Print rhost:rport
2016-03-30 11:56:09 -05:00
397d5580be
Use MetasploitModule convention
2016-03-30 15:44:37 +01:00
f8628e3438
Merge remote-tracking branch 'upstream/master' into wdigest_enable
2016-03-30 15:44:21 +01:00
9e45f0c104
Minor tidies
2016-03-30 15:29:03 +01:00
976932ed43
Initial commit
2016-03-26 12:00:25 +01:00
d54bbdf9a3
Land #6566 , filezilla xml file locations
2016-03-17 16:27:24 -05:00
115a033036
Fix parsing the Last Server xml
2016-03-17 16:27:02 -05:00
1375600780
Land #6644 , datastore validation on assignment
2016-03-17 11:16:12 -05:00
cd84ac37d6
Land #6569 , check if USERNAME env var exists before using in enum_chrome post module
2016-03-13 15:12:51 -05:00
c89e53d0a3
Land #6666 , fix filezilla_server display bug showing the session ID
2016-03-13 13:56:44 -05:00
51cdb57d42
Fix #6569 , Add a check for USERNAME env var in enum_chrome post mod
...
Fix #6569
Depending on the context, the USERNAME environment variable might
not always be there.
2016-03-11 15:36:44 -06:00
8217d55e25
Fix display issue when SESSION is -1
2016-03-11 11:37:22 -06:00
3123175ac7
use MetasploitModule as a class name
2016-03-08 14:02:44 +01:00
f703fa21d6
Revert "change Metasploit3 class names"
...
This reverts commit 666ae14259
2016-03-07 13:19:55 -06:00
44990e9721
Revert "change Metasploit4 class names"
...
This reverts commit 3da9535e22
2016-03-07 13:19:48 -06:00
3da9535e22
change Metasploit4 class names
2016-03-07 09:57:22 +01:00
666ae14259
change Metasploit3 class names
2016-03-07 09:56:58 +01:00
c7c0e12bb3
remove various module hacks for the datastore defaults not preserving types
2016-03-05 23:11:39 -06:00
c7f9fbcdfa
Change to enable/disable
2016-03-06 04:31:24 +00:00
6b510005da
Reverse os checks
2016-03-06 04:31:23 +00:00
0e52fda708
Initial tidy
2016-03-06 04:31:23 +00:00
8a15c36770
Land #6563 , VNC creds scraper uninstall location
2016-02-19 15:01:23 -06:00
bfd204ac50
Fix some cosmetic issues
2016-02-19 15:00:56 -06:00
bc74ceb8c5
Handle errors when parsing interfaces.xml, add check for several locations
2016-02-11 15:56:58 +01:00
8118198628
Add vprint of the exception message
2016-02-10 22:47:51 +01:00
1637891ece
Add check for the uninstall location in vnc post module
2016-02-10 20:30:41 +01:00
62dd82e653
Make fix easier to read
2016-02-10 11:24:45 -06:00
4653c27167
Fix minor grammar error in description
2016-02-09 21:24:40 -06:00
08a41b0a31
Fix issue when target PID not owned by session
2016-02-09 21:22:50 -06:00
3d4b7af6bb
Update description
2016-01-30 14:35:03 -06:00
413ea53984
Add found flag and touchup code
2016-01-30 14:31:45 -06:00
3abb6feb3f
Add autoadd feature to autoroute.rb
2016-01-29 21:34:22 -06:00
315d079ae8
Land #6402 , Add Post Module for Windows Priv Based Meterpreter Migration
...
We are also replacing smart_migrate with this.
2016-01-13 01:21:32 -06:00
6deb57dca3
Deprecate post/windows/manage/smart_migrate and other things
...
This includes:
* Give credit to thelightcosine in priv_migrate
* Deprecate smart_migrate
* Update InitialAutoRunScript for winrm_script_exec
2016-01-12 23:14:13 -06:00
7128c408c8
Land #6375 , Active Directory Managed Groups Enumeration
2016-01-12 11:21:31 +00:00
4ba2d56f49
Just search on DN for samaccountname
2016-01-12 11:20:20 +00:00
5e6620f2cf
add yard doc and lexical sorting
...
lexical sort methods and add missing YARD docs
2016-01-08 14:36:21 -06:00
536378e023
move datastore kill check to kill method
...
move the datastore check for datatstore['KILL']
into the actual kill method for sake of DRYness
2016-01-08 14:31:42 -06:00
9716b97e1c
split up the migration efforts
...
move admin and suer migrations into
seperate methods for enhanced readability
and maintainability
2016-01-08 14:26:39 -06:00
ad50f9a047
move default targets to constants
...
cleanup the way the target lists get populated
to use constants and be a little cleaner and dryer
2016-01-08 14:03:30 -06:00
4e99c873c8
Fix issue when target_pid == current_pid
2016-01-06 19:58:07 -06:00
60c506d7fb
Replace error handling methods
2016-01-06 18:53:54 -06:00
30a866a85b
Update enable_rdp.rb
...
Fixed some typos.
2016-01-04 09:52:57 +00:00
47f9880690
Land #6395 , grammar fixes for recovery_files.rb
...
Improves grammar and details within the description of /post/windows/gather/forensics/recovery_files.rb
2015-12-28 15:57:41 -06:00
cf0e982e83
Land #6386 , VNC creds module fix
2015-12-28 02:32:26 -06:00
6b9c74eec7
Prefer gsub and nix the return
2015-12-28 02:31:47 -06:00
0de69a9d40
Add post Windows privilege based migrate
2015-12-27 19:26:21 -06:00
f8943f4821
Remove peer; defined in lib/msf/core/post/common.rb
2015-12-24 07:57:16 -08:00
431c6001a8
Fix recovery_files.rb Description grammar errors
2015-12-24 10:10:39 -05:00
391145a4af
Checking if group_filter is empty
2015-12-23 15:14:37 +00:00
2f71730484
Gather VNC null byte fix + formatting
2015-12-22 17:30:37 +00:00
f950633d32
renamed
2015-12-21 18:16:06 +00:00
e09c2944cf
Renamed module to be more descriptive
2015-12-21 18:15:39 +00:00
4c27f381dc
rubocop & msftidy
2015-12-21 18:15:19 +00:00
8438774077
Bug
2015-12-21 18:13:58 +00:00
0b6969afbc
Rubocop. This encoding mess was the only way I could find to deal with a number of parsing errors when testing this against a multilingual domain.
2015-12-21 17:30:32 +00:00
30e283b0ae
fixup
2015-12-21 17:28:36 +00:00
751a0708bf
rubocop
2015-12-21 13:32:29 +00:00
0c8aa0bd5c
msftidy - fixed module name
2015-12-21 13:32:11 +00:00
0081c79f39
Added comments
2015-12-21 13:31:26 +00:00
03b904cc4e
Initial version
2015-12-21 13:29:47 +00:00
16cf3c6207
Further messing about with unicode conversions
2015-12-21 13:28:27 +00:00
e8c8c54cb0
Use a regex with a negative lookbehind to cope with CNs that contain commas
2015-12-21 11:44:37 +00:00
d8b3b15da6
Trying to fix encoding errors
2015-12-21 11:43:12 +00:00
76f99cbc7f
Fixing UTF-8 encoding errors with some strangely named groups
2015-12-21 11:11:01 +00:00
b0fca769d7
capitalisation
2015-12-21 10:39:30 +00:00
4ed32ad3e8
Add manager user attribute
2015-12-20 22:51:37 +00:00
9493b333df
rubocop
2015-12-20 21:22:03 +00:00
c394caad27
actually made the securitygroups only option do something
2015-12-20 21:19:24 +00:00
07caaf352b
made comment match purpose
2015-12-20 21:18:21 +00:00
c0a93433af
msftidy
2015-12-20 21:16:42 +00:00
89728fd8fe
Working version
2015-12-20 21:16:17 +00:00
ae09549057
New module, strating with managedby_groups
2015-12-20 20:17:06 +00:00
28e563659f
Added managedBy to group acquisition
2015-12-20 20:16:18 +00:00
d79fd9a9f3
Renamed the comments attribute to comment
2015-12-20 19:53:36 +00:00
924017e606
Moved trust enumeration to separate PR
2015-12-20 19:46:20 +00:00
43f8a35b12
Merge branch 'master' of https://github.com/rapid7/metasploit-framework into add_filter_to_ad_tools
2015-12-20 19:43:04 +00:00
3a89d3cc70
Turns out that we dont need the report or accounts includes in there, so removing them for tidyness
2015-12-20 02:37:25 +00:00
c11c0ca7e0
Added comment about the UTF-8 encoding. This is an issue which is documented at https://github.com/rails/rails/issues/1965 ; namely that SQLite seems to treat ASCII text as a blob meaning that the text searches break. Encoding to UTF-8 seems to fix this.
2015-12-20 02:35:19 +00:00
2301658611
Working
2015-12-20 02:20:59 +00:00
7ce24969bb
rubocop fixes
2015-12-20 02:02:44 +00:00
d5436c6fae
msftidy is now silent
2015-12-20 02:01:11 +00:00
b8274cca01
Tested
2015-12-20 01:59:31 +00:00
b0eba24c5f
Fixed verbosity bug and tidied up
2015-12-20 01:55:44 +00:00
86294a869e
No longer need the sAMAccountType lookup table
2015-12-20 01:45:10 +00:00
cdf430e689
Fixed bug relating to forgetting to add columns to the schema
2015-12-20 01:44:26 +00:00
14f71eabdb
Completing processing the sAMAccountType value
2015-12-20 01:42:25 +00:00
5f5a297324
Adding u_, g_ and c_ parameters to the tables directly avoids most of the views
2015-12-20 01:30:24 +00:00
bb25c7606c
Restructuring to add SAM_ (userAccountControl) variables as fields directly
2015-12-20 01:28:25 +00:00
872aeccbb6
Significant simplified the hex-to-SID parsing code because we only want the RID out of it
2015-12-19 02:02:40 +00:00
07e5f03aba
Fixed
2015-12-19 01:58:29 +00:00
c7f8450775
Appears to work correctly
2015-12-19 01:11:20 +00:00
36392ac0cd
All works
2015-12-19 00:48:41 +00:00
82c3ec5f4b
Added views for users and groups table
2015-12-19 00:26:31 +00:00
ba9845818e
Appears to work for the computers table (tables and view)
2015-12-18 23:22:22 +00:00
cf8f0e2483
Added userAccountControl to the computer table. Note that computer and user LDAP entries are more or less the same (user is the parent for computer), but it makes sense just for sanity and ease of use to keep them separate.
2015-12-18 22:22:56 +00:00
eade245a9e
Added groupType attribute interpretation
2015-12-18 22:06:20 +00:00
e716cd79e3
Needed to use .zero? in the ? : if shorthand for the UAC variables
2015-12-18 21:55:55 +00:00
838f74ff74
Added table creation for userAccoutControl
2015-12-18 21:45:07 +00:00
6afcc13774
Requote file path
2015-12-18 15:41:38 -06:00
a065fc803c
fixed spacing
2015-12-18 21:38:54 +00:00
8821caa199
Added UserAccountControl constants
2015-12-18 21:37:31 +00:00
06a2bb53bd
Clean up module
2015-12-18 15:29:15 -06:00
6d6306f6e7
Added sAMAccountType constants from MSDN
2015-12-18 21:14:39 +00:00
5b07a35cef
Added LDAP filter to identify groups of interest
2015-12-18 14:10:00 +00:00
662010fce7
Added thread capability
2015-12-18 14:06:50 +00:00
0a75fa333c
msftidy
2015-12-18 12:14:22 +00:00
91c8c2b9dd
Trying to fix threads
2015-12-18 12:14:08 +00:00
6f50635ab2
Strange bug with memberOf param and trying to fix up threads
2015-12-18 11:49:17 +00:00
39bc23629a
Getting ready to add thread support
2015-12-18 10:56:41 +00:00
3c8ac89ba8
Added options to dump user membership and group membership to screen
2015-12-18 10:29:53 +00:00
8f95ad315e
Added extra user fields to database schema
2015-12-18 10:02:18 +00:00
fc45d70d25
Added extra user fields
2015-12-18 09:59:21 +00:00
b186aaa08d
Added extra computer fields
2015-12-18 09:55:13 +00:00
f8b402165c
Added extra computer fields
2015-12-18 09:51:04 +00:00
805ba1d7dd
Enumerate computers
2015-12-18 08:28:40 +00:00
98c6b56494
Added computer recon
2015-12-18 08:14:30 +00:00
f13ca17de0
rubocop
2015-12-18 02:01:38 +00:00
38b6ad4dbf
msftidy
2015-12-18 02:00:57 +00:00
36adbadb11
Tidied up SQL searching and added file size indicator
2015-12-18 01:59:19 +00:00
eb38859ecc
Finally worked out how to use .map to make the SQL stuff far more elegant
2015-12-18 01:40:37 +00:00
1ba6b91968
More accurate description
2015-12-18 01:24:43 +00:00
0ddb40b55e
Added UNIQUE and FOREIGN KEY constraints to SQLite DB
2015-12-18 01:23:29 +00:00
15dc542544
Initial module works
2015-12-18 01:13:44 +00:00
f31c1c24db
Added schema and code to populate SQLite db
2015-12-18 01:01:20 +00:00
e3483a2ac3
Getting RIDs from hex mess to decimal. Needs fixing
2015-12-18 00:20:16 +00:00
460778738d
Initial version works
2015-12-18 00:00:21 +00:00
41c2d12e0c
Tidy up initial print
2015-12-17 23:41:18 +00:00
09fb37db6b
Add status updates (useful if there are a large number of groups)
2015-12-17 23:07:02 +00:00
2bcea91b15
Differentiate between user and group errors
2015-12-17 22:57:30 +00:00
85c4e89526
Process user levels
2015-12-17 22:55:02 +00:00
7c145c45e8
add LDAP_MATCHING_RULE_IN_CHAIN oid (from my adsi rework earlier)
2015-12-17 22:44:35 +00:00
f2b038f4b3
Begin loop to grab effective users of each group
2015-12-17 22:39:56 +00:00
c98519e0b9
Get groups using ADSI
2015-12-17 22:35:51 +00:00
7b019bddf4
Initial version, just basing it on the ad_users module
2015-12-17 22:14:14 +00:00
e17a7a5d8c
Fix attributes
2015-12-17 21:38:42 +00:00
59d5626ef7
Bugfix
2015-12-17 21:36:19 +00:00
cba1ddbdc2
rubocop
2015-12-16 22:38:05 +00:00
47e484408f
rubocop
2015-12-16 22:31:54 +00:00
9eef27e4c1
Removed snake case and added SID translation call
2015-12-16 22:31:22 +00:00
cc3ac3ad95
Removed trailing line spaces
2015-12-16 22:28:27 +00:00
58635be237
Try to unpack the SID from hex to normal cut/paste format. Its a mess.
2015-12-16 22:27:52 +00:00
421a29d998
Added the trust types from MSDN
2015-12-16 22:18:28 +00:00
fbe0cfde8f
Fixed URL for trustDirection reference
2015-12-16 22:16:33 +00:00
Brent Cook
David Maloney
AgoraSecurity
Pearce Barry
Robert Kugler
wchen-r7
Josh Hale
ktreimann
Brent Cook
Stephen Deck
Meatballs
William Vu
Vincent Yiu
Crypt0-M3lon
join-us
Hans-Martin Münch (h0ng10)
James Lee
Christian Mehlmauer
nk
Kyle Gray
Jon Hart
karllll
Stuart Morgan
g0tmi1k