metasploit-framework

Commit Graph

Author	SHA1	Message	Date
Tom Sellers	aa85cb8195	Update powershell.rb	2014-05-29 05:46:32 -05:00
Tom Sellers	ae1b7e564b	Update powershell.rb	2014-05-27 05:18:00 -05:00
Tom Sellers	42a17cc085	Update powershell.rb To be clear, the shell that was tested with was 'windows/shell_reverse_tcp' delivered via 'exploit/windows/smb/psexec' Additional changes required to fix regex to support the multiline output. Also, InstanceId uses a lower case 'D' on the platforms I tested - PowerShell 2.0 on Windows 2003, Windows 7, Windows 2008 R2 as well as PowerShell 4.0 on Windows 2012 R2. This method doesn't appear to be used anywhere in the Metasploit codebase currently.	2014-05-25 08:59:42 -05:00
Tom Sellers	76b9273f10	Improve reliability of have_powershell I have a case where on a Windows 2008 R2 host with PowerShell 2.0 the 'have_powershell' method times out. When I interactively run the command I find that the output stops after the PowerShell command and the token from 'cmd_exec' is NOT displayed. When I hit return the shell then processes the '&echo <randomstring>' and generates the token that 'cmd_exec' was looking for. I tried various versions of the PowerShell command string such as 'Get-Host;Exit(0)', '$PSVErsionTable.PSVersion', and '-Command Get-Host' but was unable to change the behavior. I found that adding 'echo. \| ' simulated pressing enter and did not disrupt the results on this host or on another host where the 'have_powershell' method functioned as expected. There may be a better solution, but this was the only one that I could find.	2014-05-25 08:07:38 -05:00
Meatballs	ae3ead6ef9	Land #2107 Post Enum Domain Users	2014-04-09 11:32:12 +01:00
David Maloney	72c6b995de	adjust timeout for shadowcopy WMIC defaults to 10 sec timeout but shadowcopy often needs longer.	2014-03-04 10:18:59 -06:00
Etienne Stalmans	e452b81fb1	style changes as suggested by @jlee-r7	2014-03-04 08:49:52 +02:00
Meatballs	43715eeb7f	Blame @OJ He changed the clipboard API underneat me.	2014-03-03 22:06:05 +00:00
Meatballs	32d83887d3	Merge remote-tracking branch 'upstream/master' into wmic_post	2014-03-03 21:56:31 +00:00
James Lee	0179faa66f	Fix yardoc for Post::Windows::LDAP Also fix some style issues and warnings.	2014-02-21 13:25:11 -06:00
Meatballs	e4aedfad43	Fixup netapi call	2014-02-18 23:30:29 +00:00
Meatballs	6f988209ab	Merge remote-tracking branch 'upstream/master' into enum_domain_users_update	2014-02-18 20:02:39 +00:00
Meatballs	5c8af63063	Fix regression	2014-02-18 17:41:35 +00:00
jvazquez-r7	1bc94b8a9d	Merge for retab	2014-02-17 19:19:47 -06:00
Meatballs	f58b66adf8	Docs and more robust code	2014-02-14 23:15:05 +00:00
jvazquez-r7	61563fb2af	Do minor cleanup	2014-02-13 09:10:04 -06:00
Meatballs	76f0783eef	Raise error if no domain found or specified	2014-02-08 12:16:48 +00:00
Meatballs	33da3a414b	Remove unnecessary options	2014-01-25 13:52:52 +00:00
Meatballs	27a434205c	More flexible domain and DN	2014-01-25 13:17:00 +00:00
Meatballs	08885bde19	Always forget debugging stuff	2014-01-24 23:45:12 +00:00
Meatballs	be1da0e8a8	Move print statement	2014-01-24 23:37:20 +00:00
Meatballs	cb53ca261f	Tidyup logic ADSI doesn't care about distinguished names or domain and can take either, but legacy API needs a domain for binding and a dn for searching. Send nil if we dont know the domain rather than a ptr to an empty string.	2014-01-24 23:28:08 +00:00
Meatballs	ae13d1f3e6	Grab the default domain to improve ldap	2014-01-24 16:36:37 +00:00
Meatballs	23ba52641b	Revert ldap	2014-01-24 16:25:48 +00:00
Meatballs	9fce617462	Fixup railgun utils Implement DsGetDcNamea to return current domain using example railgun utils techniques.	2014-01-24 16:22:05 +00:00
Meatballs	4b21672b60	Remove hardcoded string	2014-01-23 23:55:09 +00:00
Meatballs	790e4d7559	Move options to mixin	2014-01-23 23:47:46 +00:00
Meatballs	398e8463b1	Add more informative errors	2014-01-23 23:19:00 +00:00
Meatballs	80452767c8	Comments	2014-01-22 10:24:24 +00:00
Meatballs	156e3c046e	Dont lookup twice	2014-01-22 10:14:56 +00:00
Meatballs	6d6d1e1033	No need to fiddle with naming context	2014-01-22 10:06:36 +00:00
Meatballs	3bf728da61	Dont store in DB by default	2014-01-07 12:20:44 +00:00
Meatballs	62ef810e7c	Use Extapi if available	2013-12-19 18:18:47 +00:00
Meatballs	737154c2fe	Update to use extapi	2013-12-19 16:46:09 +00:00
Meatballs	3ef1c0ecd6	Merge remote-tracking branch 'upstream/master' into enum_ad_perf	2013-12-19 14:25:07 +00:00
Meatballs	6e43edff4c	Merge in extapi post mixin	2013-12-19 14:25:02 +00:00
Meatballs	244cf3b3f6	Merge remote-tracking branch 'upstream/pr/2736' into enum_ad_perf	2013-12-19 13:59:57 +00:00
Meatballs	3e54379b0e	Merge remote-tracking branch 'upstream/master' into wmic_post Conflicts: lib/msf/core/post/windows.rb	2013-12-18 13:40:54 +00:00
Meatballs	687cbe5f60	Shadowcopy should use common wmic command Small fix to ensure output is retrieved (args -> nil) Modify shadowcopy to use wmic_query	2013-12-18 13:34:50 +00:00
Meatballs	6ee1a9c6e1	Fix duplicate error	2013-12-17 00:11:37 +00:00
Meatballs	06b399ee30	Remove ERROR_ To access as Error::NO_ACCESS	2013-12-16 19:52:11 +00:00
Meatballs	08a44fdfb7	Filename match module	2013-12-16 19:48:17 +00:00
Meatballs	57f2027e51	Move to module	2013-12-16 19:45:52 +00:00
Meatballs	819ba30a33	msftidy Conflicts: lib/msf/core/post/windows/services.rb	2013-12-15 01:12:46 +00:00
Meatballs	a930056d7f	Added service status checks to Post::Windows::Services Added QueryServiceStatus to Railgun Advapi32 Definitions Added Checks to module Conflicts: lib/msf/core/post/windows/services.rb lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_advapi32.rb	2013-12-15 01:12:45 +00:00
Meatballs	284a45a6c5	Convert UTF16 to ASCII	2013-12-14 22:58:16 +00:00
Meatballs	e46b5c9d55	Revert to file io if no EXTAPI	2013-12-14 22:46:22 +00:00
Meatballs	b532987b8f	Re-add file out to wmic_command	2013-12-14 20:58:33 +00:00
Meatballs	8d5f298d3d	Clear clipboard first	2013-12-14 20:26:46 +00:00
Meatballs	7902f061ca	Final tidyup	2013-12-14 20:18:14 +00:00

1 2 3 4

153 Commits (9f5dfab9ea05e02a1ac92540233adca412fb873d)