Commit Graph

2396 Commits (9f9bbce034595414c1fe98c616ff650e4c467a05)

Author SHA1 Message Date
benpturner 8916ccf9e5 new numbers 2015-05-19 16:00:49 +01:00
benpturner 763d960d2b new 2015-05-19 15:55:00 +01:00
benpturner b513304756 new changes 2015-05-19 15:47:30 +01:00
benpturner 811c45ab90 new 2015-05-19 14:06:41 +01:00
Brent Cook 79db696c15 fix EOL character 2015-05-18 15:46:55 -05:00
Donny Maasland (Fox-IT) e1eed6e9d9 single quotes and slashes.. 2015-05-18 16:33:57 +02:00
Stuart Morgan 8b8ed04a73 Rubocop 2015-05-18 11:56:12 +01:00
Stuart Morgan cf05e69536 Removed database storage for now (need to convert keys to OpenSSH format and resolve IP addresses first) 2015-05-18 11:51:27 +01:00
Stuart Morgan 7f16b7164f Added database writing code 2015-05-18 11:43:08 +01:00
Stuart Morgan 77cf2ec60e Added basic private key detection and parsing 2015-05-18 11:20:53 +01:00
Donny Maasland (Fox-IT) 7d65095472 fix quotes 2015-05-18 12:20:42 +02:00
Donny Maasland (Fox-IT) 30f7c651c9 use REGISTRY_VIEW_32_BIT 2015-05-18 10:19:32 +02:00
Stuart Morgan f1955cb15d Rubocopped the file 2015-05-17 16:09:19 +01:00
Stuart Morgan 5e4566712a Added more detailed description 2015-05-17 16:00:44 +01:00
Stuart Morgan a4f67bce6f Tidied up code 2015-05-17 15:48:05 +01:00
Stuart Morgan b12db7b633 Retrieves saved session lists etc to loot and exports information in CSV format 2015-05-17 14:59:26 +01:00
Stuart Morgan 1177f42263 Renamed module to remain consistent with other enum modules 2015-05-17 14:38:25 +01:00
Stuart Morgan 18a9dfd6da Added PAGEANT_REGISTRY_KEY variable to enhance readability 2015-05-17 14:37:59 +01:00
Stuart Morgan 4a416bba3c Fixed notes using :unique_data 2015-05-17 13:24:38 +01:00
Stuart Morgan 8aa27eee94 report_note only appears to allow one note per host/type combo... 2015-05-17 13:06:17 +01:00
Stuart Morgan 53311fda2e Fixed logic & added notes storage 2015-05-17 13:02:58 +01:00
Stuart Morgan 5d273d53b4 Fixed module logic so that the key fingerprints now get displayed properly: 2015-05-15 22:02:12 +01:00
David Maloney fd1a24d6f9
some more minor cleanup noise
apparently we standardized on using get_env
instead of expand_path in these cases. Not sure
on the effective difference here but no big deal

MSP-12358
2015-05-15 13:33:48 -05:00
Stuart Morgan 4a88790c8c Added SSH host keys 2015-05-15 17:57:15 +01:00
David Maloney 631dfc0a0e
increase timeout on ntdsutil
default timeout is 15 seconds. we'll give it 90
seconds for now. This may still be too short for
really really large domains, but too long of a timeout
can create other issues

MSP-12358
2015-05-15 11:19:35 -05:00
David Maloney a3d91dff0b
clean up ntds.dit file when done
delete the ntds.dit file we copied when
we are done

MSP-12358
2015-05-15 11:13:19 -05:00
David Maloney ac04b8d1e7
a little bit of cleanup
constantise some of the magic numbers in
the NTDS Account class

MSP-12358
2015-05-15 10:47:31 -05:00
Stuart Morgan 14035a46b1 Fixed description 2015-05-15 16:28:51 +01:00
Stuart Morgan f65207ac40 Initial version, working
Needs tidying up.

Current version:
* Searches for PuTTY registry keys
* Downloades the Hostname, port, private key filename, username to log in as and any port forwarding instructions
* If the private keys are accessible on the box, download them to loot

To do:
* Detect whether pageant is running or not and report back
* Tidy up code (used another plugin as a template)
2015-05-15 16:23:39 +01:00
Donny Maasland (Fox-IT) 2721be946a also check Wow6432Node keys 2015-05-15 14:28:12 +02:00
David Maloney 724b7c6f16
save the ntlm hases as creds
the last step is now complete. the current and historical
hashes are all saved to the database for cracking and/or
replay

MSP-12358
2015-05-14 13:52:11 -05:00
David Maloney 452fc6b149
Merge branch 'feature/MSP-12357/meterp-ntds' into feature/MSP-12358/ntds-dump-module 2015-05-14 10:31:28 -05:00
David Maloney 0e666d5732
gaurd against arch mismatch
this will not work from an x86 proc
on an x64 machine, so guard against that.

MSP-12358
2015-05-13 15:28:11 -05:00
David Maloney 9308da7956
2003 code path working
using VSS directly on server 2003 and repairing
the database with esentutl is now working

MSP-12358
2015-05-13 12:25:44 -05:00
David Maloney 21004046c1
begin parsing of the database
clean up and begin aprsing the database
after we have copied it

MSP-12358
2015-05-11 14:48:12 -05:00
Meatballs 028f9dd43b
Tidy and rubocop 2015-05-09 10:48:07 +01:00
Meatballs e9dc93f345
Use cmd_exec 2015-05-09 10:44:02 +01:00
rwhitcroft 8c3a97667a use get_env instead of client.sys.config.getenv 2015-05-08 15:25:20 -04:00
rwhitcroft b2ce2ddb05 determine the domain using env vars instead of parsing net.exe output 2015-05-08 14:17:49 -04:00
David Maloney 3c9c578a3d
ntdsutil method in place
ntdsutil method built out to make a copy
of ntds.dit on later version of Winbdows Server

MSP-12358
2015-05-04 15:35:36 -05:00
David Maloney e0c64038a7
start new ddomain hashdump post module
module checks for all preconditions so far
including that Domain Services are running,
that we are Admin, that we have bypassed uac
and that it is a supported version of windows.

MSP-12358
2015-05-04 15:07:27 -05:00
Meatballs eb8fdcc2f2
Typo 2015-04-29 10:45:49 +01:00
Meatballs 4072cbd4d3
Bitlocker -> BitLocker 2015-04-29 10:02:21 +01:00
Meatballs 7e5b03c44e
Tidyup and update for new ADSI format 2015-04-29 09:48:44 +01:00
Meatballs 0d81ad4db4 Remove max search 2015-04-29 09:40:53 +01:00
Meatballs 96a9313e7e Initial commit 2015-04-29 09:40:53 +01:00
Brent Cook 4ffffa59fe
Land #5184, restore store_loot for ssh_creds gatherer 2015-04-24 13:55:06 -05:00
jvazquez-r7 ab94f15a60
Take care of modules using the 'DEBUG' option 2015-04-21 12:13:40 -05:00
jvazquez-r7 4224008709
Delete print_debug/vprint_debug 2015-04-21 11:14:03 -05:00
wchen-r7 a3b0f2e424
Land #5175, Update mcafee_vse_hashdump description 2015-04-20 21:49:24 -05:00
wchen-r7 43e9244b4c Fix #5134, Put store_loot back
Fix #5134

store_loot was used at one point, but we ended up removing it.
Turns out store_loot is handy in some cases so we're brining it back.
2015-04-17 16:33:51 -05:00
karllll e3ce4eb88e Update mcafee_vse_hashdump.rb 2015-04-17 09:47:02 -04:00
William Vu 3422501d91
Land #5174, deprecated module cleanup 2015-04-16 17:43:28 -05:00
Christian Mehlmauer 2b9fd93729
remove deprecated modules 2015-04-16 22:49:22 +02:00
karllll cb2e8f4949 Update mcafee_vse_hashdump description
The description of this module has been added upon to include cracking details.
2015-04-16 16:09:43 -04:00
Christian Mehlmauer 352e170624
more failure reasons 2015-04-16 22:04:11 +02:00
Christian Mehlmauer 8c12361bda
remove fail_with defs 2015-04-16 21:49:31 +02:00
Christian Mehlmauer ba6548db75
be consistent about naming 2015-04-16 21:44:56 +02:00
Christian Mehlmauer b4b8ac0849
moar fail_with's 2015-04-16 21:26:37 +02:00
Christian Mehlmauer 0e186fa617
first fail_with fixes 2015-04-16 21:08:33 +02:00
William Vu 001253a8da Clean up module some more 2015-04-15 22:02:04 -05:00
Roberto Soares c6e8ffb7e3 Fix some "mistakes" following the style guide 2015-04-15 00:35:14 -03:00
Roberto Soares 9250869ace Fix typo 2015-04-14 20:19:38 -03:00
Roberto Soares 6aad8b3a70 Changed the conditions if/elsif to case statements 2015-04-14 20:05:52 -03:00
Jon Cave 7aceb9218e Use bitwise OR to select both primary and backup DCs
SV_TYPE_DOMAIN_CTRL || SV_TYPE_DOMAIN_BAKCTRL returns
SV_TYPE_DOMAIN_CTRL rather than ORing the bits together.
2015-04-05 11:05:42 +01:00
Tod Beardsley 6d5bcb93a8
Normalize the SecurityXploded Team credits
[See #5012]
2015-04-02 15:15:37 -05:00
David Maloney 63da27ece0
add missing HKLM root to regkey
the chevkm windows psot module had HKLM
missing from the front of one of it's reg key
paths. This was missed in Rails 3 due to the
error being swallowed unexpectedly. in rails 4
we actually see this cause a stack trace

MSP-12384
2015-03-31 14:17:18 -05:00
Tod Beardsley d1318d1b48
Fixups for release 2015-03-31 11:02:12 -05:00
Meatballs c430e5fab1
@m7x forgot to put a reference in 2015-03-29 02:13:31 +01:00
Meatballs 2ed9489f38 Delete load line 2015-03-28 20:31:35 +00:00
Meatballs 99f79e8533 Use incognito token stealing rather than process migration if we have
the privileges required for successful impersonation.
2015-03-28 20:31:35 +00:00
Meatballs f83f4ae764 Move hashdump to gather 2015-03-28 20:31:35 +00:00
Meatballs e2af15a0df Refactor MSSQL Post 2015-03-28 20:31:35 +00:00
root 1558190a9d Add module mssql_local_hashdump 2015-03-28 20:31:35 +00:00
sinn3r 9cfafdd8b8
Land #4649, improve post/windows/manage/run_as and as an exploit 2015-03-27 17:31:30 -05:00
g0tmi1k fc6860672b Fix merge conflict due to #5527
...my mistake
2015-03-21 01:57:13 +00:00
g0tmi1k faa7ed2b68 shell_to_meterpreter - more options, more verbose
...less bugs!
2015-06-13 17:37:41 +01:00
Felix Wehnert 2a525958bd fixed typo
Does no one tested this script on x64 yet ?
2015-03-16 20:15:26 +01:00
Sven Vetsch 4d3a1a2f71 fix all duplicated keys in modules 2015-03-14 13:10:42 +01:00
Bazin Danil 1d03b9a166 Maj debug output 2015-02-26 21:06:20 +01:00
BAZIN-HSC a0ba078801 add debug output 2015-02-24 14:15:30 +01:00
William Vu be5a0ee9c2
Land #4777, @todb-r7's release fixes 2015-02-17 13:45:00 -06:00
Tod Beardsley 053de8e62c
Fix whitespace in author name
[See #4777]
2015-02-17 12:57:36 -06:00
Tod Beardsley 214146beaa
Correct author attribution 2015-02-17 10:52:55 -06:00
Meatballs ecefad946e
Spellingz 2015-02-17 14:39:34 +00:00
Meatballs 6559b43f1e
EOL Spaces argh 2015-02-16 15:46:45 +00:00
Meatballs 12f2828829
Allow additional fields 2015-02-16 15:24:28 +00:00
Meatballs b77aed1c56
UPN is optional, should use sAMAccountName 2015-02-16 15:08:09 +00:00
Meatballs 3a894a29de
Dont use magic values and use the userPrincipalName as the
username
2015-02-16 15:02:01 +00:00
Meatballs e42bbcbcbb
Enum_ad modules should retrive userPrincipalName as it may differ
to the sAMAccountName value.
2015-02-16 14:03:15 +00:00
William Vu d7fa06de06 Fix off-by-one whitespace 2015-02-12 13:12:13 -06:00
Tod Beardsley d89eda65fa
Moar fixes, thanks @wvu-r7
See #4755
2015-02-12 12:46:38 -06:00
Tod Beardsley e78d08e20d
Fix up titles, descriptions 2015-02-12 12:11:40 -06:00
Tod Beardsley 02fe57e2a1
Bump out to April, 60ish days 2015-02-11 12:56:37 -06:00
William Vu fd11afff1a Deprecate manage/pxexploit
modules/post/windows/manage/pxeexploit.rb
2015-02-11 12:39:10 -06:00
William Vu 6294cbf4de Fix manage/pxexploit datastore 2015-02-11 12:19:59 -06:00
Meatballs 133ae4cd04
Land #4679, Windows Post Gather File from raw NTFS. 2015-02-08 18:50:50 +00:00
Meatballs 69e53a46cb
Final tidyups, description etc 2015-02-08 18:49:17 +00:00
Meatballs 9518090b8b
Ignore some error conditions 2015-02-08 18:46:48 +00:00
Bazin Danil cc4fc1aefa use GetFileAttributesW and CreateFileW 2015-02-08 17:36:49 +01:00
Tod Beardsley a5b2e99136
Correct punctuation on outlook, too. 2015-02-07 22:26:14 -06:00
wez3 1390c81420 Fix fail_with text
Fix fail_with text, when the target system is locked.
2015-02-07 21:20:24 +01:00
Meatballs 358ab2590e
Small tidyup 2015-02-07 11:35:47 +00:00
Bazin Danil 970c5d115a spellcheck 2015-02-05 22:08:39 +01:00
scriptjunkie 5b2eb986c9
Land #4678 Add post module to phish credentials 2015-02-04 23:43:02 -06:00
William Vu 9e030143e7
Fix slow search due to method name conflict
Changed "search_filter" in enum_ad_users module to "query_filter" to
avoid conflicting with "search_filter" in command_dispatcher/core.rb.
2015-02-02 16:36:20 -06:00
wez3 904a99965d Sleep 1 added
Sleep 1 added to reduce network usage
2015-02-01 11:55:01 +01:00
Bazin Danil 03fcfc496a add a test to check if the file exist 2015-01-31 06:00:02 +01:00
Bazin Danil 2cf9a17f25 variable name clarification (file, file_path, path) 2015-01-31 05:07:07 +01:00
Bazin Danil 5d4a8e2f90 using store_loot 2015-01-31 05:01:28 +01:00
Bazin Danil d6fb445522 add begin...ensure block so that the CloseHandle call occurs 2015-01-31 04:46:02 +01:00
Bazin Danil 1205c0045f using r['ErrorMessage'] 2015-01-31 04:37:16 +01:00
Bazin Danil f7d2e2a27a twitter in comment 2015-01-31 04:36:07 +01:00
jvazquez-r7 c831de35a2
Land #4392, @Meatballs1's post module to enumerate AD users 2015-01-30 17:21:10 -06:00
wez3 25ac9c1ed9 Add post module to phish windows user credentials 2015-01-30 19:50:04 +01:00
Bazin Danil 68b735dbda Add a NTFS parser and a post module to dump files
This commit add a draft of an NTFS Parser and a post module
to gather file using the raw NTFS device (\\.\C:)
bypassing restriction like already open file with lock
Can be used to retreive file like NTDS.DIT without volume shadow copy
2015-01-30 19:16:44 +01:00
Meatballs 39004d265b Increase default buffer sizes to reduce railgun calls 2015-01-30 11:20:03 +00:00
Meatballs d4707b8e07 Spellingz 2015-01-30 11:20:03 +00:00
Meatballs 9670608380 Reformat, remove unnecessary guard statement 2015-01-30 11:20:02 +00:00
Meatballs 0e976041b7 Small description fix 2015-01-30 11:20:02 +00:00
Meatballs 14f6ef13f4 Remove hardcoded domain 2015-01-30 11:20:02 +00:00
Meatballs 79a3a48348 Correct description 2015-01-30 11:20:02 +00:00
Meatballs e492f56ac0 Error if no database 2015-01-30 11:20:02 +00:00
Meatballs e6dbc15f40 Line length modification 2015-01-30 11:20:02 +00:00
Meatballs 044e3bd608 Golden Ticketz Post module 2015-01-30 11:20:02 +00:00
Meatballs 81fa509b50
Only clean up handles if process started 2015-01-27 21:11:12 +00:00
William Vu 7d7139d769
Consistent-ize whitespace 2015-01-27 11:11:02 -06:00
Tod Beardsley d8200c65a8
Strip safely, avoid nil.strip errors 2015-01-27 11:06:55 -06:00
William Vu 5b3d877b25
Land #4648, for real 2015-01-27 11:00:22 -06:00
William Vu a88a631b66
Fix #strip 2015-01-27 10:58:24 -06:00
Tod Beardsley d2bf1a73ff
Don't need to require YAML anymore either 2015-01-27 10:40:57 -06:00
Tod Beardsley cafbd1af51
Prefer a regex over YAML parsing
Fixes a bug introduced in #4645
2015-01-27 10:34:56 -06:00
Meatballs 3d0dc1a19d
Rubocop 2015-01-27 16:34:52 +00:00
Meatballs 215a590940
Refactor and fixes for post module 2015-01-27 16:14:59 +00:00
William Vu d53f4e1178
Fix bugs and make final changes 2015-01-26 23:29:10 -06:00
Jonathan Claudius 2bb9314b4b Switch to unless conditional 2015-01-27 00:10:33 -05:00
Jonathan Claudius 1f9286da69 Undo logic reversage 2015-01-26 23:54:41 -05:00
Jonathan Claudius a9e480e44a Fixed tilde 2015-01-26 23:53:08 -05:00
Jonathan Claudius eed9fbe024 Lose assignment in conditional 2015-01-26 23:48:08 -05:00
Jonathan Claudius c496d2c987 Remove nil check 2015-01-26 23:43:31 -05:00
Jonathan Claudius c29b7488b2 Fix double new line 2015-01-26 23:40:19 -05:00
Jonathan Claudius d77f112e82 Minor Formatting 2015-01-26 23:31:36 -05:00
Jonathan Claudius 06485d8c89 Fix naming of things 2015-01-26 23:17:44 -05:00
Jonathan Claudius 685c4804e5 Add trailing return 2015-01-26 23:15:00 -05:00
Jonathan Claudius 6b6e47a237 Fix sessiontypes, again 2015-01-26 23:13:17 -05:00
Jonathan Claudius 747349a57a Fix sessiontypes 2015-01-26 23:11:48 -05:00
Jonathan Claudius ee7ecb349d Fix description 2015-01-26 23:10:08 -05:00
Jonathan Claudius 106170eddc Add multi to name 2015-01-26 23:08:43 -05:00
Jonathan Claudius a3c7cf70f8 Make MSF Tidy more happy 2015-01-26 22:30:26 -05:00
Jonathan Claudius d37b3cf0c3 Use next instead of return 2015-01-26 22:26:56 -05:00
Jonathan Claudius f58dc2789f Remove creds 2015-01-26 22:13:15 -05:00
Jonathan Claudius a27c376ae7 Add service port and host 2015-01-26 22:06:07 -05:00
Jonathan Claudius dd34b58e49 Add add loot 2015-01-26 22:01:38 -05:00
Jonathan Claudius 3889ed5784 Add cred login 2015-01-26 21:50:10 -05:00
Jonathan Claudius eead063375 Add RubyGems API Post Gather Module 2015-01-26 20:53:39 -05:00
sinn3r d7375e84ea Move modules/post/windows/escalate/net_runtime_modify.rb
This module was scheduled to be removed on 01/08/2015.
Please use exploit/windows/local/service_permissions instead.
2015-01-26 00:29:43 -06:00
Jon Hart e7c21f3205
Land #4503, @m7x's post module for extracting McAfee VSE hashes 2015-01-21 20:44:41 -08:00
Jon Hart 9cc58a8d69
Lastly, rename the file so that it is specific to McAfee VSE 2015-01-21 20:44:34 -08:00
Jon Hart 683a541064
Tighten up prints to make it specific to VSE, not McAfee in general 2015-01-21 20:33:54 -08:00
Jon Hart 52be3d80b7
Minor ruby style cleanup 2015-01-21 20:27:38 -08:00
Jon Hart ceed293969
Remove unnecessary requires 2015-01-21 20:23:03 -08:00
Jon Hart f73052710d
Correct recent msftidy change in outlook gather 2015-01-21 13:27:48 -08:00
Jon Hart 46a0ec8a68
Make timeout for Powershell scripts configurable 2015-01-21 13:24:43 -08:00
wez3 bd0a20a717 Update outlook.rb execute_script time_out
I have been using the script in real life cases which have bigger e-mailboxes then in the testing environment. Because of execute_script default time_out no results return, as the powershell scripts run longer then 15 seconds. Changed the timeout to 120.
2015-01-20 11:16:37 +01:00
jvazquez-r7 43e0afeaed Delete 's' typo 2015-01-19 12:55:35 -06:00
jvazquez-r7 79a24f80b8 Use constant for play options 2015-01-19 12:50:40 -06:00
jvazquez-r7 652400451e Delete extra k 2015-01-19 12:35:26 -06:00
IMcPwn 50d43f118b Make URLs better
Removes YouTube logo, loops, hides video controls at bottom, disables keyboard controls, doesn't show info about the video on the top, hides video annotations, and doesn't show related videos at the end.
2015-01-19 12:27:18 -05:00
root 3a5d6b4717 Store password hash as loot 2015-01-17 14:17:41 +00:00
Tod Beardsley 375a7e1fe9
Typo. Filtering. 2015-01-16 16:30:52 -06:00
Jon Hart 8889f95920
Correct McAfee credential storage, prepare for store_loot 2015-01-16 12:10:01 -08:00
root f4f4787efe Move run method 2015-01-14 23:54:02 +00:00
David Maloney f42bda1a51
refactor parsing the results
moved the result parsing into its own method
cleaned up run method a bit more, added YARD docs
to the new methods
2015-01-14 14:15:57 -06:00
David Maloney c687ecca2e
refactor filter building
move the filter_string into a seperate method
and use shovel oeprator to keep it a little cleaner
2015-01-14 14:04:28 -06:00
David Maloney 9b344a9605
move query fields to a constant
these fields should never change, so put the array
in a constant and freeze it to prevent accidental tampering
2015-01-14 13:20:00 -06:00
David Maloney 82939595f8
Merge branch 'master' into feature/metaballs1/enum_ad_users 2015-01-14 13:06:18 -06:00
root 52b929c5ca Fix https://github.com/m7x/metasploit-framework/pull/1#issuecomment-69454590 2015-01-10 14:15:53 +00:00
Jon Hart 5c12f9da75
More cleanup
Handle multiple versions
Better print_
Actually extract
2015-01-09 18:01:17 -08:00
Jon Hart 35fd17c4f1
Cleanup style 2015-01-09 11:00:25 -08:00
Brent Cook fb5170e8b3
Land #2766, Meatballs1's refactoring of ExtAPI services
- Many code duplications are eliminated from modules in favor of shared
   implementations in the framework.
 - Paths are properly quoted in shell operations and duplicate operations are
   squashed.
 - Various subtle bugs in error handling are fixed.
 - Error handling is simpler.
 - Windows services API is revised and modules are updated to use it.
 - various API docs added
 - railgun API constants are organized and readable now.
2015-01-08 16:54:01 -06:00
Brent Cook e447a17795 bump deprecated date 2015-01-08 16:20:06 -06:00
EricGershman 0496bb16bc Minor spelling fix 2015-01-07 23:43:59 -05:00
Meatballs 0b0ac1455a
Merge remote-tracking branch 'upstream/master' into extapi_service_post
Conflicts:
	test/modules/post/test/services.rb
2015-01-07 20:53:34 +00:00
m7x 89699d1549 Typo workspace_id 2015-01-07 10:58:59 +00:00
William Vu 46aa165ca5
Land #4481, enum_users_history improvements 2015-01-06 01:52:38 -06:00
William Vu 745bfb2f35
Clean things up 2015-01-06 01:48:18 -06:00
Meatballs dd5c638ab0
Merge remote-tracking branch 'upstream/master' into extapi_service_post 2015-01-05 22:18:44 +00:00
sinn3r 44dfa746eb Resolve #4513 - Change #inspect to #to_s
Resolve #4513
2015-01-05 11:50:51 -06:00
sinn3r d45cdd61aa Resolve #4507 - respond_to? + send = evil
Since Ruby 2.1, the respond_to? method is more strict because it does
not check protected methods. So when you use send(), clearly you're
ignoring this type of access control. The patch is meant to preserve
this behavior to avoid potential breakage.

Resolve #4507
2015-01-02 13:29:17 -06:00
root c348663204 Add McAfee Hashdump 2015-01-02 10:22:11 +00:00
Tod Beardsley 264d3f9faa
Minor grammar fixes on modules 2014-12-31 11:45:14 -06:00
Brendan Coles cc75c33d60 Use user home directories
Replace hard-coded '/home/' and '/root/' with `~username` shorthand.
2014-12-31 09:12:35 +11:00
Brendan Coles 013e45e83d Add support for MongoDB history 2014-12-31 08:38:58 +11:00
Brendan Coles d2e6f90569 Use a list of users 2014-12-31 08:12:16 +11:00
Brendan Coles 897e993971 Update description 2014-12-30 08:05:53 +11:00
Brendan Coles 8719a36d84 DRY status messages 2014-12-30 08:03:40 +11:00
Brendan Coles 0de80e9c76 Minor changes to style 2014-12-30 07:58:54 +11:00
Brendan Coles 0085bcf075 Use `blank?' instead of `nil?' 2014-12-30 07:38:34 +11:00
Brendan Coles a50ac4050c Add support for PostgreSQL history 2014-12-30 07:33:22 +11:00
Brendan Coles 4ebe0fc0a8 Add support for different shells 2014-12-30 07:26:12 +11:00