wchen-r7
43e9244b4c
Fix #5134 , Put store_loot back
...
Fix #5134
store_loot was used at one point, but we ended up removing it.
Turns out store_loot is handy in some cases so we're brining it back.
2015-04-17 16:33:51 -05:00
karllll
e3ce4eb88e
Update mcafee_vse_hashdump.rb
2015-04-17 09:47:02 -04:00
William Vu
3422501d91
Land #5174 , deprecated module cleanup
2015-04-16 17:43:28 -05:00
Christian Mehlmauer
2b9fd93729
remove deprecated modules
2015-04-16 22:49:22 +02:00
karllll
cb2e8f4949
Update mcafee_vse_hashdump description
...
The description of this module has been added upon to include cracking details.
2015-04-16 16:09:43 -04:00
Christian Mehlmauer
352e170624
more failure reasons
2015-04-16 22:04:11 +02:00
Christian Mehlmauer
8c12361bda
remove fail_with defs
2015-04-16 21:49:31 +02:00
Christian Mehlmauer
ba6548db75
be consistent about naming
2015-04-16 21:44:56 +02:00
Christian Mehlmauer
b4b8ac0849
moar fail_with's
2015-04-16 21:26:37 +02:00
Christian Mehlmauer
0e186fa617
first fail_with fixes
2015-04-16 21:08:33 +02:00
William Vu
001253a8da
Clean up module some more
2015-04-15 22:02:04 -05:00
Roberto Soares
c6e8ffb7e3
Fix some "mistakes" following the style guide
2015-04-15 00:35:14 -03:00
Roberto Soares
9250869ace
Fix typo
2015-04-14 20:19:38 -03:00
Roberto Soares
6aad8b3a70
Changed the conditions if/elsif to case statements
2015-04-14 20:05:52 -03:00
Jon Cave
7aceb9218e
Use bitwise OR to select both primary and backup DCs
...
SV_TYPE_DOMAIN_CTRL || SV_TYPE_DOMAIN_BAKCTRL returns
SV_TYPE_DOMAIN_CTRL rather than ORing the bits together.
2015-04-05 11:05:42 +01:00
Tod Beardsley
6d5bcb93a8
Normalize the SecurityXploded Team credits
...
[See #5012 ]
2015-04-02 15:15:37 -05:00
David Maloney
63da27ece0
add missing HKLM root to regkey
...
the chevkm windows psot module had HKLM
missing from the front of one of it's reg key
paths. This was missed in Rails 3 due to the
error being swallowed unexpectedly. in rails 4
we actually see this cause a stack trace
MSP-12384
2015-03-31 14:17:18 -05:00
Tod Beardsley
d1318d1b48
Fixups for release
2015-03-31 11:02:12 -05:00
Meatballs
c430e5fab1
@m7x forgot to put a reference in
2015-03-29 02:13:31 +01:00
Meatballs
2ed9489f38
Delete load line
2015-03-28 20:31:35 +00:00
Meatballs
99f79e8533
Use incognito token stealing rather than process migration if we have
...
the privileges required for successful impersonation.
2015-03-28 20:31:35 +00:00
Meatballs
f83f4ae764
Move hashdump to gather
2015-03-28 20:31:35 +00:00
Meatballs
e2af15a0df
Refactor MSSQL Post
2015-03-28 20:31:35 +00:00
root
1558190a9d
Add module mssql_local_hashdump
2015-03-28 20:31:35 +00:00
sinn3r
9cfafdd8b8
Land #4649 , improve post/windows/manage/run_as and as an exploit
2015-03-27 17:31:30 -05:00
g0tmi1k
fc6860672b
Fix merge conflict due to #5527
...
...my mistake
2015-03-21 01:57:13 +00:00
g0tmi1k
faa7ed2b68
shell_to_meterpreter - more options, more verbose
...
...less bugs!
2015-06-13 17:37:41 +01:00
Felix Wehnert
2a525958bd
fixed typo
...
Does no one tested this script on x64 yet ?
2015-03-16 20:15:26 +01:00
Sven Vetsch
4d3a1a2f71
fix all duplicated keys in modules
2015-03-14 13:10:42 +01:00
Bazin Danil
1d03b9a166
Maj debug output
2015-02-26 21:06:20 +01:00
BAZIN-HSC
a0ba078801
add debug output
2015-02-24 14:15:30 +01:00
William Vu
be5a0ee9c2
Land #4777 , @todb-r7's release fixes
2015-02-17 13:45:00 -06:00
Tod Beardsley
053de8e62c
Fix whitespace in author name
...
[See #4777 ]
2015-02-17 12:57:36 -06:00
Tod Beardsley
214146beaa
Correct author attribution
2015-02-17 10:52:55 -06:00
Meatballs
ecefad946e
Spellingz
2015-02-17 14:39:34 +00:00
Meatballs
6559b43f1e
EOL Spaces argh
2015-02-16 15:46:45 +00:00
Meatballs
12f2828829
Allow additional fields
2015-02-16 15:24:28 +00:00
Meatballs
b77aed1c56
UPN is optional, should use sAMAccountName
2015-02-16 15:08:09 +00:00
Meatballs
3a894a29de
Dont use magic values and use the userPrincipalName as the
...
username
2015-02-16 15:02:01 +00:00
Meatballs
e42bbcbcbb
Enum_ad modules should retrive userPrincipalName as it may differ
...
to the sAMAccountName value.
2015-02-16 14:03:15 +00:00
William Vu
d7fa06de06
Fix off-by-one whitespace
2015-02-12 13:12:13 -06:00
Tod Beardsley
d89eda65fa
Moar fixes, thanks @wvu-r7
...
See #4755
2015-02-12 12:46:38 -06:00
Tod Beardsley
e78d08e20d
Fix up titles, descriptions
2015-02-12 12:11:40 -06:00
Tod Beardsley
02fe57e2a1
Bump out to April, 60ish days
2015-02-11 12:56:37 -06:00
William Vu
fd11afff1a
Deprecate manage/pxexploit
...
modules/post/windows/manage/pxeexploit.rb
2015-02-11 12:39:10 -06:00
William Vu
6294cbf4de
Fix manage/pxexploit datastore
2015-02-11 12:19:59 -06:00
Meatballs
133ae4cd04
Land #4679 , Windows Post Gather File from raw NTFS.
2015-02-08 18:50:50 +00:00
Meatballs
69e53a46cb
Final tidyups, description etc
2015-02-08 18:49:17 +00:00
Meatballs
9518090b8b
Ignore some error conditions
2015-02-08 18:46:48 +00:00
Bazin Danil
cc4fc1aefa
use GetFileAttributesW and CreateFileW
2015-02-08 17:36:49 +01:00
Tod Beardsley
a5b2e99136
Correct punctuation on outlook, too.
2015-02-07 22:26:14 -06:00
wez3
1390c81420
Fix fail_with text
...
Fix fail_with text, when the target system is locked.
2015-02-07 21:20:24 +01:00
Meatballs
358ab2590e
Small tidyup
2015-02-07 11:35:47 +00:00
Bazin Danil
970c5d115a
spellcheck
2015-02-05 22:08:39 +01:00
scriptjunkie
5b2eb986c9
Land #4678 Add post module to phish credentials
2015-02-04 23:43:02 -06:00
William Vu
9e030143e7
Fix slow search due to method name conflict
...
Changed "search_filter" in enum_ad_users module to "query_filter" to
avoid conflicting with "search_filter" in command_dispatcher/core.rb.
2015-02-02 16:36:20 -06:00
wez3
904a99965d
Sleep 1 added
...
Sleep 1 added to reduce network usage
2015-02-01 11:55:01 +01:00
Bazin Danil
03fcfc496a
add a test to check if the file exist
2015-01-31 06:00:02 +01:00
Bazin Danil
2cf9a17f25
variable name clarification (file, file_path, path)
2015-01-31 05:07:07 +01:00
Bazin Danil
5d4a8e2f90
using store_loot
2015-01-31 05:01:28 +01:00
Bazin Danil
d6fb445522
add begin...ensure block so that the CloseHandle call occurs
2015-01-31 04:46:02 +01:00
Bazin Danil
1205c0045f
using r['ErrorMessage']
2015-01-31 04:37:16 +01:00
Bazin Danil
f7d2e2a27a
twitter in comment
2015-01-31 04:36:07 +01:00
jvazquez-r7
c831de35a2
Land #4392 , @Meatballs1's post module to enumerate AD users
2015-01-30 17:21:10 -06:00
wez3
25ac9c1ed9
Add post module to phish windows user credentials
2015-01-30 19:50:04 +01:00
Bazin Danil
68b735dbda
Add a NTFS parser and a post module to dump files
...
This commit add a draft of an NTFS Parser and a post module
to gather file using the raw NTFS device (\\.\C:)
bypassing restriction like already open file with lock
Can be used to retreive file like NTDS.DIT without volume shadow copy
2015-01-30 19:16:44 +01:00
Meatballs
39004d265b
Increase default buffer sizes to reduce railgun calls
2015-01-30 11:20:03 +00:00
Meatballs
d4707b8e07
Spellingz
2015-01-30 11:20:03 +00:00
Meatballs
9670608380
Reformat, remove unnecessary guard statement
2015-01-30 11:20:02 +00:00
Meatballs
0e976041b7
Small description fix
2015-01-30 11:20:02 +00:00
Meatballs
14f6ef13f4
Remove hardcoded domain
2015-01-30 11:20:02 +00:00
Meatballs
79a3a48348
Correct description
2015-01-30 11:20:02 +00:00
Meatballs
e492f56ac0
Error if no database
2015-01-30 11:20:02 +00:00
Meatballs
e6dbc15f40
Line length modification
2015-01-30 11:20:02 +00:00
Meatballs
044e3bd608
Golden Ticketz Post module
2015-01-30 11:20:02 +00:00
Meatballs
81fa509b50
Only clean up handles if process started
2015-01-27 21:11:12 +00:00
William Vu
7d7139d769
Consistent-ize whitespace
2015-01-27 11:11:02 -06:00
Tod Beardsley
d8200c65a8
Strip safely, avoid nil.strip errors
2015-01-27 11:06:55 -06:00
William Vu
5b3d877b25
Land #4648 , for real
2015-01-27 11:00:22 -06:00
William Vu
a88a631b66
Fix #strip
2015-01-27 10:58:24 -06:00
Tod Beardsley
d2bf1a73ff
Don't need to require YAML anymore either
2015-01-27 10:40:57 -06:00
Tod Beardsley
cafbd1af51
Prefer a regex over YAML parsing
...
Fixes a bug introduced in #4645
2015-01-27 10:34:56 -06:00
Meatballs
3d0dc1a19d
Rubocop
2015-01-27 16:34:52 +00:00
Meatballs
215a590940
Refactor and fixes for post module
2015-01-27 16:14:59 +00:00
William Vu
d53f4e1178
Fix bugs and make final changes
2015-01-26 23:29:10 -06:00
Jonathan Claudius
2bb9314b4b
Switch to unless conditional
2015-01-27 00:10:33 -05:00
Jonathan Claudius
1f9286da69
Undo logic reversage
2015-01-26 23:54:41 -05:00
Jonathan Claudius
a9e480e44a
Fixed tilde
2015-01-26 23:53:08 -05:00
Jonathan Claudius
eed9fbe024
Lose assignment in conditional
2015-01-26 23:48:08 -05:00
Jonathan Claudius
c496d2c987
Remove nil check
2015-01-26 23:43:31 -05:00
Jonathan Claudius
c29b7488b2
Fix double new line
2015-01-26 23:40:19 -05:00
Jonathan Claudius
d77f112e82
Minor Formatting
2015-01-26 23:31:36 -05:00
Jonathan Claudius
06485d8c89
Fix naming of things
2015-01-26 23:17:44 -05:00
Jonathan Claudius
685c4804e5
Add trailing return
2015-01-26 23:15:00 -05:00
Jonathan Claudius
6b6e47a237
Fix sessiontypes, again
2015-01-26 23:13:17 -05:00
Jonathan Claudius
747349a57a
Fix sessiontypes
2015-01-26 23:11:48 -05:00
Jonathan Claudius
ee7ecb349d
Fix description
2015-01-26 23:10:08 -05:00
Jonathan Claudius
106170eddc
Add multi to name
2015-01-26 23:08:43 -05:00
Jonathan Claudius
a3c7cf70f8
Make MSF Tidy more happy
2015-01-26 22:30:26 -05:00
Jonathan Claudius
d37b3cf0c3
Use next instead of return
2015-01-26 22:26:56 -05:00
Jonathan Claudius
f58dc2789f
Remove creds
2015-01-26 22:13:15 -05:00
Jonathan Claudius
a27c376ae7
Add service port and host
2015-01-26 22:06:07 -05:00
Jonathan Claudius
dd34b58e49
Add add loot
2015-01-26 22:01:38 -05:00
Jonathan Claudius
3889ed5784
Add cred login
2015-01-26 21:50:10 -05:00
Jonathan Claudius
eead063375
Add RubyGems API Post Gather Module
2015-01-26 20:53:39 -05:00
sinn3r
d7375e84ea
Move modules/post/windows/escalate/net_runtime_modify.rb
...
This module was scheduled to be removed on 01/08/2015.
Please use exploit/windows/local/service_permissions instead.
2015-01-26 00:29:43 -06:00
Jon Hart
e7c21f3205
Land #4503 , @m7x's post module for extracting McAfee VSE hashes
2015-01-21 20:44:41 -08:00
Jon Hart
9cc58a8d69
Lastly, rename the file so that it is specific to McAfee VSE
2015-01-21 20:44:34 -08:00
Jon Hart
683a541064
Tighten up prints to make it specific to VSE, not McAfee in general
2015-01-21 20:33:54 -08:00
Jon Hart
52be3d80b7
Minor ruby style cleanup
2015-01-21 20:27:38 -08:00
Jon Hart
ceed293969
Remove unnecessary requires
2015-01-21 20:23:03 -08:00
Jon Hart
f73052710d
Correct recent msftidy change in outlook gather
2015-01-21 13:27:48 -08:00
Jon Hart
46a0ec8a68
Make timeout for Powershell scripts configurable
2015-01-21 13:24:43 -08:00
wez3
bd0a20a717
Update outlook.rb execute_script time_out
...
I have been using the script in real life cases which have bigger e-mailboxes then in the testing environment. Because of execute_script default time_out no results return, as the powershell scripts run longer then 15 seconds. Changed the timeout to 120.
2015-01-20 11:16:37 +01:00
jvazquez-r7
43e0afeaed
Delete 's' typo
2015-01-19 12:55:35 -06:00
jvazquez-r7
79a24f80b8
Use constant for play options
2015-01-19 12:50:40 -06:00
jvazquez-r7
652400451e
Delete extra k
2015-01-19 12:35:26 -06:00
IMcPwn
50d43f118b
Make URLs better
...
Removes YouTube logo, loops, hides video controls at bottom, disables keyboard controls, doesn't show info about the video on the top, hides video annotations, and doesn't show related videos at the end.
2015-01-19 12:27:18 -05:00
root
3a5d6b4717
Store password hash as loot
2015-01-17 14:17:41 +00:00
Tod Beardsley
375a7e1fe9
Typo. Filtering.
2015-01-16 16:30:52 -06:00
Jon Hart
8889f95920
Correct McAfee credential storage, prepare for store_loot
2015-01-16 12:10:01 -08:00
root
f4f4787efe
Move run method
2015-01-14 23:54:02 +00:00
David Maloney
f42bda1a51
refactor parsing the results
...
moved the result parsing into its own method
cleaned up run method a bit more, added YARD docs
to the new methods
2015-01-14 14:15:57 -06:00
David Maloney
c687ecca2e
refactor filter building
...
move the filter_string into a seperate method
and use shovel oeprator to keep it a little cleaner
2015-01-14 14:04:28 -06:00
David Maloney
9b344a9605
move query fields to a constant
...
these fields should never change, so put the array
in a constant and freeze it to prevent accidental tampering
2015-01-14 13:20:00 -06:00
David Maloney
82939595f8
Merge branch 'master' into feature/metaballs1/enum_ad_users
2015-01-14 13:06:18 -06:00
root
52b929c5ca
Fix https://github.com/m7x/metasploit-framework/pull/1#issuecomment-69454590
2015-01-10 14:15:53 +00:00
Jon Hart
5c12f9da75
More cleanup
...
Handle multiple versions
Better print_
Actually extract
2015-01-09 18:01:17 -08:00
Jon Hart
35fd17c4f1
Cleanup style
2015-01-09 11:00:25 -08:00
Brent Cook
fb5170e8b3
Land #2766 , Meatballs1's refactoring of ExtAPI services
...
- Many code duplications are eliminated from modules in favor of shared
implementations in the framework.
- Paths are properly quoted in shell operations and duplicate operations are
squashed.
- Various subtle bugs in error handling are fixed.
- Error handling is simpler.
- Windows services API is revised and modules are updated to use it.
- various API docs added
- railgun API constants are organized and readable now.
2015-01-08 16:54:01 -06:00
Brent Cook
e447a17795
bump deprecated date
2015-01-08 16:20:06 -06:00
EricGershman
0496bb16bc
Minor spelling fix
2015-01-07 23:43:59 -05:00
Meatballs
0b0ac1455a
Merge remote-tracking branch 'upstream/master' into extapi_service_post
...
Conflicts:
test/modules/post/test/services.rb
2015-01-07 20:53:34 +00:00
m7x
89699d1549
Typo workspace_id
2015-01-07 10:58:59 +00:00
William Vu
46aa165ca5
Land #4481 , enum_users_history improvements
2015-01-06 01:52:38 -06:00
William Vu
745bfb2f35
Clean things up
2015-01-06 01:48:18 -06:00
Meatballs
dd5c638ab0
Merge remote-tracking branch 'upstream/master' into extapi_service_post
2015-01-05 22:18:44 +00:00
sinn3r
44dfa746eb
Resolve #4513 - Change #inspect to #to_s
...
Resolve #4513
2015-01-05 11:50:51 -06:00
sinn3r
d45cdd61aa
Resolve #4507 - respond_to? + send = evil
...
Since Ruby 2.1, the respond_to? method is more strict because it does
not check protected methods. So when you use send(), clearly you're
ignoring this type of access control. The patch is meant to preserve
this behavior to avoid potential breakage.
Resolve #4507
2015-01-02 13:29:17 -06:00
root
c348663204
Add McAfee Hashdump
2015-01-02 10:22:11 +00:00
Tod Beardsley
264d3f9faa
Minor grammar fixes on modules
2014-12-31 11:45:14 -06:00
Brendan Coles
cc75c33d60
Use user home directories
...
Replace hard-coded '/home/' and '/root/' with `~username` shorthand.
2014-12-31 09:12:35 +11:00
Brendan Coles
013e45e83d
Add support for MongoDB history
2014-12-31 08:38:58 +11:00
Brendan Coles
d2e6f90569
Use a list of users
2014-12-31 08:12:16 +11:00
Brendan Coles
897e993971
Update description
2014-12-30 08:05:53 +11:00
Brendan Coles
8719a36d84
DRY status messages
2014-12-30 08:03:40 +11:00
Brendan Coles
0de80e9c76
Minor changes to style
2014-12-30 07:58:54 +11:00
Brendan Coles
0085bcf075
Use `blank?' instead of `nil?'
2014-12-30 07:38:34 +11:00
Brendan Coles
a50ac4050c
Add support for PostgreSQL history
2014-12-30 07:33:22 +11:00
Brendan Coles
4ebe0fc0a8
Add support for different shells
2014-12-30 07:26:12 +11:00
Mark Judice
30228bcfe7
Added underscore to user regex in smart_hashdump.rb to support usernames that contain underscores. Issue #4349 .
2014-12-23 22:36:11 -06:00
jvazquez-r7
01cf14d44e
Fix banner
2014-12-23 01:02:09 -06:00
jvazquez-r7
4928cd36e4
Land #4187 , @BorjaMerino's post module to get output rules
2014-12-23 01:01:03 -06:00
jvazquez-r7
49fef9e514
Do minor module clean up
2014-12-23 01:00:21 -06:00
Meatballs
6a822cca61
Move code out of begin/rescue block
2014-12-17 06:45:00 +00:00
Meatballs
dd63d793e5
Bring in @darkoperator's filters
2014-12-17 06:14:21 +00:00
Meatballs
8c7ff728ef
Gather some more info
2014-12-17 05:46:01 +00:00
sinn3r
4c714b3eaf
Land #4386 - Fix issue #3852 (support for other languages for enable_rdp)
2014-12-15 11:37:05 -06:00
root
6480ae2c03
Show message at the end
2014-12-15 16:26:39 +01:00
root
288954afa0
recvfrom allocation changed
2014-12-14 18:58:48 +01:00
Meatballs
00b802cc68
Reindent description
2014-12-14 10:04:18 +00:00
Meatballs
6ecf537f40
Grab user creds to database
2014-12-13 20:30:20 +00:00
Meatballs
e914061745
Gsub out funny character when storing to database
2014-12-13 18:35:31 +00:00
Meatballs
316710329b
Fix field.value
2014-12-13 18:31:29 +00:00
Meatballs
d3d744a7cb
Make sure we get the field :value
2014-12-13 18:13:36 +00:00
jvazquez-r7
5eb510f7bc
Use the correct variable for the filename
2014-12-12 17:40:26 -06:00
jvazquez-r7
27323bcaa5
Fix #3852 , make enable_rdp with other languages
2014-12-12 17:30:14 -06:00
wez3
3b6e92726c
Update outlook rb, "NL" to "nl_NL"
...
Update outlook rb, "NL" to "nl_NL"
2014-12-12 20:09:34 +01:00
Christian Mehlmauer
0f27c63720
fix msftidy warnings
2014-12-12 13:16:21 +01:00
Jon Hart
65b316cd8c
Land #4372
2014-12-11 18:48:16 -08:00
Jon Hart
e5e40307e6
Land #4373
2014-12-11 18:45:53 -08:00
Christian Mehlmauer
544f75e7be
fix invalid URI scheme, closes #4362
2014-12-11 23:34:10 +01:00
Christian Mehlmauer
de88908493
code style
2014-12-11 23:30:20 +01:00
Tod Beardsley
af9979d30b
Ruby style on methods please
...
Introduced in #4220 . This ain't no JavaScript!
2014-12-11 15:24:30 -06:00
Tod Beardsley
909971e0bf
Margins on description, PowerShell not Powershell
2014-12-08 10:57:49 -06:00
Tod Beardsley
80dc781625
Email over E-mail
...
While I believe "e-mail" is the actually correct spelling, we tend to
say "email" everywhere else. See:
````
todb@mazikeen:~/git/rapid7/metasploit-framework$ grep -ri "print.*email"
modules/ | wc -l
19
[ruby-2.1.5@metasploit-framework](fixup-grammar)
todb@mazikeen:~/git/rapid7/metasploit-framework$ grep -ri
"print.*e-mail" modules/ | wc -l
1
````
2014-12-08 10:55:26 -06:00
Christian Mehlmauer
738fc78883
Land #4220 , outlook gather post module
2014-12-07 22:41:28 +01:00
Christian Mehlmauer
cc63d435c7
another whitespace
2014-12-06 09:32:22 +01:00
Christian Mehlmauer
f0a47f98bc
final formatting
2014-12-06 00:38:05 +01:00
Christian Mehlmauer
f1f743804e
more formatting
2014-12-06 00:31:38 +01:00
Christian Mehlmauer
9187a409ec
outlook post module fixes
2014-12-06 00:28:44 +01:00
wez3
7c62fa5c95
Add Windows post module for reading/searching Outlook e-mail #8
2014-12-04 14:28:40 +01:00
wez3
3cadcb942a
Add Windows post module for reading/searching Outlook e-mail #7
2014-12-03 18:30:22 +01:00
wez3
611e8c72eb
Add Windows post module for reading/searching Outlook e-mail #6
2014-12-02 14:05:08 +01:00
peregrino
84bb5b5215
Rex::Socket.to_sockaddr changed
2014-11-26 17:51:38 +01:00
peregrino
16b64ff42a
Rex::Socket.to_sockaddr changed
2014-11-26 17:51:05 +01:00
peregrino
16a9450d43
session.tunnel_peer changed by session.session_host. Other minor changes
2014-11-26 12:08:54 +01:00
jvazquez-r7
5615d65aee
Do minor cleanup
2014-11-25 17:35:07 -06:00
wez3
5294594379
dd Windows post module for reading/searching Outlook e-mail #5 Add DE
2014-11-25 14:36:14 +01:00
jvazquez-r7
71669b9f9e
Change module filename
2014-11-24 20:34:12 -06:00
jvazquez-r7
5c4b1b0283
Output some information
2014-11-24 20:31:26 -06:00
jvazquez-r7
6e9cd331b3
Modify description
2014-11-24 20:28:38 -06:00
jvazquez-r7
261da9306e
Use store_loot
2014-11-24 20:22:21 -06:00
jvazquez-r7
cf52dd895f
Refactor search
2014-11-24 20:20:37 -06:00
jvazquez-r7
2fa5223d3b
move check out of the begin block
2014-11-24 19:28:53 -06:00
jvazquez-r7
90bdc770b5
Use literal creation notation
2014-11-24 19:27:50 -06:00
jvazquez-r7
2c4caeed29
Clean metadata
2014-11-24 19:26:12 -06:00
jvazquez-r7
443dd7b6c0
Use constants
2014-11-24 19:04:02 -06:00
jvazquez-r7
250250beb0
Fix indentation
2014-11-24 18:58:07 -06:00
jvazquez-r7
88ccffacb4
Update from upstream master
2014-11-24 18:32:35 -06:00
wez3
53b69583f4
Add Windows post module for reading/searching Outlook e-mail #4
2014-11-21 20:00:30 +01:00
wez3
435c6eef81
Add Windows post module for reading/searching Outlook e-mail #3
2014-11-18 16:27:33 +01:00
wez3
91a53dc36c
Add Windows post module for reading/searching Outlook e-mail
2014-11-18 12:41:24 +01:00
jvazquez-r7
54de805b7a
Report credentials
...
* Even when we are not associating them to hosts
* It's a post module so maybe we cannot solve some names
2014-11-17 12:49:18 -06:00
wez3
7a2b7208e7
Add Windows post module for reading/searching Outlook e-mail
2014-11-17 19:38:55 +01:00
jvazquez-r7
b3b37c7c9f
Use longer description lines
2014-11-17 12:23:22 -06:00
jvazquez-r7
145e610c0f
Avoid shadowing new method
2014-11-17 12:22:30 -06:00
Jon Hart
d5afb2b766
%q
2014-11-17 09:01:14 -08:00
Jon Hart
ce73e32673
Doc and named captures
2014-11-17 09:01:14 -08:00
Jon Hart
bf05fe1389
Refactoring, simplification, better print_*
2014-11-17 09:01:14 -08:00
Jon Hart
6e1cdfde36
Rip out create_credential* stuff. Use what works
2014-11-17 09:01:14 -08:00
Jon Hart
e5bb13a609
If remmina config files are missing data for creds, tell me what
2014-11-17 09:01:14 -08:00
Jon Hart
875d1f9ea0
Convert Remmina credential gatherer to use new credentials model
2014-11-17 09:01:14 -08:00
Jon Hart
086f0c02d6
Remove excessive logging
2014-11-17 09:01:14 -08:00
Jon Hart
90e58e9e71
Binary encoding
2014-11-17 09:01:14 -08:00
Jon Hart
e76373340e
Correct some Rubocop things that I agree with
2014-11-17 09:01:14 -08:00
Jon Hart
f729a6cf02
Add Remmina RDP/SSH/VNC password gathering
2014-11-17 09:01:13 -08:00
Peregrino Gris
80a9fa4b5d
Ports default values added, is_internal REX function added, reference added
2014-11-13 10:10:25 +01:00
Peregrino Gris
529f749abb
Add post-exploitation module to get FW filtering rules
2014-11-12 17:38:49 +01:00
Jon Hart
c765100efd
Land #4004 , @martinvigo's LastPass master password extraction module
2014-10-22 16:34:54 -07:00
Jon Hart
29b61984c5
Update to use correctly joined path
2014-10-22 16:34:17 -07:00
Tim Wright
b8c3fadb9e
python 3 is supported now too :)
2014-10-22 20:10:48 +01:00
Tim Wright
8c3c73a72d
inline the error message
2014-10-22 20:08:14 +01:00
Tim Wright
2ab73688dc
use framework.threads to launch cleanup thread
2014-10-22 19:40:29 +01:00
Tim Wright
22fc6496ac
Merge branch 'pr/3401' into landing-3401
2014-10-22 19:23:01 +01:00
Jon Hart
88c1647c80
Loot the passwords, obviously
2014-10-19 13:11:10 -07:00
Jon Hart
0971d7c3ac
Remove ... from prints, only map a browser if we found something
2014-10-19 13:05:11 -07:00
Jon Hart
967800eed0
Track account name for more useful table and prints
2014-10-19 12:59:51 -07:00
Jon Hart
5a05246682
Consistent case in *print_*
2014-10-19 12:30:50 -07:00
Jon Hart
a30663e412
Fix multiuser LastPass extraction, print/vprint cleanup
2014-10-17 17:40:19 -07:00
Jon Hart
d2a00b208e
Minor style cleanup to appease Rubocop
2014-10-17 12:50:18 -07:00
Jon Hart
d97fe548b9
Store the browser name in LastPass loot
2014-10-17 11:33:31 -07:00
Jon Hart
43238c7324
Simplify LastPass extraction. Track what browser that puked creds
2014-10-17 11:19:36 -07:00
Jon Hart
9177b931fd
Refactoring of LastPass module to use correct Firefox path on *nix
2014-10-17 10:20:55 -07:00
URI Assassin
35d3bbf74d
Fix up comment splats with the correct URI
...
See the complaint on #4039 . This doesn't fix that particular
issue (it's somewhat unrelated), but does solve around
a file parsing problem reported by @void-in
2014-10-17 11:47:33 -05:00
Martin Vigo
36d6220f8f
Make use of Rex::Ui::Text::Table
2014-10-15 23:13:53 -07:00
Martin Vigo
bb421859d3
Refactor code and add support for all Windows
2014-10-15 22:15:54 -07:00
Martin Vigo
c7e0ced02b
Remove useless conditions
2014-10-15 21:29:47 -07:00
Martin Vigo
2bdc703930
Remove useless condition
2014-10-15 21:16:06 -07:00
Martin Vigo
5fa39782b8
Fix unused variable
2014-10-15 21:10:50 -07:00
Martin Vigo
8fc0f0955e
Add support for Firefox
2014-10-15 20:44:20 -07:00
Martin Vigo
47794510c3
Add support for Firefox in XP
2014-10-15 20:44:19 -07:00
Martin Vigo
484d98d0a8
Meet rubocop and msftify rules
2014-10-15 20:17:36 -07:00
Martin Vigo
85e6febe09
Add module to extract/decrypt LastPass credentials
2014-10-15 20:17:36 -07:00
jvazquez-r7
520e1bccca
Land #3692 , @TomSellers's support for Metasploit Credential on enum_snmp
2014-10-09 15:18:44 -05:00
James Lee
a65ee6cf30
Land #3373 , recog
...
Conflicts:
Gemfile
Gemfile.lock
data/js/detect/os.js
lib/msf/core/exploit/remote/browser_exploit_server.rb
modules/exploits/android/browser/webview_addjavascriptinterface.rb
2014-10-03 18:05:58 -05:00
James Lee
a21752bc9c
Fix NoMethodError on os, mark DCs as 'server'
2014-10-01 16:02:46 -05:00
Joe Vennix
5d234c0e01
Pass #send in this so jsobfu is not confused.
2014-09-24 15:07:14 -05:00
sinn3r
50fa5745bb
Rm print_debug line
...
I forgot to remove this line while testing the module
2014-09-16 16:46:40 -05:00
sinn3r
07c14f5ee8
Land #3388 - Post mod to check Win32_QuickFixEngineering
2014-09-16 16:18:04 -05:00