10e16673a7
There must be read_file
2013-12-17 16:42:49 -06:00
21feae0bbc
Make sure the file path is readable when it's ~/
2013-12-17 16:38:58 -06:00
7ec96876d9
Delete unnecessary includes
2013-12-17 15:57:09 -06:00
374ef71c12
Favor read_file instead
2013-12-17 15:34:52 -06:00
ea6ba2b159
Add post module to get LastSession.plist
...
LastSession.plist sometimes contains sensitive information such as
usernames and passwords. It'd be nice to keep this in loot.
2013-12-17 13:07:30 -06:00
2ef3caa9d7
Land #2735 , @jvennix-r7 support of 10.8+ on osx hashdump
2013-12-10 09:39:04 -06:00
06b651de7b
Revert read_file to cat so that pipe will work.
2013-12-09 19:30:08 -06:00
450716c788
Remove meterpreter support from osx autologin gather.
2013-12-09 19:19:20 -06:00
6d1d45c691
Add user param to nt_hash call.
2013-12-09 10:28:06 -06:00
9c5991980a
Land #2733 - Disable meterpreter support because they're not stable
2013-12-09 02:50:36 -06:00
dea35252af
Kill unused method.
2013-12-08 14:35:49 -06:00
df76651834
Make sure loot is named correctly.
2013-12-08 14:31:18 -06:00
7f3ab14179
Make pipe part of /bin/bash cmd.
2013-12-08 14:27:28 -06:00
9b34a8f1ad
Supports 10.3
2013-12-08 14:26:16 -06:00
f981a04918
Fix MATCHUSER bug.
...
* Also add spacing and indentation for better readability.
* Refactors grab_shadow_blob method.
2013-12-08 14:21:48 -06:00
eacab1b2ad
Fix description, kill dead constant.
2013-12-07 22:28:16 -06:00
969f45fd32
Refactor OSX hashdump post module.
...
* Adds support for MATCHUSER regex option
* Adds support for OSX 10.8 and 10.9 hashes (PBKDF2)
* DRYs up a bunch of older code, adds lots of helper fns
* Ends up shaving off ~20 lines
2013-12-07 22:22:23 -06:00
3066e62711
Fix typo, fix no-autologin users bug.
2013-12-07 19:27:36 -06:00
4cb788b9de
Adds osx autologin password post module.
2013-12-07 19:01:35 -06:00
c6eac67ab5
Kill meterpreter support for osx media modules.
...
There is some bug that I haven't been able to track down that causes the
osx call to run the event queue to just hang on latest OSX + Java/python
meterpreter. I tried rewriting these modules using OSX's new Media API,
but I run into the same problem. Until I find a solution, we should mark
these shell-only.
2013-12-07 17:46:26 -06:00
19293d89dd
Land #2704 - rm script launcher and fix file_exists?
2013-12-02 15:05:01 -06:00
44e37f1b98
Improved meterpreter compatibility
2013-12-02 21:43:58 +01:00
7e379376dc
Land #2635 , @peto01 and @jvennix-r7's osx post module to manage volumes
2013-12-02 09:22:23 -06:00
cc2b7950bf
Do minor cleanup to mount_share
2013-12-02 09:21:36 -06:00
040a629f34
Kill meterpreter support.
...
* Meterpreter seems to fall over on the cmd escaping, and dies if you
try to pass it an array of args (python/java meterpreter on various versions
of osx).
2013-12-01 20:17:43 -06:00
2de9a4f3c1
Add support for 10.5 shares.
2013-12-01 20:13:54 -06:00
95a98529c4
Removed script launcher wrapper and fixed the file_exists so that the module now detects input
2013-11-27 21:38:20 +01:00
6561f149a8
DRY up URL_REGEX constant.
2013-11-27 06:16:25 -06:00
b0416b802d
Change the Recent shares implementation.
...
* Allows us to see protocol of Recent Shares
* Parses protocol from file share URL
2013-11-27 06:08:48 -06:00
e876155e1a
More tweaks to mount_share.
...
* Adds some docs to some of the methods to further distinguish
the separate sets of shares.
2013-11-27 05:45:46 -06:00
485e38ebca
Some code tweaks to post/osx/mount_share.
...
* Make PROTOCOL an Enum
* Move path override options to advanced section
* More Enumerable rework
* Move one-off regexes back to inline, pull out protocol list
2013-11-27 05:22:12 -06:00
4a6511311d
Code improvements according to feedback
2013-11-22 15:35:45 +01:00
3afa21c721
Added favorite and recent shares to the output
2013-11-21 23:55:24 +01:00
f6f0d81149
Land #2632 , @peto01 OSX VPN Manager post module
2013-11-18 09:49:14 -06:00
0a930ef6e1
Clean osx vpn post module
2013-11-18 09:47:52 -06:00
7db42efdd4
Code restructure and more robust error handling
2013-11-14 13:44:49 +01:00
2b19490095
Fix Exception handling
2013-11-13 13:57:15 -06:00
95f371a1a6
Move screen_capture to the capture folder
2013-11-13 13:41:11 -06:00
f65e82523b
Clean screen_capture
2013-11-13 13:40:41 -06:00
0c096c10fb
Submitting first version for pull request
2013-11-13 17:03:38 +01:00
f5760d5e4c
Removed unnecessary delay
2013-11-13 16:25:47 +01:00
c4a8bfb175
Tighter error handling
2013-11-13 16:19:38 +01:00
78199409dd
Changes according to feedback
2013-11-13 14:13:40 +01:00
92da6760ef
Modified module to use windows/screen_spy code
2013-11-13 13:30:20 +01:00
3fdaf4de94
Work in progress
2013-11-13 13:11:27 +01:00
76660b858c
In progress
2013-11-13 12:32:49 +01:00
049111cd94
In progress
2013-11-13 11:21:39 +01:00
d9c402c035
Fixed the module name
2013-11-13 08:57:50 +01:00
2d9e8e09e6
Minor bugfix
2013-11-13 02:07:06 +01:00
1fed50c96a
General improvements according to feedback
2013-11-13 01:54:42 +01:00
6e12553393
Changed option SNAP_FILETYPE to FILETYPE
2013-11-13 00:51:58 +01:00
779cb48b76
General improvements addressing feedback
2013-11-13 00:42:00 +01:00
c5f21ef463
added osx vpn module
2013-11-12 12:47:33 +01:00
b722fee15c
added OSX module screen_capture
2013-11-12 12:32:30 +01:00
5d86ab4ab8
Catch mis-formatted bracket comments.
2013-10-15 14:52:12 -05:00
c83262f4bd
Resplat another common boilerplate.
2013-10-15 14:07:48 -05:00
23d058067a
Redo the boilerplate / splat
...
[SeeRM #8496 ]
2013-10-15 13:51:57 -05:00
4266b88a20
Move author name to just 'joev'
...
[See #2476 ]
2013-10-07 12:50:04 -05:00
41f23d5268
Fix merge fail
...
The whitespace fixes from @tabassassin somehow hosed this change.
See
845bf7146b6daa90a4a5
2013-09-11 16:22:35 -05:00
845bf7146b
Retab changes for PR #2304
2013-09-05 13:41:25 -05:00
adf9ff356c
Merge for retab
2013-09-05 13:41:23 -05:00
84aaf2334a
Retab new material
2013-09-03 11:47:26 -05:00
0c1e6546af
Update from master
2013-09-03 11:45:39 -05:00
6daa90a4a5
Msftidy: use binary on File.open always
...
msftidy is complaining, here:
keylog_recorder.rb:116 - [WARNING] File.open without binary mode
Not sure how this managed to hit upstream/master with msftidy warnings.
Protip, use an msftidy pre-commit hook. We have just such a hook script
in tools/dev, as a matter of fact, so it's just a symlink away:
https://github.com/rapid7/metasploit-framework/blob/master/tools/dev/pre-commit-hook.rb
2013-09-03 10:35:50 -05:00
8acabe457c
Trailing whitespace fixup
2013-09-03 10:32:48 -05:00
ca8dacb93b
Minor module description updates for grammar.
2013-09-03 10:31:45 -05:00
41e4375e43
Retab modules
2013-08-30 16:28:54 -05:00
63adde2429
Fix load order in posts, hopefully forever
2013-08-29 13:37:50 -05:00
13996b98cf
Correct action description for recording
...
The correct description is recording
2013-08-27 12:39:46 -05:00
a91b38cbf4
Land #2276 - osx webcam and record_mic post modules
2013-08-27 12:28:14 -05:00
728d0a0e65
Land #2240 - OSX keylogger
2013-08-27 11:36:58 -05:00
a9459ef703
Update module title for naming style consistency
2013-08-27 11:36:26 -05:00
16ace44f2d
Move keylogger.rb to post/osx/capture/keylog_recorder
...
To match the naming consistency with Windows
2013-08-27 11:35:00 -05:00
2d3f599498
Moves ruby_dl helpers to proper place in repo.
...
* Adds fail_with methods and moves timeouts to constants.
2013-08-23 17:17:19 -05:00
ba00395cfd
Set filename to osx_mic_rec instead of webcam.
2013-08-23 15:52:24 -05:00
6c4ad6a976
Move modules to post/osx/manage.
2013-08-23 15:38:58 -05:00
c3b98262bf
Seriously ,stop writing things to my desktop.
2013-08-23 15:16:41 -05:00
7ebe6635ea
Finish fixing ruby 1.8.7 regressions. Works on 10.8 and 10.7.
2013-08-23 15:06:48 -05:00
f843743294
Adds fixes from @wchen-r7.
2013-08-18 18:46:51 -05:00
017309d02d
Minor fixes to keylogger.
2013-08-18 16:29:34 -05:00
1cdf77df7d
OSX keylogger module finally working.
2013-08-18 16:21:38 -05:00
919e0d1901
MSF license, make use of print_good
2013-08-13 22:14:35 -05:00
e1856651bc
Incorporate the suggested edits from the PR review.
...
* Rewrites helpers to just use cmd_exec, since that works in meterpreter and shell.
* Changes _EOF_ to EOF, since that threw a harmless error in shell
commits
* Prefer using Post mixin API instead of rolling-own implementation
* Fixes whitespace
[SeeRM #5940 ]
2013-08-13 19:35:55 -05:00
99ef714d00
Updates pps description.
2013-08-13 19:35:55 -05:00
52fa000211
Get password_prompt_spoof module working. [RM #5940 ]
2013-08-13 19:35:55 -05:00
8f2dd8e2ce
msftidy: Remove $Revision$
2013-01-04 00:48:10 +01:00
25aaf7a676
msftidy: Remove $Id$
2013-01-04 00:41:44 +01:00
9c95c7992b
Require's for all the include's
2012-10-23 13:24:05 -05:00
9bf1f28c1f
Apostrophe
2012-08-15 14:19:56 -05:00
6a0271fb11
Correct OSX naming. See ticket #7182
2012-08-14 15:29:21 -05:00
880491c52f
Update description
2012-08-08 14:07:51 -05:00
8a787f8342
typo
2012-08-08 14:04:49 -05:00
5f46a1e239
Based on #676 , with some changes
2012-08-08 12:44:39 -05:00
7cff1365a2
Merge branch 'master' of https://github.com/ipwnstuff/metasploit-framework into osx_keychain
2012-08-08 11:12:07 -05:00
189a4ffb78
Edited spaceing
2012-08-08 10:40:33 -05:00
bb588d338b
Add Keychain Enumeration Mac OS X Post Module
...
Based off my `Keyjacker` script this module runs through an account's
keychains and returns internet accounts associated.
Setting the GETPASS option to true will return both many plain text
passwords given that the user allows their system to use the keychain
when prompted.
2012-08-08 03:03:19 -05:00
b46fb260a6
Comply with msftidy
...
*Knock, knock!* Who's there? Me, the msftidy nazi!
2012-08-07 15:59:01 -05:00
b9e7af6bcd
fixes to OSX modules as requested by egypt on redmine ticket and fixes to the remote desktop post modules
2012-06-04 10:56:40 -04:00
c9604d8902
Add an invisible reference
2012-05-22 10:52:54 -05:00
d9ab464d4d
A very quick update to the title.
2012-05-22 03:11:05 -05:00
sinn3r
jvazquez-r7
Joe Vennix
Peter Toth
Tod Beardsley
James Lee
Tab Assassin
Joe Vennix
Joff Thyer
Christian Mehlmauer
Tod Beardsley
sinn3r
Erran Carey
Carlos Perez