92963d4999
Fix broken NTLM hash format
2014-06-30 11:35:28 -05:00
c9b6c05eab
Fix improper use of host-endian or signed pack/unpack
...
Note that there are some cases of host-endian left, these
are intentional because they operate on host-local memory
or services.
When in doubt, please use:
```
ri pack
```
2014-06-30 02:50:10 -05:00
90fb07ba6d
Use downcase instead of upcase
2014-06-27 14:12:10 -05:00
aaeca5ce5b
Remove user field from PBKDF2 hash
2014-06-27 11:26:45 -05:00
6e1fa8ff5a
Refactor OS X hashdump creds
2014-06-26 15:10:35 -05:00
75be200b97
Merge branch 'feature/MSP-9714/jtr_aix' into staging/electro-release
2014-06-25 14:34:41 -05:00
db8692444f
Merge branch 'feature/MSP-9742/windows_autologin' into staging/electro-release
2014-06-25 04:31:57 -05:00
920bd1132e
replace manual packing with rex version
2014-06-25 00:16:28 -04:00
b875a803d0
fix aix hashdump
...
aix hashdump now creates NonreplayableHash objects
2014-06-24 15:23:37 -05:00
86869f0a81
remove extra parenthesis
2014-06-23 17:10:31 -04:00
8e37aea7c2
remove use of Q in packing and unpacking
2014-06-23 16:52:53 -04:00
a7d00f8144
simplify SHA1 code
2014-06-23 15:39:06 -04:00
77620193a1
remove character restriction on aes.final call
2014-06-23 15:37:19 -04:00
2d0b4b96ee
remove verbose exit if no salt found
2014-06-23 15:34:07 -04:00
275d8826bd
skype post module to extract password hash
2014-06-23 15:16:50 -04:00
0822713f2e
Hide unneeded options
2014-06-21 11:39:52 -05:00
cec3ca1df6
Improve detection of failed uploads
...
leaving aborted = nil was causing unexpected behavior when the upload failed. Explicitly setting aborted = false by default corrects this issue.
2014-06-21 10:12:17 -05:00
dbd0bc5fa2
Refactor windows_autologin creds
2014-06-19 14:38:31 -05:00
2b0bb608b1
Merge branch 'master' into staging/electro-release
2014-06-18 10:49:58 -05:00
8e1949f3c8
Added newline at EOF
2014-06-17 21:03:18 +02:00
19da7d551e
Kill newline (race @wvu-r7 on this)
...
See PR #3453
2014-06-16 11:46:08 -05:00
2aa26fa290
Minor spacing and word choice fixups
2014-06-16 11:40:21 -05:00
2cedee1aef
Merge pull request #74 from rapid7/feature/MSP-9744/autologin_password
...
Land #74 , @wvu-r7's refactor of osx autologin_password module.
2014-06-16 11:29:49 -05:00
29f5344d26
Drop merge of service_data, since it doesn't exist
2014-06-16 09:27:01 -05:00
07d8921b0b
Merge branch 'feature/MSP-9747/pgpass_creds' into staging/electro-release
2014-06-13 16:06:15 -05:00
d246e28cb3
Merge branch 'feature/MSP-9733/ftpnavigator' into staging/electro-release
2014-06-13 16:03:06 -05:00
2f1032d617
Add a missing comma and a comment
2014-06-13 15:48:14 -05:00
da74777570
Merge branch 'feature/MSP-9729/enum_cred_store' into staging/electro-release
2014-06-13 15:46:08 -05:00
72fdf6a607
Get rid of the rest of the service stuff
2014-06-13 15:45:13 -05:00
8be602e487
Merge branch 'feature/MSP-9734/ftpx' into staging/electro-release
2014-06-13 15:36:43 -05:00
1df7362774
Merge branch 'feature/MSP-9740/outlook' into staging/electro-release
2014-06-13 15:34:06 -05:00
81d47c4eb3
Merge branch 'feature/MSP-9730/epo_sql' into staging/electro-release
2014-06-13 15:31:41 -05:00
a3eea2f712
Add better handling of host and port
2014-06-13 15:22:09 -05:00
4593c309f5
Fix a dummy because I can't read
2014-06-12 19:10:24 -05:00
9d89730026
Use realm instead of private
2014-06-12 18:46:13 -05:00
277c9d68bc
Remove service_name, since it doesn't make sense
2014-06-12 18:37:00 -05:00
5d19410294
Don't use getaddress with session.session_host
2014-06-12 18:30:51 -05:00
3a1578bead
Don't use getaddress with session.session_host
2014-06-12 18:29:46 -05:00
3ad3ca88e5
Use session.session_host
2014-06-12 18:26:01 -05:00
a7416332e3
Merge branch 'feature/MSP-9732/flashfxp' into staging/electro-release
2014-06-12 18:02:20 -05:00
1969c8f018
Merge branch 'feature/MSP-9727/bulletproof_ftp' into staging/electro-release
2014-06-12 15:41:57 -05:00
ff2fc68d11
Fix busted vars
2014-06-12 15:37:06 -05:00
18a2e0928c
Merge branch 'feature/MSP-9737/wsftp_client' into staging/electro-release
2014-06-12 15:08:26 -05:00
96e492f572
Merge branch 'master' into staging/electro-release
2014-06-12 14:02:27 -05:00
86671796b7
Refactor autologin_password creds
2014-06-12 13:54:52 -05:00
d9d16e436a
Refactor epo_sql creds
2014-06-12 13:23:11 -05:00
74cb5cd79e
Fix bad copypasta
2014-06-12 13:17:12 -05:00
302e495451
Fix bad indent
2014-06-12 13:13:05 -05:00
89434a75c3
Fix bad indent
2014-06-12 13:10:50 -05:00
512395395b
Refactor pgpass_creds creds
2014-06-12 13:08:47 -05:00
c7bb0f1eb8
Fix bad copypasta
2014-06-12 12:59:35 -05:00
0d92ae08dd
Refactor enum_cred_store creds
2014-06-12 12:57:46 -05:00
429d85dc5d
Refactor flashfxp creds
2014-06-12 12:40:33 -05:00
e96a70a0f5
Refactor outlook creds
2014-06-12 12:31:12 -05:00
2a7227f443
Land #3427 - Adds webcam module for firefox privileged sessions on OSX
2014-06-11 22:27:25 -05:00
d5b32e31f8
Fix a typo where platform was 'windows' not 'win'
...
This was reported by dracu on freenode
2014-06-11 15:10:33 -05:00
8b35815ead
Move module to post/firefox/manage.
2014-06-11 15:10:22 -05:00
bdd86bf863
Add check for windows bug (RM#8810).
2014-06-11 15:09:52 -05:00
ac94f8e861
Refactor bulletproof_ftp creds
2014-06-11 13:04:58 -05:00
7147a88968
Refactor ftpnavigator creds
2014-06-11 12:57:45 -05:00
676afe391a
Refactor gpp creds
2014-06-11 12:48:00 -05:00
41ff4c3dce
Refactor ftpx creds
2014-06-11 12:35:15 -05:00
4d923a4809
Update to Rubyzip 1.X API
...
MSP-10004
`require 'zip'` instead of `'zip/zip'` and rename all classes to remove
redundant Zip prefix inside the Zip namespace.
2014-06-10 13:41:42 -05:00
9826a57429
Update coreftp.rb
2014-06-10 13:01:19 -05:00
dffc9b6852
Use the new hash syntax for consistency
2014-06-10 12:56:15 -05:00
d7fd7b8d1e
Refactor wsftp_client creds
2014-06-10 12:05:04 -05:00
2c8c4f238c
Merge pull request #49 from rapid7/feature/MSP-9746/ssh_creds
...
refactor ssh_creds post module
MSP-9746 #land
2014-06-10 09:32:11 -05:00
90c63efaeb
refactor ssh_creds post module
...
the sssh_ creds post module now stores
SSH Keys as Metasploit::Credential objects
2014-06-09 11:49:49 -05:00
a33de66da4
Fix transparent background, add VISIBLE option.
2014-06-06 16:52:00 -05:00
a45a5631f5
Make window invisible.
2014-06-06 16:40:55 -05:00
4a9f50bb60
Clean up some dead code.
2014-06-06 16:20:40 -05:00
7c762ad42c
Fix some minor bugs in webrtc stuff, inline API code.
2014-06-06 16:18:39 -05:00
534c20d5e6
refactor linux hashdump post module
...
linux hashdump now saves hashes as nonreplayable hash
credential objects
2014-06-06 15:21:47 -05:00
f660f557e5
Merge pull request #38 from rapid7/feature/msp-9738/winscp
...
Feature/msp 9738/winscp
2014-06-06 11:43:50 -05:00
ef8f237050
refactor filezilla_server
...
you know the score
2014-06-04 15:43:15 -05:00
28bf29980e
Merge branch 'master' into staging/electro-release
2014-06-04 10:21:08 -05:00
f2e1732878
Resolve hostnames before trying to save
2014-06-03 15:19:30 -05:00
0272593923
Merge pull request #32 from rapid7/feature/MSP-9736/vnc-post
...
refactor vnc post module
MSP-9736 #land
2014-06-03 13:53:42 -05:00
8abed15c77
Switch to Credential::* things
2014-06-03 11:48:08 -05:00
883976c6a8
Merge pull request #33 from rapid7/feature/MSP-9741/smartftp
...
refactor smartftp post module
MSP-9741 #land
2014-06-03 10:04:09 -05:00
9d9f3b5a03
Refactor to prepare for replacing report_auth_info
2014-06-02 18:07:44 -05:00
ea383b4139
Make print/descs/case consistent
2014-06-02 13:20:01 -05:00
5c745c4b9c
Merge pull request #31 from rapid7/feature/MSP-9728/coreftp
...
refactor coreFTP post module
MSP-9728 #land
2014-06-02 13:19:11 -05:00
9eb42cb80f
refactor smartftp post module
...
refactor the smartftp credential post module to use
Metasploit::Credential
2014-06-02 11:48:45 -05:00
34004908bb
Merge branch 'master' into staging/electro-release
...
Conflicts:
.ruby-version
2014-06-02 11:10:33 -05:00
d9fd77fba7
Merge pull request #29 from rapid7/feature/MSP-9739/mremote_refactor
...
Feature/msp 9739/mremote refactor
MSP-9739 #land
2014-06-02 11:05:20 -05:00
1e2ae16713
refactor vnc post module
...
this adds Metasploit::Credential functionality to
the post/windows/gather/credentials/vnc module
it also fixes a hostname resolution issue on windows
hashdump that could occur when the peerhost is an unresolved
hostname
2014-05-30 14:27:44 -05:00
86fec3a33f
refactor coreFTP post module
...
post/windows/gather/credentials/coreftp now uses
the new Metasploit::Credential methods
2014-05-30 14:06:31 -05:00
af569449d9
Code cleanup
...
Fixes based on response from @timwr and @kernelsmith.
Retested with Ubuntu and Metasploitable 2 to validate proper payload. Also tested for port conflict detection after the change. Returning false on line 243 simplifies the if logic on line 251/252.
2014-05-29 18:27:17 -05:00
0d07fb6c39
Land #2858 , @jiuweigui's post module to enumerate Enumerate MUICache
2014-05-29 17:08:50 -05:00
a6229aedff
Rescue RequestError when downloading file
2014-05-29 17:07:22 -05:00
f2a71a47ca
Use \&\& instead of and
2014-05-29 17:04:38 -05:00
31c282153e
Avoid ntuser.dat md5 because is causing problems, even when data is extracted
2014-05-29 17:02:28 -05:00
e012d55d73
refactor mremote
...
mremote post module now refactored to
use new metasploit credentials
2014-05-29 16:27:41 -05:00
95b71dee00
Try to fix crash while file_remote_digest
2014-05-29 16:12:51 -05:00
a1131092b7
fix open rescue
...
rescuing all exceptions bad
bad past dave bad
2014-05-29 16:05:16 -05:00
cbbd7bfdf4
Refacotor code
2014-05-29 15:55:44 -05:00
bf3bb63e4a
fix mremote to work on mremoteNG
...
fixed the mremote credential post module to work
against the newer mRemoteNG
2014-05-29 15:43:02 -05:00
f61aeb818a
smart hashdump refactor
...
refactor the windows smart hashdump post module
to use the new cred creation methods
2014-05-29 15:06:42 -05:00
cdabb71d23
Make code cleanup
2014-05-29 14:51:10 -05:00
e3c4745879
Windows Hashdump post module refactor
...
refactor the Hashdump post module for window
to use the new cred creation methods.
Also some extra methods to do db safe checks
for record ids that we need
2014-05-29 13:20:32 -05:00
2f811381dc
Update shell_to_meterpreter.rb
2014-05-29 06:17:31 -05:00
6a30a49bcf
Update shell_to_meterpreter.rb
2014-05-29 06:08:42 -05:00
f956c8d94f
Create shell_to_meterpreter.rb
2014-05-27 06:12:09 -05:00
e585d11499
make MSF_MODULES a constant
2014-05-25 19:36:40 -05:00
61603748bd
two more tweaks
2014-05-25 10:45:09 -04:00
6435b4370a
@Meatballs1 fixes
2014-05-25 10:40:23 -04:00
e3a6782345
add post module based on @zeroSteiner idea
2014-05-24 23:37:17 -04:00
ae3c334232
Getting closer. Still something f'd with local answerer.html.
2014-05-22 17:14:35 -05:00
14b796acbf
First stab at refactoring webrtc mixin.
2014-05-21 15:32:29 -05:00
aeaff16f88
More legible output
2014-05-20 22:27:24 +01:00
92669cd4d6
Use parser
2014-05-20 22:26:13 +01:00
fabaf52929
Tidyup of GPP
...
Add Security Bulletin Reference
ProgramData is symlink to AllUsers anyway
Use NetAPI
2014-05-20 21:53:53 +01:00
a844b5c30a
Merge branch 'master' of github.com:hmoore-r7/metasploit-framework into feature/recog
...
Conflicts:
Gemfile
Gemfile.lock
data/js/detect/os.js
lib/msf/core/exploit/remote/browser_exploit_server.rb
2014-05-18 10:50:32 -05:00
2b8dd9139c
Fix cosmetic issue
...
Fix cosmetic issue /w email address when it is output via 'info' or the Rapid7 module page.
2014-05-11 16:14:51 -05:00
f94d1f6546
Refactors firefox js usage into a mixin.
2014-04-24 15:09:48 -05:00
ba4b507cc7
Land #3280 - Multiplatform WLAN Enumeration and Geolocation
2014-04-24 13:52:32 -05:00
d4c0d015c1
Update wlan_geolocate.rb
...
Updated based on feedback. Also added enumeration only support for BSD and Solaris.
2014-04-24 07:04:50 -05:00
e514ff3607
Description and print_status fixes for release
...
@cdoughty-r7, I choose you! Or @wvu-r7.
2014-04-21 14:00:03 -05:00
ee413ac385
Remove previously deprecated modules
2014-04-20 22:15:44 -05:00
2fd004b69e
New module: Multiplatform Wireless LAN Geolocation
...
This is a new POST module that allows Windows, Linux, and OSX targets to be geolocated using Google services if the target has an active and functional wireless adapter.
2014-04-19 17:31:48 -05:00
5bd9721d95
Redundant include
2014-04-15 21:34:21 +01:00
02b11afddc
Merge remote-tracking branch 'upstream/master' into netapi_change_passwd
...
Conflicts:
lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_netapi32.rb
2014-04-15 21:23:45 +01:00
bd9b5add49
Dont report creds
...
We dont know if a DOMAIN or IP is specified etc.
2014-04-15 21:14:49 +01:00
fc018eb32e
Initial commit
2014-04-15 21:05:06 +01:00
66a50b33fd
Errant whitespace
2014-04-14 13:34:39 -05:00
5f0d723588
Adds history collection module for FF privileged JS.
2014-04-14 12:27:18 -05:00
1715cf4650
Add base64 to prevent potential encoding issues.
2014-04-11 17:30:04 -05:00
65d267032d
Fix wrong DisclosureDate.
2014-04-11 16:17:22 -05:00
197a7e556b
Add password colletion post module for Firefox shells.
2014-04-11 16:15:48 -05:00
062175128b
Update @Meatballs and @FireFart in authors.rb
2014-04-09 10:46:10 -05:00
ae3ead6ef9
Land #2107 Post Enum Domain Users
2014-04-09 11:32:12 +01:00
fbec434ab2
Fix up host.os* field usage in the enum_ad_computers module
2014-04-02 07:30:37 -07:00
f4e62a8dcd
Land #3146 - Firefox Gather Cookies from Privileged Javascript Shell
2014-03-27 13:14:22 -05:00
b7f1cee8d3
Remove targets from post module.
2014-03-26 13:55:02 -05:00
ed8bf6279b
Use #run, not #exploit, for post modules.
2014-03-26 13:51:05 -05:00
6c51e0fd0d
Add cookie gathering post module for FF privileged sessions.
2014-03-26 13:49:53 -05:00
460a1f551c
Fix for R7-2014-05
2014-03-24 14:12:12 -05:00
3d3681801a
Fix linux download_exec for #2961
...
Note! This module already seems pretty broken, in that it doesn't appear
to correctly locate curl or wget. Will open another bug on that.
[See RM #8777 ]
2014-03-20 12:09:38 -05:00
3ea3968d88
Merge branch 'upstream/master' into stop_abusing_expand_path
...
Conflicts:
lib/msf/core/post/windows/shadowcopy.rb
modules/exploits/windows/local/bypassuac.rb
modules/post/windows/gather/wmic_command.rb
modules/post/windows/manage/persistence.rb
2014-03-11 23:13:39 +10:00
32d83887d3
Merge remote-tracking branch 'upstream/master' into wmic_post
2014-03-03 21:56:31 +00:00
63751c1d1a
Small msftidies
2014-02-28 22:18:59 +00:00
42a730745e
Land #2418 , Use meterpreter hostname resolution
2014-02-28 14:45:39 -06:00
2b5e4bea2b
Landing Pull Request 3003
2014-02-28 10:10:12 -06:00
0dfa53840a
Add @Meatballs1 to authors
...
Add @Meatballs1 to author list, awesome changes and fixes to the code (almost complete rewrite)
2014-02-22 12:24:56 +02:00
ff4e91bb1b
Check domain return value
2014-02-18 23:34:17 +00:00
e4aedfad43
Fixup netapi call
2014-02-18 23:30:29 +00:00
0480ad16aa
No common
2014-02-18 23:09:35 +00:00
c06f86cc2b
Updates
2014-02-18 20:31:31 +00:00
6f988209ab
Merge remote-tracking branch 'upstream/master' into enum_domain_users_update
2014-02-18 20:02:39 +00:00
4903b05214
Fix tabs
2014-02-18 13:51:40 -06:00
8a68323cf0
Dont keep checking domain
2014-02-18 17:52:34 +00:00
1bc94b8a9d
Merge for retab
2014-02-17 19:19:47 -06:00
e290529841
Sadly this url is dead
2014-02-17 22:07:19 +00:00
6c32848b10
Use correct post methods
2014-02-17 22:03:07 +00:00
83d9a1e7c2
Xp Compat?
2014-02-17 21:28:06 +00:00
5e52e48d16
Gather cached GPO
2014-02-17 20:45:56 +00:00
c39924188a
Clean up
2014-02-14 20:52:04 +00:00
b2ea257204
Include Linux::System post mixin
2014-02-14 08:32:21 -06:00
ad72ecaf84
Handle SPN array
2014-02-14 09:48:23 +00:00
4b828e5d45
Dont parse empty SPNs
2014-02-14 09:41:37 +00:00
2c12952112
Moar corrections
2014-02-14 09:37:00 +00:00
9dd56d32de
Corrections
2014-02-14 09:32:53 +00:00
7ef68184e1
Handle SPNs differently
2014-02-13 23:24:55 +00:00
95048b089e
Dont search for made up fields
2014-02-13 22:51:55 +00:00
61563fb2af
Do minor cleanup
2014-02-13 09:10:04 -06:00
67367092b7
Solve conflicts
2014-02-13 08:42:53 -06:00
a4035252d6
Land #1910 , DISCLAIMER for firefox_creds
...
Fixed conflict in Author.
2014-02-12 16:32:08 -06:00
ce2de8f3bf
Different way to write this
2014-02-12 15:08:20 -06:00
0f620f5aba
Fix Uninitialized Constant RequestError
...
[SeeRM #8765 ] NameError uninitialized constant
2014-02-12 00:23:23 -06:00
c67c0dde8f
Land #2972 , enum_system find/save logs/S[UG]ID
2014-02-11 15:45:27 -06:00
68578c15a3
find command modified
2014-02-11 10:08:12 -02:00
f181134ef8
Removed hard tabs
2014-02-10 23:16:04 -02:00
2e720f8f0f
Post::Linux - Added to search for files with setuid/setgid and logfiles
2014-02-10 19:24:51 -02:00
1236a4eb07
Fixup on description and some option descrips
2014-02-10 14:41:59 -06:00
63305025aa
Land #2615 - Add Windows Gather Active Directory User Comments
2014-02-07 12:23:43 -06:00
9c76e7fb00
Handle multiple exceptions
2014-02-07 12:23:10 -06:00
40188e1eda
RuntimeError exception should be handled.
2014-02-07 12:16:15 -06:00
89e1bcc0ca
Deprecate modules with date 2013-something
...
These modules had an expiration date of 2013.
2014-02-04 14:49:18 -06:00
e54abb4274
Add support for shell session type
2014-02-02 23:37:56 -06:00
ae84e354e8
Be consistent with get_smartermail_creds method's return value
2014-02-02 22:06:14 -06:00
662fbf53b6
Update check_smartermail method
...
Instead of using exception handling to determine the right path,
the new method simply uses the file? method. It's also renamed as
"get_mail_config_path" to properly describe its functionality.
2014-02-02 22:01:38 -06:00
2b2194cee8
Modify prints
2014-02-02 21:58:10 -06:00
62dca111f8
Conform to style
2014-02-02 08:07:18 +10:30
e30195348e
Add Windows Gather SmarterMail Password Extraction post module
2014-02-02 05:51:21 +10:30
09b70d1574
Remove max search
2014-01-24 00:27:46 +00:00
0a15e07473
Merge remote-tracking branch 'upstream/master' into service_principle_name
2014-01-24 00:26:52 +00:00
5880f7ebf2
Remove max search
2014-01-24 00:25:03 +00:00
f6054e6581
Merge remote-tracking branch 'upstream/master' into enum_ad_users
2014-01-24 00:24:31 +00:00
982795ee5d
Merge pull request #32 from todb-r7/saner-ifs-pr1473
...
Clean up the if.nils?
2014-01-23 15:50:25 -08:00
790e4d7559
Move options to mixin
2014-01-23 23:47:46 +00:00
e066d86d41
Clean up the if.nils?
2014-01-23 17:36:10 -06:00
c190a1b630
Fix field order
2014-01-22 09:29:18 +00:00
720f892e2f
Merge remote-tracking branch 'upstream/master' into enum_ad_perf
2014-01-21 21:00:51 +00:00
f571d63088
Merge remote-tracking branch 'upstream/master' into enum_ad_users
2014-01-21 21:00:09 +00:00
eee716a6b3
Grab comments and descriptions ftw
2014-01-21 20:59:31 +00:00
cd989e5dc0
Initial commit
2014-01-21 17:08:31 +00:00
6cd4c66d85
Merge remote-tracking branch 'oj/updated_meterpreter_binaries' into service_principle_name
2014-01-21 15:47:04 +00:00
5f5ca1c011
Minor fix based on suggestions
2014-01-14 20:56:14 +02:00
61b30e8b60
Land #2869 , pre-release title/desc fixes
2014-01-13 14:29:27 -06:00
e6e6d7aae4
Land #2868 , fix Firefox mixin requires
2014-01-13 14:23:51 -06:00
671027a126
Pre-release title/desc fixes
2014-01-13 13:57:34 -06:00
f11322b29f
Oh right, msftidy.
2014-01-13 13:44:34 -06:00
bc9c865c25
Land #2865 - js payload to firefox_svg_plugin & add BA support for FF JS exploits
2014-01-13 11:17:36 -06:00
95a5d12345
Merge #2835 , #2836 , #2837 , #2838 , #2839 , #2840 , #2841 , #2842 into one branch
2014-01-13 10:57:09 -06:00
f78ec1eeb2
Make sure we unwrap the SecurityWrapper.
2014-01-12 10:46:23 -06:00
bd91e36e06
Land #2851 , @wchen-r7's virustotal integration
2014-01-10 19:12:56 -06:00
d1d45059f2
use session_host instead
2014-01-10 18:27:03 -06:00
8534f7948a
Change the post module's default api key as well (to Metasploit's)
2014-01-10 17:59:51 -06:00
cacd7ff9d4
Land #2827 - Add firefox js xpcom payloads for universal ff shells
2014-01-10 14:29:32 -06:00
9a81420e90
Enumerate WinXP/7 MUICache registry key
2014-01-10 13:21:47 +02:00
238d052073
Update description
...
key is no longer required.
2014-01-10 04:02:01 -06:00
da273f1440
Update the use of report_note
2014-01-10 01:49:07 -06:00
807d8c12c7
Have a default API key
...
Modules now should have a default API key. See the following for
details:
http://blog.virustotal.com/2012/12/public-api-request-rate-limits-and-tool.html
2014-01-10 01:26:42 -06:00
a99e2eb567
Update the post module
2014-01-08 18:41:22 -06:00
130a99f52b
Add a post module that checks with VirusTotal with a checksum
...
This post module will submit a SHA1 checksum to VirusTotal to see
if it's a malicious file.
2014-01-08 18:26:40 -06:00
fb1a038024
Update async API to actually be async in all cases.
...
This avoids zalgo. Also optionally checks the return value
of the compiled Function in XSS to allow you to use send()
or an explicit return, which is maybe more natural for
synchronous xss payloads.
2014-01-07 16:17:34 -06:00
266b040457
Update cachedump.rb
...
Change to OpenSSL::Digest from deprecated OpenSSL::Digest::Digest
2014-01-07 22:14:10 +01:00
e75d87327f
Merge branch 'enum_ad_perf' into enum_ad_users
2014-01-07 12:21:39 +00:00
3bf728da61
Dont store in DB by default
2014-01-07 12:20:44 +00:00
49d1285d1b
Add explicit json require.
2014-01-06 11:15:10 -06:00
723c0480ab
Fix description to be accurate.
2014-01-04 19:06:01 -06:00
f2f68a61aa
Use shell primitives instead of resorting to
...
echo hacks.
2014-01-04 19:00:36 -06:00
b9c46cde47
Refactor runCmd, allow js exec.
...
* Updates exec payload to not touch disk
* Adds XSS module that uses hiddenWindow (to avoid X-Frame-Options)
2014-01-04 08:46:57 -06:00
cd38f1ec5d
Minor touchups to recent modules.
2014-01-03 13:39:14 -06:00
1cb671b02e
Merge branch 'adjust_getenv_api' into stop_abusing_expand_path
2014-01-03 08:14:02 +10:00
3f0ee081d9
Beautify description
2014-01-02 15:37:58 -06:00
d5e196707d
Include Msf::Post::Windows::Error
2014-01-02 13:41:37 -06:00
ec8d24c376
Update against upstream
2014-01-02 12:55:46 -06:00
3bccaa407f
Beautify use of Regexp
2014-01-02 12:54:54 -06:00
832b0455f1
Class constants and Regex added
2013-12-31 03:20:12 +01:00
4366d4da20
Delete comma
2013-12-30 11:45:52 -06:00
54a6a4aafa
Land #2807 , @todb-r7's armory support for bitcoin_jaker
2013-12-30 11:44:51 -06:00
e3d918a8a3
Applying changes
2013-12-30 01:49:13 +01:00
88cf1e4843
Default false KILL_PROCESSES for bitcoin_jacker
...
I seem to able to read associated wallet files while these processes are
running with the greatest of ease. Maybe there was a file locking
concern, but I haven't run into it. Feel free to avoid landing this
particular commit if you disagree.
2013-12-29 14:12:00 -06:00
5e0c7e4741
DRY up bitcoin_jacker.rb, support Armory
...
Also, make the process killing optional.
2013-12-29 13:07:43 -06:00
9384a466c1
Retab bitcoin_jacker.rb
2013-12-29 10:59:15 -06:00
6fcd12e36c
Refactor for clearer syntax and variables
...
This was done on a barely configured Windows machine, so mind the tabs.
2013-12-29 10:15:48 -06:00
ef73ca537f
First, clean up the original a little
2013-12-28 18:57:04 -06:00
f2335b5145
Land #2792 - SSO/Mimikatz module overwrites password with N/A
2013-12-27 17:25:44 -06:00
d6a63433a6
Space at EOL
2013-12-26 10:37:18 -06:00
78db7429d0
Turns out the latest Safari is still vulnerable.
...
The version check is currently disabled because turns out the latest
Safari (6.1.1) is still vulnerable - I can still loot it in plain
text.
2013-12-24 19:27:45 -06:00
a26e12b746
Updates descriiption and improves regex for safari_lastsession.rb
...
This updates two things for the safari_lastsession post module:
1. The description is updated: More information is added to describe
how Safari would end up storing the Gmail credential in the last
session state, and what it means to you as an attacker.
2. Regex update for the domain to search for: Before the module starts
extract the session data, it needs to know which domain to extract from.
Originally I only added mail.google.com, but turns out the sensitive info
can be found in accounts.google.com, so I added that one.
2013-12-24 14:00:55 -06:00
bf8c0b10fa
Dont store n/a creds
2013-12-21 09:04:02 +00:00
a043d384d4
Land #2738 , @jiuweigui update to enum_prefetch
2013-12-20 10:26:54 -06:00
71ba78c2f0
Direct to correct module
2013-12-20 16:09:57 +00:00
f99a5b8b47
Update for extapi
2013-12-20 13:18:01 +00:00
4ca25d5d89
Merge branch 'enum_ad_perf' into enum_ad_users
2013-12-20 12:54:24 +00:00
62ef810e7c
Use Extapi if available
2013-12-19 18:18:47 +00:00
737154c2fe
Update to use extapi
2013-12-19 16:46:09 +00:00
William Vu
HD Moore
James Lee
Rob Fuller
David Maloney
Tom Sellers
Christian Mehlmauer
Tod Beardsley
jvennix-r7
sinn3r
Luke Imhoff
Trevor Rosen
jvazquez-r7
Meatballs
Brandon Turner
OJ
staaldraad
Meatballs1
Roberto Soares Espreto
bcoles
jiuweigui
Niel Nielsen
bmerinofe
TabAssassin
Tod Beardsley