Commit Graph

1529 Commits (b3b51eb48c65b2712ddc41665e7bf030bfd93f6a)

Author SHA1 Message Date
Joe Vennix 2d3f599498 Moves ruby_dl helpers to proper place in repo.
* Adds fail_with methods and moves timeouts to constants.
2013-08-23 17:17:19 -05:00
Joe Vennix ba00395cfd Set filename to osx_mic_rec instead of webcam. 2013-08-23 15:52:24 -05:00
Joe Vennix 6c4ad6a976 Move modules to post/osx/manage. 2013-08-23 15:38:58 -05:00
Joe Vennix c3b98262bf Seriously ,stop writing things to my desktop. 2013-08-23 15:16:41 -05:00
Joe Vennix 7ebe6635ea Finish fixing ruby 1.8.7 regressions. Works on 10.8 and 10.7. 2013-08-23 15:06:48 -05:00
jiuweigui 514d2b4721 Fix to make msftidy happy. 2013-08-21 21:46:44 +03:00
jiuweigui 0cc499faf7 Minor deletes related to filetime change. 2013-08-21 14:47:50 +03:00
jiuweigui 3a2433dac9 Remove unneeded filetime read 2013-08-21 12:18:07 +03:00
sinn3r 86d6bce8c4 [FixRM #8312] - Fix file handle leaks
Fix file handle leaks for [SeeRM #8312]
2013-08-18 20:31:13 -05:00
Joe Vennix f843743294 Adds fixes from @wchen-r7. 2013-08-18 18:46:51 -05:00
Joe Vennix 017309d02d Minor fixes to keylogger. 2013-08-18 16:29:34 -05:00
Joe Vennix 1cdf77df7d OSX keylogger module finally working. 2013-08-18 16:21:38 -05:00
jiuweigui 0063d4e06c Extend description & add Win2k3 section to WinXP section. 2013-08-16 14:44:08 +03:00
jiuweigui 8602e744da Add support for Win2k3 2013-08-16 02:46:16 +03:00
sinn3r 83a179ff08 [Fix RM 8224] - undefined method `include?' for nil:NilClass
Bug due to registry_enumkeys returning nil.
2013-08-15 16:04:35 -05:00
sinn3r bce50d1b05 Land #2220 - OSX Password Prompt Spoof 2013-08-13 22:15:14 -05:00
sinn3r 919e0d1901 MSF license, make use of print_good 2013-08-13 22:14:35 -05:00
Joe Vennix e1856651bc Incorporate the suggested edits from the PR review.
* Rewrites helpers to just use cmd_exec, since that works in meterpreter and shell.
* Changes _EOF_ to EOF, since that threw a harmless error in shell
commits
* Prefer using Post mixin API instead of rolling-own implementation
* Fixes whitespace
[SeeRM #5940]
2013-08-13 19:35:55 -05:00
Joe Vennix 99ef714d00 Updates pps description. 2013-08-13 19:35:55 -05:00
Joff Thyer 52fa000211 Get password_prompt_spoof module working. [RM #5940] 2013-08-13 19:35:55 -05:00
sinn3r c9799c1ee6 Land #2212 - Change migrate order & print target_pid 2013-08-13 18:56:54 -05:00
David Maloney 73e9bf9fa8 Merge branch 'bug/smart_migrate' of github.com:/dmaloney-r7/metasploit-framework into bug/smart_migrate
Conflicts:
	modules/post/windows/manage/smart_migrate.rb
2013-08-13 13:56:01 -05:00
David Maloney 6be4d9e583 missing interpolation 2013-08-13 13:52:44 -05:00
Tab Assassin ebd485349f Retab smart_migrate.rb module
Retabs completely for PR #2212
2013-08-12 20:23:33 -05:00
Tod Beardsley bfb5040dbf Remove deprecated modules
These three modules are well over their deprecation dates. Making good
on that threat now.

  * service_permissions: Marked for removal on 2013-01-10
  * bypassuac: Marked for removal on 2013-01-04
  * ms10_092_schelevator: Marked for removal on 2013-06-01
2013-08-12 11:21:45 -05:00
David Maloney c9bd791ff6 fix smart_migrate choice order
was trying winlogon first
should do explorer first
2013-08-12 11:02:27 -05:00
sinn3r 021c358159 Land #2203 - Fix regex for x64 detection 2013-08-09 13:23:38 -05:00
Sagi Shahar 7178633140 Fixed architecture detection in bypassuac modules 2013-08-09 03:42:02 +02:00
jvazquez-r7 a7c80ebfc2 Land #2185, @bmerinofe's post module for dns cache dumping 2013-08-08 12:49:37 -05:00
Tod Beardsley 8431eb7a79 Msftidy fixes, also use correct possessive plurals
http://englishplus.com/grammar/00000132.htm
2013-08-05 09:43:38 -05:00
bmerinofe 98c8c16803 Change offset values and hostname length 2013-08-05 12:29:54 +02:00
bmerinofe 3e6de5d2e9 added a post-exploitation module to dump the cache dns entries 2013-08-03 13:37:32 +02:00
Dhiru Kholia 1b6f6b8bf0 Land #2168 again
Adding Dhiru's module back now that things are straight.
2013-07-29 22:10:25 -05:00
Tod Beardsley 7e539332db Reverting disaster merge to 593363c5f with diff
There was a disaster of a merge at 6f37cf22eb that is particularly
difficult to untangle (it was a bad merge from a long-running local
branch).

What this commit does is simulate a hard reset, by doing thing:

 git checkout -b reset-hard-ohmu
 git reset --hard 593363c5f9
 git checkout upstream-master
 git checkout -b revert-via-diff
 git diff --no-prefix upstream-master..reset-hard-ohmy > patch
 patch -p0 < patch

Since there was one binary change, also did this:

 git checkout upstream-master data/exploits/CVE-2012-1535/Main.swf

Now we have one commit that puts everything back. It screws up
file-level history a little, but it's at least at a point where we can
move on with our lives. Sorry.
2013-07-29 21:47:52 -05:00
jvazquez-r7 300781823d Undo bad landing
This reverts commit e624ed18ad, reversing
changes made to 593363c5f9.
2013-07-29 17:39:12 -05:00
jvazquez-r7 b29d18d8b8 Merge branch 'ecryptfs-creds' of https://github.com/kholia/metasploit-framework 2013-07-29 16:41:41 -05:00
Dhiru Kholia 8379225e9b make msftidy happy (hopefully) 2013-07-29 23:42:29 +05:30
Dhiru Kholia 2de0a3e0f9 Add information gathering module for eCryptfs 2013-07-28 23:09:42 +05:30
jvazquez-r7 e828517ed8 Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2013-07-22 17:10:45 -05:00
Tod Beardsley b4589c3c82 Expanding description 2013-07-22 15:19:30 -05:00
Rich Lundeen aa159f12b7 changed options wording 2013-07-22 11:15:22 -07:00
Rich Lundeen 57055ab754 added optional option 2013-07-22 11:13:29 -07:00
root 6bcdd37223 logged resolve_hostname to db 2013-07-19 11:14:14 -07:00
jiuweigui f3bb0ec1ee moved table << 2013-07-17 02:53:24 +03:00
jiuweigui c0e594eb6a removed unnecessary begin-end 2013-07-16 20:09:21 +03:00
jiuweigui 9985ea3c3a Enumerates Windows Prefetch files through meterpreter session 2013-07-16 14:18:54 +03:00
jiuweigui e13f4f5b4e Minor fix 2013-07-16 13:46:42 +03:00
jiuweigui ef82308e07 Working versio 2013-07-16 12:45:03 +03:00
jiuweigui b32597620d Finally working. 2013-07-16 04:07:28 +03:00
jiuweigui 5f3d3a3956 still buggy 2013-07-16 01:05:08 +03:00
jiuweigui 4c56d8eba3 Still buggy 2013-07-15 23:55:24 +03:00
jiuweigui 315874a882 Minor fixes 2013-07-15 23:19:17 +03:00
jiuweigui 5d767fe319 Minor mods 2013-07-15 19:34:44 +03:00
jiuweigui 26f28ae47e Minor cleaup 2013-07-15 17:51:55 +03:00
jiuweigui 2349ee7276 Working version 2013-07-15 16:07:45 +03:00
jiuweigui 4801aab4c4 loot.txt broken 2013-07-15 15:38:42 +03:00
jiuweigui 4265141a11 minor modifications 2013-07-15 13:15:39 +03:00
jiuweigui 90107b82e1 Minor mods 2013-07-15 00:19:32 +03:00
jiuweigui 6956003949 Everything working on this version. 2013-07-14 17:24:27 +03:00
jiuweigui 52f9daf8c5 Renamed prefetch_tool to enum_prefetch 2013-07-14 15:33:54 +03:00
jiuweigui 6539b4e507 Working 2013-07-14 15:30:54 +03:00
jiuweigui b77ba64e88 Fixed WinXP registry timezone key 2013-07-14 13:53:18 +03:00
jiuweigui 398d5070b2 Fixed WinXP registry timezone key 2013-07-14 06:18:25 +03:00
jiuweigui 43740d7626 Minor edits 2013-07-14 04:55:57 +03:00
jiuweigui 742615f3a1 Working 2013-07-14 04:50:13 +03:00
jiuweigui 1f27a2b7bd Working version 2013-07-14 04:32:20 +03:00
jiuweigui ae60abd05b Minor changes 2013-07-13 20:19:01 +03:00
jiuweigui 45d49cdfe5 Time conversion broken, otherwise works. 2013-07-13 20:03:08 +03:00
jiuweigui 1f10d1ca05 Done. Needs final cleanup and rewrite. 2013-07-13 13:24:08 +03:00
jiuweigui 84f30b2379 Works. Needs just FILETIME converter 2013-07-12 23:31:52 +03:00
jiuweigui ce8f3d2a62 Tested on XP and Win7. Works, needs just Filetime convert 2013-07-12 23:29:54 +03:00
jiuweigui 5692cde57a Initial transfer 2013-07-12 21:19:44 +03:00
jvazquez-r7 6dec81cbdf Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2013-07-06 10:38:19 -05:00
jvazquez-r7 b2e7f61814 Fix path build on total_commander 2013-07-06 10:15:30 -05:00
jvazquez-r7 df7209f28a Land #2067, @wchen-r7's fix for total_commander 2013-07-06 10:14:44 -05:00
jvazquez-r7 39f0359fa4 Land #2061, @wchen-r7's fix to make bitcoin_jacker use post mixins 2013-07-06 00:14:14 -05:00
sinn3r ca4e11c112 Use check_other more 2013-07-05 12:38:38 -05:00
sinn3r 98f49758af Don't need this line 2013-07-05 12:34:26 -05:00
sinn3r d3000c0066 These funcs want 'filename' 2013-07-05 12:29:16 -05:00
sinn3r 353db0884d Use expand_path from Msf::Post::File 2013-07-05 12:26:59 -05:00
sinn3r 18e5831ca8 Don't use begin/rescue to shut errors up and call it "file not found" 2013-07-05 12:22:05 -05:00
sinn3r dc90904e50 Avoid misleading error 2013-07-05 12:12:30 -05:00
jvazquez-r7 c859129339 Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2013-07-05 12:06:05 -05:00
jvazquez-r7 bcf6d11442 Land #2049, @wchen-r7's had_pid? method work 2013-07-05 11:19:11 -05:00
jvazquez-r7 6477c6995d Merge branch 'enum_db_no_method' of https://github.com/wchen-r7/metasploit-framework 2013-07-05 09:35:34 -05:00
jvazquez-r7 a7d110367a Land #2064, @wchen-r7's fix for access uninitialized variable on enum_services 2013-07-05 09:30:23 -05:00
jvazquez-r7 b9dd3df05f Land #2068, @wchen-r7's fix to initialize variables on windows_autologin module 2013-07-05 09:09:17 -05:00
jvazquez-r7 4ed6a4d8d1 Land #2062, @wchen-r7's fix to avoid redundant check 2013-07-05 08:51:05 -05:00
jvazquez-r7 1ad4482ce2 Land #2069, @wchen-r7's patch to print info when using store_loot 2013-07-05 08:35:57 -05:00
jvazquez-r7 c459b0e937 Land #2045, @wchen-r7's fix for memory_grep module 2013-07-05 08:16:47 -05:00
sinn3r 2a32b59c88 Forgot to change var 'filename' 2013-07-05 01:37:35 -05:00
sinn3r 84050241f0 Fix target ID 2013-07-05 01:25:08 -05:00
sinn3r 1352731062 Make heap grep optional 2013-07-05 00:57:25 -05:00
sinn3r a52d38f359 Land #2052 - Fix regex 2013-07-03 16:55:07 -05:00
sinn3r ff49cc1c4f [SeeRM:#8135] - Be able to show where store_loot saves a file
If you don't print where store_loot saves the file, it can be a
pain in the butt to find it sometimes.
2013-07-03 12:29:01 -05:00
sinn3r 70c472fb7e [FixRM:#8134] - Handle registry_getvaldata return value properly
registry_getvaldata can return nil, can't always assume it's
gonna throw a string.
2013-07-03 12:23:14 -05:00
sinn3r 1064c050de [FixRM:#8132] - Fix undefined method '+' in total_commander.rb
The return value of registry_getvaldata can return nil when a
RequestError occurs, so you can't always assume it's gonna throw
you a string.
2013-07-03 12:10:23 -05:00
sinn3r 27653b661f [FixRM:#8131] & [FixRM:#8133] - Fix Base64 func usage
Instead of using Base64, these modules should use Rex.
2013-07-03 12:06:12 -05:00
sinn3r c40a605495 [FixRM:#8129] - Fix undefined method error in enum_services.rb
srv_conf may not have the 'Startup' key because it's only assigned
in service_info() when srvstart is 4, therefore it's possible to
cause an undefined method 'downcase' error.
2013-07-03 11:44:28 -05:00
sinn3r 534858a23b [FixRM:#8128] - Potential undefined method 'include' for nil
A lot of return values aren't checked, may result in undefined method X
bugs. The same type of issue is all over the place.
2013-07-03 11:40:24 -05:00
sinn3r 6198409e71 [FixRM:#8127] - Remove junk code that checks ARTIFACTS again
ARTIFACTS uses OptPath, which already checks the path. We don't need
to do this again.
2013-07-03 11:33:25 -05:00
sinn3r 944761a1dc [FixRM:#8126] - Use functions from Msf::Post::File
Some functions already exist in Msf::Post::File, should use them.
2013-07-03 11:30:05 -05:00
g0tmi1k 864f4e9d37 post/local_admin_search_enum~Regex fails,module 2
If the regex fails then the entire moudle would too
2013-07-03 00:43:08 +01:00
sinn3r a74f706bdb These modules should check PID before using it 2013-07-02 14:48:04 -05:00
sinn3r 6815eef8f4 Fix multiple issues with memory_grep
This fixes the following:
[FixRM:#8118] - Allows the module to be able to enumerate from
multiple processes with the same name.

[FixRM:#8120] - Allows the module to be able to actually read data
from the heap.
2013-07-01 18:57:00 -05:00
James Lee 1865e6c19d Fix requrires for enable_support_account 2013-07-01 16:22:39 -05:00
William Vu be1a0d3cae Land #2041, title and description cleanup 2013-07-01 15:55:13 -05:00
Tod Beardsley bc24f99f8d Various description and title updates 2013-07-01 15:37:37 -05:00
jvazquez-r7 1c6657ee86 Land #2034, @wchen-r7's patch for memory_grep 2013-07-01 13:34:57 -05:00
sinn3r 43c4f07e06 Use "unless"
Guidelines favor "unless".
2013-06-30 18:32:15 -05:00
jvazquez-r7 520a78e2c8 Add final cleanup for enable_support_account 2013-06-29 23:30:29 -05:00
jvazquez-r7 df88ace6d1 Land #1989, @salcho's post module for enable windows support account 2013-06-29 23:29:16 -05:00
salcho 8717a3b7d8 using post mixins, fixed checks, module renamed 2013-06-29 15:44:36 -05:00
salcho 00bf9070aa using post mixins, fixed checks, module renamed 2013-06-29 15:41:36 -05:00
sinn3r 82eed1582f No need for the 2nd element 2013-06-28 17:05:43 -05:00
sinn3r a7ee95381b Updates module description, and uses the proper func for hex dump
As an user, it's important to know that using this module may result
a lost session because it must migrate to grep memory, but does not
migrate back.

The module also has its own hex dump routine, which is no longer
needed because we have a built-in Rex::Text.to_hex_dump
2013-06-28 16:28:00 -05:00
James Lee f158e421fa Add requires for pptp_tunnel 2013-06-28 10:07:52 -05:00
sinn3r ecfe083b0e Correct module naming style
I was just looking at these modules on the web gui, and these names
need to be fixed to maintain style consistency.
2013-06-25 00:26:53 -05:00
salcho 36c3460911 changed reference 2013-06-20 18:02:25 -05:00
salcho c1994db2a7 shorter title, included msf::post mixins, added reference and overall readability 2013-06-20 17:42:38 -05:00
Meatballs ef56e48274 Fix datastore name 2013-06-20 22:22:00 +01:00
Meatballs 6c62463f83 Add ipv6 resolution and remove nix 2013-06-20 22:17:31 +01:00
salcho db935498ab admin_me modified according to msftidy 2013-06-19 18:14:32 -05:00
salcho 8afbcd6931 added admin_me.rb as post->manage script 2013-06-19 17:54:13 -05:00
jvazquez-r7 f91719bf80 Do final cleanup for pptp_tunnel 2013-06-19 14:21:48 -05:00
jvazquez-r7 3e31d2c97a Land #1820, @bmerinofe post module for pptpd mitm 2013-06-19 14:19:50 -05:00
root f478eb51cf s/disable/disabled/ 2013-06-16 21:27:45 +02:00
Carlos Perez a9df55c27a Add Windows 2012 to regex matching 2013-06-09 20:46:44 -04:00
Carlos Perez 8e83f0ee30 Add Windows 8 and 2012 to regex matching 2013-06-09 20:41:46 -04:00
sinn3r e70221a993 Land #1903 - Add decryptioin for firefox_creds 2013-06-04 11:38:03 -05:00
sinn3r cb31772302 Fix indent 2013-06-04 11:37:16 -05:00
xard4s 423a33b1fc Added firefox pw decryption support 2013-06-03 13:13:59 -04:00
sinn3r ed5b8895bb Fixes smart_migrate for a TypeError bug
Bug is: TypeError can't convert Rex::RuntimeError into String

[SeeRM: #7984]
2013-05-28 18:45:49 -05:00
James Lee f4498c3916 Remove $Id tags
Also adds binary coding magic comment to a few files
2013-05-20 16:21:03 -05:00
Meatballs a96efb5f0d Small tidy 2013-05-18 16:21:00 +01:00
Meatballs a96739951b Filter out system users 2013-05-18 16:18:34 +01:00
Borja Merino eb46b09708 Timeout condition change 2013-05-14 00:35:42 +02:00
root b8826396ee Cosmetic changes 2013-05-12 23:03:28 +02:00
Meatballs b10d216db2 Fix indent 2013-05-12 21:06:26 +01:00
Meatballs 37efad46bb Address feedback and reporting 2013-05-12 20:50:53 +01:00
root ba5d6fc259 Added post module to get a MITM through a pptp tunnel 2013-05-12 16:27:43 +02:00
James Lee 55fc1458de Simplify and clean up some
I'd really love to make this work on Linux as well, since it's really
just a file grabber/parser. Unfortunately, the Post API for enumerating
users and homedirs isn't great for cross-platform stuff like this.

A few small changes, all verified on Windows 7:

* Reuse the key storing code instead of copy-paste with minor changes

* Use binary mode when opening the stored prefs

* Don't bother checking for incognito since we're using `steal_token`
  anyway

* Check for existence of directories instead of guessing based on OS
  match
2013-05-10 16:58:35 -05:00
Rob Fuller 84ff72eb92 use file_exist? instead of fs.file.stat 2013-05-10 11:17:42 -04:00
Rob Fuller 25f7af43b4 use gsub instead of split/join 2013-05-10 11:12:56 -04:00
Rob Fuller 2f543d3080 extension and pref parsing 2013-05-09 13:23:28 -04:00
David Maloney b0f5255de8 fix ssh_creds username
ssh_creds post module as not saving
the username in the cred objects
2013-05-05 16:31:28 -05:00
Meatballs 7fb092c58c Initial commit 2013-05-02 22:08:19 +01:00
jvazquez-r7 567d2bb14b Land #1687, @bmerinofe's forensic file recovery post module 2013-05-01 08:13:08 -05:00
jvazquez-r7 a201391ee6 Clean recovery_files 2013-04-30 13:18:32 -05:00
Meatballs e2bf4882f0 Add domain join parse 2013-04-26 00:20:10 +01:00
Meatballs 235887ccb5 Finished 2013-04-25 23:25:05 +01:00
sinn3r dfff20a3fc Landing #1692 - Handles OSQL banners and responses
[Close #1692]
2013-04-22 13:58:44 -05:00
Antoine 0115833724 SyntaxError fixes 2013-04-21 20:22:41 +00:00
root 830715dc07 Applying changes 2013-04-16 00:28:39 +02:00
Tod Beardsley a36c6d2434 Lands #1730, adds a VERBOSE option checker
Also removes VERBOSE options from extant modules. There were only 5 of
them, and one was a commented option.
2013-04-15 15:32:56 -05:00
Tod Beardsley 29101bad41 Removing VERBOSE offenders 2013-04-15 15:29:56 -05:00
Meatballs 67791c12a5 Small tidy 2013-04-14 11:18:45 +01:00
Meatballs 9f95b59fa0 msftidy 2013-04-14 10:34:14 +01:00
Meatballs 4b4f77eb0f Finalize 2013-04-14 10:32:56 +01:00
Tod Beardsley 65e5ed8950 Merge #1716, version checker fix for UAC bypass 2013-04-09 09:00:30 -05:00
Tod Beardsley ba86e14d43 Whitespace and caps fixes 2013-04-09 08:57:53 -05:00
HD Moore e2b8d5ed23 Fix from David Kennedy, enable Windows 8 support 2013-04-09 02:07:40 -05:00
James Lee a2d6f7bb17 Landing #1714 - Don't bomb out if there are no wireless interfaces
No redmine ticket reported.
2013-04-08 17:17:47 -05:00
root f369584bbd Timeout added 2013-04-08 23:32:07 +02:00
Meatballs 3660ad8c0a Initial attempt 2013-04-07 23:03:43 +01:00
James Lee ad46b46684 Landing #1463, Meatballs' cdecl fixes 2013-04-04 22:58:59 -05:00
Tod Beardsley cd4a410682 Forgot an end. Dangit. 2013-03-31 23:24:50 -05:00
Tod Beardsley ac858c81a5 Deal with other osql banners and responses
Not sure where those other banners come from, but keeping them as
positive responses regardless.

[FixRM #7862]
2013-03-31 23:20:05 -05:00
Borja Merino d08640726b added post module forensics recovery files 2013-03-30 01:59:41 +01:00
jvazquez-r7 353f02cdcc move word_unc_injector to gather dir 2013-03-27 16:23:19 +01:00
jvazquez-r7 ed23fe6502 Merge branch 'post-word_unc_injector.rb' of https://github.com/SphaZ/metasploit-framework into SphaZ-post-word_unc_injector.rb 2013-03-27 16:21:54 +01:00
jvazquez-r7 ef11a584f4 work on word_unc_injector 2013-03-27 11:17:29 +01:00
sinn3r dea48b459f Merge branch 'download_exec_shell' of github.com:jvazquez-r7/metasploit-framework into jvazquez-r7-download_exec_shell 2013-03-22 12:53:36 -05:00
Tod Beardsley d908050808 Merge epo_sql fix from neinwechter
Easy, sensible fix -- since report_auth_info uses full_user, print_good
should too.

[Closes #1629]
2013-03-22 11:22:24 -05:00
Nathan Einwechter 096ec9a5d7 Fix to print out correct/full username 2013-03-22 10:22:24 -04:00
jvazquez-r7 f27333567f use bash or sh according to availability 2013-03-21 17:26:56 +01:00
jvazquez-r7 370f849e29 cleanup for download_exec 2013-03-21 09:24:02 +01:00
Doug P 39b1ad8bd6 spacing cleanup 2013-03-21 00:21:10 -04:00
Doug P 837d426ff0 removed an extra space 2013-03-21 00:18:35 -04:00
Doug P 08029ca2e8 edited Description 2013-03-21 00:17:55 -04:00
Doug P edd85ccd69 added wget support 2013-03-21 00:09:22 -04:00
SphaZ 804e2cfa3a small fixup of unused old vars 2013-03-20 21:31:28 +01:00
SphaZ b275797ba2 Used msf file mixin where possible and more in memory handling 2013-03-20 21:25:07 +01:00
jvazquez-r7 54f22ed06c check if curl is on the path 2013-03-20 17:31:48 +01:00
Joshua Abraham 9948d1ec12 change from vcmd_exec to a method in the module 2013-03-19 20:40:25 -04:00
Joshua Abraham 07d78af421 Linux post module to download and run a command 2013-03-15 10:13:56 -04:00
James Lee 2160718250 Fix file header comment
[See #1555]
2013-03-07 17:53:19 -06:00
jvazquez-r7 92ee4300df cleanup for reflective_dll_inject 2013-03-04 17:40:09 +01:00
jvazquez-r7 582395412f Merge branch 'post_ref_dll_inj' of https://github.com/Meatballs1/metasploit-framework into Meatballs1-post_ref_dll_inj 2013-03-04 17:39:11 +01:00
sinn3r 3334257aa4 Merge branch 'bug/fix_screenspy' of github.com:kernelsmith/metasploit-framework into kernelsmith-bug/fix_screenspy 2013-02-26 13:54:47 -06:00
Meatballs 15d505f7a9 Msftidy 2013-02-22 22:09:19 +00:00
Meatballs 0ea7247a43 Initial commit 2013-02-22 22:05:29 +00:00
SphaZ ff508fa222 msftidy 2013-02-14 21:51:50 +01:00
SphaZ 91f89f8c68 Rewrite of module after auxilliary. Also moved to post/windows 2013-02-14 21:41:19 +01:00
kernelsmith 8a91f0d7ec rescue ENOENT as well 2013-02-14 14:04:45 -06:00
Meatballs a6fea39583 Change to wldap to allow cdecl 2013-02-08 21:01:22 +00:00
James Lee e3ee0d7913 Don't try to download '.' or '..' as files 2013-02-08 11:25:17 -06:00
SphaZ 3883b0d0da added word_unc_injector post module 2013-02-01 07:51:30 +01:00
sinn3r 4d7daacfb4 I wanna know where it's stored 2013-01-31 11:55:11 -06:00
sinn3r 13da4181c5 Merge branch 'feature/rm7605-version-for-MSCACHE-v1-and-v2' of github.com:lmercer-r7/metasploit-framework into lmercer-r7-feature/rm7605-version-for-MSCACHE-v1-and-v2 2013-01-31 11:51:55 -06:00
jvazquez-r7 174ab31010 Moving reused methods to Accounts mixin 2013-01-31 12:59:55 +01:00
kernelsmith 345c5f32cc keep it from migrating more than once into explorer.exe
thanks for noticing egypt
we should add a migrate_explorer to the post api
2013-01-30 15:40:02 -06:00
jvazquez-r7 1e1cbd7445 Merge branch 'wldap32_railgun' of https://github.com/Meatballs1/metasploit-framework into Meatballs1-wldap32_railgun 2013-01-30 21:01:31 +01:00
kernelsmith e1c037e523 Better error handling 2013-01-30 12:06:57 -06:00
kernelsmith f649cd53ad removed commented out code (again)
thanks egypt
2013-01-30 11:31:10 -06:00
kernelsmith 32a5a009d6 change loot type to image/jpg
thanks egypt
2013-01-30 11:28:47 -06:00
sinn3r de544dc3d4 Handle multiple IPs 2013-01-30 11:25:43 -06:00
kernelsmith 6659459de5 del Version ref and change platform windows -> win
per sinner's comments, thanks sinner.
2013-01-30 10:56:49 -06:00
kernelsmith 80a0f0694d add 'auto' & 'none' VIEW_CMD, fixed looting, ch defaults 2013-01-30 00:49:48 -06:00
sinn3r c5ab059a1a Really fix the :host key 2013-01-29 18:24:11 -06:00
sinn3r 8a9dba2ffe Updates host info 2013-01-29 16:35:36 -06:00
sinn3r 77ea5a40f5 Do report_auth_info 2013-01-29 14:19:42 -06:00
lmercer da5436e565 Made changes as described in Redmine issue 7605 2013-01-28 23:29:50 -05:00
sinn3r ca70041f32 Adds a post module that loots chap-secrets 2013-01-28 16:23:26 -06:00
jvazquez-r7 fbbac2bd51 make module msftidy compliant 2013-01-24 21:37:04 +01:00
jvazquez-r7 2419e55603 Merge branch 'feature/rm7581-sudo-improved-with-PASSWORD-option' of https://github.com/lmercer-r7/metasploit-framework into lmercer-r7-feature/rm7581-sudo-improved-with-PASSWORD-option 2013-01-24 21:36:40 +01:00
lmercer 3b65f31d95 post/multi/manage/sudo improved with the PASSWORD option
as described in Redmine Feature #7581
2013-01-23 15:23:40 -05:00
Tod Beardsley d354982345 Fix grammar on description for webcam 2013-01-23 14:00:34 -06:00
sinn3r 933f807745 Msftidy cleanup + handling return values better 2013-01-22 23:53:00 -06:00
sinn3r dab2952d60 Merge branch 'picasa' of github.com:charles-n2netsec/metasploit-framework into charles-n2netsec-picasa 2013-01-22 22:54:45 -06:00
Charles Smith 9671df4488 Picasa 2 credentials are now also saved as loot
This module used to save only Picasa 3 credentials as loot. Picasa
2 creds were displayed, but not saved. I've updated the module to
save Picasa 2 credentials, and I also updated the output code to
use print_good instead of print_status.
2013-01-22 15:46:47 -05:00
jvazquez-r7 08062597b9 fix data added to table 2013-01-22 12:07:16 +01:00
jvazquez-r7 dce4e7fc08 Merge branch 'filezilla_server_bugs' of https://github.com/charles-n2netsec/metasploit-framework into charles-n2netsec-filezilla_server_bugs 2013-01-22 12:06:44 +01:00
sinn3r 8b70a94b34 Updates the progress function
Because the previous one was wrong.
2013-01-21 00:30:43 -06:00
Meatballs1 dcaf2abc53 Better feedback for x86 2013-01-20 00:22:30 +00:00
Meatballs1 567185ec65 Better cleanup and address comments 2013-01-20 00:19:17 +00:00
Meatballs1 771baa3181 Added x64 check and options to info 2013-01-19 23:23:45 +00:00
Tod Beardsley ef97b20cb7 Merge branch 'wds_unattend' 2013-01-18 14:42:00 -06:00
jvazquez-r7 75109114df Merge branch 'post_mod_record_mic' of https://github.com/wchen-r7/metasploit-framework into wchen-r7-post_mod_record_mic 2013-01-18 00:25:01 +01:00
Charles Smith 892899acd5 Fixed loot formatting so data is under the proper column
The credentials table was defined with the columns "User", "Password", "Host", "Port", and "SSL".  Credentials were not added in that order, however. They were added in the order "host, port, user, password, ssl" in this line:

credentials << [cred['host'], cred['port'], cred['user'], cred['password'], cred['ssl']]

I changed the order the columns were defined to fix this.

The permissions table had a similar issue. The "FileWrite" column was missing, so I added it. I also moved the "Home" column to after the "AutoCreate" column. Now the line:

permissions << [perm['host'], perm['user'], perm['dir'], perm['fileread'], perm['filewrite'], perm['filedelete'], perm['fileappend'],perm['dircreate'], perm['dirdelete'], perm['dirlist'], perm['dirsubdirs'], perm['autocreate']]

works correctly.
2013-01-17 16:52:02 -05:00
Charles Smith 624ef9a329 Fixed a typo in the skype_enum module.
"platfom" instead of "platform" fixed.
2013-01-17 14:04:52 -05:00
sinn3r 419b32b742 Can be used against multiple platforms since it supports java 2013-01-17 12:45:03 -06:00
sinn3r ff11cfe6e5 Avoid saying "webcam", might be misleading. 2013-01-17 12:30:02 -06:00
sinn3r f351db3621 Implements the record_mic feature as a post module
For easier deployment in the web GUI. Works for Windows meterpreter
and Java meterpreter.
2013-01-17 12:19:52 -06:00
jvazquez-r7 57359304a3 Merge branch 'webcam' of https://github.com/wchen-r7/metasploit-framework into wchen-r7-webcam 2013-01-17 16:56:55 +01:00
jvazquez-r7 09b4a09ce1 module razer_synapse cleanup 2013-01-17 16:53:00 +01:00
jvazquez-r7 99296006c1 Merge branch 'razer_synapse.rb' of https://github.com/smilingraccoon/metasploit-framework into smilingraccoon-razer_synapse.rb 2013-01-17 16:52:26 +01:00
sinn3r 40ba075655 Implements the webcam feature as a post mod
As a post mod, we can deploy the webcam feature more easily against
multiple sessions in the web gui.
2013-01-17 02:41:16 -06:00
smilingraccoon 12e7949183 msftidy change 2013-01-15 21:23:49 -05:00
smilingraccoon b2cd65e283 adding razer_synapse.rb 2013-01-15 21:14:49 -05:00
sinn3r 6508964171 For consistency with other post modules, also do a store_loot 2013-01-15 12:16:32 -06:00
jvazquez-r7 1e64d36320 avoid begin rescue blocks 2013-01-15 02:05:58 +01:00
jvazquez-r7 3eaa07afae documenting magic numbers 2013-01-14 19:43:34 +01:00
jvazquez-r7 530df0acf0 delete comments 2013-01-14 19:22:39 +01:00
jvazquez-r7 57be789f2c Fix comments by egypt 2013-01-14 19:22:02 +01:00
jvazquez-r7 40fc861eee Added post module for BulletProof FTP Client 2013-01-14 13:50:10 +01:00
Christian Mehlmauer 6654faf55e Msftidy fixes 2013-01-04 09:29:34 +01:00
sinn3r d17a6f99e5 Merge branch 'feature/deprecated-module-mixin' of github.com:jlee-r7/metasploit-framework into jlee-r7-feature/deprecated-module-mixin 2013-01-04 00:38:01 -06:00
Christian Mehlmauer 8f2dd8e2ce msftidy: Remove $Revision$ 2013-01-04 00:48:10 +01:00
Christian Mehlmauer 25aaf7a676 msftidy: Remove $Id$ 2013-01-04 00:41:44 +01:00
James Lee 011ff18c98 Remove $ 2013-01-03 14:06:32 -06:00
James Lee 233378f0fb Remove stupid debugging load() 2013-01-03 14:05:45 -06:00
James Lee d9947a1515 Add a mixin for marking deprecated modules
* This mixin standardizes the previously ad-hoc deprecation warnings on
  modules that have been moved.

* Uses the mixin in 3 existing modules that already have (or should have
  had) deprecation warnings.
2013-01-02 19:14:44 -06:00
sinn3r 707784f2ae Last fix 2012-12-28 03:46:59 -06:00
sinn3r fc4da53be4 More fixes 2012-12-28 03:27:04 -06:00
sinn3r ddd4b7ef60 Applying fixes 2012-12-28 02:26:40 -06:00
sinn3r 5369f88c5d Merge branch 'local_admin_search_enum.rb' of git://github.com/zeknox/metasploit-framework into zeknox-local_admin_search_enum.rb
Conflicts:
	modules/post/windows/gather/local_admin_search_enum.rb
2012-12-28 02:25:39 -06:00
sinn3r 0f6b72dad5 Final touchup 2012-12-26 21:16:04 -06:00
sinn3r 919d6daa41 Even if there's password, we should prolly keep the username 2012-12-26 21:14:26 -06:00
sinn3r 4ce1df2214 Change module title for consistency 2012-12-26 21:13:02 -06:00
sinn3r da49f67079 Only show the password when exists 2012-12-26 21:10:52 -06:00
sinn3r d3d595da95 Merge branch 'spark_im.rb' of git://github.com/zeknox/metasploit-framework into zeknox-spark_im.rb 2012-12-26 21:08:03 -06:00
Brandon McCann 6e520e7a2a converted split into a scan 2012-12-26 21:06:48 -06:00
sinn3r eb424195ca Merge branch 'spark_im.rb' of git://github.com/zeknox/metasploit-framework into zeknox-spark_im.rb 2012-12-26 20:42:24 -06:00
Brandon McCann e3c1d5a5c0 fixed config.close bug 2012-12-26 20:40:11 -06:00
sinn3r 17b41adfec Merge branch 'spark_im.rb' of git://github.com/zeknox/metasploit-framework into zeknox-spark_im.rb 2012-12-26 20:35:46 -06:00
Brandon McCann b71729bf5f fixed multi stored creds issue 2012-12-26 20:32:41 -06:00
sinn3r 6ecaabc9cc Merge branch 'spark_im.rb' of git://github.com/zeknox/metasploit-framework into zeknox-spark_im.rb 2012-12-26 20:08:34 -06:00
Brandon McCann d70d2c4a19 typo 2012-12-26 19:54:35 -06:00
Brandon McCann bcc651a1b2 modified password parsing, and utf encoding 2012-12-26 19:49:25 -06:00
sinn3r c75f48b404 Merge branch 'spark_im.rb' of git://github.com/zeknox/metasploit-framework into zeknox-spark_im.rb 2012-12-26 18:58:34 -06:00
Brandon McCann 073565c001 modified port and sname in db logging 2012-12-26 18:33:10 -06:00
sinn3r b483e76065 Merge branch 'spark_im.rb' of git://github.com/zeknox/metasploit-framework into zeknox-spark_im.rb 2012-12-26 18:03:24 -06:00
Brandon McCann 7147e7a09b added spark_im post exploit module 2012-12-26 17:28:23 -06:00
sinn3r d2e3e5defb Merge branch 'jlee-r7-cleanup/post-windows-services' 2012-12-22 13:29:48 -06:00
sinn3r ae4f434691 Handle RequestError
Some registry-retrieving functions will return nil when a
RequestError exception is raised, and that's the exception we
should be handling.
2012-12-22 13:10:44 -06:00
sinn3r e423351de3 Merge branch 'darkoperator_checkvm_more_checks' of git://github.com/darkoperator/metasploit-framework into darkoperator-darkoperator_checkvm_more_checks 2012-12-22 12:40:33 -06:00
Carlos Perez 1ca85e2fff fix indentation and EOL spaces 2012-12-22 10:42:43 -04:00
Carlos Perez ddb9871577 refactor for use of registry mixin and will now create a note for the hypervisor 2012-12-22 10:27:54 -04:00
sinn3r 9b768a2c62 Merge branch 'cleanup/post-windows-services' of git://github.com/jlee-r7/metasploit-framework into jlee-r7-cleanup/post-windows-services 2012-12-21 23:42:17 -06:00
Carlos Perez 924f5283ae Improvements to checkvm
- Added additional checks for Hyper-V
- Added additional checks for VMware
- Removed $Id$ and $Revision$ (Confirmed with Todb on it)
2012-12-21 22:11:57 -04:00
sinn3r e9c00488fa Return value does not need to be checked, says zeknox 2012-12-21 13:00:08 -06:00
Meatballs1 e8cf26390a Msftidy 2012-12-20 16:34:10 +00:00
Meatballs1 761d83ac0c Tidyup and user options 2012-12-20 16:29:21 +00:00
sinn3r 37524c7965 Make sure return vals are handled correctly. 2012-12-19 09:45:01 -06:00
Meatballs1 d91e566d54 Further refactoring 2012-12-19 09:06:58 +00:00
sinn3r cfcd1ead54 Merge branch 'netlm_downgrade.rb' of git://github.com/zeknox/metasploit-framework into zeknox-netlm_downgrade.rb 2012-12-19 02:22:00 -06:00
sinn3r 592de9b39e Something tells me charles wanna try 5 times, not 6 times. 2012-12-18 18:10:15 -06:00
sinn3r ba242e1809 Merge branch 'master' of git://github.com/charles-n2netsec/metasploit-framework into charles-n2netsec-master 2012-12-18 18:01:28 -06:00
Meatballs1 378038afab Merge remote-tracking branch 'upstream/master' into wldap32_railgun 2012-12-17 17:23:43 +00:00
Meatballs1 6a92bd609a Tidying and refactoring 2012-12-17 15:29:04 +00:00
Meatballs1 b5fd3463d7 Initial working AD_LDAP lookup 2012-12-17 14:07:35 +00:00
Meatballs1 6dd6174221 Migrate enum_unattend to unattend parser lib 2012-12-13 10:58:05 +00:00
jvazquez-r7 3e81fb2002 last cleanup for steam.rb 2012-12-12 11:48:46 +01:00
jvazquez-r7 87f6b8bc89 Merge branch 'master' of https://github.com/nikolai-r/metasploit-framework into nikolai-r-master 2012-12-12 11:48:26 +01:00
Nikolai Rusakov f642aa67f9 CLeanup redundant code. 2012-12-12 00:00:27 -05:00
Nikolai Rusakov f7cf75063d Cleanup and use Post::File api. Use store_loot for data collection 2012-12-11 23:41:50 -05:00
sinn3r 283d37f2e3 Correct naming style
In order to match naming style consistency
2012-12-11 01:12:29 -06:00
Nikolai Rusakov 462766a654 Added Steam client session collector post module 2012-12-08 19:11:57 -05:00
Brandon McCann 433532ddf4 fix OptAddress 2012-12-06 11:21:42 -06:00
Rob Fuller 5e9a5268cd remove .inspect debug code
cosmetic change
2012-12-04 16:24:15 -05:00
Brandon McCann 65f9f8ec2e fixed net use cmd 2012-12-02 23:43:35 -06:00
Brandon McCann 5be12c1ad3 add verbose output 2012-12-01 12:04:34 -06:00
Brandon McCann e03ace17d9 typo 2012-12-01 11:57:51 -06:00
Brandon McCann 73b4a9d573 cleaned up rescue statements 2012-12-01 11:09:01 -06:00
Brandon McCann 501224f21f setup() added 2012-12-01 11:03:11 -06:00
Brandon McCann 16c5879d08 error handling added 2012-12-01 09:09:33 -06:00
sinn3r 7ae8f5b338 Modify name a little 2012-11-30 12:11:06 -06:00
sinn3r 9db84a16fa Change output 2012-11-30 12:06:21 -06:00
sinn3r 44022baefa Fix bug: NoMethodError undefined method `empty?' for nil:NilClass 2012-11-30 12:02:32 -06:00
sinn3r 37367bbaa0 Mostly cosmetic changes 2012-11-30 12:01:47 -06:00
bcoles 0472d60c4a Add FTP Explorer (FTPx) post->gather->credentials module
This module finds saved login credentials for the
FTP Explorer (FTPx) FTP client for Windows.
2012-11-30 15:09:14 +10:30
sinn3r 3ae8594f53 Fix typo 2012-11-29 10:17:44 -06:00
Charles Smith 2ccc3f9e71 Fixed mixed tabs that prevented build completion. 2012-11-29 08:43:51 -05:00
Charles Smith 4416f1c7ae Fixed mixed tabs that prevented build completion. 2012-11-29 08:43:23 -05:00
HD Moore 93a69ea62e Fix instances of invalid lower-case datastore use 2012-11-29 00:05:36 -06:00
Brandon McCann d200332b76 removed local_admin_search_enum.rb 2012-11-28 22:11:08 -06:00
Brandon McCann 84fc320c30 added post exploit netlm_downgrade.rb 2012-11-28 22:01:47 -06:00
Charles Smith ae6dbee42b Fixed bugs with a few modules.
filezilla_server.rb would crash if there was no admin information found.
In smart_hashdump.rb I replicated the changes made in hashdump.rb to handle the race condition. (It works, but is still not as reliable as regular hashdump for XP boxes)
In migrate.rb the option PID is an integer, and the line "elseif datastore['PID']" was evaluating as true, even though PID was set to "".  There was also a misspelling of datastore as "datstore" that I fixed.
2012-11-28 12:18:32 -05:00
jvazquez-r7 d130d38bad Merge branch 'module-rpcapd-start' of https://github.com/bmerinofe/metasploit-framework into bmerinofe-module-rpcapd-start 2012-11-28 12:09:08 +01:00
Borja Merino cdd9eb19cf Licence Changed. Return added when RHOST is nil 2012-11-28 10:38:24 +01:00
Brandon McCann e7a565b474 fixed store loot 2012-11-27 20:02:05 -06:00
Brandon McCann 16ce2c3f94 fixed catch statements 2012-11-27 06:22:50 -06:00
Brandon McCann 62be877f89 fixed run_cmd() 2012-11-27 05:49:19 -06:00
Brandon McCann c70f1e3698 modified local_admin_search_enum.rb 2012-11-27 05:34:38 -06:00
sinn3r e235aadcc0 Sometimes we might not be able to access a dir, be aware of that 2012-11-12 18:59:44 -06:00
sinn3r 862dd18b1c Merge remote-tracking branch 'upstream/master' into enum_dirperms_default_path
Conflicts:
	modules/post/windows/gather/enum_dirperms.rb
2012-11-12 18:54:47 -06:00
sinn3r 5270487d81 Add credit 2012-11-12 18:35:32 -06:00
sinn3r be36083097 Make PATH optional, also correct a filtering bug
If the PATH option is not specified, the module will try to
enumerate from %PATH%.  Also, this commit fixes a bug in the
filtering routine (basically the filtering routine didn't
really work).
2012-11-12 18:29:56 -06:00
sinn3r 222af8c91d Fix NoMethodError when check_dir fails to enum the permission
See the following for more info:
http://dev.metasploit.com/redmine/issues/7452
2012-11-12 16:27:32 -06:00
David Maloney 208e706307 Module title fixes 2012-11-07 10:33:14 -06:00
James Lee 34bc92584b Refactor WindowsServices
* Pulls common code up from several methods into #open_sc_manager
* Deprecates the name Windows::WindowsServices in favor of
  Windows::Services. The platform is already clear from the namespace.
* Makes the post/test/services test module actually work

[See #1007]
[See #1012]
2012-11-06 17:30:04 -06:00
Tod Beardsley b973927ab2 Msftidy on digi_addp_reboot and pgpass_creds 2012-11-05 16:19:38 -06:00
jvazquez-r7 9166d12179 Merge branch 'WinRM_piecemeal' of https://github.com/dmaloney-r7/metasploit-framework into dmaloney-r7-WinRM_piecemeal 2012-11-05 23:08:59 +01:00
Brandon McCann 98330390d6 added local_admin_search_enum.rb 2012-11-05 12:27:15 -06:00
sinn3r 42b285c7f6 Merge branch '403labs-post-pgpass_creds' 2012-11-02 01:16:37 -05:00
sinn3r 1a162d7dd9 Use Rex table, fix 1.8 syntax issues, format fixes 2012-11-02 01:15:47 -05:00
David Maloney 59f5d9bc5d Man i'm rusty at writing for framework
Fixes up all sinn3r's findings so far
2012-11-01 08:37:21 -05:00
David Maloney 00b9fb3c90 Switc smart mgirate to post mod as it should be 2012-10-31 17:03:49 -05:00
Zach Grace 5c27c9c953 Added a print_good from the results of store_loot 2012-10-29 15:18:13 -05:00
Zach Grace eda5e8a12f Changed platform type from windows to win and fixed an indentation error. 2012-10-29 14:23:50 -05:00
sagishahar 8c46c59142 Add support to Windows 8
Verified with Windows 8 Enterprise Evaluation
2012-10-29 20:11:27 +02:00
Tod Beardsley 5c0fb2789f Merge branch 'module-metasploit-pcaplog-privesc' into rapid7-master 2012-10-29 11:32:32 -05:00
Tod Beardsley 65e27ff38a Warn about the potential to jack up /etc/passwd
This needs to be underlined. It's too easy to wang up /etc/passwd by
accident.

This closes PR #632
[Fixes #38593685]
2012-10-29 11:28:27 -05:00
Tod Beardsley 5e80e19a4e Msftidy complaint about EOL spaces 2012-10-29 11:08:03 -05:00
Zach Grace 3746a3ef64 adding pgpass_creds post module 2012-10-25 21:30:54 -05:00
0a2940 2f0c2d76ea remove load statements 2012-10-24 11:01:26 +02:00
0a2940 32ddd981eb linux_kernel mixin not required 2012-10-24 10:58:09 +02:00
0a2940 6d5da1662b Update modules/post/multi/escalate/metasploit_pcaplog.rb
Stance is now passive
2012-10-24 10:55:48 +02:00
Tod Beardsley be9a954405 Merge remote branch 'jlee-r7/cleanup/post-requires' 2012-10-23 15:08:25 -05:00