Tab Assassin
999b802468
Merge branch 'master' into retab/rumpus
2013-09-04 12:32:05 -05:00
Meatballs
a8e77c56bd
Updates
2013-09-03 22:46:20 +01:00
William Vu
cc838401fb
Land #2314 , metasploit_pcaplog title correction
2013-09-03 15:21:00 -06:00
William Vu
b9ceed0c53
Land #2313 , lockout_keylogger title correction
2013-09-03 15:20:20 -06:00
Meatballs
ac0c493cf9
Merge branch 'master' of github.com:rapid7/metasploit-framework into local_win_priv_keyring
2013-09-03 21:33:11 +01:00
Tab Assassin
84aaf2334a
Retab new material
2013-09-03 11:47:26 -05:00
Tab Assassin
0c1e6546af
Update from master
2013-09-03 11:45:39 -05:00
Tod Beardsley
6daa90a4a5
Msftidy: use binary on File.open always
...
msftidy is complaining, here:
keylog_recorder.rb:116 - [WARNING] File.open without binary mode
Not sure how this managed to hit upstream/master with msftidy warnings.
Protip, use an msftidy pre-commit hook. We have just such a hook script
in tools/dev, as a matter of fact, so it's just a symlink away:
https://github.com/rapid7/metasploit-framework/blob/master/tools/dev/pre-commit-hook.rb
2013-09-03 10:35:50 -05:00
Tod Beardsley
8acabe457c
Trailing whitespace fixup
2013-09-03 10:32:48 -05:00
Tod Beardsley
ca8dacb93b
Minor module description updates for grammar.
2013-09-03 10:31:45 -05:00
sinn3r
bcc0152274
Correct metasploit_pcaplog's naming style
...
The naming style nazi is in town. ph33r.
2013-08-31 18:25:06 -05:00
sinn3r
a4bcc1f82f
Correct module naming style
...
You know what it is.
2013-08-31 18:17:06 -05:00
Tab Assassin
41e4375e43
Retab modules
2013-08-30 16:28:54 -05:00
James Lee
63adde2429
Fix load order in posts, hopefully forever
2013-08-29 13:37:50 -05:00
jvazquez-r7
66886eed7a
Land #2283 , @bmerinofe's post module for PortProxy Port Forwarding
2013-08-28 17:34:14 -05:00
jvazquez-r7
f477711268
Provide more information about installing IPv6
2013-08-28 17:22:50 -05:00
jvazquez-r7
43badfaa1c
Move the check_ipv6 call to the run metod
2013-08-28 17:20:11 -05:00
jvazquez-r7
05863cb1cc
Delete vague exception handling only done on one place
2013-08-28 17:17:05 -05:00
jvazquez-r7
6b8c7cbe24
Omit parentheses for method call with no args
2013-08-28 17:15:28 -05:00
jvazquez-r7
c04e6b2b14
Reduce code complexity on check_ipv6
2013-08-28 17:13:21 -05:00
jvazquez-r7
f339510816
Use OptPort
2013-08-28 17:10:22 -05:00
jvazquez-r7
ad8b6ec1ef
Avoid redefine builtin datastore options
2013-08-28 17:08:22 -05:00
jvazquez-r7
ad1b9fbaef
Use datastore options to avoid complex logic around args
2013-08-28 17:00:10 -05:00
jvazquez-r7
c68986e6eb
Favor unless over if not
2013-08-28 16:50:44 -05:00
jvazquez-r7
3a2a2a9cc0
Beautify metadata
2013-08-28 16:48:36 -05:00
bmerinofe
c31a2332be
Juan changes applied
2013-08-28 19:53:54 +02:00
jvazquez-r7
1042dbe56a
Land #2108 , @jiuweigui's post module to get info from prefetch files
2013-08-28 10:01:06 -05:00
jvazquez-r7
0fbe411be7
Ensure use Ruby File
2013-08-28 09:55:21 -05:00
jvazquez-r7
5c32bb4a8e
Beautify metadata
2013-08-28 09:32:23 -05:00
jvazquez-r7
4f8ba82d02
Make gather_pf_info return a prefetch entry
2013-08-28 09:29:49 -05:00
jvazquez-r7
904bd12663
Fix print over nil or empty string
2013-08-28 09:27:18 -05:00
jvazquez-r7
ef3085823c
Use default timeout value
2013-08-28 09:26:46 -05:00
jvazquez-r7
8ac82b8b18
Beautify timezone_key_values function
2013-08-28 09:25:49 -05:00
jvazquez-r7
bc593aab4f
Avoid confusion between variable and method name
2013-08-28 09:24:32 -05:00
Joe Vennix
f823290a4c
Add nc check. Prints successful binary match.
...
* kills session nil check
2013-08-27 17:21:18 -05:00
sinn3r
13996b98cf
Correct action description for recording
...
The correct description is recording
2013-08-27 12:39:46 -05:00
sinn3r
a91b38cbf4
Land #2276 - osx webcam and record_mic post modules
2013-08-27 12:28:14 -05:00
Joe Vennix
067b8f3c59
Adds session existence check. Moves error log path to datastore option.
2013-08-27 11:44:21 -05:00
Joe Vennix
8a8f80e097
Move error log path to datastore option.
2013-08-27 11:43:20 -05:00
sinn3r
728d0a0e65
Land #2240 - OSX keylogger
2013-08-27 11:36:58 -05:00
sinn3r
a9459ef703
Update module title for naming style consistency
2013-08-27 11:36:26 -05:00
sinn3r
16ace44f2d
Move keylogger.rb to post/osx/capture/keylog_recorder
...
To match the naming consistency with Windows
2013-08-27 11:35:00 -05:00
Joe Vennix
5cc4ef09d1
Move previous error log path to method. Renames the #check method.
2013-08-27 11:25:00 -05:00
Joe Vennix
87c03237a9
Fix discrepencies between unix/osx with whereis cmd.
2013-08-27 03:17:14 -05:00
Joe Vennix
98b21471ed
fix some bugs in cups_root_file_read module.
2013-08-27 03:03:08 -05:00
bmerinofe
2b577552a2
OptEnum option changed
2013-08-26 15:25:23 +02:00
bmerinofe
64d21c7216
added portproxy post meterpreter module
2013-08-26 14:44:41 +02:00
Joe Vennix
34404ee067
Commit cups module. Tested on osx 10.7, 10.8, and unpatched ubuntu 12.0.4.
2013-08-25 14:30:11 -05:00
jiuweigui
2ebfdcc84b
Fix to description
2013-08-24 19:32:01 +03:00
jiuweigui
73f4259156
Fix based on suggestions
2013-08-24 19:14:48 +03:00
Joe Vennix
2d3f599498
Moves ruby_dl helpers to proper place in repo.
...
* Adds fail_with methods and moves timeouts to constants.
2013-08-23 17:17:19 -05:00
Joe Vennix
ba00395cfd
Set filename to osx_mic_rec instead of webcam.
2013-08-23 15:52:24 -05:00
Joe Vennix
6c4ad6a976
Move modules to post/osx/manage.
2013-08-23 15:38:58 -05:00
Joe Vennix
c3b98262bf
Seriously ,stop writing things to my desktop.
2013-08-23 15:16:41 -05:00
Joe Vennix
7ebe6635ea
Finish fixing ruby 1.8.7 regressions. Works on 10.8 and 10.7.
2013-08-23 15:06:48 -05:00
jiuweigui
514d2b4721
Fix to make msftidy happy.
2013-08-21 21:46:44 +03:00
jiuweigui
0cc499faf7
Minor deletes related to filetime change.
2013-08-21 14:47:50 +03:00
jiuweigui
3a2433dac9
Remove unneeded filetime read
2013-08-21 12:18:07 +03:00
sinn3r
86d6bce8c4
[FixRM #8312 ] - Fix file handle leaks
...
Fix file handle leaks for [SeeRM #8312 ]
2013-08-18 20:31:13 -05:00
Joe Vennix
f843743294
Adds fixes from @wchen-r7.
2013-08-18 18:46:51 -05:00
Joe Vennix
017309d02d
Minor fixes to keylogger.
2013-08-18 16:29:34 -05:00
Joe Vennix
1cdf77df7d
OSX keylogger module finally working.
2013-08-18 16:21:38 -05:00
jiuweigui
0063d4e06c
Extend description & add Win2k3 section to WinXP section.
2013-08-16 14:44:08 +03:00
jiuweigui
8602e744da
Add support for Win2k3
2013-08-16 02:46:16 +03:00
sinn3r
83a179ff08
[Fix RM 8224] - undefined method `include?' for nil:NilClass
...
Bug due to registry_enumkeys returning nil.
2013-08-15 16:04:35 -05:00
sinn3r
bce50d1b05
Land #2220 - OSX Password Prompt Spoof
2013-08-13 22:15:14 -05:00
sinn3r
919e0d1901
MSF license, make use of print_good
2013-08-13 22:14:35 -05:00
Joe Vennix
e1856651bc
Incorporate the suggested edits from the PR review.
...
* Rewrites helpers to just use cmd_exec, since that works in meterpreter and shell.
* Changes _EOF_ to EOF, since that threw a harmless error in shell
commits
* Prefer using Post mixin API instead of rolling-own implementation
* Fixes whitespace
[SeeRM #5940 ]
2013-08-13 19:35:55 -05:00
Joe Vennix
99ef714d00
Updates pps description.
2013-08-13 19:35:55 -05:00
Joff Thyer
52fa000211
Get password_prompt_spoof module working. [RM #5940 ]
2013-08-13 19:35:55 -05:00
sinn3r
c9799c1ee6
Land #2212 - Change migrate order & print target_pid
2013-08-13 18:56:54 -05:00
David Maloney
73e9bf9fa8
Merge branch 'bug/smart_migrate' of github.com:/dmaloney-r7/metasploit-framework into bug/smart_migrate
...
Conflicts:
modules/post/windows/manage/smart_migrate.rb
2013-08-13 13:56:01 -05:00
David Maloney
6be4d9e583
missing interpolation
2013-08-13 13:52:44 -05:00
Tab Assassin
ebd485349f
Retab smart_migrate.rb module
...
Retabs completely for PR #2212
2013-08-12 20:23:33 -05:00
Tod Beardsley
bfb5040dbf
Remove deprecated modules
...
These three modules are well over their deprecation dates. Making good
on that threat now.
* service_permissions: Marked for removal on 2013-01-10
* bypassuac: Marked for removal on 2013-01-04
* ms10_092_schelevator: Marked for removal on 2013-06-01
2013-08-12 11:21:45 -05:00
David Maloney
c9bd791ff6
fix smart_migrate choice order
...
was trying winlogon first
should do explorer first
2013-08-12 11:02:27 -05:00
sinn3r
021c358159
Land #2203 - Fix regex for x64 detection
2013-08-09 13:23:38 -05:00
Sagi Shahar
7178633140
Fixed architecture detection in bypassuac modules
2013-08-09 03:42:02 +02:00
jvazquez-r7
a7c80ebfc2
Land #2185 , @bmerinofe's post module for dns cache dumping
2013-08-08 12:49:37 -05:00
Tod Beardsley
8431eb7a79
Msftidy fixes, also use correct possessive plurals
...
http://englishplus.com/grammar/00000132.htm
2013-08-05 09:43:38 -05:00
bmerinofe
98c8c16803
Change offset values and hostname length
2013-08-05 12:29:54 +02:00
bmerinofe
3e6de5d2e9
added a post-exploitation module to dump the cache dns entries
2013-08-03 13:37:32 +02:00
Dhiru Kholia
1b6f6b8bf0
Land #2168 again
...
Adding Dhiru's module back now that things are straight.
2013-07-29 22:10:25 -05:00
Tod Beardsley
7e539332db
Reverting disaster merge to 593363c5f
with diff
...
There was a disaster of a merge at 6f37cf22eb
that is particularly
difficult to untangle (it was a bad merge from a long-running local
branch).
What this commit does is simulate a hard reset, by doing thing:
git checkout -b reset-hard-ohmu
git reset --hard 593363c5f9
git checkout upstream-master
git checkout -b revert-via-diff
git diff --no-prefix upstream-master..reset-hard-ohmy > patch
patch -p0 < patch
Since there was one binary change, also did this:
git checkout upstream-master data/exploits/CVE-2012-1535/Main.swf
Now we have one commit that puts everything back. It screws up
file-level history a little, but it's at least at a point where we can
move on with our lives. Sorry.
2013-07-29 21:47:52 -05:00
jvazquez-r7
300781823d
Undo bad landing
...
This reverts commit e624ed18ad
, reversing
changes made to 593363c5f9
.
2013-07-29 17:39:12 -05:00
jvazquez-r7
b29d18d8b8
Merge branch 'ecryptfs-creds' of https://github.com/kholia/metasploit-framework
2013-07-29 16:41:41 -05:00
Dhiru Kholia
8379225e9b
make msftidy happy (hopefully)
2013-07-29 23:42:29 +05:30
Dhiru Kholia
2de0a3e0f9
Add information gathering module for eCryptfs
2013-07-28 23:09:42 +05:30
jvazquez-r7
e828517ed8
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-07-22 17:10:45 -05:00
Tod Beardsley
b4589c3c82
Expanding description
2013-07-22 15:19:30 -05:00
Rich Lundeen
aa159f12b7
changed options wording
2013-07-22 11:15:22 -07:00
Rich Lundeen
57055ab754
added optional option
2013-07-22 11:13:29 -07:00
root
6bcdd37223
logged resolve_hostname to db
2013-07-19 11:14:14 -07:00
jiuweigui
f3bb0ec1ee
moved table <<
2013-07-17 02:53:24 +03:00
jiuweigui
c0e594eb6a
removed unnecessary begin-end
2013-07-16 20:09:21 +03:00
jiuweigui
9985ea3c3a
Enumerates Windows Prefetch files through meterpreter session
2013-07-16 14:18:54 +03:00
jiuweigui
e13f4f5b4e
Minor fix
2013-07-16 13:46:42 +03:00
jiuweigui
ef82308e07
Working versio
2013-07-16 12:45:03 +03:00
jiuweigui
b32597620d
Finally working.
2013-07-16 04:07:28 +03:00
jiuweigui
5f3d3a3956
still buggy
2013-07-16 01:05:08 +03:00
jiuweigui
4c56d8eba3
Still buggy
2013-07-15 23:55:24 +03:00
jiuweigui
315874a882
Minor fixes
2013-07-15 23:19:17 +03:00
jiuweigui
5d767fe319
Minor mods
2013-07-15 19:34:44 +03:00
jiuweigui
26f28ae47e
Minor cleaup
2013-07-15 17:51:55 +03:00
jiuweigui
2349ee7276
Working version
2013-07-15 16:07:45 +03:00
jiuweigui
4801aab4c4
loot.txt broken
2013-07-15 15:38:42 +03:00
jiuweigui
4265141a11
minor modifications
2013-07-15 13:15:39 +03:00
jiuweigui
90107b82e1
Minor mods
2013-07-15 00:19:32 +03:00
jiuweigui
6956003949
Everything working on this version.
2013-07-14 17:24:27 +03:00
jiuweigui
52f9daf8c5
Renamed prefetch_tool to enum_prefetch
2013-07-14 15:33:54 +03:00
jiuweigui
6539b4e507
Working
2013-07-14 15:30:54 +03:00
jiuweigui
b77ba64e88
Fixed WinXP registry timezone key
2013-07-14 13:53:18 +03:00
jiuweigui
398d5070b2
Fixed WinXP registry timezone key
2013-07-14 06:18:25 +03:00
jiuweigui
43740d7626
Minor edits
2013-07-14 04:55:57 +03:00
jiuweigui
742615f3a1
Working
2013-07-14 04:50:13 +03:00
jiuweigui
1f27a2b7bd
Working version
2013-07-14 04:32:20 +03:00
jiuweigui
ae60abd05b
Minor changes
2013-07-13 20:19:01 +03:00
jiuweigui
45d49cdfe5
Time conversion broken, otherwise works.
2013-07-13 20:03:08 +03:00
jiuweigui
1f10d1ca05
Done. Needs final cleanup and rewrite.
2013-07-13 13:24:08 +03:00
jiuweigui
84f30b2379
Works. Needs just FILETIME converter
2013-07-12 23:31:52 +03:00
jiuweigui
ce8f3d2a62
Tested on XP and Win7. Works, needs just Filetime convert
2013-07-12 23:29:54 +03:00
jiuweigui
5692cde57a
Initial transfer
2013-07-12 21:19:44 +03:00
jvazquez-r7
6dec81cbdf
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-07-06 10:38:19 -05:00
jvazquez-r7
b2e7f61814
Fix path build on total_commander
2013-07-06 10:15:30 -05:00
jvazquez-r7
df7209f28a
Land #2067 , @wchen-r7's fix for total_commander
2013-07-06 10:14:44 -05:00
jvazquez-r7
39f0359fa4
Land #2061 , @wchen-r7's fix to make bitcoin_jacker use post mixins
2013-07-06 00:14:14 -05:00
sinn3r
ca4e11c112
Use check_other more
2013-07-05 12:38:38 -05:00
sinn3r
98f49758af
Don't need this line
2013-07-05 12:34:26 -05:00
sinn3r
d3000c0066
These funcs want 'filename'
2013-07-05 12:29:16 -05:00
sinn3r
353db0884d
Use expand_path from Msf::Post::File
2013-07-05 12:26:59 -05:00
sinn3r
18e5831ca8
Don't use begin/rescue to shut errors up and call it "file not found"
2013-07-05 12:22:05 -05:00
sinn3r
dc90904e50
Avoid misleading error
2013-07-05 12:12:30 -05:00
jvazquez-r7
c859129339
Merge branch 'master' of https://github.com/rapid7/metasploit-framework
2013-07-05 12:06:05 -05:00
jvazquez-r7
bcf6d11442
Land #2049 , @wchen-r7's had_pid? method work
2013-07-05 11:19:11 -05:00
jvazquez-r7
6477c6995d
Merge branch 'enum_db_no_method' of https://github.com/wchen-r7/metasploit-framework
2013-07-05 09:35:34 -05:00
jvazquez-r7
a7d110367a
Land #2064 , @wchen-r7's fix for access uninitialized variable on enum_services
2013-07-05 09:30:23 -05:00
jvazquez-r7
b9dd3df05f
Land #2068 , @wchen-r7's fix to initialize variables on windows_autologin module
2013-07-05 09:09:17 -05:00
jvazquez-r7
4ed6a4d8d1
Land #2062 , @wchen-r7's fix to avoid redundant check
2013-07-05 08:51:05 -05:00
jvazquez-r7
1ad4482ce2
Land #2069 , @wchen-r7's patch to print info when using store_loot
2013-07-05 08:35:57 -05:00
jvazquez-r7
c459b0e937
Land #2045 , @wchen-r7's fix for memory_grep module
2013-07-05 08:16:47 -05:00
sinn3r
2a32b59c88
Forgot to change var 'filename'
2013-07-05 01:37:35 -05:00
sinn3r
84050241f0
Fix target ID
2013-07-05 01:25:08 -05:00
sinn3r
1352731062
Make heap grep optional
2013-07-05 00:57:25 -05:00
sinn3r
a52d38f359
Land #2052 - Fix regex
2013-07-03 16:55:07 -05:00
sinn3r
ff49cc1c4f
[SeeRM:#8135] - Be able to show where store_loot saves a file
...
If you don't print where store_loot saves the file, it can be a
pain in the butt to find it sometimes.
2013-07-03 12:29:01 -05:00
sinn3r
70c472fb7e
[FixRM:#8134] - Handle registry_getvaldata return value properly
...
registry_getvaldata can return nil, can't always assume it's
gonna throw a string.
2013-07-03 12:23:14 -05:00
sinn3r
1064c050de
[FixRM:#8132] - Fix undefined method '+' in total_commander.rb
...
The return value of registry_getvaldata can return nil when a
RequestError occurs, so you can't always assume it's gonna throw
you a string.
2013-07-03 12:10:23 -05:00
sinn3r
27653b661f
[FixRM:#8131] & [FixRM:#8133] - Fix Base64 func usage
...
Instead of using Base64, these modules should use Rex.
2013-07-03 12:06:12 -05:00
sinn3r
c40a605495
[FixRM:#8129] - Fix undefined method error in enum_services.rb
...
srv_conf may not have the 'Startup' key because it's only assigned
in service_info() when srvstart is 4, therefore it's possible to
cause an undefined method 'downcase' error.
2013-07-03 11:44:28 -05:00
sinn3r
534858a23b
[FixRM:#8128] - Potential undefined method 'include' for nil
...
A lot of return values aren't checked, may result in undefined method X
bugs. The same type of issue is all over the place.
2013-07-03 11:40:24 -05:00
sinn3r
6198409e71
[FixRM:#8127] - Remove junk code that checks ARTIFACTS again
...
ARTIFACTS uses OptPath, which already checks the path. We don't need
to do this again.
2013-07-03 11:33:25 -05:00
sinn3r
944761a1dc
[FixRM:#8126] - Use functions from Msf::Post::File
...
Some functions already exist in Msf::Post::File, should use them.
2013-07-03 11:30:05 -05:00
g0tmi1k
864f4e9d37
post/local_admin_search_enum~Regex fails,module 2
...
If the regex fails then the entire moudle would too
2013-07-03 00:43:08 +01:00
sinn3r
a74f706bdb
These modules should check PID before using it
2013-07-02 14:48:04 -05:00
sinn3r
6815eef8f4
Fix multiple issues with memory_grep
...
This fixes the following:
[FixRM:#8118] - Allows the module to be able to enumerate from
multiple processes with the same name.
[FixRM:#8120] - Allows the module to be able to actually read data
from the heap.
2013-07-01 18:57:00 -05:00
James Lee
1865e6c19d
Fix requrires for enable_support_account
2013-07-01 16:22:39 -05:00
William Vu
be1a0d3cae
Land #2041 , title and description cleanup
2013-07-01 15:55:13 -05:00
Tod Beardsley
bc24f99f8d
Various description and title updates
2013-07-01 15:37:37 -05:00
jvazquez-r7
1c6657ee86
Land #2034 , @wchen-r7's patch for memory_grep
2013-07-01 13:34:57 -05:00
sinn3r
43c4f07e06
Use "unless"
...
Guidelines favor "unless".
2013-06-30 18:32:15 -05:00
jvazquez-r7
520a78e2c8
Add final cleanup for enable_support_account
2013-06-29 23:30:29 -05:00
jvazquez-r7
df88ace6d1
Land #1989 , @salcho's post module for enable windows support account
2013-06-29 23:29:16 -05:00
salcho
8717a3b7d8
using post mixins, fixed checks, module renamed
2013-06-29 15:44:36 -05:00
salcho
00bf9070aa
using post mixins, fixed checks, module renamed
2013-06-29 15:41:36 -05:00
sinn3r
82eed1582f
No need for the 2nd element
2013-06-28 17:05:43 -05:00
sinn3r
a7ee95381b
Updates module description, and uses the proper func for hex dump
...
As an user, it's important to know that using this module may result
a lost session because it must migrate to grep memory, but does not
migrate back.
The module also has its own hex dump routine, which is no longer
needed because we have a built-in Rex::Text.to_hex_dump
2013-06-28 16:28:00 -05:00
James Lee
f158e421fa
Add requires for pptp_tunnel
2013-06-28 10:07:52 -05:00
sinn3r
ecfe083b0e
Correct module naming style
...
I was just looking at these modules on the web gui, and these names
need to be fixed to maintain style consistency.
2013-06-25 00:26:53 -05:00
salcho
36c3460911
changed reference
2013-06-20 18:02:25 -05:00
salcho
c1994db2a7
shorter title, included msf::post mixins, added reference and overall readability
2013-06-20 17:42:38 -05:00
Meatballs
ef56e48274
Fix datastore name
2013-06-20 22:22:00 +01:00
Meatballs
6c62463f83
Add ipv6 resolution and remove nix
2013-06-20 22:17:31 +01:00
salcho
db935498ab
admin_me modified according to msftidy
2013-06-19 18:14:32 -05:00
salcho
8afbcd6931
added admin_me.rb as post->manage script
2013-06-19 17:54:13 -05:00
jvazquez-r7
f91719bf80
Do final cleanup for pptp_tunnel
2013-06-19 14:21:48 -05:00
jvazquez-r7
3e31d2c97a
Land #1820 , @bmerinofe post module for pptpd mitm
2013-06-19 14:19:50 -05:00
root
f478eb51cf
s/disable/disabled/
2013-06-16 21:27:45 +02:00
Carlos Perez
a9df55c27a
Add Windows 2012 to regex matching
2013-06-09 20:46:44 -04:00
Carlos Perez
8e83f0ee30
Add Windows 8 and 2012 to regex matching
2013-06-09 20:41:46 -04:00
sinn3r
e70221a993
Land #1903 - Add decryptioin for firefox_creds
2013-06-04 11:38:03 -05:00
sinn3r
cb31772302
Fix indent
2013-06-04 11:37:16 -05:00
xard4s
423a33b1fc
Added firefox pw decryption support
2013-06-03 13:13:59 -04:00
sinn3r
ed5b8895bb
Fixes smart_migrate for a TypeError bug
...
Bug is: TypeError can't convert Rex::RuntimeError into String
[SeeRM: #7984 ]
2013-05-28 18:45:49 -05:00
James Lee
f4498c3916
Remove $Id tags
...
Also adds binary coding magic comment to a few files
2013-05-20 16:21:03 -05:00
Meatballs
a96efb5f0d
Small tidy
2013-05-18 16:21:00 +01:00
Meatballs
a96739951b
Filter out system users
2013-05-18 16:18:34 +01:00
Borja Merino
eb46b09708
Timeout condition change
2013-05-14 00:35:42 +02:00
root
b8826396ee
Cosmetic changes
2013-05-12 23:03:28 +02:00
Meatballs
b10d216db2
Fix indent
2013-05-12 21:06:26 +01:00
Meatballs
37efad46bb
Address feedback and reporting
2013-05-12 20:50:53 +01:00
root
ba5d6fc259
Added post module to get a MITM through a pptp tunnel
2013-05-12 16:27:43 +02:00
James Lee
55fc1458de
Simplify and clean up some
...
I'd really love to make this work on Linux as well, since it's really
just a file grabber/parser. Unfortunately, the Post API for enumerating
users and homedirs isn't great for cross-platform stuff like this.
A few small changes, all verified on Windows 7:
* Reuse the key storing code instead of copy-paste with minor changes
* Use binary mode when opening the stored prefs
* Don't bother checking for incognito since we're using `steal_token`
anyway
* Check for existence of directories instead of guessing based on OS
match
2013-05-10 16:58:35 -05:00
Rob Fuller
84ff72eb92
use file_exist? instead of fs.file.stat
2013-05-10 11:17:42 -04:00
Rob Fuller
25f7af43b4
use gsub instead of split/join
2013-05-10 11:12:56 -04:00
Rob Fuller
2f543d3080
extension and pref parsing
2013-05-09 13:23:28 -04:00
David Maloney
b0f5255de8
fix ssh_creds username
...
ssh_creds post module as not saving
the username in the cred objects
2013-05-05 16:31:28 -05:00
Meatballs
7fb092c58c
Initial commit
2013-05-02 22:08:19 +01:00
jvazquez-r7
567d2bb14b
Land #1687 , @bmerinofe's forensic file recovery post module
2013-05-01 08:13:08 -05:00
jvazquez-r7
a201391ee6
Clean recovery_files
2013-04-30 13:18:32 -05:00
Meatballs
e2bf4882f0
Add domain join parse
2013-04-26 00:20:10 +01:00
Meatballs
235887ccb5
Finished
2013-04-25 23:25:05 +01:00
sinn3r
dfff20a3fc
Landing #1692 - Handles OSQL banners and responses
...
[Close #1692 ]
2013-04-22 13:58:44 -05:00
Antoine
0115833724
SyntaxError fixes
2013-04-21 20:22:41 +00:00
root
830715dc07
Applying changes
2013-04-16 00:28:39 +02:00
Tod Beardsley
a36c6d2434
Lands #1730 , adds a VERBOSE option checker
...
Also removes VERBOSE options from extant modules. There were only 5 of
them, and one was a commented option.
2013-04-15 15:32:56 -05:00
Tod Beardsley
29101bad41
Removing VERBOSE offenders
2013-04-15 15:29:56 -05:00
Meatballs
67791c12a5
Small tidy
2013-04-14 11:18:45 +01:00
Meatballs
9f95b59fa0
msftidy
2013-04-14 10:34:14 +01:00
Meatballs
4b4f77eb0f
Finalize
2013-04-14 10:32:56 +01:00
Tod Beardsley
65e5ed8950
Merge #1716 , version checker fix for UAC bypass
2013-04-09 09:00:30 -05:00
Tod Beardsley
ba86e14d43
Whitespace and caps fixes
2013-04-09 08:57:53 -05:00
HD Moore
e2b8d5ed23
Fix from David Kennedy, enable Windows 8 support
2013-04-09 02:07:40 -05:00
James Lee
a2d6f7bb17
Landing #1714 - Don't bomb out if there are no wireless interfaces
...
No redmine ticket reported.
2013-04-08 17:17:47 -05:00
root
f369584bbd
Timeout added
2013-04-08 23:32:07 +02:00
Meatballs
3660ad8c0a
Initial attempt
2013-04-07 23:03:43 +01:00
James Lee
ad46b46684
Landing #1463 , Meatballs' cdecl fixes
2013-04-04 22:58:59 -05:00
Tod Beardsley
cd4a410682
Forgot an end. Dangit.
2013-03-31 23:24:50 -05:00
Tod Beardsley
ac858c81a5
Deal with other osql banners and responses
...
Not sure where those other banners come from, but keeping them as
positive responses regardless.
[FixRM #7862 ]
2013-03-31 23:20:05 -05:00
Borja Merino
d08640726b
added post module forensics recovery files
2013-03-30 01:59:41 +01:00
jvazquez-r7
353f02cdcc
move word_unc_injector to gather dir
2013-03-27 16:23:19 +01:00
jvazquez-r7
ed23fe6502
Merge branch 'post-word_unc_injector.rb' of https://github.com/SphaZ/metasploit-framework into SphaZ-post-word_unc_injector.rb
2013-03-27 16:21:54 +01:00
jvazquez-r7
ef11a584f4
work on word_unc_injector
2013-03-27 11:17:29 +01:00
sinn3r
dea48b459f
Merge branch 'download_exec_shell' of github.com:jvazquez-r7/metasploit-framework into jvazquez-r7-download_exec_shell
2013-03-22 12:53:36 -05:00
Tod Beardsley
d908050808
Merge epo_sql fix from neinwechter
...
Easy, sensible fix -- since report_auth_info uses full_user, print_good
should too.
[Closes #1629 ]
2013-03-22 11:22:24 -05:00
Nathan Einwechter
096ec9a5d7
Fix to print out correct/full username
2013-03-22 10:22:24 -04:00
jvazquez-r7
f27333567f
use bash or sh according to availability
2013-03-21 17:26:56 +01:00
jvazquez-r7
370f849e29
cleanup for download_exec
2013-03-21 09:24:02 +01:00
Doug P
39b1ad8bd6
spacing cleanup
2013-03-21 00:21:10 -04:00
Doug P
837d426ff0
removed an extra space
2013-03-21 00:18:35 -04:00
Doug P
08029ca2e8
edited Description
2013-03-21 00:17:55 -04:00
Doug P
edd85ccd69
added wget support
2013-03-21 00:09:22 -04:00
SphaZ
804e2cfa3a
small fixup of unused old vars
2013-03-20 21:31:28 +01:00
SphaZ
b275797ba2
Used msf file mixin where possible and more in memory handling
2013-03-20 21:25:07 +01:00
jvazquez-r7
54f22ed06c
check if curl is on the path
2013-03-20 17:31:48 +01:00
Joshua Abraham
9948d1ec12
change from vcmd_exec to a method in the module
2013-03-19 20:40:25 -04:00
Joshua Abraham
07d78af421
Linux post module to download and run a command
2013-03-15 10:13:56 -04:00
James Lee
2160718250
Fix file header comment
...
[See #1555 ]
2013-03-07 17:53:19 -06:00
jvazquez-r7
92ee4300df
cleanup for reflective_dll_inject
2013-03-04 17:40:09 +01:00
jvazquez-r7
582395412f
Merge branch 'post_ref_dll_inj' of https://github.com/Meatballs1/metasploit-framework into Meatballs1-post_ref_dll_inj
2013-03-04 17:39:11 +01:00
sinn3r
3334257aa4
Merge branch 'bug/fix_screenspy' of github.com:kernelsmith/metasploit-framework into kernelsmith-bug/fix_screenspy
2013-02-26 13:54:47 -06:00
Meatballs
15d505f7a9
Msftidy
2013-02-22 22:09:19 +00:00
Meatballs
0ea7247a43
Initial commit
2013-02-22 22:05:29 +00:00
SphaZ
ff508fa222
msftidy
2013-02-14 21:51:50 +01:00
SphaZ
91f89f8c68
Rewrite of module after auxilliary. Also moved to post/windows
2013-02-14 21:41:19 +01:00
kernelsmith
8a91f0d7ec
rescue ENOENT as well
2013-02-14 14:04:45 -06:00
Meatballs
a6fea39583
Change to wldap to allow cdecl
2013-02-08 21:01:22 +00:00
James Lee
e3ee0d7913
Don't try to download '.' or '..' as files
2013-02-08 11:25:17 -06:00
SphaZ
3883b0d0da
added word_unc_injector post module
2013-02-01 07:51:30 +01:00
sinn3r
4d7daacfb4
I wanna know where it's stored
2013-01-31 11:55:11 -06:00
sinn3r
13da4181c5
Merge branch 'feature/rm7605-version-for-MSCACHE-v1-and-v2' of github.com:lmercer-r7/metasploit-framework into lmercer-r7-feature/rm7605-version-for-MSCACHE-v1-and-v2
2013-01-31 11:51:55 -06:00
jvazquez-r7
174ab31010
Moving reused methods to Accounts mixin
2013-01-31 12:59:55 +01:00
kernelsmith
345c5f32cc
keep it from migrating more than once into explorer.exe
...
thanks for noticing egypt
we should add a migrate_explorer to the post api
2013-01-30 15:40:02 -06:00
jvazquez-r7
1e1cbd7445
Merge branch 'wldap32_railgun' of https://github.com/Meatballs1/metasploit-framework into Meatballs1-wldap32_railgun
2013-01-30 21:01:31 +01:00
kernelsmith
e1c037e523
Better error handling
2013-01-30 12:06:57 -06:00
kernelsmith
f649cd53ad
removed commented out code (again)
...
thanks egypt
2013-01-30 11:31:10 -06:00
kernelsmith
32a5a009d6
change loot type to image/jpg
...
thanks egypt
2013-01-30 11:28:47 -06:00
sinn3r
de544dc3d4
Handle multiple IPs
2013-01-30 11:25:43 -06:00
kernelsmith
6659459de5
del Version ref and change platform windows -> win
...
per sinner's comments, thanks sinner.
2013-01-30 10:56:49 -06:00
kernelsmith
80a0f0694d
add 'auto' & 'none' VIEW_CMD, fixed looting, ch defaults
2013-01-30 00:49:48 -06:00
sinn3r
c5ab059a1a
Really fix the :host key
2013-01-29 18:24:11 -06:00
sinn3r
8a9dba2ffe
Updates host info
2013-01-29 16:35:36 -06:00
sinn3r
77ea5a40f5
Do report_auth_info
2013-01-29 14:19:42 -06:00
lmercer
da5436e565
Made changes as described in Redmine issue 7605
2013-01-28 23:29:50 -05:00
sinn3r
ca70041f32
Adds a post module that loots chap-secrets
2013-01-28 16:23:26 -06:00
jvazquez-r7
fbbac2bd51
make module msftidy compliant
2013-01-24 21:37:04 +01:00
jvazquez-r7
2419e55603
Merge branch 'feature/rm7581-sudo-improved-with-PASSWORD-option' of https://github.com/lmercer-r7/metasploit-framework into lmercer-r7-feature/rm7581-sudo-improved-with-PASSWORD-option
2013-01-24 21:36:40 +01:00
lmercer
3b65f31d95
post/multi/manage/sudo improved with the PASSWORD option
...
as described in Redmine Feature #7581
2013-01-23 15:23:40 -05:00
Tod Beardsley
d354982345
Fix grammar on description for webcam
2013-01-23 14:00:34 -06:00
sinn3r
933f807745
Msftidy cleanup + handling return values better
2013-01-22 23:53:00 -06:00
sinn3r
dab2952d60
Merge branch 'picasa' of github.com:charles-n2netsec/metasploit-framework into charles-n2netsec-picasa
2013-01-22 22:54:45 -06:00
Charles Smith
9671df4488
Picasa 2 credentials are now also saved as loot
...
This module used to save only Picasa 3 credentials as loot. Picasa
2 creds were displayed, but not saved. I've updated the module to
save Picasa 2 credentials, and I also updated the output code to
use print_good instead of print_status.
2013-01-22 15:46:47 -05:00
jvazquez-r7
08062597b9
fix data added to table
2013-01-22 12:07:16 +01:00
jvazquez-r7
dce4e7fc08
Merge branch 'filezilla_server_bugs' of https://github.com/charles-n2netsec/metasploit-framework into charles-n2netsec-filezilla_server_bugs
2013-01-22 12:06:44 +01:00
sinn3r
8b70a94b34
Updates the progress function
...
Because the previous one was wrong.
2013-01-21 00:30:43 -06:00
Meatballs1
dcaf2abc53
Better feedback for x86
2013-01-20 00:22:30 +00:00
Meatballs1
567185ec65
Better cleanup and address comments
2013-01-20 00:19:17 +00:00
Meatballs1
771baa3181
Added x64 check and options to info
2013-01-19 23:23:45 +00:00
Tod Beardsley
ef97b20cb7
Merge branch 'wds_unattend'
2013-01-18 14:42:00 -06:00
jvazquez-r7
75109114df
Merge branch 'post_mod_record_mic' of https://github.com/wchen-r7/metasploit-framework into wchen-r7-post_mod_record_mic
2013-01-18 00:25:01 +01:00
Charles Smith
892899acd5
Fixed loot formatting so data is under the proper column
...
The credentials table was defined with the columns "User", "Password", "Host", "Port", and "SSL". Credentials were not added in that order, however. They were added in the order "host, port, user, password, ssl" in this line:
credentials << [cred['host'], cred['port'], cred['user'], cred['password'], cred['ssl']]
I changed the order the columns were defined to fix this.
The permissions table had a similar issue. The "FileWrite" column was missing, so I added it. I also moved the "Home" column to after the "AutoCreate" column. Now the line:
permissions << [perm['host'], perm['user'], perm['dir'], perm['fileread'], perm['filewrite'], perm['filedelete'], perm['fileappend'],perm['dircreate'], perm['dirdelete'], perm['dirlist'], perm['dirsubdirs'], perm['autocreate']]
works correctly.
2013-01-17 16:52:02 -05:00
Charles Smith
624ef9a329
Fixed a typo in the skype_enum module.
...
"platfom" instead of "platform" fixed.
2013-01-17 14:04:52 -05:00
sinn3r
419b32b742
Can be used against multiple platforms since it supports java
2013-01-17 12:45:03 -06:00
sinn3r
ff11cfe6e5
Avoid saying "webcam", might be misleading.
2013-01-17 12:30:02 -06:00
sinn3r
f351db3621
Implements the record_mic feature as a post module
...
For easier deployment in the web GUI. Works for Windows meterpreter
and Java meterpreter.
2013-01-17 12:19:52 -06:00
jvazquez-r7
57359304a3
Merge branch 'webcam' of https://github.com/wchen-r7/metasploit-framework into wchen-r7-webcam
2013-01-17 16:56:55 +01:00
jvazquez-r7
09b4a09ce1
module razer_synapse cleanup
2013-01-17 16:53:00 +01:00
jvazquez-r7
99296006c1
Merge branch 'razer_synapse.rb' of https://github.com/smilingraccoon/metasploit-framework into smilingraccoon-razer_synapse.rb
2013-01-17 16:52:26 +01:00
sinn3r
40ba075655
Implements the webcam feature as a post mod
...
As a post mod, we can deploy the webcam feature more easily against
multiple sessions in the web gui.
2013-01-17 02:41:16 -06:00
smilingraccoon
12e7949183
msftidy change
2013-01-15 21:23:49 -05:00
smilingraccoon
b2cd65e283
adding razer_synapse.rb
2013-01-15 21:14:49 -05:00
sinn3r
6508964171
For consistency with other post modules, also do a store_loot
2013-01-15 12:16:32 -06:00
jvazquez-r7
1e64d36320
avoid begin rescue blocks
2013-01-15 02:05:58 +01:00
jvazquez-r7
3eaa07afae
documenting magic numbers
2013-01-14 19:43:34 +01:00
jvazquez-r7
530df0acf0
delete comments
2013-01-14 19:22:39 +01:00
jvazquez-r7
57be789f2c
Fix comments by egypt
2013-01-14 19:22:02 +01:00
jvazquez-r7
40fc861eee
Added post module for BulletProof FTP Client
2013-01-14 13:50:10 +01:00
Christian Mehlmauer
6654faf55e
Msftidy fixes
2013-01-04 09:29:34 +01:00
sinn3r
d17a6f99e5
Merge branch 'feature/deprecated-module-mixin' of github.com:jlee-r7/metasploit-framework into jlee-r7-feature/deprecated-module-mixin
2013-01-04 00:38:01 -06:00
Christian Mehlmauer
8f2dd8e2ce
msftidy: Remove $Revision$
2013-01-04 00:48:10 +01:00
Christian Mehlmauer
25aaf7a676
msftidy: Remove $Id$
2013-01-04 00:41:44 +01:00