460778738d
Initial version works
2015-12-18 00:00:21 +00:00
41c2d12e0c
Tidy up initial print
2015-12-17 23:41:18 +00:00
09fb37db6b
Add status updates (useful if there are a large number of groups)
2015-12-17 23:07:02 +00:00
2bcea91b15
Differentiate between user and group errors
2015-12-17 22:57:30 +00:00
85c4e89526
Process user levels
2015-12-17 22:55:02 +00:00
7c145c45e8
add LDAP_MATCHING_RULE_IN_CHAIN oid (from my adsi rework earlier)
2015-12-17 22:44:35 +00:00
f2b038f4b3
Begin loop to grab effective users of each group
2015-12-17 22:39:56 +00:00
c98519e0b9
Get groups using ADSI
2015-12-17 22:35:51 +00:00
7b019bddf4
Initial version, just basing it on the ad_users module
2015-12-17 22:14:14 +00:00
e17a7a5d8c
Fix attributes
2015-12-17 21:38:42 +00:00
59d5626ef7
Bugfix
2015-12-17 21:36:19 +00:00
cba1ddbdc2
rubocop
2015-12-16 22:38:05 +00:00
47e484408f
rubocop
2015-12-16 22:31:54 +00:00
9eef27e4c1
Removed snake case and added SID translation call
2015-12-16 22:31:22 +00:00
cc3ac3ad95
Removed trailing line spaces
2015-12-16 22:28:27 +00:00
58635be237
Try to unpack the SID from hex to normal cut/paste format. Its a mess.
2015-12-16 22:27:52 +00:00
421a29d998
Added the trust types from MSDN
2015-12-16 22:18:28 +00:00
fbe0cfde8f
Fixed URL for trustDirection reference
2015-12-16 22:16:33 +00:00
fd8405f52d
added trustDirection
2015-12-16 22:15:10 +00:00
4da8859e57
added trustAttributes
2015-12-16 22:13:00 +00:00
207a964117
Loop through results
2015-12-16 21:52:30 +00:00
087a01f27f
Templated table
2015-12-16 21:40:49 +00:00
fdf1a8c235
Updated with the LDAP fields to retrieve
2015-12-16 21:39:33 +00:00
ed4cf71ca8
Initial add (templated from Ben's bitlocker module)
2015-12-16 21:26:02 +00:00
c9c1dd22ee
Added custom LDAP filter to ad_groups and ad_users to save having to use meterpreter's adsi interface
2015-12-16 10:38:38 +00:00
2c29298485
undoing this, put in a separate module
2015-12-15 23:16:21 +00:00
5dd8cb7648
proper type conversions
2015-12-15 23:13:02 +00:00
fef9a84548
rubocop
2015-12-15 23:12:14 +00:00
a2b30ff16e
msftidy
2015-12-15 23:11:40 +00:00
281966023c
Final version
2015-12-15 23:10:06 +00:00
7fa453b7ff
Added module
2015-12-15 22:31:00 +00:00
059de62400
Editing an existing module rather than adding a new one
2015-12-15 21:36:39 +00:00
4a66b487de
Based on putty enum module
2015-12-15 21:28:13 +00:00
b085989923
Land #6266 , rsync creds scraper
2015-12-14 11:37:30 -06:00
39da306b1d
Land #6057 , @danilbaz's module for dumping Bitlocker master key (FVEK)
2015-12-08 18:16:39 -08:00
ed8076f361
Merge branch 'master' into pr/6197
2015-12-08 12:08:15 -08:00
2177b979fd
Update SessionTypes command to describe why shell is not listed
2015-12-08 12:06:47 -08:00
3890961155
Correct SEP client exclusion enumeration
2015-12-08 10:16:25 -08:00
be5f648969
manage-bde.exe path test if in System32 or sysnative
2015-12-08 16:14:13 +01:00
db788d1b7c
Land #6238 , CmdStager BOURNE_{PATH,FILE} options
2015-12-07 12:34:42 -06:00
f6417df9ba
Update enum_av_excluded to work properly under wow64
2015-12-04 17:13:43 -08:00
ad60a4118e
Put admin and client exclusions in different tables
2015-12-04 13:01:28 -08:00
c92365090f
Simpler
2015-12-04 12:38:25 -08:00
e7d2eb6ad9
Wire in support for showing process and file extension exclusions
2015-12-04 12:35:42 -08:00
78a303974f
Handle empty exclusions better
2015-12-04 12:19:17 -08:00
81ee01a93e
Simplify exclusion extraction and printing
2015-12-04 11:42:03 -08:00
1968a76863
Simplify AV enumeration code
2015-12-04 10:27:14 -08:00
fc9d818837
change youtube url
2015-12-04 10:15:56 +01:00
b4ade1989a
Add IE support for stored passwords
2015-12-04 00:13:42 -08:00
28ee056c32
Make enumeration of each individual AV optional
2015-12-03 16:07:49 -08:00
c007fffbce
Style cleanup
2015-12-03 15:55:12 -08:00
78d391fa10
Rubocop
2015-12-02 14:54:30 +00:00
99dceb33ac
Added 'ALL' support (to do TCP and UDP in one go)
2015-12-02 14:50:16 +00:00
15dd18dc4b
use single quotes, remove explicit nil
2015-12-02 09:36:07 +00:00
366b92a79e
Store rsync creds as creds, not loot
2015-12-01 15:30:39 -08:00
b66be85ccb
Rubocop
2015-12-01 22:32:04 +00:00
d5c0da5e19
Added 33434-33534 because this is the default udp range for traceroute (might be enabled by sysadmins to enbale traceroutes to work)
2015-12-01 22:31:12 +00:00
74a07709b8
Use the Comm param instead of adding a route as suggested by @jlee-r7 and hdm
2015-12-01 21:42:27 +00:00
c744b14a8a
Exclude python meterpreter, doesn't seem to work
2015-11-29 20:40:42 +00:00
6a3172268e
Fixed module metadata
2015-11-29 19:32:55 +00:00
2bc5b98d6e
Rubocop fixing alignment of ifs and ends
2015-11-29 19:17:49 +00:00
8b4649e75c
Working through rubocop issues
2015-11-29 19:11:10 +00:00
9267afc18b
Rubocop
2015-11-29 19:06:24 +00:00
9a6f0d6734
Reducing complexity (rubocop)
2015-11-29 19:06:07 +00:00
b5909852a9
Rubocop
2015-11-29 19:02:33 +00:00
d4bb5537b2
Fixed stupid paste error
2015-11-29 19:02:15 +00:00
fd7a6465c6
Attemping to simplify code
2015-11-29 19:01:34 +00:00
10f89239a5
rubocop
2015-11-29 18:59:40 +00:00
6a567845e0
Tidy up error messages
2015-11-29 18:54:46 +00:00
12dbe31bee
Apparently adding .close causes it to hang
2015-11-29 18:49:51 +00:00
41d963eeb1
Debugging
2015-11-29 18:34:26 +00:00
b6dfafaeb7
Stabilised code, still giving errors on threads>1 in native mode though
2015-11-29 18:14:19 +00:00
e18f8b5e21
Now works for both TCP and UDP
...
However, it gives 'interrupted by console user' as an error message for no reason (?timeouts?)
2015-11-29 17:53:04 +00:00
98e0050e8c
Fixed 'end' bugs (mismatched blocks)
2015-11-29 16:20:33 +00:00
af106737b9
Adding both native and winapi options, split out to functions & fix up
2015-11-29 16:17:07 +00:00
59bd88ff70
msftidy
2015-11-27 16:45:52 -05:00
9c016343c7
Update to logic and reliability
...
Included support for Windows Defender
Rewrote logic to support hosts with multiple AV products installed
2015-11-27 16:41:40 -05:00
f492a1d80a
Merge branch 'master' of https://github.com/rapid7/metasploit-framework into post_multi_egress_traffic
2015-11-26 14:41:55 +00:00
5ffeaddf1e
Added help
2015-11-26 14:01:40 +00:00
1ce0386d01
Reusing port array generation code
2015-11-26 13:59:15 +00:00
9d747e67a3
Fix bugs in new Firefox creds storage
2015-11-25 21:28:07 -08:00
a692a5d36c
Remove Platform, this should work everywhere; correct grammar
2015-11-25 11:23:18 -08:00
55b3e10390
Land #6258 , smart_migrate enhancement
2015-11-24 11:30:29 -06:00
09d4bd8175
Added basic function definition for non-Win32API egress
2015-11-24 15:38:06 +00:00
4ea732716a
Added file
2015-11-24 15:37:44 +00:00
f0271c04ab
Merge remote-tracking branch 'origin/master' into post_multi_egress_traffic
2015-11-24 15:27:38 +00:00
16e6ced867
Land #6108 , OpenVPN creds scraper
2015-11-23 14:25:19 -06:00
601d4fda9f
Add note about --auth-nocache
2015-11-23 14:24:26 -06:00
718e928fe3
Control per-user config file
2015-11-23 11:11:03 -08:00
493e476a43
Land #6243 , check nil for sock.read
2015-11-23 11:15:51 -06:00
93bb31dfa0
Make path to rsyncd configuration file configurable
2015-11-21 19:50:33 -08:00
f34c7a8594
Support for new Firefox method to store credentials
2015-11-20 23:42:59 -08:00
aa962f30a9
Minor style/usability cleanup
2015-11-20 13:51:31 -08:00
a96102c20a
Minor cleanup
2015-11-20 13:19:38 -08:00
c75e3c8e84
Initial commit of a post module for looting rsync credentials
2015-11-20 12:57:33 -08:00
5592e4e4ea
seek_relative suppression (use seek instead)
2015-11-20 18:30:51 +01:00
dd027982ae
if recovery_key specified, only method that is tried
2015-11-20 18:30:50 +01:00
f49d6905a6
Fix comments by @jhart-r7
2015-11-20 18:30:50 +01:00
8f135c07aa
Remove hard coded C:\Windows and use %SYSTEMROOT%
2015-11-20 18:30:49 +01:00
7d9d74f609
msftidy...
2015-11-20 18:30:49 +01:00
c8847182d7
Add module to dump Bitlocker master key (FVEK)
2015-11-20 18:30:48 +01:00
f1675f9ae4
Minor enhancement to smart_migrate
...
Adding a check to see if the user is currently already migrated to the "explorer.exe" and "winlogon.exe" processes prior to attempting migration.
2015-11-19 13:30:12 +00:00
811167442c
Re-disable debugging nodelete
2015-11-17 13:10:03 +00:00
ac99f9c229
Fix condition
2015-11-17 00:52:42 -02:00
f69e7c0fb3
Fix condition
2015-11-17 00:49:04 -02:00
a48d0b275b
Added check if the commands executed successfully.
2015-11-17 00:07:31 -02:00
f6fdabfd77
Land #6239 , added Session info display to module output
...
MS-706
2015-11-16 18:10:58 -06:00
17a1f2ee8a
Fix #6242 , Check nil for sock.read
...
Fix #6242
2015-11-16 14:24:46 -06:00
a1ab8f1dc7
added Session info display to module output
...
output from the mssql_local_auth_bypass module
is now prefixed with the Session id and address
of the target host so it is explicitly clear
where it is performing each action
MS-706
2015-11-16 12:13:26 -06:00
2b99969f9a
quote paths to allow spaces
2015-11-15 00:14:30 +00:00
e3f25fd6e2
Add support for specifying path, file in bourne dropper
2015-11-14 18:31:11 +00:00
38ca943219
Remove unneeded width arg
2015-11-13 11:49:50 -08:00
4604f8cd83
Move cowsay to Rex::Text so that everyone can enjoy it ;)
2015-11-13 08:57:48 -08:00
211da2746e
Support cookie auth key decryption
2015-11-11 16:26:07 -08:00
15cfa925c8
Document the cloud mess
2015-11-11 12:06:53 -08:00
a328675f77
Add simulated cowsay support to wall
2015-11-11 11:54:46 -08:00
8d21a91f3e
Add initial wall module
2015-11-11 09:15:32 -08:00
8f86b2519f
Resolve 'duplicate key warning' for some modules
2015-11-09 18:40:32 -08:00
43229c16e7
Correct some authors with unbalanced angle brackets
2015-11-06 13:24:58 -08:00
c44ecfeb15
Spacing
2015-11-06 10:55:29 -05:00
e4d8909815
Initial Commit
2015-11-05 20:43:30 -05:00
20679ea6c6
Land #5720 , @g0tmi1k's changes to firefox_creds post module
2015-11-05 15:36:08 -06:00
b0f92b49a2
Print vault passwords
2015-11-01 21:47:00 -08:00
95920b7ff6
Bring back more working links
2015-10-29 15:57:16 -05:00
154fb585f4
Remove bad references (dead links)
...
These links are no longer available. They are dead links.
2015-10-27 12:41:32 -05:00
e67065a7e9
Fix Firefox/Opera bugs
2015-10-26 22:40:47 -07:00
da9420a915
Retrieve randkey from LastPass
2015-10-26 19:17:09 -07:00
0bce90654f
Changed path to save dump data
2015-10-22 15:11:55 -02:00
467ae52ec3
Remove redundant check
2015-10-21 13:12:45 -02:00
0784370b98
more typo and whitespace fixes
2015-10-20 13:09:17 -05:00
2f1406e1c8
fix typo
...
not sure how this got in there
2015-10-20 13:48:00 -04:00
78d5e52dd6
Add OpenVPN Grab Credentials - Post Module
2015-10-19 23:11:02 -02:00
20366993e3
Land #5937 , use the Android mixin to get the Android version
2015-10-16 14:23:27 -05:00
c967b60bf8
Land #5948 , @bcook-r7's fix shell_to_meterpreter from powershell
2015-10-02 15:59:43 -05:00
6468eb51b2
Do changes to have into account powershell sesions are not cmd sessions
2015-10-02 15:26:42 -05:00
d551f421f8
Land #5799 , refactor WinSCP module and library code to be more useful and flexible
2015-10-01 14:35:10 -05:00
2e2d27d53a
Land #5935 , final creds refactor
2015-10-01 00:25:14 -05:00
8866b15f3b
Fix creds reporting
2015-10-01 00:24:43 -05:00
f3451eef75
Land #5380 , pageantjacker, an SSH agent proxy
2015-09-26 10:52:44 -04:00
853d822992
Merge pull request #1 from bcook-r7/land-5380-pageantjacker
...
update pageantjacker to run as part of extapi
2015-09-23 09:45:53 +01:00
415fa3a244
Fix #5968 , some modules not handling Rex::Post::Meterpreter::RequestError exceptions
...
* Related to the usage of ADSI on unsupported OSes
2015-09-21 14:33:00 -05:00
cdd39f52b1
Merge branch 'master' of https://github.com/rapid7/metasploit-framework into pageant_extension
2015-09-21 14:34:56 +02:00
e8e4f66aaa
Merge branch 'master' of ssh://github.com/stufus/metasploit-framework into pageant_extension
2015-09-21 14:34:38 +02:00
61e7e1d094
update pageantjacker to run as part of extapi
2015-09-20 20:25:00 -05:00
5f9f66cc1f
Fix nil bug in SSO gather module
2015-09-11 02:21:01 -05:00
a1a7471154
Land #5949 , is_root? for remove_lock_root
2015-09-11 02:09:14 -05:00
e9e4b60102
move require 'msf/core/post/android' to post.rb
2015-09-11 01:58:12 -05:00
f2ccca97e0
Move require 'msf/core/post/android' to post.rb
2015-09-11 01:56:21 -05:00
90ef9c11c9
Support meterpreter for OS X post modules
2015-09-10 15:57:43 -05:00
30cb93b4df
Land #5940 , @hmoore-r7's fixes for busybox post modules
2015-09-08 15:12:23 -05:00
122d57fc20
Land #5945 , Add auto-accept to osx/enum_keychain
2015-09-08 10:56:08 -05:00
13afbc4eae
Properly check root for remove_lock_root (android post module)
...
This uses the Msf::Post::Android::Priv mixin.
2015-09-08 10:40:08 -05:00
1b320bae6a
Add auto-accept to osx/enum_keychain.
2015-09-07 21:17:49 -05:00
ec5cbc842e
Cosmetic cleanups
2015-09-05 22:56:11 -05:00
8c0b0ad377
Fix up jailbreak commands & regex for success detection
2015-09-05 22:54:07 -05:00
da0752e8c2
use fail_with
2015-09-04 15:12:05 -05:00
7ab506dc06
Use Msf::Post::Android::System#get_build_prop to get the android ver
...
Instead of grabbing the android version from the module, this
is done by the mixin.
2015-09-04 15:05:45 -05:00
eaf51a2113
Land #5722 , @vallejocc's busybox work
2015-09-04 13:36:44 -05:00
5dd0cee36a
Add comment
2015-09-04 13:30:00 -05:00
8bfa5bcd09
Do some more minor code cleaning
2015-09-04 13:08:27 -05:00
ac49c80367
Do minor code cleanup
2015-09-04 12:46:21 -05:00
60d2856444
Use id instead of whoami
2015-09-04 12:02:21 -05:00
4fa58efaa0
Allow to configure the DOWNLOAD_TIMEOUT
2015-09-04 11:54:22 -05:00
2b2dec3531
Fixed typo direcotry.
2015-09-04 18:52:55 +02:00
319bc2d750
Use downcase
2015-09-04 11:18:09 -05:00
d55757350d
Use the latest credential API, no more report_auth_info
2015-09-04 03:04:14 -05:00
f0ef035a0b
Update the module titles to clarify what these do
2015-09-03 12:53:25 -05:00
630057e23f
Implement suggestions from the PR discussion
2015-09-03 12:42:51 -05:00
57c8038f07
Merge branch 'master' into land-5413
2015-09-03 12:38:19 -05:00
0f1530adc1
Merge branch 'master' into land-5412
2015-09-03 12:22:00 -05:00
9c7f97d124
Fix methods name schema
2015-08-28 13:26:52 -05:00
be7db10e7d
Fix busybox_write_file
2015-08-28 13:15:07 -05:00
c4a3b4f18e
Add busy_box_file_exist?
2015-08-28 11:56:12 -05:00
8faf6f9cd0
Fix require
2015-08-28 11:51:26 -05:00
e62b117fda
Include mixin correctly
2015-08-28 11:50:17 -05:00
132f5c6a20
Review jailbreak
2015-08-28 11:44:57 -05:00
e7f486e43a
Review wget_exec
2015-08-28 11:24:41 -05:00
edc9982c8b
Review smb_share_root
2015-08-28 11:18:49 -05:00
c2639fc138
Review set_dns
2015-08-28 11:00:46 -05:00
4523608bf7
Review set_dmz
2015-08-28 10:43:09 -05:00
b59bc30160
Fixed stupid bracket error
2015-08-28 16:13:22 +01:00
0e810aa8bc
Clean ping_net
2015-08-28 09:53:31 -05:00
8bf815c4bb
rubocop
2015-08-28 15:39:02 +01:00
42b342d615
Clean enum_hosts
2015-08-28 09:37:18 -05:00
dfdb4fe044
Review enum_connections
2015-08-28 09:28:12 -05:00
577656a78e
Change modules location
2015-08-28 09:17:23 -05:00
b8b68983b0
Merge remote-tracking branch 'upstream/master' into adsi_group_enum_improvements
2015-08-28 15:11:27 +01:00
f371a1c4fc
Added the ability to list AD groups by POST module
2015-08-28 15:10:48 +01:00
8682ec77c5
Added group filtering to the enum_ad_users module
2015-08-28 15:10:27 +01:00
eb43241425
Firefox_creds more stable/bug fixs (Linux/OSX)
2015-08-27 11:43:53 +01:00
a2d5511e39
Land #5379 , new post modules to load into powershell sessions
2015-08-26 17:11:40 -05:00
5633c1431f
Land #5821 , add explicit 64-bit pointer support to enum_cred_store
2015-08-24 09:44:36 -05:00
b37efd29b0
Modified module busybox_pingnet.rb to avoid sending an ash script but executing each ping command separately. Added some fixes. Modified spec file for busybox.rb.
2015-08-23 12:17:17 +02:00
fb2adb2e51
Check blank bullprop, also better instructions for the user.
2015-08-23 02:20:51 -05:00
0f3e96b457
Merge branch 'upstream-master' into pr5416
2015-08-22 22:10:56 -05:00
d264802ce0
Consistency and API conformance changes to LES
2015-08-21 12:38:58 -05:00
4a91dfdcf5
Land #5873 , report_note for local_exploit_suggester
2015-08-20 17:52:33 -05:00
b20a283617
Added report_note to suggester
2015-08-20 13:57:16 -05:00
a9ad7b7c6f
Modifications to use cmd_exec instead of session.shell_write.
...
Refactoring of common functions to a new Post mixin /lib/msf/core/post/linux/busybox.rb.
2015-08-17 18:24:22 +02:00
e7433b81bd
Reuse architecture check
2015-08-17 10:28:10 -05:00
5dd015150c
Land #5748 , refactor google geolocate, add wlan_geolocate and send_sms to android meterpreter
2015-08-16 10:58:17 -05:00
8800d89424
Updated to reflect HD's comments on indents and name of local script.
2015-08-16 10:47:20 +01:00
9720e8e081
normalize osx to darwin so python meterp works
2015-08-15 19:49:55 -05:00
422bba87d3
style fixes, moved google_geolocate to google/geolocate
2015-08-15 19:49:32 -05:00
0a4651a553
Land #5359 , add PuTTY session enumeration module
2015-08-14 13:20:05 -05:00
ee7c418ca8
Rubocop and msftidy-ied :-)
2015-08-14 17:19:07 +01:00
02a58d459b
Merge remote-tracking branch 'upstream/master' into pageant_extension
2015-08-14 17:05:38 +01:00
e2b6c11a3e
Update
2015-08-14 16:24:52 +01:00
50041fad2a
Pre-Bloggery cleanup
...
Edited modules/auxiliary/gather/lansweeper_collector.rb first landed in
and minor description word choice changes.
Edited modules/auxiliary/server/browser_autopwn2.rb first landed in
options. Also removed from the description the missing options of
'WhiteList' and 'RealList' -- those don't appear to be available
according to `show options` and `show advanced`, @wchen-r7.
Edited modules/post/multi/recon/local_exploit_suggester.rb first landed
in #5823 , mv local_exploit_{suggestor,suggester} for minor description
cleanup and axing the description of the SHOWDESCRIPTION option (it's
already described identically on the option itself).
2015-08-13 12:33:04 -05:00
80f415074b
Land #5823 , mv local_exploit_{suggestor,suggester}
2015-08-11 13:52:55 -05:00
7f0d992914
Fixed name typo
2015-08-11 11:51:52 -05:00
76f6312fab
Fix #3916 Support 64 bits targets on enum_cred_store
2015-08-10 15:16:12 -05:00
5ff61ca5f3
Added modules to jailbreak and control remotely BusyBox based devices. It was added to a word list with default credentials typically used by commercial routers.
2015-08-10 18:29:41 +02:00
c197e5224d
Store loot
2015-08-01 20:52:25 +01:00
deb6f5638e
Update WinSCP Gather
...
* Refactor parsing to common library to support command line tool
* Look in APPDATA not just ProgramFiles
* Iterate over user APPDATA
2015-08-01 20:44:14 +01:00
affc86bfd9
Land #5779 , make cachedump / lsa_secrets work on 64-bit windows
2015-07-31 16:25:47 -05:00
629afd86fc
Land #5788 , local exploit suggestor
...
Good luck getting Mr. Robot, Elliot.
2015-07-31 11:43:53 -05:00
34279776a6
Minor edit
2015-07-30 18:40:41 -05:00
fc4fdba482
Merge branch 'suggestor' of https://github.com/MSadek-r7/metasploit-framework into pr5788
2015-07-30 18:31:49 -05:00
08338b73b2
Add get_target_arch and get_target_os
...
We cannot use session.platform to fingerprint the target's platform
and arch, because it's not really meant to be used that way.
2015-07-30 18:26:41 -05:00
af55ef7352
Added session.present?
2015-07-30 10:10:42 -05:00
7aa78dfd4e
Revamped os, platform, arch detection. Added count for exploits being tried
2015-07-30 09:36:02 -05:00
1521c8f87e
Reworded to no suggestions available
2015-07-29 17:40:27 -05:00
66489202fc
Added error message if no exploits are found
2015-07-29 17:31:23 -05:00
b58c6248fe
Fixed ShowDescription bug
2015-07-29 16:52:06 -05:00
2cddfda0a0
wchen-r7's fixes, fixed indentation, removed newlines, added desc.
2015-07-29 16:13:50 -05:00
c725f74d46
Add Local Exploit Suggestor
...
Resolve #5647
2015-07-29 13:19:51 -05:00
a342a9db10
Another sticky keys ref, from @carnal0wnage
2015-07-29 12:32:38 -05:00
8043e5a88e
Add a reference to the sticky keys exploit
2015-07-29 12:31:43 -05:00
ee66cadde2
Don't use bullet points in descriptions
...
They never render correctly in anything other than a text editor.
modules/post/windows/manage/sticky_keys.rb first landed in #5760 ,
Sticky Keys post module
2015-07-29 12:29:09 -05:00
ff9b975576
Land #5701 , @g0tmi1k's filezilla_server refactor
2015-07-29 11:13:22 -05:00
e966545e08
Fix mask
2015-07-29 09:13:37 -05:00
38e952ba07
Python -> Ruby
2015-07-29 10:55:28 +01:00
a3365a9c7f
Add key, 2fa, iterations and otp support
2015-07-28 00:15:08 -07:00
ab7ffb1a08
Fich cachedump
2015-07-27 17:26:53 -05:00
704c8cadd9
Fix lsa_secrets
2015-07-27 16:19:01 -05:00
7c3e79f72d
Smarter way to download via meterpreter
...
...less chance of data crupterion
2015-07-27 19:49:06 +01:00
4dd2c31b44
Land #5760 , Sticky Keys post module
2015-07-23 17:12:31 -05:00
06ed7ba574
Add a comma
2015-07-23 17:12:17 -05:00
ebdbb179ce
Last of the style fixes
2015-07-24 08:09:25 +10:00
db7fadfc36
Fix indentation
2015-07-24 08:08:01 +10:00
616e1ddd68
Change enum to action, a couple of tidies
2015-07-24 08:01:58 +10:00
a818dc4460
Land #5657 , misc fixes to domain_hashdump
2015-07-23 16:58:46 -05:00
e60f590f09
Add DisplaySwitch.exe support with WINDOWS+P
...
As per @mubix's request.
2015-07-24 07:20:31 +10:00
1dd765d6e6
Remove trailing spaces
2015-07-23 13:17:34 +10:00
0f2692f24f
Fix up silly mistake with `fail_with`
2015-07-23 13:14:35 +10:00
691b13ebd8
Add the sticky_keys module
2015-07-23 12:53:47 +10:00
52e4f45ecd
Use the new thing in wlan_geolocate
2015-07-20 20:24:07 -05:00
d6e12d431f
Style and whitespace
2015-07-20 19:40:25 -05:00
425a9dc266
credit OJ
2015-07-17 13:47:17 -05:00
663bcbe53b
Avoid checking these system process names
2015-07-17 13:46:02 -05:00
d5c57d9d6e
Use creds API
2015-07-16 16:05:59 +01:00
e1b1db9f88
Fix stupid typo
2015-07-16 23:03:49 +10:00
986463e489
Fix killav post module, handle errors, better output
2015-07-16 11:35:01 +10:00
2735c035b5
fixed issues as requested.
...
fixed.
2015-07-15 20:36:19 -04:00
579fb5fb1f
Fixed
...
Fixed
2015-07-15 20:09:42 -04:00
c762e9e8d6
Fixed as requested.
...
I added the possibility to read from file, instead of modifying the module each time.
2015-07-15 20:02:18 -04:00
7520bc9a8a
Exported Killav into a post-exploitation module
...
I was unsure if this was the place to send the update.
2015-07-15 14:04:37 -04:00
074ed20f1c
Fix Firefox_Creds
...
...isn't perfect.
2015-07-14 13:33:48 +01:00
d795b2f831
Module cleanup
2015-07-11 19:40:21 +01:00
14d0d456f4
Fix FileZilla perm loot bug
2015-07-11 19:11:59 +01:00
c92d0d9df6
Fix FileZilla Server
2015-07-11 18:14:55 +01:00
632bcda345
Land #5652 , improve LAPS filter to reduce empty results
2015-07-03 15:02:39 -04:00
e843db78dc
put rhost option back
...
it is needed for the wmic query that
creates the shadowcopy
MSP-12867
2015-07-02 14:46:40 -05:00
7b2b526ea1
deregister unwated options
...
deregister mixin options that we don't need
for this module
2015-07-02 14:33:21 -05:00
8892cbdd10
Fix some minor things
2015-07-02 14:32:16 -05:00
cc51d1e8fd
use registry data for VSS grab
...
use the location data we got from the registry for copying
the NTDS.dit file correctly with the VSS method
2015-07-02 14:27:51 -05:00
89d283da09
check registry for ntds location
...
check the registry for the location of the ntds.dit
file
MSP-12867
2015-07-02 14:07:47 -05:00
95f19e6f1f
Minor description edits for clarity
...
Edited modules/exploits/multi/browser/adobe_flash_nellymoser_bof.rb
first landed in #5642 , Adobe Flash CVE-2015-3113 Nellymoser Audio
Decoding BOF
Edited modules/post/windows/gather/credentials/enum_laps.rb first landed
in #5590 , @Meatballs1 adds MS LAPS Enum post mod
Edited modules/post/windows/gather/enum_ad_bitlocker.rb first landed in
Keys from AD
2015-07-02 13:51:37 -05:00
42daf4d38b
fix up ordering of pre-checks
...
i hate early returns, but we need to bail out early
if some of these checks fail
MSP-12867
2015-07-02 11:52:02 -05:00
8a3873d730
Tweak filter to reduce empty results
2015-07-02 09:53:08 +01:00
a37ac1b089
Land #5590 , @Meatballs1 adds MS LAPS Enum post mod
2015-07-01 21:19:15 -04:00
399b3d2810
Land #5629 , moar cmd_exec refactoring
2015-07-01 00:36:19 -05:00
0e5e8032ad
Add Firefox 2FA support
2015-06-30 21:02:10 -07:00
5b0647a1f2
Add support to steal 2FA token
2015-06-29 22:20:38 -07:00
656e6f5c73
Fix windows enum modules
2015-06-29 11:56:38 -05:00
834c0e594a
Update multi modules
2015-06-29 11:36:28 -05:00
ae172691f2
Update linux gather post modules
2015-06-29 10:21:13 -05:00
2cbb107bba
Update enum_configs
2015-06-29 09:55:18 -05:00
093f339f6b
Land #5268 , @Meatballs1's post windows module to retrieve Bitlocker Recovery Keys from AD
2015-06-26 17:07:36 -05:00
600a296291
Do minor cleanup
2015-06-26 16:51:00 -05:00
31b7ef49d6
Solve conficts
2015-06-26 11:36:17 -05:00
9c4a96761e
Small tidyup
2015-06-23 23:10:29 +01:00
4392b7c1de
Enum LAPS
2015-06-23 23:02:22 +01:00
221980820a
Committed wrong file
...
This reverts commit 76c2198ef0
2015-06-23 23:01:59 +01:00
76c2198ef0
LAPS enum
2015-06-23 22:56:53 +01:00
f216841d01
Update enum_vbox
2015-06-22 17:54:17 -05:00
e696d2f3dc
Merge branch 'master' into land-5348-ntds
2015-06-22 17:18:13 -05:00
c20d2a1dd9
Update post/multi/gather/env
...
* Use cmd_exec
2015-06-22 16:20:46 -05:00
a309d99da9
Fix enum_osx
...
* Use cmd_exec
2015-06-22 16:09:30 -05:00
4475b7ec8e
Update enum_keychain
...
* Use cmd_exec
2015-06-22 14:30:46 -05:00
5a548c3792
Land #5453 , Update dbvis_enum to use the new cred API
2015-06-19 11:35:07 -05:00
2587595a92
Land #5556 , vprint_status fix
2015-06-19 11:24:54 -05:00
b349549754
Land #5464 , @wchen-r7 Updates razer_synapse to use the new cred API
2015-06-19 09:42:44 -05:00
6d2b7e05ef
Use downcase
2015-06-19 09:35:20 -05:00
80f6e902b6
Land #5463 , @wchen-r7 updates smartermail to use the new cred API
2015-06-19 09:29:34 -05:00
0d7ef6f04e
Pass username as symbol
2015-06-19 09:29:00 -05:00
fc35a53ac5
Pass options correctly
2015-06-19 00:14:58 -05:00
fc1417809e
Support hash format
2015-06-19 00:09:08 -05:00
ce9481d2b7
Inconstancy - If datastore['VERBOSE'] vs vprint
2015-06-18 09:27:01 +01:00
Stuart Morgan
William Vu
Jon Hart
BAZIN-HSC
Christian Mehlmauer
Martin Vigo
Rory McNamara
Andrew Smith
Louis Sato
sammbertram
Roberto Soares
wchen-r7
David Maloney
PsychoMario
jvazquez-r7
Brent Cook
Rob Fuller
Stuart
joev
HD Moore
jvicente
g0tmi1k
Mo Sadek
benpturner
Tod Beardsley
Meatballs
OJ
Samuel Huckins
James Lee
Marc-Andre Meloche
Spencer McIntyre