4ed32ad3e8
Add manager user attribute
2015-12-20 22:51:37 +00:00
9493b333df
rubocop
2015-12-20 21:22:03 +00:00
c394caad27
actually made the securitygroups only option do something
2015-12-20 21:19:24 +00:00
07caaf352b
made comment match purpose
2015-12-20 21:18:21 +00:00
c0a93433af
msftidy
2015-12-20 21:16:42 +00:00
89728fd8fe
Working version
2015-12-20 21:16:17 +00:00
ae09549057
New module, strating with managedby_groups
2015-12-20 20:17:06 +00:00
28e563659f
Added managedBy to group acquisition
2015-12-20 20:16:18 +00:00
d79fd9a9f3
Renamed the comments attribute to comment
2015-12-20 19:53:36 +00:00
924017e606
Moved trust enumeration to separate PR
2015-12-20 19:46:20 +00:00
43f8a35b12
Merge branch 'master' of https://github.com/rapid7/metasploit-framework into add_filter_to_ad_tools
2015-12-20 19:43:04 +00:00
2ddac42be7
Perform Rubocop cleanup
2015-12-19 23:33:32 -08:00
2fc940cc3e
Decrypt Chrome and Opera cookies and msdftify code
2015-12-19 22:19:20 -08:00
ab630166bb
Decrypt Chrome and Opera cookies and msdftify code
2015-12-19 21:40:30 -08:00
3a89d3cc70
Turns out that we dont need the report or accounts includes in there, so removing them for tidyness
2015-12-20 02:37:25 +00:00
c11c0ca7e0
Added comment about the UTF-8 encoding. This is an issue which is documented at https://github.com/rails/rails/issues/1965 ; namely that SQLite seems to treat ASCII text as a blob meaning that the text searches break. Encoding to UTF-8 seems to fix this.
2015-12-20 02:35:19 +00:00
2301658611
Working
2015-12-20 02:20:59 +00:00
7ce24969bb
rubocop fixes
2015-12-20 02:02:44 +00:00
d5436c6fae
msftidy is now silent
2015-12-20 02:01:11 +00:00
b8274cca01
Tested
2015-12-20 01:59:31 +00:00
b0eba24c5f
Fixed verbosity bug and tidied up
2015-12-20 01:55:44 +00:00
86294a869e
No longer need the sAMAccountType lookup table
2015-12-20 01:45:10 +00:00
cdf430e689
Fixed bug relating to forgetting to add columns to the schema
2015-12-20 01:44:26 +00:00
14f71eabdb
Completing processing the sAMAccountType value
2015-12-20 01:42:25 +00:00
5f5a297324
Adding u_, g_ and c_ parameters to the tables directly avoids most of the views
2015-12-20 01:30:24 +00:00
bb25c7606c
Restructuring to add SAM_ (userAccountControl) variables as fields directly
2015-12-20 01:28:25 +00:00
872aeccbb6
Significant simplified the hex-to-SID parsing code because we only want the RID out of it
2015-12-19 02:02:40 +00:00
07e5f03aba
Fixed
2015-12-19 01:58:29 +00:00
c7f8450775
Appears to work correctly
2015-12-19 01:11:20 +00:00
36392ac0cd
All works
2015-12-19 00:48:41 +00:00
82c3ec5f4b
Added views for users and groups table
2015-12-19 00:26:31 +00:00
ba9845818e
Appears to work for the computers table (tables and view)
2015-12-18 23:22:22 +00:00
cf8f0e2483
Added userAccountControl to the computer table. Note that computer and user LDAP entries are more or less the same (user is the parent for computer), but it makes sense just for sanity and ease of use to keep them separate.
2015-12-18 22:22:56 +00:00
eade245a9e
Added groupType attribute interpretation
2015-12-18 22:06:20 +00:00
e716cd79e3
Needed to use .zero? in the ? : if shorthand for the UAC variables
2015-12-18 21:55:55 +00:00
838f74ff74
Added table creation for userAccoutControl
2015-12-18 21:45:07 +00:00
6afcc13774
Requote file path
2015-12-18 15:41:38 -06:00
a065fc803c
fixed spacing
2015-12-18 21:38:54 +00:00
8821caa199
Added UserAccountControl constants
2015-12-18 21:37:31 +00:00
06a2bb53bd
Clean up module
2015-12-18 15:29:15 -06:00
6d6306f6e7
Added sAMAccountType constants from MSDN
2015-12-18 21:14:39 +00:00
5b07a35cef
Added LDAP filter to identify groups of interest
2015-12-18 14:10:00 +00:00
662010fce7
Added thread capability
2015-12-18 14:06:50 +00:00
0a75fa333c
msftidy
2015-12-18 12:14:22 +00:00
91c8c2b9dd
Trying to fix threads
2015-12-18 12:14:08 +00:00
6f50635ab2
Strange bug with memberOf param and trying to fix up threads
2015-12-18 11:49:17 +00:00
39bc23629a
Getting ready to add thread support
2015-12-18 10:56:41 +00:00
3c8ac89ba8
Added options to dump user membership and group membership to screen
2015-12-18 10:29:53 +00:00
8f95ad315e
Added extra user fields to database schema
2015-12-18 10:02:18 +00:00
fc45d70d25
Added extra user fields
2015-12-18 09:59:21 +00:00
b186aaa08d
Added extra computer fields
2015-12-18 09:55:13 +00:00
f8b402165c
Added extra computer fields
2015-12-18 09:51:04 +00:00
805ba1d7dd
Enumerate computers
2015-12-18 08:28:40 +00:00
98c6b56494
Added computer recon
2015-12-18 08:14:30 +00:00
ccb13a2ca6
Add full IE support and bug fixes
2015-12-17 20:29:50 -08:00
f13ca17de0
rubocop
2015-12-18 02:01:38 +00:00
38b6ad4dbf
msftidy
2015-12-18 02:00:57 +00:00
36adbadb11
Tidied up SQL searching and added file size indicator
2015-12-18 01:59:19 +00:00
eb38859ecc
Finally worked out how to use .map to make the SQL stuff far more elegant
2015-12-18 01:40:37 +00:00
1ba6b91968
More accurate description
2015-12-18 01:24:43 +00:00
0ddb40b55e
Added UNIQUE and FOREIGN KEY constraints to SQLite DB
2015-12-18 01:23:29 +00:00
15dc542544
Initial module works
2015-12-18 01:13:44 +00:00
f31c1c24db
Added schema and code to populate SQLite db
2015-12-18 01:01:20 +00:00
e3483a2ac3
Getting RIDs from hex mess to decimal. Needs fixing
2015-12-18 00:20:16 +00:00
460778738d
Initial version works
2015-12-18 00:00:21 +00:00
41c2d12e0c
Tidy up initial print
2015-12-17 23:41:18 +00:00
09fb37db6b
Add status updates (useful if there are a large number of groups)
2015-12-17 23:07:02 +00:00
2bcea91b15
Differentiate between user and group errors
2015-12-17 22:57:30 +00:00
85c4e89526
Process user levels
2015-12-17 22:55:02 +00:00
7c145c45e8
add LDAP_MATCHING_RULE_IN_CHAIN oid (from my adsi rework earlier)
2015-12-17 22:44:35 +00:00
f2b038f4b3
Begin loop to grab effective users of each group
2015-12-17 22:39:56 +00:00
c98519e0b9
Get groups using ADSI
2015-12-17 22:35:51 +00:00
7b019bddf4
Initial version, just basing it on the ad_users module
2015-12-17 22:14:14 +00:00
e17a7a5d8c
Fix attributes
2015-12-17 21:38:42 +00:00
59d5626ef7
Bugfix
2015-12-17 21:36:19 +00:00
cba1ddbdc2
rubocop
2015-12-16 22:38:05 +00:00
47e484408f
rubocop
2015-12-16 22:31:54 +00:00
9eef27e4c1
Removed snake case and added SID translation call
2015-12-16 22:31:22 +00:00
cc3ac3ad95
Removed trailing line spaces
2015-12-16 22:28:27 +00:00
58635be237
Try to unpack the SID from hex to normal cut/paste format. Its a mess.
2015-12-16 22:27:52 +00:00
421a29d998
Added the trust types from MSDN
2015-12-16 22:18:28 +00:00
fbe0cfde8f
Fixed URL for trustDirection reference
2015-12-16 22:16:33 +00:00
fd8405f52d
added trustDirection
2015-12-16 22:15:10 +00:00
4da8859e57
added trustAttributes
2015-12-16 22:13:00 +00:00
207a964117
Loop through results
2015-12-16 21:52:30 +00:00
087a01f27f
Templated table
2015-12-16 21:40:49 +00:00
fdf1a8c235
Updated with the LDAP fields to retrieve
2015-12-16 21:39:33 +00:00
ed4cf71ca8
Initial add (templated from Ben's bitlocker module)
2015-12-16 21:26:02 +00:00
c9c1dd22ee
Added custom LDAP filter to ad_groups and ad_users to save having to use meterpreter's adsi interface
2015-12-16 10:38:38 +00:00
2c29298485
undoing this, put in a separate module
2015-12-15 23:16:21 +00:00
5dd8cb7648
proper type conversions
2015-12-15 23:13:02 +00:00
fef9a84548
rubocop
2015-12-15 23:12:14 +00:00
a2b30ff16e
msftidy
2015-12-15 23:11:40 +00:00
281966023c
Final version
2015-12-15 23:10:06 +00:00
7fa453b7ff
Added module
2015-12-15 22:31:00 +00:00
059de62400
Editing an existing module rather than adding a new one
2015-12-15 21:36:39 +00:00
4a66b487de
Based on putty enum module
2015-12-15 21:28:13 +00:00
b085989923
Land #6266 , rsync creds scraper
2015-12-14 11:37:30 -06:00
39da306b1d
Land #6057 , @danilbaz's module for dumping Bitlocker master key (FVEK)
2015-12-08 18:16:39 -08:00
ed8076f361
Merge branch 'master' into pr/6197
2015-12-08 12:08:15 -08:00
2177b979fd
Update SessionTypes command to describe why shell is not listed
2015-12-08 12:06:47 -08:00
3890961155
Correct SEP client exclusion enumeration
2015-12-08 10:16:25 -08:00
be5f648969
manage-bde.exe path test if in System32 or sysnative
2015-12-08 16:14:13 +01:00
db788d1b7c
Land #6238 , CmdStager BOURNE_{PATH,FILE} options
2015-12-07 12:34:42 -06:00
f6417df9ba
Update enum_av_excluded to work properly under wow64
2015-12-04 17:13:43 -08:00
ad60a4118e
Put admin and client exclusions in different tables
2015-12-04 13:01:28 -08:00
c92365090f
Simpler
2015-12-04 12:38:25 -08:00
e7d2eb6ad9
Wire in support for showing process and file extension exclusions
2015-12-04 12:35:42 -08:00
78a303974f
Handle empty exclusions better
2015-12-04 12:19:17 -08:00
81ee01a93e
Simplify exclusion extraction and printing
2015-12-04 11:42:03 -08:00
1968a76863
Simplify AV enumeration code
2015-12-04 10:27:14 -08:00
fc9d818837
change youtube url
2015-12-04 10:15:56 +01:00
b4ade1989a
Add IE support for stored passwords
2015-12-04 00:13:42 -08:00
28ee056c32
Make enumeration of each individual AV optional
2015-12-03 16:07:49 -08:00
c007fffbce
Style cleanup
2015-12-03 15:55:12 -08:00
78d391fa10
Rubocop
2015-12-02 14:54:30 +00:00
99dceb33ac
Added 'ALL' support (to do TCP and UDP in one go)
2015-12-02 14:50:16 +00:00
15dd18dc4b
use single quotes, remove explicit nil
2015-12-02 09:36:07 +00:00
366b92a79e
Store rsync creds as creds, not loot
2015-12-01 15:30:39 -08:00
b66be85ccb
Rubocop
2015-12-01 22:32:04 +00:00
d5c0da5e19
Added 33434-33534 because this is the default udp range for traceroute (might be enabled by sysadmins to enbale traceroutes to work)
2015-12-01 22:31:12 +00:00
74a07709b8
Use the Comm param instead of adding a route as suggested by @jlee-r7 and hdm
2015-12-01 21:42:27 +00:00
c744b14a8a
Exclude python meterpreter, doesn't seem to work
2015-11-29 20:40:42 +00:00
6a3172268e
Fixed module metadata
2015-11-29 19:32:55 +00:00
2bc5b98d6e
Rubocop fixing alignment of ifs and ends
2015-11-29 19:17:49 +00:00
8b4649e75c
Working through rubocop issues
2015-11-29 19:11:10 +00:00
9267afc18b
Rubocop
2015-11-29 19:06:24 +00:00
9a6f0d6734
Reducing complexity (rubocop)
2015-11-29 19:06:07 +00:00
b5909852a9
Rubocop
2015-11-29 19:02:33 +00:00
d4bb5537b2
Fixed stupid paste error
2015-11-29 19:02:15 +00:00
fd7a6465c6
Attemping to simplify code
2015-11-29 19:01:34 +00:00
10f89239a5
rubocop
2015-11-29 18:59:40 +00:00
6a567845e0
Tidy up error messages
2015-11-29 18:54:46 +00:00
12dbe31bee
Apparently adding .close causes it to hang
2015-11-29 18:49:51 +00:00
41d963eeb1
Debugging
2015-11-29 18:34:26 +00:00
b6dfafaeb7
Stabilised code, still giving errors on threads>1 in native mode though
2015-11-29 18:14:19 +00:00
e18f8b5e21
Now works for both TCP and UDP
...
However, it gives 'interrupted by console user' as an error message for no reason (?timeouts?)
2015-11-29 17:53:04 +00:00
98e0050e8c
Fixed 'end' bugs (mismatched blocks)
2015-11-29 16:20:33 +00:00
af106737b9
Adding both native and winapi options, split out to functions & fix up
2015-11-29 16:17:07 +00:00
59bd88ff70
msftidy
2015-11-27 16:45:52 -05:00
9c016343c7
Update to logic and reliability
...
Included support for Windows Defender
Rewrote logic to support hosts with multiple AV products installed
2015-11-27 16:41:40 -05:00
f492a1d80a
Merge branch 'master' of https://github.com/rapid7/metasploit-framework into post_multi_egress_traffic
2015-11-26 14:41:55 +00:00
5ffeaddf1e
Added help
2015-11-26 14:01:40 +00:00
1ce0386d01
Reusing port array generation code
2015-11-26 13:59:15 +00:00
9d747e67a3
Fix bugs in new Firefox creds storage
2015-11-25 21:28:07 -08:00
a692a5d36c
Remove Platform, this should work everywhere; correct grammar
2015-11-25 11:23:18 -08:00
55b3e10390
Land #6258 , smart_migrate enhancement
2015-11-24 11:30:29 -06:00
09d4bd8175
Added basic function definition for non-Win32API egress
2015-11-24 15:38:06 +00:00
4ea732716a
Added file
2015-11-24 15:37:44 +00:00
f0271c04ab
Merge remote-tracking branch 'origin/master' into post_multi_egress_traffic
2015-11-24 15:27:38 +00:00
16e6ced867
Land #6108 , OpenVPN creds scraper
2015-11-23 14:25:19 -06:00
601d4fda9f
Add note about --auth-nocache
2015-11-23 14:24:26 -06:00
718e928fe3
Control per-user config file
2015-11-23 11:11:03 -08:00
493e476a43
Land #6243 , check nil for sock.read
2015-11-23 11:15:51 -06:00
93bb31dfa0
Make path to rsyncd configuration file configurable
2015-11-21 19:50:33 -08:00
f34c7a8594
Support for new Firefox method to store credentials
2015-11-20 23:42:59 -08:00
aa962f30a9
Minor style/usability cleanup
2015-11-20 13:51:31 -08:00
a96102c20a
Minor cleanup
2015-11-20 13:19:38 -08:00
c75e3c8e84
Initial commit of a post module for looting rsync credentials
2015-11-20 12:57:33 -08:00
5592e4e4ea
seek_relative suppression (use seek instead)
2015-11-20 18:30:51 +01:00
dd027982ae
if recovery_key specified, only method that is tried
2015-11-20 18:30:50 +01:00
f49d6905a6
Fix comments by @jhart-r7
2015-11-20 18:30:50 +01:00
8f135c07aa
Remove hard coded C:\Windows and use %SYSTEMROOT%
2015-11-20 18:30:49 +01:00
7d9d74f609
msftidy...
2015-11-20 18:30:49 +01:00
c8847182d7
Add module to dump Bitlocker master key (FVEK)
2015-11-20 18:30:48 +01:00
f1675f9ae4
Minor enhancement to smart_migrate
...
Adding a check to see if the user is currently already migrated to the "explorer.exe" and "winlogon.exe" processes prior to attempting migration.
2015-11-19 13:30:12 +00:00
811167442c
Re-disable debugging nodelete
2015-11-17 13:10:03 +00:00
ac99f9c229
Fix condition
2015-11-17 00:52:42 -02:00
f69e7c0fb3
Fix condition
2015-11-17 00:49:04 -02:00
a48d0b275b
Added check if the commands executed successfully.
2015-11-17 00:07:31 -02:00
f6fdabfd77
Land #6239 , added Session info display to module output
...
MS-706
2015-11-16 18:10:58 -06:00
17a1f2ee8a
Fix #6242 , Check nil for sock.read
...
Fix #6242
2015-11-16 14:24:46 -06:00
a1ab8f1dc7
added Session info display to module output
...
output from the mssql_local_auth_bypass module
is now prefixed with the Session id and address
of the target host so it is explicitly clear
where it is performing each action
MS-706
2015-11-16 12:13:26 -06:00
2b99969f9a
quote paths to allow spaces
2015-11-15 00:14:30 +00:00
e3f25fd6e2
Add support for specifying path, file in bourne dropper
2015-11-14 18:31:11 +00:00
38ca943219
Remove unneeded width arg
2015-11-13 11:49:50 -08:00
4604f8cd83
Move cowsay to Rex::Text so that everyone can enjoy it ;)
2015-11-13 08:57:48 -08:00
211da2746e
Support cookie auth key decryption
2015-11-11 16:26:07 -08:00
15cfa925c8
Document the cloud mess
2015-11-11 12:06:53 -08:00
a328675f77
Add simulated cowsay support to wall
2015-11-11 11:54:46 -08:00
8d21a91f3e
Add initial wall module
2015-11-11 09:15:32 -08:00
8f86b2519f
Resolve 'duplicate key warning' for some modules
2015-11-09 18:40:32 -08:00
43229c16e7
Correct some authors with unbalanced angle brackets
2015-11-06 13:24:58 -08:00
c44ecfeb15
Spacing
2015-11-06 10:55:29 -05:00
e4d8909815
Initial Commit
2015-11-05 20:43:30 -05:00
20679ea6c6
Land #5720 , @g0tmi1k's changes to firefox_creds post module
2015-11-05 15:36:08 -06:00
b0f92b49a2
Print vault passwords
2015-11-01 21:47:00 -08:00
95920b7ff6
Bring back more working links
2015-10-29 15:57:16 -05:00
154fb585f4
Remove bad references (dead links)
...
These links are no longer available. They are dead links.
2015-10-27 12:41:32 -05:00
e67065a7e9
Fix Firefox/Opera bugs
2015-10-26 22:40:47 -07:00
da9420a915
Retrieve randkey from LastPass
2015-10-26 19:17:09 -07:00
0bce90654f
Changed path to save dump data
2015-10-22 15:11:55 -02:00
467ae52ec3
Remove redundant check
2015-10-21 13:12:45 -02:00
0784370b98
more typo and whitespace fixes
2015-10-20 13:09:17 -05:00
2f1406e1c8
fix typo
...
not sure how this got in there
2015-10-20 13:48:00 -04:00
78d5e52dd6
Add OpenVPN Grab Credentials - Post Module
2015-10-19 23:11:02 -02:00
20366993e3
Land #5937 , use the Android mixin to get the Android version
2015-10-16 14:23:27 -05:00
c967b60bf8
Land #5948 , @bcook-r7's fix shell_to_meterpreter from powershell
2015-10-02 15:59:43 -05:00
6468eb51b2
Do changes to have into account powershell sesions are not cmd sessions
2015-10-02 15:26:42 -05:00
d551f421f8
Land #5799 , refactor WinSCP module and library code to be more useful and flexible
2015-10-01 14:35:10 -05:00
2e2d27d53a
Land #5935 , final creds refactor
2015-10-01 00:25:14 -05:00
8866b15f3b
Fix creds reporting
2015-10-01 00:24:43 -05:00
f3451eef75
Land #5380 , pageantjacker, an SSH agent proxy
2015-09-26 10:52:44 -04:00
853d822992
Merge pull request #1 from bcook-r7/land-5380-pageantjacker
...
update pageantjacker to run as part of extapi
2015-09-23 09:45:53 +01:00
415fa3a244
Fix #5968 , some modules not handling Rex::Post::Meterpreter::RequestError exceptions
...
* Related to the usage of ADSI on unsupported OSes
2015-09-21 14:33:00 -05:00
cdd39f52b1
Merge branch 'master' of https://github.com/rapid7/metasploit-framework into pageant_extension
2015-09-21 14:34:56 +02:00
e8e4f66aaa
Merge branch 'master' of ssh://github.com/stufus/metasploit-framework into pageant_extension
2015-09-21 14:34:38 +02:00
61e7e1d094
update pageantjacker to run as part of extapi
2015-09-20 20:25:00 -05:00
5f9f66cc1f
Fix nil bug in SSO gather module
2015-09-11 02:21:01 -05:00
a1a7471154
Land #5949 , is_root? for remove_lock_root
2015-09-11 02:09:14 -05:00
e9e4b60102
move require 'msf/core/post/android' to post.rb
2015-09-11 01:58:12 -05:00
f2ccca97e0
Move require 'msf/core/post/android' to post.rb
2015-09-11 01:56:21 -05:00
90ef9c11c9
Support meterpreter for OS X post modules
2015-09-10 15:57:43 -05:00
30cb93b4df
Land #5940 , @hmoore-r7's fixes for busybox post modules
2015-09-08 15:12:23 -05:00
122d57fc20
Land #5945 , Add auto-accept to osx/enum_keychain
2015-09-08 10:56:08 -05:00
13afbc4eae
Properly check root for remove_lock_root (android post module)
...
This uses the Msf::Post::Android::Priv mixin.
2015-09-08 10:40:08 -05:00
1b320bae6a
Add auto-accept to osx/enum_keychain.
2015-09-07 21:17:49 -05:00
ec5cbc842e
Cosmetic cleanups
2015-09-05 22:56:11 -05:00
8c0b0ad377
Fix up jailbreak commands & regex for success detection
2015-09-05 22:54:07 -05:00
da0752e8c2
use fail_with
2015-09-04 15:12:05 -05:00
7ab506dc06
Use Msf::Post::Android::System#get_build_prop to get the android ver
...
Instead of grabbing the android version from the module, this
is done by the mixin.
2015-09-04 15:05:45 -05:00
eaf51a2113
Land #5722 , @vallejocc's busybox work
2015-09-04 13:36:44 -05:00
5dd0cee36a
Add comment
2015-09-04 13:30:00 -05:00
8bfa5bcd09
Do some more minor code cleaning
2015-09-04 13:08:27 -05:00
ac49c80367
Do minor code cleanup
2015-09-04 12:46:21 -05:00
60d2856444
Use id instead of whoami
2015-09-04 12:02:21 -05:00
4fa58efaa0
Allow to configure the DOWNLOAD_TIMEOUT
2015-09-04 11:54:22 -05:00
2b2dec3531
Fixed typo direcotry.
2015-09-04 18:52:55 +02:00
319bc2d750
Use downcase
2015-09-04 11:18:09 -05:00
d55757350d
Use the latest credential API, no more report_auth_info
2015-09-04 03:04:14 -05:00
f0ef035a0b
Update the module titles to clarify what these do
2015-09-03 12:53:25 -05:00
630057e23f
Implement suggestions from the PR discussion
2015-09-03 12:42:51 -05:00
57c8038f07
Merge branch 'master' into land-5413
2015-09-03 12:38:19 -05:00
0f1530adc1
Merge branch 'master' into land-5412
2015-09-03 12:22:00 -05:00
9c7f97d124
Fix methods name schema
2015-08-28 13:26:52 -05:00
be7db10e7d
Fix busybox_write_file
2015-08-28 13:15:07 -05:00
c4a3b4f18e
Add busy_box_file_exist?
2015-08-28 11:56:12 -05:00
8faf6f9cd0
Fix require
2015-08-28 11:51:26 -05:00
e62b117fda
Include mixin correctly
2015-08-28 11:50:17 -05:00
132f5c6a20
Review jailbreak
2015-08-28 11:44:57 -05:00
e7f486e43a
Review wget_exec
2015-08-28 11:24:41 -05:00
edc9982c8b
Review smb_share_root
2015-08-28 11:18:49 -05:00
c2639fc138
Review set_dns
2015-08-28 11:00:46 -05:00
4523608bf7
Review set_dmz
2015-08-28 10:43:09 -05:00
b59bc30160
Fixed stupid bracket error
2015-08-28 16:13:22 +01:00
0e810aa8bc
Clean ping_net
2015-08-28 09:53:31 -05:00
8bf815c4bb
rubocop
2015-08-28 15:39:02 +01:00
42b342d615
Clean enum_hosts
2015-08-28 09:37:18 -05:00
dfdb4fe044
Review enum_connections
2015-08-28 09:28:12 -05:00
577656a78e
Change modules location
2015-08-28 09:17:23 -05:00
b8b68983b0
Merge remote-tracking branch 'upstream/master' into adsi_group_enum_improvements
2015-08-28 15:11:27 +01:00
f371a1c4fc
Added the ability to list AD groups by POST module
2015-08-28 15:10:48 +01:00
8682ec77c5
Added group filtering to the enum_ad_users module
2015-08-28 15:10:27 +01:00
eb43241425
Firefox_creds more stable/bug fixs (Linux/OSX)
2015-08-27 11:43:53 +01:00
a2d5511e39
Land #5379 , new post modules to load into powershell sessions
2015-08-26 17:11:40 -05:00
5633c1431f
Land #5821 , add explicit 64-bit pointer support to enum_cred_store
2015-08-24 09:44:36 -05:00
b37efd29b0
Modified module busybox_pingnet.rb to avoid sending an ash script but executing each ping command separately. Added some fixes. Modified spec file for busybox.rb.
2015-08-23 12:17:17 +02:00
fb2adb2e51
Check blank bullprop, also better instructions for the user.
2015-08-23 02:20:51 -05:00
0f3e96b457
Merge branch 'upstream-master' into pr5416
2015-08-22 22:10:56 -05:00
d264802ce0
Consistency and API conformance changes to LES
2015-08-21 12:38:58 -05:00
4a91dfdcf5
Land #5873 , report_note for local_exploit_suggester
2015-08-20 17:52:33 -05:00
b20a283617
Added report_note to suggester
2015-08-20 13:57:16 -05:00
a9ad7b7c6f
Modifications to use cmd_exec instead of session.shell_write.
...
Refactoring of common functions to a new Post mixin /lib/msf/core/post/linux/busybox.rb.
2015-08-17 18:24:22 +02:00
e7433b81bd
Reuse architecture check
2015-08-17 10:28:10 -05:00
5dd015150c
Land #5748 , refactor google geolocate, add wlan_geolocate and send_sms to android meterpreter
2015-08-16 10:58:17 -05:00
8800d89424
Updated to reflect HD's comments on indents and name of local script.
2015-08-16 10:47:20 +01:00
9720e8e081
normalize osx to darwin so python meterp works
2015-08-15 19:49:55 -05:00
422bba87d3
style fixes, moved google_geolocate to google/geolocate
2015-08-15 19:49:32 -05:00
0a4651a553
Land #5359 , add PuTTY session enumeration module
2015-08-14 13:20:05 -05:00
ee7c418ca8
Rubocop and msftidy-ied :-)
2015-08-14 17:19:07 +01:00
02a58d459b
Merge remote-tracking branch 'upstream/master' into pageant_extension
2015-08-14 17:05:38 +01:00
e2b6c11a3e
Update
2015-08-14 16:24:52 +01:00
50041fad2a
Pre-Bloggery cleanup
...
Edited modules/auxiliary/gather/lansweeper_collector.rb first landed in
and minor description word choice changes.
Edited modules/auxiliary/server/browser_autopwn2.rb first landed in
options. Also removed from the description the missing options of
'WhiteList' and 'RealList' -- those don't appear to be available
according to `show options` and `show advanced`, @wchen-r7.
Edited modules/post/multi/recon/local_exploit_suggester.rb first landed
in #5823 , mv local_exploit_{suggestor,suggester} for minor description
cleanup and axing the description of the SHOWDESCRIPTION option (it's
already described identically on the option itself).
2015-08-13 12:33:04 -05:00
80f415074b
Land #5823 , mv local_exploit_{suggestor,suggester}
2015-08-11 13:52:55 -05:00
7f0d992914
Fixed name typo
2015-08-11 11:51:52 -05:00
76f6312fab
Fix #3916 Support 64 bits targets on enum_cred_store
2015-08-10 15:16:12 -05:00
5ff61ca5f3
Added modules to jailbreak and control remotely BusyBox based devices. It was added to a word list with default credentials typically used by commercial routers.
2015-08-10 18:29:41 +02:00
c197e5224d
Store loot
2015-08-01 20:52:25 +01:00
deb6f5638e
Update WinSCP Gather
...
* Refactor parsing to common library to support command line tool
* Look in APPDATA not just ProgramFiles
* Iterate over user APPDATA
2015-08-01 20:44:14 +01:00
affc86bfd9
Land #5779 , make cachedump / lsa_secrets work on 64-bit windows
2015-07-31 16:25:47 -05:00
629afd86fc
Land #5788 , local exploit suggestor
...
Good luck getting Mr. Robot, Elliot.
2015-07-31 11:43:53 -05:00
34279776a6
Minor edit
2015-07-30 18:40:41 -05:00
fc4fdba482
Merge branch 'suggestor' of https://github.com/MSadek-r7/metasploit-framework into pr5788
2015-07-30 18:31:49 -05:00
08338b73b2
Add get_target_arch and get_target_os
...
We cannot use session.platform to fingerprint the target's platform
and arch, because it's not really meant to be used that way.
2015-07-30 18:26:41 -05:00
af55ef7352
Added session.present?
2015-07-30 10:10:42 -05:00
7aa78dfd4e
Revamped os, platform, arch detection. Added count for exploits being tried
2015-07-30 09:36:02 -05:00
1521c8f87e
Reworded to no suggestions available
2015-07-29 17:40:27 -05:00
66489202fc
Added error message if no exploits are found
2015-07-29 17:31:23 -05:00
b58c6248fe
Fixed ShowDescription bug
2015-07-29 16:52:06 -05:00
2cddfda0a0
wchen-r7's fixes, fixed indentation, removed newlines, added desc.
2015-07-29 16:13:50 -05:00
c725f74d46
Add Local Exploit Suggestor
...
Resolve #5647
2015-07-29 13:19:51 -05:00
a342a9db10
Another sticky keys ref, from @carnal0wnage
2015-07-29 12:32:38 -05:00
8043e5a88e
Add a reference to the sticky keys exploit
2015-07-29 12:31:43 -05:00
ee66cadde2
Don't use bullet points in descriptions
...
They never render correctly in anything other than a text editor.
modules/post/windows/manage/sticky_keys.rb first landed in #5760 ,
Sticky Keys post module
2015-07-29 12:29:09 -05:00
ff9b975576
Land #5701 , @g0tmi1k's filezilla_server refactor
2015-07-29 11:13:22 -05:00
e966545e08
Fix mask
2015-07-29 09:13:37 -05:00
38e952ba07
Python -> Ruby
2015-07-29 10:55:28 +01:00
a3365a9c7f
Add key, 2fa, iterations and otp support
2015-07-28 00:15:08 -07:00
ab7ffb1a08
Fich cachedump
2015-07-27 17:26:53 -05:00
704c8cadd9
Fix lsa_secrets
2015-07-27 16:19:01 -05:00
Stuart Morgan
Martin Vigo
William Vu
Jon Hart
BAZIN-HSC
Christian Mehlmauer
Rory McNamara
Andrew Smith
Louis Sato
sammbertram
Roberto Soares
wchen-r7
David Maloney
PsychoMario
jvazquez-r7
Brent Cook
Rob Fuller
Stuart
joev
HD Moore
jvicente
g0tmi1k
Mo Sadek
benpturner
Tod Beardsley
Meatballs