Jon Hart
2177b979fd
Update SessionTypes command to describe why shell is not listed
2015-12-08 12:06:47 -08:00
Jon Hart
3890961155
Correct SEP client exclusion enumeration
2015-12-08 10:16:25 -08:00
BAZIN-HSC
be5f648969
manage-bde.exe path test if in System32 or sysnative
2015-12-08 16:14:13 +01:00
William Vu
db788d1b7c
Land #6238 , CmdStager BOURNE_{PATH,FILE} options
2015-12-07 12:34:42 -06:00
Jon Hart
f6417df9ba
Update enum_av_excluded to work properly under wow64
2015-12-04 17:13:43 -08:00
Jon Hart
ad60a4118e
Put admin and client exclusions in different tables
2015-12-04 13:01:28 -08:00
Jon Hart
c92365090f
Simpler
2015-12-04 12:38:25 -08:00
Jon Hart
e7d2eb6ad9
Wire in support for showing process and file extension exclusions
2015-12-04 12:35:42 -08:00
Jon Hart
78a303974f
Handle empty exclusions better
2015-12-04 12:19:17 -08:00
Jon Hart
81ee01a93e
Simplify exclusion extraction and printing
2015-12-04 11:42:03 -08:00
Jon Hart
1968a76863
Simplify AV enumeration code
2015-12-04 10:27:14 -08:00
Christian Mehlmauer
fc9d818837
change youtube url
2015-12-04 10:15:56 +01:00
Martin Vigo
b4ade1989a
Add IE support for stored passwords
2015-12-04 00:13:42 -08:00
Jon Hart
28ee056c32
Make enumeration of each individual AV optional
2015-12-03 16:07:49 -08:00
Jon Hart
c007fffbce
Style cleanup
2015-12-03 15:55:12 -08:00
Stuart Morgan
78d391fa10
Rubocop
2015-12-02 14:54:30 +00:00
Stuart Morgan
99dceb33ac
Added 'ALL' support (to do TCP and UDP in one go)
2015-12-02 14:50:16 +00:00
Rory McNamara
15dd18dc4b
use single quotes, remove explicit nil
2015-12-02 09:36:07 +00:00
Jon Hart
366b92a79e
Store rsync creds as creds, not loot
2015-12-01 15:30:39 -08:00
Stuart Morgan
b66be85ccb
Rubocop
2015-12-01 22:32:04 +00:00
Stuart Morgan
d5c0da5e19
Added 33434-33534 because this is the default udp range for traceroute (might be enabled by sysadmins to enbale traceroutes to work)
2015-12-01 22:31:12 +00:00
Stuart Morgan
74a07709b8
Use the Comm param instead of adding a route as suggested by @jlee-r7 and hdm
2015-12-01 21:42:27 +00:00
Stuart Morgan
c744b14a8a
Exclude python meterpreter, doesn't seem to work
2015-11-29 20:40:42 +00:00
Stuart Morgan
6a3172268e
Fixed module metadata
2015-11-29 19:32:55 +00:00
Stuart Morgan
2bc5b98d6e
Rubocop fixing alignment of ifs and ends
2015-11-29 19:17:49 +00:00
Stuart Morgan
8b4649e75c
Working through rubocop issues
2015-11-29 19:11:10 +00:00
Stuart Morgan
9267afc18b
Rubocop
2015-11-29 19:06:24 +00:00
Stuart Morgan
9a6f0d6734
Reducing complexity (rubocop)
2015-11-29 19:06:07 +00:00
Stuart Morgan
b5909852a9
Rubocop
2015-11-29 19:02:33 +00:00
Stuart Morgan
d4bb5537b2
Fixed stupid paste error
2015-11-29 19:02:15 +00:00
Stuart Morgan
fd7a6465c6
Attemping to simplify code
2015-11-29 19:01:34 +00:00
Stuart Morgan
10f89239a5
rubocop
2015-11-29 18:59:40 +00:00
Stuart Morgan
6a567845e0
Tidy up error messages
2015-11-29 18:54:46 +00:00
Stuart Morgan
12dbe31bee
Apparently adding .close causes it to hang
2015-11-29 18:49:51 +00:00
Stuart Morgan
41d963eeb1
Debugging
2015-11-29 18:34:26 +00:00
Stuart Morgan
b6dfafaeb7
Stabilised code, still giving errors on threads>1 in native mode though
2015-11-29 18:14:19 +00:00
Stuart Morgan
e18f8b5e21
Now works for both TCP and UDP
...
However, it gives 'interrupted by console user' as an error message for no reason (?timeouts?)
2015-11-29 17:53:04 +00:00
Stuart Morgan
98e0050e8c
Fixed 'end' bugs (mismatched blocks)
2015-11-29 16:20:33 +00:00
Stuart Morgan
af106737b9
Adding both native and winapi options, split out to functions & fix up
2015-11-29 16:17:07 +00:00
Andrew Smith
59bd88ff70
msftidy
2015-11-27 16:45:52 -05:00
Andrew Smith
9c016343c7
Update to logic and reliability
...
Included support for Windows Defender
Rewrote logic to support hosts with multiple AV products installed
2015-11-27 16:41:40 -05:00
Stuart Morgan
f492a1d80a
Merge branch 'master' of https://github.com/rapid7/metasploit-framework into post_multi_egress_traffic
2015-11-26 14:41:55 +00:00
Stuart Morgan
5ffeaddf1e
Added help
2015-11-26 14:01:40 +00:00
Stuart Morgan
1ce0386d01
Reusing port array generation code
2015-11-26 13:59:15 +00:00
Martin Vigo
9d747e67a3
Fix bugs in new Firefox creds storage
2015-11-25 21:28:07 -08:00
Jon Hart
a692a5d36c
Remove Platform, this should work everywhere; correct grammar
2015-11-25 11:23:18 -08:00
Louis Sato
55b3e10390
Land #6258 , smart_migrate enhancement
2015-11-24 11:30:29 -06:00
Stuart Morgan
09d4bd8175
Added basic function definition for non-Win32API egress
2015-11-24 15:38:06 +00:00
Stuart Morgan
4ea732716a
Added file
2015-11-24 15:37:44 +00:00
Stuart Morgan
f0271c04ab
Merge remote-tracking branch 'origin/master' into post_multi_egress_traffic
2015-11-24 15:27:38 +00:00
William Vu
16e6ced867
Land #6108 , OpenVPN creds scraper
2015-11-23 14:25:19 -06:00
William Vu
601d4fda9f
Add note about --auth-nocache
2015-11-23 14:24:26 -06:00
Jon Hart
718e928fe3
Control per-user config file
2015-11-23 11:11:03 -08:00
Louis Sato
493e476a43
Land #6243 , check nil for sock.read
2015-11-23 11:15:51 -06:00
Jon Hart
93bb31dfa0
Make path to rsyncd configuration file configurable
2015-11-21 19:50:33 -08:00
Martin Vigo
f34c7a8594
Support for new Firefox method to store credentials
2015-11-20 23:42:59 -08:00
Jon Hart
aa962f30a9
Minor style/usability cleanup
2015-11-20 13:51:31 -08:00
Jon Hart
a96102c20a
Minor cleanup
2015-11-20 13:19:38 -08:00
Jon Hart
c75e3c8e84
Initial commit of a post module for looting rsync credentials
2015-11-20 12:57:33 -08:00
BAZIN-HSC
5592e4e4ea
seek_relative suppression (use seek instead)
2015-11-20 18:30:51 +01:00
BAZIN-HSC
dd027982ae
if recovery_key specified, only method that is tried
2015-11-20 18:30:50 +01:00
BAZIN-HSC
f49d6905a6
Fix comments by @jhart-r7
2015-11-20 18:30:50 +01:00
BAZIN-HSC
8f135c07aa
Remove hard coded C:\Windows and use %SYSTEMROOT%
2015-11-20 18:30:49 +01:00
BAZIN-HSC
7d9d74f609
msftidy...
2015-11-20 18:30:49 +01:00
BAZIN-HSC
c8847182d7
Add module to dump Bitlocker master key (FVEK)
2015-11-20 18:30:48 +01:00
sammbertram
f1675f9ae4
Minor enhancement to smart_migrate
...
Adding a check to see if the user is currently already migrated to the "explorer.exe" and "winlogon.exe" processes prior to attempting migration.
2015-11-19 13:30:12 +00:00
Rory McNamara
811167442c
Re-disable debugging nodelete
2015-11-17 13:10:03 +00:00
Roberto Soares
ac99f9c229
Fix condition
2015-11-17 00:52:42 -02:00
Roberto Soares
f69e7c0fb3
Fix condition
2015-11-17 00:49:04 -02:00
Roberto Soares
a48d0b275b
Added check if the commands executed successfully.
2015-11-17 00:07:31 -02:00
wchen-r7
f6fdabfd77
Land #6239 , added Session info display to module output
...
MS-706
2015-11-16 18:10:58 -06:00
wchen-r7
17a1f2ee8a
Fix #6242 , Check nil for sock.read
...
Fix #6242
2015-11-16 14:24:46 -06:00
David Maloney
a1ab8f1dc7
added Session info display to module output
...
output from the mssql_local_auth_bypass module
is now prefixed with the Session id and address
of the target host so it is explicitly clear
where it is performing each action
MS-706
2015-11-16 12:13:26 -06:00
PsychoMario
2b99969f9a
quote paths to allow spaces
2015-11-15 00:14:30 +00:00
PsychoMario
e3f25fd6e2
Add support for specifying path, file in bourne dropper
2015-11-14 18:31:11 +00:00
Jon Hart
38ca943219
Remove unneeded width arg
2015-11-13 11:49:50 -08:00
Jon Hart
4604f8cd83
Move cowsay to Rex::Text so that everyone can enjoy it ;)
2015-11-13 08:57:48 -08:00
Martin Vigo
211da2746e
Support cookie auth key decryption
2015-11-11 16:26:07 -08:00
Jon Hart
15cfa925c8
Document the cloud mess
2015-11-11 12:06:53 -08:00
Jon Hart
a328675f77
Add simulated cowsay support to wall
2015-11-11 11:54:46 -08:00
Jon Hart
8d21a91f3e
Add initial wall module
2015-11-11 09:15:32 -08:00
Jon Hart
8f86b2519f
Resolve 'duplicate key warning' for some modules
2015-11-09 18:40:32 -08:00
Jon Hart
43229c16e7
Correct some authors with unbalanced angle brackets
2015-11-06 13:24:58 -08:00
Andrew Smith
c44ecfeb15
Spacing
2015-11-06 10:55:29 -05:00
jakxx
e4d8909815
Initial Commit
2015-11-05 20:43:30 -05:00
jvazquez-r7
20679ea6c6
Land #5720 , @g0tmi1k's changes to firefox_creds post module
2015-11-05 15:36:08 -06:00
Martin Vigo
b0f92b49a2
Print vault passwords
2015-11-01 21:47:00 -08:00
wchen-r7
95920b7ff6
Bring back more working links
2015-10-29 15:57:16 -05:00
wchen-r7
154fb585f4
Remove bad references (dead links)
...
These links are no longer available. They are dead links.
2015-10-27 12:41:32 -05:00
Martin Vigo
e67065a7e9
Fix Firefox/Opera bugs
2015-10-26 22:40:47 -07:00
Martin Vigo
da9420a915
Retrieve randkey from LastPass
2015-10-26 19:17:09 -07:00
Roberto Soares
0bce90654f
Changed path to save dump data
2015-10-22 15:11:55 -02:00
Roberto Soares
467ae52ec3
Remove redundant check
2015-10-21 13:12:45 -02:00
Brent Cook
0784370b98
more typo and whitespace fixes
2015-10-20 13:09:17 -05:00
Rob Fuller
2f1406e1c8
fix typo
...
not sure how this got in there
2015-10-20 13:48:00 -04:00
Roberto Soares
78d5e52dd6
Add OpenVPN Grab Credentials - Post Module
2015-10-19 23:11:02 -02:00
Brent Cook
20366993e3
Land #5937 , use the Android mixin to get the Android version
2015-10-16 14:23:27 -05:00
jvazquez-r7
c967b60bf8
Land #5948 , @bcook-r7's fix shell_to_meterpreter from powershell
2015-10-02 15:59:43 -05:00
jvazquez-r7
6468eb51b2
Do changes to have into account powershell sesions are not cmd sessions
2015-10-02 15:26:42 -05:00
Brent Cook
d551f421f8
Land #5799 , refactor WinSCP module and library code to be more useful and flexible
2015-10-01 14:35:10 -05:00
William Vu
2e2d27d53a
Land #5935 , final creds refactor
2015-10-01 00:25:14 -05:00
William Vu
8866b15f3b
Fix creds reporting
2015-10-01 00:24:43 -05:00
Brent Cook
f3451eef75
Land #5380 , pageantjacker, an SSH agent proxy
2015-09-26 10:52:44 -04:00
Stuart
853d822992
Merge pull request #1 from bcook-r7/land-5380-pageantjacker
...
update pageantjacker to run as part of extapi
2015-09-23 09:45:53 +01:00
jvazquez-r7
415fa3a244
Fix #5968 , some modules not handling Rex::Post::Meterpreter::RequestError exceptions
...
* Related to the usage of ADSI on unsupported OSes
2015-09-21 14:33:00 -05:00
Stuart Morgan
cdd39f52b1
Merge branch 'master' of https://github.com/rapid7/metasploit-framework into pageant_extension
2015-09-21 14:34:56 +02:00
Stuart Morgan
e8e4f66aaa
Merge branch 'master' of ssh://github.com/stufus/metasploit-framework into pageant_extension
2015-09-21 14:34:38 +02:00
Brent Cook
61e7e1d094
update pageantjacker to run as part of extapi
2015-09-20 20:25:00 -05:00
William Vu
5f9f66cc1f
Fix nil bug in SSO gather module
2015-09-11 02:21:01 -05:00
William Vu
a1a7471154
Land #5949 , is_root? for remove_lock_root
2015-09-11 02:09:14 -05:00
wchen-r7
e9e4b60102
move require 'msf/core/post/android' to post.rb
2015-09-11 01:58:12 -05:00
wchen-r7
f2ccca97e0
Move require 'msf/core/post/android' to post.rb
2015-09-11 01:56:21 -05:00
wchen-r7
90ef9c11c9
Support meterpreter for OS X post modules
2015-09-10 15:57:43 -05:00
jvazquez-r7
30cb93b4df
Land #5940 , @hmoore-r7's fixes for busybox post modules
2015-09-08 15:12:23 -05:00
wchen-r7
122d57fc20
Land #5945 , Add auto-accept to osx/enum_keychain
2015-09-08 10:56:08 -05:00
wchen-r7
13afbc4eae
Properly check root for remove_lock_root (android post module)
...
This uses the Msf::Post::Android::Priv mixin.
2015-09-08 10:40:08 -05:00
joev
1b320bae6a
Add auto-accept to osx/enum_keychain.
2015-09-07 21:17:49 -05:00
HD Moore
ec5cbc842e
Cosmetic cleanups
2015-09-05 22:56:11 -05:00
HD Moore
8c0b0ad377
Fix up jailbreak commands & regex for success detection
2015-09-05 22:54:07 -05:00
wchen-r7
da0752e8c2
use fail_with
2015-09-04 15:12:05 -05:00
wchen-r7
7ab506dc06
Use Msf::Post::Android::System#get_build_prop to get the android ver
...
Instead of grabbing the android version from the module, this
is done by the mixin.
2015-09-04 15:05:45 -05:00
jvazquez-r7
eaf51a2113
Land #5722 , @vallejocc's busybox work
2015-09-04 13:36:44 -05:00
jvazquez-r7
5dd0cee36a
Add comment
2015-09-04 13:30:00 -05:00
jvazquez-r7
8bfa5bcd09
Do some more minor code cleaning
2015-09-04 13:08:27 -05:00
jvazquez-r7
ac49c80367
Do minor code cleanup
2015-09-04 12:46:21 -05:00
jvazquez-r7
60d2856444
Use id instead of whoami
2015-09-04 12:02:21 -05:00
jvazquez-r7
4fa58efaa0
Allow to configure the DOWNLOAD_TIMEOUT
2015-09-04 11:54:22 -05:00
jvicente
2b2dec3531
Fixed typo direcotry.
2015-09-04 18:52:55 +02:00
jvazquez-r7
319bc2d750
Use downcase
2015-09-04 11:18:09 -05:00
wchen-r7
d55757350d
Use the latest credential API, no more report_auth_info
2015-09-04 03:04:14 -05:00
HD Moore
f0ef035a0b
Update the module titles to clarify what these do
2015-09-03 12:53:25 -05:00
HD Moore
630057e23f
Implement suggestions from the PR discussion
2015-09-03 12:42:51 -05:00
HD Moore
57c8038f07
Merge branch 'master' into land-5413
2015-09-03 12:38:19 -05:00
HD Moore
0f1530adc1
Merge branch 'master' into land-5412
2015-09-03 12:22:00 -05:00
jvazquez-r7
9c7f97d124
Fix methods name schema
2015-08-28 13:26:52 -05:00
jvazquez-r7
be7db10e7d
Fix busybox_write_file
2015-08-28 13:15:07 -05:00
jvazquez-r7
c4a3b4f18e
Add busy_box_file_exist?
2015-08-28 11:56:12 -05:00
jvazquez-r7
8faf6f9cd0
Fix require
2015-08-28 11:51:26 -05:00
jvazquez-r7
e62b117fda
Include mixin correctly
2015-08-28 11:50:17 -05:00
jvazquez-r7
132f5c6a20
Review jailbreak
2015-08-28 11:44:57 -05:00
jvazquez-r7
e7f486e43a
Review wget_exec
2015-08-28 11:24:41 -05:00
jvazquez-r7
edc9982c8b
Review smb_share_root
2015-08-28 11:18:49 -05:00
jvazquez-r7
c2639fc138
Review set_dns
2015-08-28 11:00:46 -05:00
jvazquez-r7
4523608bf7
Review set_dmz
2015-08-28 10:43:09 -05:00
Stuart Morgan
b59bc30160
Fixed stupid bracket error
2015-08-28 16:13:22 +01:00
jvazquez-r7
0e810aa8bc
Clean ping_net
2015-08-28 09:53:31 -05:00
Stuart Morgan
8bf815c4bb
rubocop
2015-08-28 15:39:02 +01:00
jvazquez-r7
42b342d615
Clean enum_hosts
2015-08-28 09:37:18 -05:00
jvazquez-r7
dfdb4fe044
Review enum_connections
2015-08-28 09:28:12 -05:00
jvazquez-r7
577656a78e
Change modules location
2015-08-28 09:17:23 -05:00
Stuart Morgan
b8b68983b0
Merge remote-tracking branch 'upstream/master' into adsi_group_enum_improvements
2015-08-28 15:11:27 +01:00
Stuart Morgan
f371a1c4fc
Added the ability to list AD groups by POST module
2015-08-28 15:10:48 +01:00
Stuart Morgan
8682ec77c5
Added group filtering to the enum_ad_users module
2015-08-28 15:10:27 +01:00
g0tmi1k
eb43241425
Firefox_creds more stable/bug fixs (Linux/OSX)
2015-08-27 11:43:53 +01:00
HD Moore
a2d5511e39
Land #5379 , new post modules to load into powershell sessions
2015-08-26 17:11:40 -05:00
Brent Cook
5633c1431f
Land #5821 , add explicit 64-bit pointer support to enum_cred_store
2015-08-24 09:44:36 -05:00
jvicente
b37efd29b0
Modified module busybox_pingnet.rb to avoid sending an ash script but executing each ping command separately. Added some fixes. Modified spec file for busybox.rb.
2015-08-23 12:17:17 +02:00
wchen-r7
fb2adb2e51
Check blank bullprop, also better instructions for the user.
2015-08-23 02:20:51 -05:00
wchen-r7
0f3e96b457
Merge branch 'upstream-master' into pr5416
2015-08-22 22:10:56 -05:00
HD Moore
d264802ce0
Consistency and API conformance changes to LES
2015-08-21 12:38:58 -05:00
wchen-r7
4a91dfdcf5
Land #5873 , report_note for local_exploit_suggester
2015-08-20 17:52:33 -05:00
Mo Sadek
b20a283617
Added report_note to suggester
2015-08-20 13:57:16 -05:00
jvicente
a9ad7b7c6f
Modifications to use cmd_exec instead of session.shell_write.
...
Refactoring of common functions to a new Post mixin /lib/msf/core/post/linux/busybox.rb.
2015-08-17 18:24:22 +02:00
jvazquez-r7
e7433b81bd
Reuse architecture check
2015-08-17 10:28:10 -05:00
Brent Cook
5dd015150c
Land #5748 , refactor google geolocate, add wlan_geolocate and send_sms to android meterpreter
2015-08-16 10:58:17 -05:00
benpturner
8800d89424
Updated to reflect HD's comments on indents and name of local script.
2015-08-16 10:47:20 +01:00
Brent Cook
9720e8e081
normalize osx to darwin so python meterp works
2015-08-15 19:49:55 -05:00
Brent Cook
422bba87d3
style fixes, moved google_geolocate to google/geolocate
2015-08-15 19:49:32 -05:00
Brent Cook
0a4651a553
Land #5359 , add PuTTY session enumeration module
2015-08-14 13:20:05 -05:00
Stuart Morgan
ee7c418ca8
Rubocop and msftidy-ied :-)
2015-08-14 17:19:07 +01:00
Stuart Morgan
02a58d459b
Merge remote-tracking branch 'upstream/master' into pageant_extension
2015-08-14 17:05:38 +01:00
Stuart Morgan
e2b6c11a3e
Update
2015-08-14 16:24:52 +01:00
Tod Beardsley
50041fad2a
Pre-Bloggery cleanup
...
Edited modules/auxiliary/gather/lansweeper_collector.rb first landed in
and minor description word choice changes.
Edited modules/auxiliary/server/browser_autopwn2.rb first landed in
options. Also removed from the description the missing options of
'WhiteList' and 'RealList' -- those don't appear to be available
according to `show options` and `show advanced`, @wchen-r7.
Edited modules/post/multi/recon/local_exploit_suggester.rb first landed
in #5823 , mv local_exploit_{suggestor,suggester} for minor description
cleanup and axing the description of the SHOWDESCRIPTION option (it's
already described identically on the option itself).
2015-08-13 12:33:04 -05:00
William Vu
80f415074b
Land #5823 , mv local_exploit_{suggestor,suggester}
2015-08-11 13:52:55 -05:00
Mo Sadek
7f0d992914
Fixed name typo
2015-08-11 11:51:52 -05:00
jvazquez-r7
76f6312fab
Fix #3916 Support 64 bits targets on enum_cred_store
2015-08-10 15:16:12 -05:00
jvicente
5ff61ca5f3
Added modules to jailbreak and control remotely BusyBox based devices. It was added to a word list with default credentials typically used by commercial routers.
2015-08-10 18:29:41 +02:00
Meatballs
c197e5224d
Store loot
2015-08-01 20:52:25 +01:00
Meatballs
deb6f5638e
Update WinSCP Gather
...
* Refactor parsing to common library to support command line tool
* Look in APPDATA not just ProgramFiles
* Iterate over user APPDATA
2015-08-01 20:44:14 +01:00
Brent Cook
affc86bfd9
Land #5779 , make cachedump / lsa_secrets work on 64-bit windows
2015-07-31 16:25:47 -05:00
wchen-r7
629afd86fc
Land #5788 , local exploit suggestor
...
Good luck getting Mr. Robot, Elliot.
2015-07-31 11:43:53 -05:00
wchen-r7
34279776a6
Minor edit
2015-07-30 18:40:41 -05:00
wchen-r7
fc4fdba482
Merge branch 'suggestor' of https://github.com/MSadek-r7/metasploit-framework into pr5788
2015-07-30 18:31:49 -05:00
wchen-r7
08338b73b2
Add get_target_arch and get_target_os
...
We cannot use session.platform to fingerprint the target's platform
and arch, because it's not really meant to be used that way.
2015-07-30 18:26:41 -05:00
Mo Sadek
af55ef7352
Added session.present?
2015-07-30 10:10:42 -05:00
Mo Sadek
7aa78dfd4e
Revamped os, platform, arch detection. Added count for exploits being tried
2015-07-30 09:36:02 -05:00
Mo Sadek
1521c8f87e
Reworded to no suggestions available
2015-07-29 17:40:27 -05:00
Mo Sadek
66489202fc
Added error message if no exploits are found
2015-07-29 17:31:23 -05:00
Mo Sadek
b58c6248fe
Fixed ShowDescription bug
2015-07-29 16:52:06 -05:00
Mo Sadek
2cddfda0a0
wchen-r7's fixes, fixed indentation, removed newlines, added desc.
2015-07-29 16:13:50 -05:00
Mo Sadek
c725f74d46
Add Local Exploit Suggestor
...
Resolve #5647
2015-07-29 13:19:51 -05:00
Tod Beardsley
a342a9db10
Another sticky keys ref, from @carnal0wnage
2015-07-29 12:32:38 -05:00
Tod Beardsley
8043e5a88e
Add a reference to the sticky keys exploit
2015-07-29 12:31:43 -05:00
Tod Beardsley
ee66cadde2
Don't use bullet points in descriptions
...
They never render correctly in anything other than a text editor.
modules/post/windows/manage/sticky_keys.rb first landed in #5760 ,
Sticky Keys post module
2015-07-29 12:29:09 -05:00
William Vu
ff9b975576
Land #5701 , @g0tmi1k's filezilla_server refactor
2015-07-29 11:13:22 -05:00
jvazquez-r7
e966545e08
Fix mask
2015-07-29 09:13:37 -05:00
g0tmi1k
38e952ba07
Python -> Ruby
2015-07-29 10:55:28 +01:00
Martin Vigo
a3365a9c7f
Add key, 2fa, iterations and otp support
2015-07-28 00:15:08 -07:00
jvazquez-r7
ab7ffb1a08
Fich cachedump
2015-07-27 17:26:53 -05:00
jvazquez-r7
704c8cadd9
Fix lsa_secrets
2015-07-27 16:19:01 -05:00
g0tmi1k
7c3e79f72d
Smarter way to download via meterpreter
...
...less chance of data crupterion
2015-07-27 19:49:06 +01:00
William Vu
4dd2c31b44
Land #5760 , Sticky Keys post module
2015-07-23 17:12:31 -05:00
William Vu
06ed7ba574
Add a comma
2015-07-23 17:12:17 -05:00
OJ
ebdbb179ce
Last of the style fixes
2015-07-24 08:09:25 +10:00
OJ
db7fadfc36
Fix indentation
2015-07-24 08:08:01 +10:00
OJ
616e1ddd68
Change enum to action, a couple of tidies
2015-07-24 08:01:58 +10:00
Samuel Huckins
a818dc4460
Land #5657 , misc fixes to domain_hashdump
2015-07-23 16:58:46 -05:00
OJ
e60f590f09
Add DisplaySwitch.exe support with WINDOWS+P
...
As per @mubix's request.
2015-07-24 07:20:31 +10:00
OJ
1dd765d6e6
Remove trailing spaces
2015-07-23 13:17:34 +10:00
OJ
0f2692f24f
Fix up silly mistake with `fail_with`
2015-07-23 13:14:35 +10:00
OJ
691b13ebd8
Add the sticky_keys module
2015-07-23 12:53:47 +10:00
James Lee
52e4f45ecd
Use the new thing in wlan_geolocate
2015-07-20 20:24:07 -05:00
James Lee
d6e12d431f
Style and whitespace
2015-07-20 19:40:25 -05:00
wchen-r7
425a9dc266
credit OJ
2015-07-17 13:47:17 -05:00
wchen-r7
663bcbe53b
Avoid checking these system process names
2015-07-17 13:46:02 -05:00
g0tmi1k
d5c57d9d6e
Use creds API
2015-07-16 16:05:59 +01:00
OJ
e1b1db9f88
Fix stupid typo
2015-07-16 23:03:49 +10:00
OJ
986463e489
Fix killav post module, handle errors, better output
2015-07-16 11:35:01 +10:00
Marc-Andre Meloche
2735c035b5
fixed issues as requested.
...
fixed.
2015-07-15 20:36:19 -04:00
Marc-Andre Meloche
579fb5fb1f
Fixed
...
Fixed
2015-07-15 20:09:42 -04:00
Marc-Andre Meloche
c762e9e8d6
Fixed as requested.
...
I added the possibility to read from file, instead of modifying the module each time.
2015-07-15 20:02:18 -04:00
Marc-Andre Meloche
7520bc9a8a
Exported Killav into a post-exploitation module
...
I was unsure if this was the place to send the update.
2015-07-15 14:04:37 -04:00
g0tmi1k
074ed20f1c
Fix Firefox_Creds
...
...isn't perfect.
2015-07-14 13:33:48 +01:00
g0tmi1k
d795b2f831
Module cleanup
2015-07-11 19:40:21 +01:00
g0tmi1k
14d0d456f4
Fix FileZilla perm loot bug
2015-07-11 19:11:59 +01:00
g0tmi1k
c92d0d9df6
Fix FileZilla Server
2015-07-11 18:14:55 +01:00
Spencer McIntyre
632bcda345
Land #5652 , improve LAPS filter to reduce empty results
2015-07-03 15:02:39 -04:00
David Maloney
e843db78dc
put rhost option back
...
it is needed for the wmic query that
creates the shadowcopy
MSP-12867
2015-07-02 14:46:40 -05:00
David Maloney
7b2b526ea1
deregister unwated options
...
deregister mixin options that we don't need
for this module
2015-07-02 14:33:21 -05:00
William Vu
8892cbdd10
Fix some minor things
2015-07-02 14:32:16 -05:00
David Maloney
cc51d1e8fd
use registry data for VSS grab
...
use the location data we got from the registry for copying
the NTDS.dit file correctly with the VSS method
2015-07-02 14:27:51 -05:00
David Maloney
89d283da09
check registry for ntds location
...
check the registry for the location of the ntds.dit
file
MSP-12867
2015-07-02 14:07:47 -05:00
Tod Beardsley
95f19e6f1f
Minor description edits for clarity
...
Edited modules/exploits/multi/browser/adobe_flash_nellymoser_bof.rb
first landed in #5642 , Adobe Flash CVE-2015-3113 Nellymoser Audio
Decoding BOF
Edited modules/post/windows/gather/credentials/enum_laps.rb first landed
in #5590 , @Meatballs1 adds MS LAPS Enum post mod
Edited modules/post/windows/gather/enum_ad_bitlocker.rb first landed in
Keys from AD
2015-07-02 13:51:37 -05:00
David Maloney
42daf4d38b
fix up ordering of pre-checks
...
i hate early returns, but we need to bail out early
if some of these checks fail
MSP-12867
2015-07-02 11:52:02 -05:00
Meatballs
8a3873d730
Tweak filter to reduce empty results
2015-07-02 09:53:08 +01:00
Spencer McIntyre
a37ac1b089
Land #5590 , @Meatballs1 adds MS LAPS Enum post mod
2015-07-01 21:19:15 -04:00
William Vu
399b3d2810
Land #5629 , moar cmd_exec refactoring
2015-07-01 00:36:19 -05:00
Martin Vigo
0e5e8032ad
Add Firefox 2FA support
2015-06-30 21:02:10 -07:00
Martin Vigo
5b0647a1f2
Add support to steal 2FA token
2015-06-29 22:20:38 -07:00
jvazquez-r7
656e6f5c73
Fix windows enum modules
2015-06-29 11:56:38 -05:00
jvazquez-r7
834c0e594a
Update multi modules
2015-06-29 11:36:28 -05:00
jvazquez-r7
ae172691f2
Update linux gather post modules
2015-06-29 10:21:13 -05:00
jvazquez-r7
2cbb107bba
Update enum_configs
2015-06-29 09:55:18 -05:00
jvazquez-r7
093f339f6b
Land #5268 , @Meatballs1's post windows module to retrieve Bitlocker Recovery Keys from AD
2015-06-26 17:07:36 -05:00
jvazquez-r7
600a296291
Do minor cleanup
2015-06-26 16:51:00 -05:00
jvazquez-r7
31b7ef49d6
Solve conficts
2015-06-26 11:36:17 -05:00
Meatballs
9c4a96761e
Small tidyup
2015-06-23 23:10:29 +01:00
Meatballs
4392b7c1de
Enum LAPS
2015-06-23 23:02:22 +01:00
Meatballs
221980820a
Committed wrong file
...
This reverts commit 76c2198ef0
.
2015-06-23 23:01:59 +01:00
Meatballs
76c2198ef0
LAPS enum
2015-06-23 22:56:53 +01:00
jvazquez-r7
f216841d01
Update enum_vbox
2015-06-22 17:54:17 -05:00
Brent Cook
e696d2f3dc
Merge branch 'master' into land-5348-ntds
2015-06-22 17:18:13 -05:00
jvazquez-r7
c20d2a1dd9
Update post/multi/gather/env
...
* Use cmd_exec
2015-06-22 16:20:46 -05:00
jvazquez-r7
a309d99da9
Fix enum_osx
...
* Use cmd_exec
2015-06-22 16:09:30 -05:00
jvazquez-r7
4475b7ec8e
Update enum_keychain
...
* Use cmd_exec
2015-06-22 14:30:46 -05:00
wchen-r7
5a548c3792
Land #5453 , Update dbvis_enum to use the new cred API
2015-06-19 11:35:07 -05:00
William Vu
2587595a92
Land #5556 , vprint_status fix
2015-06-19 11:24:54 -05:00
jvazquez-r7
b349549754
Land #5464 , @wchen-r7 Updates razer_synapse to use the new cred API
2015-06-19 09:42:44 -05:00
jvazquez-r7
6d2b7e05ef
Use downcase
2015-06-19 09:35:20 -05:00
jvazquez-r7
80f6e902b6
Land #5463 , @wchen-r7 updates smartermail to use the new cred API
2015-06-19 09:29:34 -05:00
jvazquez-r7
0d7ef6f04e
Pass username as symbol
2015-06-19 09:29:00 -05:00
wchen-r7
fc35a53ac5
Pass options correctly
2015-06-19 00:14:58 -05:00
wchen-r7
fc1417809e
Support hash format
2015-06-19 00:09:08 -05:00
g0tmi1k
ce9481d2b7
Inconstancy - If datastore['VERBOSE'] vs vprint
2015-06-18 09:27:01 +01:00
jvazquez-r7
f5b9be7814
Land #5468 , @wchen-r7's updates razorsql to use the new creds api
...
* Also fixes #5469
2015-06-16 17:51:18 -05:00
William Vu
ef825fb4bf
Land #5530 , shell_to_meterpreter improvements
2015-06-16 14:29:15 -05:00
g0tmi1k
33139c4ecd
shell_to_meterpreter minor improvements
2015-06-16 20:42:47 +01:00
jvazquez-r7
eb39eaac1d
Add support to decryption v2
2015-06-15 23:28:10 -05:00
g0tmi1k
6dcc9b7dab
More inconsistencies
2015-06-12 21:59:15 +01:00
g0tmi1k
a53ca53a6a
Fix inconstancy - multi/handler
2015-06-12 21:23:51 +01:00
wchen-r7
89d03a1472
Symbol to String
2015-06-12 15:02:36 -05:00
wchen-r7
20170bd630
Report as hash
2015-06-12 13:55:32 -05:00
jvazquez-r7
8f4a44ac97
Land #5474 , @wchen-r7 Updates pptpd_chap_secrets to use the new cred API
2015-06-12 11:41:59 -05:00
David Maloney
bb56f6043e
explicitly use windows\temp
...
instead of using the user temp directory
trying to get around some intermittant permissions
issues
MSP-12358
2015-06-08 13:17:18 -05:00
David Maloney
2a474c8375
Merge branch 'master' into feature/MSP-12358/ntds-dump-module
2015-06-08 11:42:03 -05:00
jvazquez-r7
a39539f8ef
Land #5457 , @wchen-r7 updates spark_im to use the new cred API
2015-06-07 20:45:42 -05:00
HD Moore
25aa96cfc1
Land #5456 , removes obsolete comment
2015-06-07 14:25:23 -05:00
jvazquez-r7
dca2607d54
Land #5452 , @wchen-r7 Update tortoisesvn to use the new cred API
2015-06-06 01:35:40 -05:00
jvazquez-r7
bf35b9bdf4
Minor fix
2015-06-06 01:35:09 -05:00
jvazquez-r7
c3437dab2a
Land #5451 , @wchen-r7 Update filezilla_client_cred to use the new cred API
2015-06-05 16:39:31 -05:00
root
d4f418fe3f
Style corrections
...
See #5480
2015-06-04 15:52:07 -05:00
wchen-r7
39d38f1641
Update pptpd_chap_secrets to use the new cred API
2015-06-03 16:33:10 -05:00
wchen-r7
656f64d9bd
Update razorsql to use the new cred API
2015-06-03 13:49:06 -05:00
wchen-r7
b038760be7
Update razer_synapse to use the new cred API
2015-06-03 01:44:20 -05:00
Tim
c396fe2c68
let the user know whether the command succeeded
2015-06-03 07:07:55 +01:00
wchen-r7
ef0d6490da
Update smartermail to use the new cred API
2015-06-03 00:48:52 -05:00
wchen-r7
c64f025c4e
Add module_fullname: fullname
2015-06-02 12:35:06 -05:00
wchen-r7
e43163135b
Add module_fullname: fullname,
2015-06-02 12:33:34 -05:00
wchen-r7
63708f2bba
Add module_fullname: fullname
2015-06-02 12:27:35 -05:00
wchen-r7
28556ea6e2
Update spark_im to use the new cred API
2015-06-02 12:16:07 -05:00
wchen-r7
aac2db826f
Remove comment about report_auth_info
...
This module isn't using report_auth_info, so this comment is no
longer needed.
2015-06-02 10:24:55 -05:00
root
7485cf776e
Remove unnecessary spaces
2015-06-02 14:18:36 +05:00
root
b4cfe93977
Add creds API
2015-06-02 14:16:16 +05:00
wchen-r7
1ae9265fb9
Update tortoisesvn to use the new cred API
2015-06-02 00:52:43 -05:00
wchen-r7
b98cc89f0c
Update filezilla_client_cred to use the new cred API
2015-06-02 00:22:17 -05:00
wchen-r7
c3e15059a7
Update total_commander to use the new cred API
2015-06-01 21:17:58 -05:00
RageLtMan
f575fb8df9
Merge branch 'feature-merge_psh_updates_201505'
...
Conflicts:
lib/msf/core/post/windows/powershell.rb
Rename upload_script_via_psh to stage_psh_env within post PSH lib.
Perform the same rename within load_script post module.
2015-05-29 03:42:25 -04:00
root
17c0af6380
Consistent column names
2015-05-29 11:08:24 +05:00
root
101f12b9d2
Remove base64 require
2015-05-29 10:38:06 +05:00
root
3ac5088a9a
Add decryption.final for proper padding
2015-05-29 10:33:55 +05:00
root
2756c7375e
Add datastore options
2015-05-28 10:58:36 +05:00
root
1ab49397a2
Decrypt encrypted passwords
2015-05-28 10:21:00 +05:00
Tim
45b2632d21
android 4.x remove locks (without root)
2015-05-26 06:51:30 +01:00
benpturner
e06f47b2bd
Updates load_script to have support for folders and to include the stager process in the mixin module for other post mods
2015-05-25 15:48:27 +01:00
Tim
a04f70eb53
add screencap for android
2015-05-25 13:41:35 +01:00
Tim
5035db77b8
add remove lockscreen for android
2015-05-25 13:37:30 +01:00
RageLtMan
23b69a0c22
license update
2015-05-21 00:32:31 -04:00
RageLtMan
6d9f6c9715
retab exec_powershell.rb
2015-05-20 19:08:50 -04:00
RageLtMan
27e12754fe
Import Powershell libraries and sample post module
...
Sync critical functionality from Rex and Msf namespaces dealing
with encoding and processing of powershell script for exploit
or post namespaces.
Import Post module. Primarily adds a psh_exec method which will be
replaced in the next PR with @benpturner's work integrated into
the Post module namespace.
Provide a sample metasploit windows post module to show the
execution pipeline - entire subs process can be removed and the
module reduced to a psh_exec(datastore['SCRIPT']).
This commit is designed to provide sync between the SVIT fork and
upstream. Pending commits to be based on this work will provide
access to .NET compiler in the Post namespace to be used for
dynamic persistent payload creation on target and the import of
@benpturner's work.
2015-05-20 18:18:51 -04:00
Stuart Morgan
7330e004ea
Updated name to more accurately reflect purpose
2015-05-20 22:33:06 +01:00
Stuart Morgan
dfe52068a7
Fixed error messages
2015-05-20 22:32:26 +01:00
Stuart Morgan
3615656062
Rubocop
2015-05-20 22:28:53 +01:00
Stuart Morgan
226f1a52fb
Moved socket creation to per-port code for reliability
2015-05-20 22:27:45 +01:00
Stuart Morgan
484daf4584
Added Winsock check
2015-05-20 21:09:05 +01:00
Stuart Morgan
782a6ed108
Rubocop
2015-05-20 21:06:19 +01:00
Overlord
41450a4da0
Rubocop
2015-05-20 21:05:07 +01:00
Stuart Morgan
8db0ed04ad
Added support for UDP traffic too
2015-05-20 20:51:19 +01:00
Stuart Morgan
f039c416c5
Still works, TCP only though at the moment
2015-05-20 20:38:41 +01:00
Stuart Morgan
c4fc2132d8
Working version
2015-05-20 20:29:23 +01:00
Stuart Morgan
1ec231c28d
Initial working version
2015-05-20 19:43:54 +01:00
benpturner
cdea522c3e
Use the Rex::Powershell::Command function to encode the stream
2015-05-20 10:34:54 +01:00
Stuart Morgan
6e682e2da3
Sometimes the SSH tools seem to do something strange with sockets, so just cope with tihs
2015-05-19 17:59:34 +01:00
benpturner
514e382d3b
Remove require
2015-05-19 16:20:32 +01:00
benpturner
4a808af40a
Typo
2015-05-19 16:17:11 +01:00
benpturner
1a6404dc08
Typo
2015-05-19 16:09:30 +01:00
benpturner
93d6903272
New verbose
2015-05-19 16:08:43 +01:00
benpturner
07986a1ed2
Updated author
2015-05-19 16:06:44 +01:00
benpturner
8916ccf9e5
new numbers
2015-05-19 16:00:49 +01:00
benpturner
763d960d2b
new
2015-05-19 15:55:00 +01:00
benpturner
b513304756
new changes
2015-05-19 15:47:30 +01:00
Stuart Morgan
6a7943a662
Added check for UNIX sockets support
2015-05-19 15:13:15 +01:00
Stuart Morgan
3d466b7e6b
Credit where credit is due, Ben has given a huge amount of support and guidance
2015-05-19 14:51:08 +01:00
Stuart Morgan
fac09a6bcf
Added a clarification comment
2015-05-19 14:46:44 +01:00
Stuart Morgan
2eae9e2614
Rubocop
2015-05-19 14:44:32 +01:00
Stuart Morgan
b2aef62a40
MSFTidy
2015-05-19 14:42:30 +01:00
Stuart Morgan
f8fce7b7f6
Further tidying up of code, adding descriptions etc
2015-05-19 14:29:56 +01:00
benpturner
811c45ab90
new
2015-05-19 14:06:41 +01:00
Stuart Morgan
ea4d3415ec
Continued to tidy up code, added verbose mode to assist in debugging
2015-05-19 12:21:00 +01:00
Stuart Morgan
d704e95890
Tidying up
2015-05-19 11:34:25 +01:00
Stuart Morgan
0c0758bf03
Added socketpath
2015-05-19 10:56:04 +01:00
Stuart Morgan
e152ceb05d
Tidied up code, added MWR labs logo
2015-05-19 10:33:32 +01:00
Stuart Morgan
a4fc8aefd5
Working, tested & cleans up after itself
2015-05-19 10:21:08 +01:00
Stuart Morgan
b749d44c6a
Tidied up working version, logic has now moved to a POST module
2015-05-19 10:00:50 +01:00
Stuart Morgan
a37714379d
Working version
2015-05-19 09:55:38 +01:00
Stuart Morgan
3d4490cafd
Trying to do this as a POST module instead of through command dispatcher
2015-05-19 09:49:27 +01:00
Brent Cook
79db696c15
fix EOL character
2015-05-18 15:46:55 -05:00
Donny Maasland (Fox-IT)
e1eed6e9d9
single quotes and slashes..
2015-05-18 16:33:57 +02:00
Stuart Morgan
8b8ed04a73
Rubocop
2015-05-18 11:56:12 +01:00
Stuart Morgan
cf05e69536
Removed database storage for now (need to convert keys to OpenSSH format and resolve IP addresses first)
2015-05-18 11:51:27 +01:00
Stuart Morgan
7f16b7164f
Added database writing code
2015-05-18 11:43:08 +01:00
Stuart Morgan
77cf2ec60e
Added basic private key detection and parsing
2015-05-18 11:20:53 +01:00
Donny Maasland (Fox-IT)
7d65095472
fix quotes
2015-05-18 12:20:42 +02:00
Donny Maasland (Fox-IT)
30f7c651c9
use REGISTRY_VIEW_32_BIT
2015-05-18 10:19:32 +02:00
Stuart Morgan
f1955cb15d
Rubocopped the file
2015-05-17 16:09:19 +01:00
Stuart Morgan
5e4566712a
Added more detailed description
2015-05-17 16:00:44 +01:00
Stuart Morgan
a4f67bce6f
Tidied up code
2015-05-17 15:48:05 +01:00
Stuart Morgan
b12db7b633
Retrieves saved session lists etc to loot and exports information in CSV format
2015-05-17 14:59:26 +01:00
Stuart Morgan
1177f42263
Renamed module to remain consistent with other enum modules
2015-05-17 14:38:25 +01:00
Stuart Morgan
18a9dfd6da
Added PAGEANT_REGISTRY_KEY variable to enhance readability
2015-05-17 14:37:59 +01:00
Stuart Morgan
4a416bba3c
Fixed notes using :unique_data
2015-05-17 13:24:38 +01:00
Stuart Morgan
8aa27eee94
report_note only appears to allow one note per host/type combo...
2015-05-17 13:06:17 +01:00
Stuart Morgan
53311fda2e
Fixed logic & added notes storage
2015-05-17 13:02:58 +01:00
Stuart Morgan
5d273d53b4
Fixed module logic so that the key fingerprints now get displayed properly:
2015-05-15 22:02:12 +01:00
David Maloney
fd1a24d6f9
some more minor cleanup noise
...
apparently we standardized on using get_env
instead of expand_path in these cases. Not sure
on the effective difference here but no big deal
MSP-12358
2015-05-15 13:33:48 -05:00
Stuart Morgan
4a88790c8c
Added SSH host keys
2015-05-15 17:57:15 +01:00
David Maloney
631dfc0a0e
increase timeout on ntdsutil
...
default timeout is 15 seconds. we'll give it 90
seconds for now. This may still be too short for
really really large domains, but too long of a timeout
can create other issues
MSP-12358
2015-05-15 11:19:35 -05:00
David Maloney
a3d91dff0b
clean up ntds.dit file when done
...
delete the ntds.dit file we copied when
we are done
MSP-12358
2015-05-15 11:13:19 -05:00
David Maloney
ac04b8d1e7
a little bit of cleanup
...
constantise some of the magic numbers in
the NTDS Account class
MSP-12358
2015-05-15 10:47:31 -05:00
Stuart Morgan
14035a46b1
Fixed description
2015-05-15 16:28:51 +01:00
Stuart Morgan
f65207ac40
Initial version, working
...
Needs tidying up.
Current version:
* Searches for PuTTY registry keys
* Downloades the Hostname, port, private key filename, username to log in as and any port forwarding instructions
* If the private keys are accessible on the box, download them to loot
To do:
* Detect whether pageant is running or not and report back
* Tidy up code (used another plugin as a template)
2015-05-15 16:23:39 +01:00
Donny Maasland (Fox-IT)
2721be946a
also check Wow6432Node keys
2015-05-15 14:28:12 +02:00
David Maloney
724b7c6f16
save the ntlm hases as creds
...
the last step is now complete. the current and historical
hashes are all saved to the database for cracking and/or
replay
MSP-12358
2015-05-14 13:52:11 -05:00
David Maloney
452fc6b149
Merge branch 'feature/MSP-12357/meterp-ntds' into feature/MSP-12358/ntds-dump-module
2015-05-14 10:31:28 -05:00
David Maloney
0e666d5732
gaurd against arch mismatch
...
this will not work from an x86 proc
on an x64 machine, so guard against that.
MSP-12358
2015-05-13 15:28:11 -05:00
David Maloney
9308da7956
2003 code path working
...
using VSS directly on server 2003 and repairing
the database with esentutl is now working
MSP-12358
2015-05-13 12:25:44 -05:00
David Maloney
21004046c1
begin parsing of the database
...
clean up and begin aprsing the database
after we have copied it
MSP-12358
2015-05-11 14:48:12 -05:00
Meatballs
028f9dd43b
Tidy and rubocop
2015-05-09 10:48:07 +01:00
Meatballs
e9dc93f345
Use cmd_exec
2015-05-09 10:44:02 +01:00
rwhitcroft
8c3a97667a
use get_env instead of client.sys.config.getenv
2015-05-08 15:25:20 -04:00
rwhitcroft
b2ce2ddb05
determine the domain using env vars instead of parsing net.exe output
2015-05-08 14:17:49 -04:00
David Maloney
3c9c578a3d
ntdsutil method in place
...
ntdsutil method built out to make a copy
of ntds.dit on later version of Winbdows Server
MSP-12358
2015-05-04 15:35:36 -05:00
David Maloney
e0c64038a7
start new ddomain hashdump post module
...
module checks for all preconditions so far
including that Domain Services are running,
that we are Admin, that we have bypassed uac
and that it is a supported version of windows.
MSP-12358
2015-05-04 15:07:27 -05:00
Meatballs
eb8fdcc2f2
Typo
2015-04-29 10:45:49 +01:00
Meatballs
4072cbd4d3
Bitlocker -> BitLocker
2015-04-29 10:02:21 +01:00
Meatballs
7e5b03c44e
Tidyup and update for new ADSI format
2015-04-29 09:48:44 +01:00
Meatballs
0d81ad4db4
Remove max search
2015-04-29 09:40:53 +01:00
Meatballs
96a9313e7e
Initial commit
2015-04-29 09:40:53 +01:00
Brent Cook
4ffffa59fe
Land #5184 , restore store_loot for ssh_creds gatherer
2015-04-24 13:55:06 -05:00
jvazquez-r7
ab94f15a60
Take care of modules using the 'DEBUG' option
2015-04-21 12:13:40 -05:00
jvazquez-r7
4224008709
Delete print_debug/vprint_debug
2015-04-21 11:14:03 -05:00
wchen-r7
a3b0f2e424
Land #5175 , Update mcafee_vse_hashdump description
2015-04-20 21:49:24 -05:00
wchen-r7
43e9244b4c
Fix #5134 , Put store_loot back
...
Fix #5134
store_loot was used at one point, but we ended up removing it.
Turns out store_loot is handy in some cases so we're brining it back.
2015-04-17 16:33:51 -05:00
karllll
e3ce4eb88e
Update mcafee_vse_hashdump.rb
2015-04-17 09:47:02 -04:00
William Vu
3422501d91
Land #5174 , deprecated module cleanup
2015-04-16 17:43:28 -05:00
Christian Mehlmauer
2b9fd93729
remove deprecated modules
2015-04-16 22:49:22 +02:00
karllll
cb2e8f4949
Update mcafee_vse_hashdump description
...
The description of this module has been added upon to include cracking details.
2015-04-16 16:09:43 -04:00
Christian Mehlmauer
352e170624
more failure reasons
2015-04-16 22:04:11 +02:00
Christian Mehlmauer
8c12361bda
remove fail_with defs
2015-04-16 21:49:31 +02:00
Christian Mehlmauer
ba6548db75
be consistent about naming
2015-04-16 21:44:56 +02:00
Christian Mehlmauer
b4b8ac0849
moar fail_with's
2015-04-16 21:26:37 +02:00