Louis Sato
d5d0b9e9b8
Revert "Land #6729 , Speed up the datastore"
...
This reverts commit c6b1955a5a
, reversing
changes made to 4fb7472391
.
2016-06-28 13:39:52 -05:00
h00die
42697b46ac
append over read and write
2016-06-21 16:52:40 -04:00
Meatballs
81f30ca962
Land #6966 , Microsoft Office Trusted Locations Enumeration
2016-06-21 21:45:39 +01:00
h00die
c50f935412
shell > cmd all day
2016-06-20 17:59:01 -04:00
Pearce Barry
95517b4a45
Avoid exception on missing key in prefs.
2016-06-20 09:26:10 -05:00
William Vu
6cb2a6970e
Fix unused SessionType in two modules
...
Pretty sure it should be "shell."
2016-06-19 23:41:34 -05:00
h00die
6905a29b10
sshkey persistence
2016-06-19 22:40:03 -04:00
wchen-r7
c6b1955a5a
Land #6729 , Speed up the datastore
2016-06-15 17:55:42 -05:00
Meatballs
0451d4f079
Cleanup
2016-06-15 22:41:59 +01:00
Vincent Yiu
8a68e86a0a
Update enum_trusted_locations.rb
...
Changed some colours
2016-06-15 13:42:38 +01:00
Vincent Yiu
48714184f3
Update enum_trusted_locations.rb
...
Added product it found the locations in.
2016-06-15 13:41:19 +01:00
Vincent Yiu
1ba33ff7f8
Fixed MSFTidy
...
Fixed MSFTidy stuff
2016-06-12 13:00:44 +01:00
Vincent Yiu
a2a97d0271
Update enum_trusted_locations.rb
...
Fix some changes, I had emet references.
2016-06-12 11:06:20 +01:00
Vincent Yiu
2e03c3511e
Add enum_trusted_locations.rb
...
Quickly enumerates trusted locations for file planting :)
2016-06-12 10:59:57 +01:00
Crypt0-M3lon
233186c833
Check presence in local admin group
...
As the "is_admin?" function only checks if the current session effectively has admin rights, I offer to add a check to know if the current user is in the local admin group using the "is_in_admin_group?" function. This information is better suited to check if admin rights are obtainable using the "bypassuac" module.
2016-06-09 17:47:09 +02:00
Crypt0-M3lon
eaaa9177d5
Fix "username" key to add login in creds database
2016-06-08 10:38:38 +02:00
William Vu
ca76e8f290
Update allwinner_backdoor report_vuln hash
2016-05-24 00:57:37 -05:00
Brent Cook
928a706135
Land #6890 , Allwinner CPU kernel module local privilege escalation
2016-05-23 22:00:52 -05:00
Brent Cook
2f8562fba4
added documentation and minor style tweaks
2016-05-23 21:59:44 -05:00
h00die
4242bbdf55
change report_note to report_vuln per note
2016-05-23 17:36:50 -04:00
h00die
c621f689b2
more descriptive note per @sempervictus
2016-05-18 19:08:01 -04:00
h00die
815a2600a8
additional description
2016-05-17 22:07:33 -04:00
h00die
640e0b9ff7
working ready for pr
2016-05-17 21:58:32 -04:00
Brent Cook
2e3e4f0069
Land #6296 , Added a multi-platform post module to generate TCP & UDP egress traffic
2016-05-14 00:03:00 -05:00
Brent Cook
3542d907f7
simplify description, move the bulk of documentation to documentation/
2016-05-14 00:01:51 -05:00
h00die
314d73546c
additional details, not working on tablet via malicious apk meterpreter
2016-05-13 23:12:44 -04:00
h00die
5099124f3d
module compiles, fails correctly but cant yet verify it works
2016-05-12 22:18:43 -04:00
Brent Cook
a69432abe5
update module class and move to recon from manage
2016-05-12 12:42:04 -05:00
Brent Cook
9f923cdb00
Merge branch 'master' into land-6296-egress
2016-05-12 12:36:47 -05:00
Brent Cook
57a3a2871b
remove various session manipulation hacks since session.platform should always contain an os identifier
2016-05-08 22:39:41 -05:00
wchen-r7
2f66442f1d
Fix #5191 , bad LHOST format causes shell_to_meterpreter to backtrace
...
When using shell_to_meterpreter via a pivot, the LHOST input's format
might be invalid. This is kind of a design limitation, so first we
check the input, and there is a module doc to go with it to explain
a workaround.
Fix #5191
2016-04-28 23:03:54 -05:00
Brent Cook
194a84c793
Modify stdapi so it also uses exist? over exists? for ruby parity
...
Also add an alias for backward compatibility.
2016-04-23 17:31:22 -04:00
wchen-r7
816bc91e45
Resolve #6807 , remove all OSVDB references.
...
OSVDB is no longer a vulnerability database, therefore all the
references linked to it are invalid.
Resolve #6807
2016-04-23 12:32:34 -05:00
wchen-r7
da9f156913
Print IP in print_*
2016-04-22 16:03:31 -05:00
wchen-r7
3aa02891e9
Bring #6801 up to date with upstream-master
2016-04-22 14:04:26 -05:00
join-us
16ff74e293
syntax check / code reduce
2016-04-22 10:53:03 +08:00
Vincent Yiu
ca4bcfe62a
Update enum_emet.rb
...
Cleaned up a bit more
2016-04-22 00:41:10 +01:00
Vincent Yiu
c81d0ade3f
Update, implemented
...
Took @bcook-r7's advice
2016-04-22 00:37:03 +01:00
Vincent Yiu
30ac6b4a93
enum_emet
...
A module to enumerate all the EMET wildcard paths.
2016-04-22 00:20:25 +01:00
Brent Cook
57ab974737
File.exists? must die
2016-04-21 00:47:07 -04:00
Josh Hale
57467b94d9
Fix RegExp evaluation in is_routable? function
2016-04-20 10:22:46 -05:00
Adam Cammack
3da451795c
Fix potential case issue
...
Even though the options were getting put back in a datastore, the
original case could still be lost and that would be bad.
2016-04-18 17:52:27 -04:00
Josh Hale
48556483b5
Fix a few comments
2016-04-17 19:16:52 -05:00
Josh Hale
32590c89b7
Add interface name to routing status message
2016-04-17 14:15:50 -05:00
Josh Hale
fb7194c125
Work on autoroute.md
2016-04-17 00:04:42 -05:00
Josh Hale
a5e48b6112
Add default option and clean up comments
2016-04-16 19:50:08 -05:00
Josh Hale
6550e0bc1b
Finish up autoadd_interface_routes
2016-04-16 18:42:41 -05:00
Josh Hale
b3d199c055
Add get_subnet_octet and test
2016-04-16 14:57:39 -05:00
Josh Hale
b1064af082
Initial get_subnet testing
2016-04-16 13:50:15 -05:00
Josh Hale
018e7807fe
Identify routable networks
2016-04-15 22:21:54 -05:00
Josh Hale
e8863ba09d
Initial autoadd_interface_routes work
2016-04-15 22:13:17 -05:00
Josh Hale
5f5c330f2b
Initial Testing of Interface Info Gather
2016-04-14 21:59:48 -05:00
Josh Hale
c39410a070
Fix autoadd problem
2016-04-13 23:31:27 -05:00
CSendner
2319629dd8
Update comments
2016-04-13 05:03:11 +02:00
Christoph Sendner
4970047198
./modules/post/linux/dos/xen_420_dos.rb
2016-04-13 03:31:02 +02:00
wchen-r7
cba7353e1d
Fix another typo?
2016-04-07 17:12:11 -05:00
wchen-r7
ff9d94218d
Fix a typo?
2016-04-07 17:11:42 -05:00
wchen-r7
a3c390ee9d
Change class name to MetasploitModule
2016-04-07 17:11:08 -05:00
wchen-r7
f09637a1c7
Bring #6377 up to date with upstream-master
2016-04-07 17:06:49 -05:00
wchen-r7
0d3eb4f055
Change class name to MetasploitModule
2016-04-07 12:15:32 -05:00
wchen-r7
0f56dbd858
Bring #6378 up to date with upstream-master
2016-04-07 12:10:55 -05:00
wchen-r7
ac051bda7f
Add check is_routable?, and change netmask if needed
2016-04-06 15:28:54 -05:00
wchen-r7
d240e0b3a2
Bring #6515 up to date with upstream-master
2016-04-06 11:27:32 -05:00
wchen-r7
4074634a13
Land #6713 , Add post exploit module for HeidiSQL's stored passwords
2016-03-30 12:10:30 -05:00
wchen-r7
0c6b4d81c8
More proper exception handling
2016-03-30 12:09:40 -05:00
wchen-r7
aaa1515ba0
Print rhost:rport
2016-03-30 11:56:09 -05:00
Meatballs
397d5580be
Use MetasploitModule convention
2016-03-30 15:44:37 +01:00
Meatballs
f8628e3438
Merge remote-tracking branch 'upstream/master' into wdigest_enable
2016-03-30 15:44:21 +01:00
Meatballs
9e45f0c104
Minor tidies
2016-03-30 15:29:03 +01:00
Hans-Martin Münch (h0ng10)
976932ed43
Initial commit
2016-03-26 12:00:25 +01:00
James Lee
d54bbdf9a3
Land #6566 , filezilla xml file locations
2016-03-17 16:27:24 -05:00
James Lee
115a033036
Fix parsing the Last Server xml
2016-03-17 16:27:02 -05:00
James Lee
1375600780
Land #6644 , datastore validation on assignment
2016-03-17 11:16:12 -05:00
Tim
f83cb4ee32
fix set_wallpaper
2016-03-16 13:07:41 +00:00
Brent Cook
cd84ac37d6
Land #6569 , check if USERNAME env var exists before using in enum_chrome post module
2016-03-13 15:12:51 -05:00
Brent Cook
c89e53d0a3
Land #6666 , fix filezilla_server display bug showing the session ID
2016-03-13 13:56:44 -05:00
wchen-r7
51cdb57d42
Fix #6569 , Add a check for USERNAME env var in enum_chrome post mod
...
Fix #6569
Depending on the context, the USERNAME environment variable might
not always be there.
2016-03-11 15:36:44 -06:00
James Lee
8217d55e25
Fix display issue when SESSION is -1
2016-03-11 11:37:22 -06:00
Christian Mehlmauer
3123175ac7
use MetasploitModule as a class name
2016-03-08 14:02:44 +01:00
Brent Cook
f703fa21d6
Revert "change Metasploit3 class names"
...
This reverts commit 666ae14259
.
2016-03-07 13:19:55 -06:00
Brent Cook
44990e9721
Revert "change Metasploit4 class names"
...
This reverts commit 3da9535e22
.
2016-03-07 13:19:48 -06:00
Christian Mehlmauer
3da9535e22
change Metasploit4 class names
2016-03-07 09:57:22 +01:00
Christian Mehlmauer
666ae14259
change Metasploit3 class names
2016-03-07 09:56:58 +01:00
Brent Cook
a1190f4344
Land #6598 , add post module for setting wallpaper
2016-03-06 15:00:10 -06:00
Brent Cook
86845222ef
add meterpreter platform workaround
2016-03-06 14:51:34 -06:00
Brent Cook
c7c0e12bb3
remove various module hacks for the datastore defaults not preserving types
2016-03-05 23:11:39 -06:00
Meatballs
c7f9fbcdfa
Change to enable/disable
2016-03-06 04:31:24 +00:00
Meatballs
6b510005da
Reverse os checks
2016-03-06 04:31:23 +00:00
Meatballs
0e52fda708
Initial tidy
2016-03-06 04:31:23 +00:00
Brent Cook
d955c6a8f6
style fixes
2016-02-29 14:06:49 -06:00
Brent Cook
89b0c8a27a
Land #6571 , use intent to unlock Android screens, support <= 4.3
2016-02-26 05:55:35 -06:00
wchen-r7
f3cf5a8a41
Resolve merge conflict with upstream-master
...
Out of date author field
2016-02-25 14:49:53 -06:00
Tim
27af59ea7c
minor tweaks
2016-02-20 08:35:56 +00:00
William Vu
8a15c36770
Land #6563 , VNC creds scraper uninstall location
2016-02-19 15:01:23 -06:00
William Vu
bfd204ac50
Fix some cosmetic issues
2016-02-19 15:00:56 -06:00
Louis Sato
873250dbec
Land #6557 , bug fix priv_migrate user migration
2016-02-19 12:03:30 -06:00
Brent Cook
b58166a9a8
add android platform to the hash
2016-02-18 20:13:39 -06:00
Tim
5c92076a1e
more cleanup
2016-02-14 09:15:25 +00:00
nk
bc74ceb8c5
Handle errors when parsing interfaces.xml, add check for several locations
2016-02-11 15:56:58 +01:00
Tim
e738b5922d
fix play_youtube to work on Android
2016-02-11 07:16:40 +00:00
Tim
9791e66683
fix remove_lock to work with 4.3 devices
2016-02-11 07:10:05 +00:00
Nicolas Devillers
8118198628
Add vprint of the exception message
2016-02-10 22:47:51 +01:00
nk
1637891ece
Add check for the uninstall location in vnc post module
2016-02-10 20:30:41 +01:00
Josh Hale
62dd82e653
Make fix easier to read
2016-02-10 11:24:45 -06:00
Tim
a93f200851
cosmetic fixes
2016-02-10 07:51:13 +00:00
Josh Hale
4653c27167
Fix minor grammar error in description
2016-02-09 21:24:40 -06:00
Josh Hale
08a41b0a31
Fix issue when target PID not owned by session
2016-02-09 21:22:50 -06:00
Tim
d544bf9311
android set wallpaper
2016-02-01 01:16:17 +00:00
Tim
96ab598835
set wallpaper
2016-02-01 01:01:24 +00:00
Josh Hale
3d4b7af6bb
Update description
2016-01-30 14:35:03 -06:00
Josh Hale
413ea53984
Add found flag and touchup code
2016-01-30 14:31:45 -06:00
Josh Hale
3abb6feb3f
Add autoadd feature to autoroute.rb
2016-01-29 21:34:22 -06:00
wchen-r7
6fb27a3da9
Undo path and move the out of bound check
2016-01-28 23:49:50 -06:00
wchen-r7
d515e4db64
Unwanted comment
2016-01-21 00:55:08 -06:00
wchen-r7
bda76c7340
Update lastpass_creds module
2016-01-21 00:53:16 -06:00
Martin Vigo
348ae586a7
Handle vault parsing exceptions
2016-01-15 14:54:59 -08:00
wchen-r7
315d079ae8
Land #6402 , Add Post Module for Windows Priv Based Meterpreter Migration
...
We are also replacing smart_migrate with this.
2016-01-13 01:21:32 -06:00
wchen-r7
6deb57dca3
Deprecate post/windows/manage/smart_migrate and other things
...
This includes:
* Give credit to thelightcosine in priv_migrate
* Deprecate smart_migrate
* Update InitialAutoRunScript for winrm_script_exec
2016-01-12 23:14:13 -06:00
Meatballs
7128c408c8
Land #6375 , Active Directory Managed Groups Enumeration
2016-01-12 11:21:31 +00:00
Meatballs
4ba2d56f49
Just search on DN for samaccountname
2016-01-12 11:20:20 +00:00
Martin Vigo
3bee2fff70
Use native method dir
2016-01-08 16:06:24 -08:00
David Maloney
5e6620f2cf
add yard doc and lexical sorting
...
lexical sort methods and add missing YARD docs
2016-01-08 14:36:21 -06:00
David Maloney
536378e023
move datastore kill check to kill method
...
move the datastore check for datatstore['KILL']
into the actual kill method for sake of DRYness
2016-01-08 14:31:42 -06:00
David Maloney
9716b97e1c
split up the migration efforts
...
move admin and suer migrations into
seperate methods for enhanced readability
and maintainability
2016-01-08 14:26:39 -06:00
David Maloney
ad50f9a047
move default targets to constants
...
cleanup the way the target lists get populated
to use constants and be a little cleaner and dryer
2016-01-08 14:03:30 -06:00
Martin Vigo
8c6bdd532b
Use ? for SQL queries
2016-01-07 22:50:23 -08:00
Martin Vigo
b46095f3d6
Remove custom method checking file exists
2016-01-07 22:21:10 -08:00
Martin Vigo
e7701b6d5f
Fix incoherent method to always return a list
2016-01-07 22:17:04 -08:00
Josh
4e99c873c8
Fix issue when target_pid == current_pid
2016-01-06 19:58:07 -06:00
Josh
60c506d7fb
Replace error handling methods
2016-01-06 18:53:54 -06:00
Vincent Yiu
30a866a85b
Update enable_rdp.rb
...
Fixed some typos.
2016-01-04 09:52:57 +00:00
Kyle Gray
47f9880690
Land #6395 , grammar fixes for recovery_files.rb
...
Improves grammar and details within the description of /post/windows/gather/forensics/recovery_files.rb
2015-12-28 15:57:41 -06:00
William Vu
cf0e982e83
Land #6386 , VNC creds module fix
2015-12-28 02:32:26 -06:00
William Vu
6b9c74eec7
Prefer gsub and nix the return
2015-12-28 02:31:47 -06:00
Josh
0de69a9d40
Add post Windows privilege based migrate
2015-12-27 19:26:21 -06:00
Jon Hart
f8943f4821
Remove peer; defined in lib/msf/core/post/common.rb
2015-12-24 07:57:16 -08:00
karllll
431c6001a8
Fix recovery_files.rb Description grammar errors
2015-12-24 10:10:39 -05:00
Stuart Morgan
d6dacd1580
Fixed bug when generating native traffic with one thread
2015-12-23 15:28:33 +00:00
Stuart Morgan
391145a4af
Checking if group_filter is empty
2015-12-23 15:14:37 +00:00
g0tmi1k
2f71730484
Gather VNC null byte fix + formatting
2015-12-22 17:30:37 +00:00
Rory McNamara
45b9230efb
Redirect python stderr to stdout, darwin python platform
2015-12-22 11:32:31 +00:00
Tim
be9197fc97
quick fix for issues #6359
2015-12-22 03:26:31 +00:00
Tim
f9d74143c3
fix typo
2015-12-22 03:25:34 +00:00
Stuart Morgan
f950633d32
renamed
2015-12-21 18:16:06 +00:00
Stuart Morgan
e09c2944cf
Renamed module to be more descriptive
2015-12-21 18:15:39 +00:00
Stuart Morgan
4c27f381dc
rubocop & msftidy
2015-12-21 18:15:19 +00:00
Stuart Morgan
8438774077
Bug
2015-12-21 18:13:58 +00:00
Stuart Morgan
0b6969afbc
Rubocop. This encoding mess was the only way I could find to deal with a number of parsing errors when testing this against a multilingual domain.
2015-12-21 17:30:32 +00:00
Stuart Morgan
30e283b0ae
fixup
2015-12-21 17:28:36 +00:00
Stuart Morgan
751a0708bf
rubocop
2015-12-21 13:32:29 +00:00
Stuart Morgan
0c8aa0bd5c
msftidy - fixed module name
2015-12-21 13:32:11 +00:00
Stuart Morgan
0081c79f39
Added comments
2015-12-21 13:31:26 +00:00
Stuart Morgan
03b904cc4e
Initial version
2015-12-21 13:29:47 +00:00
Stuart Morgan
16cf3c6207
Further messing about with unicode conversions
2015-12-21 13:28:27 +00:00
Stuart Morgan
e8c8c54cb0
Use a regex with a negative lookbehind to cope with CNs that contain commas
2015-12-21 11:44:37 +00:00
Stuart Morgan
d8b3b15da6
Trying to fix encoding errors
2015-12-21 11:43:12 +00:00
Stuart Morgan
76f99cbc7f
Fixing UTF-8 encoding errors with some strangely named groups
2015-12-21 11:11:01 +00:00
Stuart Morgan
b0fca769d7
capitalisation
2015-12-21 10:39:30 +00:00
Stuart Morgan
4ed32ad3e8
Add manager user attribute
2015-12-20 22:51:37 +00:00
Stuart Morgan
9493b333df
rubocop
2015-12-20 21:22:03 +00:00
Stuart Morgan
c394caad27
actually made the securitygroups only option do something
2015-12-20 21:19:24 +00:00
Stuart Morgan
07caaf352b
made comment match purpose
2015-12-20 21:18:21 +00:00
Stuart Morgan
c0a93433af
msftidy
2015-12-20 21:16:42 +00:00
Stuart Morgan
89728fd8fe
Working version
2015-12-20 21:16:17 +00:00
Stuart Morgan
ae09549057
New module, strating with managedby_groups
2015-12-20 20:17:06 +00:00
Stuart Morgan
28e563659f
Added managedBy to group acquisition
2015-12-20 20:16:18 +00:00
Stuart Morgan
d79fd9a9f3
Renamed the comments attribute to comment
2015-12-20 19:53:36 +00:00
Stuart Morgan
924017e606
Moved trust enumeration to separate PR
2015-12-20 19:46:20 +00:00
Stuart Morgan
43f8a35b12
Merge branch 'master' of https://github.com/rapid7/metasploit-framework into add_filter_to_ad_tools
2015-12-20 19:43:04 +00:00
Martin Vigo
2ddac42be7
Perform Rubocop cleanup
2015-12-19 23:33:32 -08:00
Martin Vigo
2fc940cc3e
Decrypt Chrome and Opera cookies and msdftify code
2015-12-19 22:19:20 -08:00
Martin Vigo
ab630166bb
Decrypt Chrome and Opera cookies and msdftify code
2015-12-19 21:40:30 -08:00
Stuart Morgan
3a89d3cc70
Turns out that we dont need the report or accounts includes in there, so removing them for tidyness
2015-12-20 02:37:25 +00:00
Stuart Morgan
c11c0ca7e0
Added comment about the UTF-8 encoding. This is an issue which is documented at https://github.com/rails/rails/issues/1965 ; namely that SQLite seems to treat ASCII text as a blob meaning that the text searches break. Encoding to UTF-8 seems to fix this.
2015-12-20 02:35:19 +00:00
Stuart Morgan
2301658611
Working
2015-12-20 02:20:59 +00:00
Stuart Morgan
7ce24969bb
rubocop fixes
2015-12-20 02:02:44 +00:00
Stuart Morgan
d5436c6fae
msftidy is now silent
2015-12-20 02:01:11 +00:00
Stuart Morgan
b8274cca01
Tested
2015-12-20 01:59:31 +00:00
Stuart Morgan
b0eba24c5f
Fixed verbosity bug and tidied up
2015-12-20 01:55:44 +00:00
Stuart Morgan
86294a869e
No longer need the sAMAccountType lookup table
2015-12-20 01:45:10 +00:00
Stuart Morgan
cdf430e689
Fixed bug relating to forgetting to add columns to the schema
2015-12-20 01:44:26 +00:00
Stuart Morgan
14f71eabdb
Completing processing the sAMAccountType value
2015-12-20 01:42:25 +00:00
Stuart Morgan
5f5a297324
Adding u_, g_ and c_ parameters to the tables directly avoids most of the views
2015-12-20 01:30:24 +00:00
Stuart Morgan
bb25c7606c
Restructuring to add SAM_ (userAccountControl) variables as fields directly
2015-12-20 01:28:25 +00:00
Stuart Morgan
872aeccbb6
Significant simplified the hex-to-SID parsing code because we only want the RID out of it
2015-12-19 02:02:40 +00:00
Stuart Morgan
07e5f03aba
Fixed
2015-12-19 01:58:29 +00:00
Stuart Morgan
c7f8450775
Appears to work correctly
2015-12-19 01:11:20 +00:00
Stuart Morgan
36392ac0cd
All works
2015-12-19 00:48:41 +00:00
Stuart Morgan
82c3ec5f4b
Added views for users and groups table
2015-12-19 00:26:31 +00:00
Stuart Morgan
ba9845818e
Appears to work for the computers table (tables and view)
2015-12-18 23:22:22 +00:00
Stuart Morgan
cf8f0e2483
Added userAccountControl to the computer table. Note that computer and user LDAP entries are more or less the same (user is the parent for computer), but it makes sense just for sanity and ease of use to keep them separate.
2015-12-18 22:22:56 +00:00
Stuart Morgan
eade245a9e
Added groupType attribute interpretation
2015-12-18 22:06:20 +00:00
Stuart Morgan
e716cd79e3
Needed to use .zero? in the ? : if shorthand for the UAC variables
2015-12-18 21:55:55 +00:00
Stuart Morgan
838f74ff74
Added table creation for userAccoutControl
2015-12-18 21:45:07 +00:00
William Vu
6afcc13774
Requote file path
2015-12-18 15:41:38 -06:00
Stuart Morgan
a065fc803c
fixed spacing
2015-12-18 21:38:54 +00:00
Stuart Morgan
8821caa199
Added UserAccountControl constants
2015-12-18 21:37:31 +00:00
William Vu
06a2bb53bd
Clean up module
2015-12-18 15:29:15 -06:00
Stuart Morgan
6d6306f6e7
Added sAMAccountType constants from MSDN
2015-12-18 21:14:39 +00:00
Stuart Morgan
5b07a35cef
Added LDAP filter to identify groups of interest
2015-12-18 14:10:00 +00:00
Stuart Morgan
662010fce7
Added thread capability
2015-12-18 14:06:50 +00:00
Stuart Morgan
0a75fa333c
msftidy
2015-12-18 12:14:22 +00:00
Stuart Morgan
91c8c2b9dd
Trying to fix threads
2015-12-18 12:14:08 +00:00
Stuart Morgan
6f50635ab2
Strange bug with memberOf param and trying to fix up threads
2015-12-18 11:49:17 +00:00
Stuart Morgan
39bc23629a
Getting ready to add thread support
2015-12-18 10:56:41 +00:00
Stuart Morgan
3c8ac89ba8
Added options to dump user membership and group membership to screen
2015-12-18 10:29:53 +00:00
Stuart Morgan
8f95ad315e
Added extra user fields to database schema
2015-12-18 10:02:18 +00:00
Stuart Morgan
fc45d70d25
Added extra user fields
2015-12-18 09:59:21 +00:00
Stuart Morgan
b186aaa08d
Added extra computer fields
2015-12-18 09:55:13 +00:00
Stuart Morgan
f8b402165c
Added extra computer fields
2015-12-18 09:51:04 +00:00
Stuart Morgan
805ba1d7dd
Enumerate computers
2015-12-18 08:28:40 +00:00
Stuart Morgan
98c6b56494
Added computer recon
2015-12-18 08:14:30 +00:00
Martin Vigo
ccb13a2ca6
Add full IE support and bug fixes
2015-12-17 20:29:50 -08:00
Stuart Morgan
f13ca17de0
rubocop
2015-12-18 02:01:38 +00:00
Stuart Morgan
38b6ad4dbf
msftidy
2015-12-18 02:00:57 +00:00
Stuart Morgan
36adbadb11
Tidied up SQL searching and added file size indicator
2015-12-18 01:59:19 +00:00
Stuart Morgan
eb38859ecc
Finally worked out how to use .map to make the SQL stuff far more elegant
2015-12-18 01:40:37 +00:00
Stuart Morgan
1ba6b91968
More accurate description
2015-12-18 01:24:43 +00:00
Stuart Morgan
0ddb40b55e
Added UNIQUE and FOREIGN KEY constraints to SQLite DB
2015-12-18 01:23:29 +00:00
Stuart Morgan
15dc542544
Initial module works
2015-12-18 01:13:44 +00:00
Stuart Morgan
f31c1c24db
Added schema and code to populate SQLite db
2015-12-18 01:01:20 +00:00
Stuart Morgan
e3483a2ac3
Getting RIDs from hex mess to decimal. Needs fixing
2015-12-18 00:20:16 +00:00
Stuart Morgan
460778738d
Initial version works
2015-12-18 00:00:21 +00:00
Stuart Morgan
41c2d12e0c
Tidy up initial print
2015-12-17 23:41:18 +00:00
Stuart Morgan
09fb37db6b
Add status updates (useful if there are a large number of groups)
2015-12-17 23:07:02 +00:00
Stuart Morgan
2bcea91b15
Differentiate between user and group errors
2015-12-17 22:57:30 +00:00
Stuart Morgan
85c4e89526
Process user levels
2015-12-17 22:55:02 +00:00
Stuart Morgan
7c145c45e8
add LDAP_MATCHING_RULE_IN_CHAIN oid (from my adsi rework earlier)
2015-12-17 22:44:35 +00:00
Stuart Morgan
f2b038f4b3
Begin loop to grab effective users of each group
2015-12-17 22:39:56 +00:00
Stuart Morgan
c98519e0b9
Get groups using ADSI
2015-12-17 22:35:51 +00:00
Stuart Morgan
7b019bddf4
Initial version, just basing it on the ad_users module
2015-12-17 22:14:14 +00:00
Stuart Morgan
e17a7a5d8c
Fix attributes
2015-12-17 21:38:42 +00:00
Stuart Morgan
59d5626ef7
Bugfix
2015-12-17 21:36:19 +00:00
Stuart Morgan
cba1ddbdc2
rubocop
2015-12-16 22:38:05 +00:00
Stuart Morgan
47e484408f
rubocop
2015-12-16 22:31:54 +00:00
Stuart Morgan
9eef27e4c1
Removed snake case and added SID translation call
2015-12-16 22:31:22 +00:00
Stuart Morgan
cc3ac3ad95
Removed trailing line spaces
2015-12-16 22:28:27 +00:00
Stuart Morgan
58635be237
Try to unpack the SID from hex to normal cut/paste format. Its a mess.
2015-12-16 22:27:52 +00:00
Stuart Morgan
421a29d998
Added the trust types from MSDN
2015-12-16 22:18:28 +00:00
Stuart Morgan
fbe0cfde8f
Fixed URL for trustDirection reference
2015-12-16 22:16:33 +00:00
Stuart Morgan
fd8405f52d
added trustDirection
2015-12-16 22:15:10 +00:00
Stuart Morgan
4da8859e57
added trustAttributes
2015-12-16 22:13:00 +00:00
Stuart Morgan
207a964117
Loop through results
2015-12-16 21:52:30 +00:00
Stuart Morgan
087a01f27f
Templated table
2015-12-16 21:40:49 +00:00
Stuart Morgan
fdf1a8c235
Updated with the LDAP fields to retrieve
2015-12-16 21:39:33 +00:00
Stuart Morgan
ed4cf71ca8
Initial add (templated from Ben's bitlocker module)
2015-12-16 21:26:02 +00:00
Stuart Morgan
c9c1dd22ee
Added custom LDAP filter to ad_groups and ad_users to save having to use meterpreter's adsi interface
2015-12-16 10:38:38 +00:00
Stuart Morgan
2c29298485
undoing this, put in a separate module
2015-12-15 23:16:21 +00:00
Stuart Morgan
5dd8cb7648
proper type conversions
2015-12-15 23:13:02 +00:00
Stuart Morgan
fef9a84548
rubocop
2015-12-15 23:12:14 +00:00
Stuart Morgan
a2b30ff16e
msftidy
2015-12-15 23:11:40 +00:00
Stuart Morgan
281966023c
Final version
2015-12-15 23:10:06 +00:00
Stuart Morgan
7fa453b7ff
Added module
2015-12-15 22:31:00 +00:00
Stuart Morgan
059de62400
Editing an existing module rather than adding a new one
2015-12-15 21:36:39 +00:00
Stuart Morgan
4a66b487de
Based on putty enum module
2015-12-15 21:28:13 +00:00
William Vu
b085989923
Land #6266 , rsync creds scraper
2015-12-14 11:37:30 -06:00
Jon Hart
39da306b1d
Land #6057 , @danilbaz's module for dumping Bitlocker master key (FVEK)
2015-12-08 18:16:39 -08:00
Jon Hart
ed8076f361
Merge branch 'master' into pr/6197
2015-12-08 12:08:15 -08:00
Jon Hart
2177b979fd
Update SessionTypes command to describe why shell is not listed
2015-12-08 12:06:47 -08:00
Jon Hart
3890961155
Correct SEP client exclusion enumeration
2015-12-08 10:16:25 -08:00
BAZIN-HSC
be5f648969
manage-bde.exe path test if in System32 or sysnative
2015-12-08 16:14:13 +01:00
William Vu
db788d1b7c
Land #6238 , CmdStager BOURNE_{PATH,FILE} options
2015-12-07 12:34:42 -06:00
Jon Hart
f6417df9ba
Update enum_av_excluded to work properly under wow64
2015-12-04 17:13:43 -08:00
Jon Hart
ad60a4118e
Put admin and client exclusions in different tables
2015-12-04 13:01:28 -08:00
Jon Hart
c92365090f
Simpler
2015-12-04 12:38:25 -08:00
Jon Hart
e7d2eb6ad9
Wire in support for showing process and file extension exclusions
2015-12-04 12:35:42 -08:00
Jon Hart
78a303974f
Handle empty exclusions better
2015-12-04 12:19:17 -08:00
Jon Hart
81ee01a93e
Simplify exclusion extraction and printing
2015-12-04 11:42:03 -08:00
Jon Hart
1968a76863
Simplify AV enumeration code
2015-12-04 10:27:14 -08:00
Christian Mehlmauer
fc9d818837
change youtube url
2015-12-04 10:15:56 +01:00
Martin Vigo
b4ade1989a
Add IE support for stored passwords
2015-12-04 00:13:42 -08:00
Jon Hart
28ee056c32
Make enumeration of each individual AV optional
2015-12-03 16:07:49 -08:00
Jon Hart
c007fffbce
Style cleanup
2015-12-03 15:55:12 -08:00
Stuart Morgan
78d391fa10
Rubocop
2015-12-02 14:54:30 +00:00
Stuart Morgan
99dceb33ac
Added 'ALL' support (to do TCP and UDP in one go)
2015-12-02 14:50:16 +00:00
Rory McNamara
15dd18dc4b
use single quotes, remove explicit nil
2015-12-02 09:36:07 +00:00
Jon Hart
366b92a79e
Store rsync creds as creds, not loot
2015-12-01 15:30:39 -08:00
Stuart Morgan
b66be85ccb
Rubocop
2015-12-01 22:32:04 +00:00
Stuart Morgan
d5c0da5e19
Added 33434-33534 because this is the default udp range for traceroute (might be enabled by sysadmins to enbale traceroutes to work)
2015-12-01 22:31:12 +00:00
Stuart Morgan
74a07709b8
Use the Comm param instead of adding a route as suggested by @jlee-r7 and hdm
2015-12-01 21:42:27 +00:00
Stuart Morgan
c744b14a8a
Exclude python meterpreter, doesn't seem to work
2015-11-29 20:40:42 +00:00
Stuart Morgan
6a3172268e
Fixed module metadata
2015-11-29 19:32:55 +00:00
Stuart Morgan
2bc5b98d6e
Rubocop fixing alignment of ifs and ends
2015-11-29 19:17:49 +00:00
Stuart Morgan
8b4649e75c
Working through rubocop issues
2015-11-29 19:11:10 +00:00
Stuart Morgan
9267afc18b
Rubocop
2015-11-29 19:06:24 +00:00
Stuart Morgan
9a6f0d6734
Reducing complexity (rubocop)
2015-11-29 19:06:07 +00:00
Stuart Morgan
b5909852a9
Rubocop
2015-11-29 19:02:33 +00:00
Stuart Morgan
d4bb5537b2
Fixed stupid paste error
2015-11-29 19:02:15 +00:00
Stuart Morgan
fd7a6465c6
Attemping to simplify code
2015-11-29 19:01:34 +00:00
Stuart Morgan
10f89239a5
rubocop
2015-11-29 18:59:40 +00:00
Stuart Morgan
6a567845e0
Tidy up error messages
2015-11-29 18:54:46 +00:00
Stuart Morgan
12dbe31bee
Apparently adding .close causes it to hang
2015-11-29 18:49:51 +00:00
Stuart Morgan
41d963eeb1
Debugging
2015-11-29 18:34:26 +00:00
Stuart Morgan
b6dfafaeb7
Stabilised code, still giving errors on threads>1 in native mode though
2015-11-29 18:14:19 +00:00
Stuart Morgan
e18f8b5e21
Now works for both TCP and UDP
...
However, it gives 'interrupted by console user' as an error message for no reason (?timeouts?)
2015-11-29 17:53:04 +00:00
Stuart Morgan
98e0050e8c
Fixed 'end' bugs (mismatched blocks)
2015-11-29 16:20:33 +00:00
Stuart Morgan
af106737b9
Adding both native and winapi options, split out to functions & fix up
2015-11-29 16:17:07 +00:00
Andrew Smith
59bd88ff70
msftidy
2015-11-27 16:45:52 -05:00
Andrew Smith
9c016343c7
Update to logic and reliability
...
Included support for Windows Defender
Rewrote logic to support hosts with multiple AV products installed
2015-11-27 16:41:40 -05:00
Stuart Morgan
f492a1d80a
Merge branch 'master' of https://github.com/rapid7/metasploit-framework into post_multi_egress_traffic
2015-11-26 14:41:55 +00:00
Stuart Morgan
5ffeaddf1e
Added help
2015-11-26 14:01:40 +00:00
Stuart Morgan
1ce0386d01
Reusing port array generation code
2015-11-26 13:59:15 +00:00
Martin Vigo
9d747e67a3
Fix bugs in new Firefox creds storage
2015-11-25 21:28:07 -08:00
Jon Hart
a692a5d36c
Remove Platform, this should work everywhere; correct grammar
2015-11-25 11:23:18 -08:00
Louis Sato
55b3e10390
Land #6258 , smart_migrate enhancement
2015-11-24 11:30:29 -06:00
Stuart Morgan
09d4bd8175
Added basic function definition for non-Win32API egress
2015-11-24 15:38:06 +00:00
Stuart Morgan
4ea732716a
Added file
2015-11-24 15:37:44 +00:00
Stuart Morgan
f0271c04ab
Merge remote-tracking branch 'origin/master' into post_multi_egress_traffic
2015-11-24 15:27:38 +00:00
William Vu
16e6ced867
Land #6108 , OpenVPN creds scraper
2015-11-23 14:25:19 -06:00
William Vu
601d4fda9f
Add note about --auth-nocache
2015-11-23 14:24:26 -06:00
Jon Hart
718e928fe3
Control per-user config file
2015-11-23 11:11:03 -08:00
Louis Sato
493e476a43
Land #6243 , check nil for sock.read
2015-11-23 11:15:51 -06:00
Jon Hart
93bb31dfa0
Make path to rsyncd configuration file configurable
2015-11-21 19:50:33 -08:00
Martin Vigo
f34c7a8594
Support for new Firefox method to store credentials
2015-11-20 23:42:59 -08:00
Jon Hart
aa962f30a9
Minor style/usability cleanup
2015-11-20 13:51:31 -08:00
Jon Hart
a96102c20a
Minor cleanup
2015-11-20 13:19:38 -08:00
Jon Hart
c75e3c8e84
Initial commit of a post module for looting rsync credentials
2015-11-20 12:57:33 -08:00
BAZIN-HSC
5592e4e4ea
seek_relative suppression (use seek instead)
2015-11-20 18:30:51 +01:00
BAZIN-HSC
dd027982ae
if recovery_key specified, only method that is tried
2015-11-20 18:30:50 +01:00
BAZIN-HSC
f49d6905a6
Fix comments by @jhart-r7
2015-11-20 18:30:50 +01:00
BAZIN-HSC
8f135c07aa
Remove hard coded C:\Windows and use %SYSTEMROOT%
2015-11-20 18:30:49 +01:00
BAZIN-HSC
7d9d74f609
msftidy...
2015-11-20 18:30:49 +01:00
BAZIN-HSC
c8847182d7
Add module to dump Bitlocker master key (FVEK)
2015-11-20 18:30:48 +01:00
sammbertram
f1675f9ae4
Minor enhancement to smart_migrate
...
Adding a check to see if the user is currently already migrated to the "explorer.exe" and "winlogon.exe" processes prior to attempting migration.
2015-11-19 13:30:12 +00:00
Rory McNamara
811167442c
Re-disable debugging nodelete
2015-11-17 13:10:03 +00:00
Roberto Soares
ac99f9c229
Fix condition
2015-11-17 00:52:42 -02:00
Roberto Soares
f69e7c0fb3
Fix condition
2015-11-17 00:49:04 -02:00
Roberto Soares
a48d0b275b
Added check if the commands executed successfully.
2015-11-17 00:07:31 -02:00
wchen-r7
f6fdabfd77
Land #6239 , added Session info display to module output
...
MS-706
2015-11-16 18:10:58 -06:00
wchen-r7
17a1f2ee8a
Fix #6242 , Check nil for sock.read
...
Fix #6242
2015-11-16 14:24:46 -06:00
David Maloney
a1ab8f1dc7
added Session info display to module output
...
output from the mssql_local_auth_bypass module
is now prefixed with the Session id and address
of the target host so it is explicitly clear
where it is performing each action
MS-706
2015-11-16 12:13:26 -06:00
PsychoMario
2b99969f9a
quote paths to allow spaces
2015-11-15 00:14:30 +00:00
PsychoMario
e3f25fd6e2
Add support for specifying path, file in bourne dropper
2015-11-14 18:31:11 +00:00
Jon Hart
38ca943219
Remove unneeded width arg
2015-11-13 11:49:50 -08:00
Jon Hart
4604f8cd83
Move cowsay to Rex::Text so that everyone can enjoy it ;)
2015-11-13 08:57:48 -08:00
Martin Vigo
211da2746e
Support cookie auth key decryption
2015-11-11 16:26:07 -08:00
Jon Hart
15cfa925c8
Document the cloud mess
2015-11-11 12:06:53 -08:00
Jon Hart
a328675f77
Add simulated cowsay support to wall
2015-11-11 11:54:46 -08:00
Jon Hart
8d21a91f3e
Add initial wall module
2015-11-11 09:15:32 -08:00
Jon Hart
8f86b2519f
Resolve 'duplicate key warning' for some modules
2015-11-09 18:40:32 -08:00
Jon Hart
43229c16e7
Correct some authors with unbalanced angle brackets
2015-11-06 13:24:58 -08:00
Andrew Smith
c44ecfeb15
Spacing
2015-11-06 10:55:29 -05:00
jakxx
e4d8909815
Initial Commit
2015-11-05 20:43:30 -05:00
jvazquez-r7
20679ea6c6
Land #5720 , @g0tmi1k's changes to firefox_creds post module
2015-11-05 15:36:08 -06:00
Martin Vigo
b0f92b49a2
Print vault passwords
2015-11-01 21:47:00 -08:00
wchen-r7
95920b7ff6
Bring back more working links
2015-10-29 15:57:16 -05:00
wchen-r7
154fb585f4
Remove bad references (dead links)
...
These links are no longer available. They are dead links.
2015-10-27 12:41:32 -05:00
Martin Vigo
e67065a7e9
Fix Firefox/Opera bugs
2015-10-26 22:40:47 -07:00
Martin Vigo
da9420a915
Retrieve randkey from LastPass
2015-10-26 19:17:09 -07:00
Roberto Soares
0bce90654f
Changed path to save dump data
2015-10-22 15:11:55 -02:00
Roberto Soares
467ae52ec3
Remove redundant check
2015-10-21 13:12:45 -02:00
Brent Cook
0784370b98
more typo and whitespace fixes
2015-10-20 13:09:17 -05:00
Rob Fuller
2f1406e1c8
fix typo
...
not sure how this got in there
2015-10-20 13:48:00 -04:00
Roberto Soares
78d5e52dd6
Add OpenVPN Grab Credentials - Post Module
2015-10-19 23:11:02 -02:00
Brent Cook
20366993e3
Land #5937 , use the Android mixin to get the Android version
2015-10-16 14:23:27 -05:00
jvazquez-r7
c967b60bf8
Land #5948 , @bcook-r7's fix shell_to_meterpreter from powershell
2015-10-02 15:59:43 -05:00
jvazquez-r7
6468eb51b2
Do changes to have into account powershell sesions are not cmd sessions
2015-10-02 15:26:42 -05:00
Brent Cook
d551f421f8
Land #5799 , refactor WinSCP module and library code to be more useful and flexible
2015-10-01 14:35:10 -05:00
William Vu
2e2d27d53a
Land #5935 , final creds refactor
2015-10-01 00:25:14 -05:00
William Vu
8866b15f3b
Fix creds reporting
2015-10-01 00:24:43 -05:00
Brent Cook
f3451eef75
Land #5380 , pageantjacker, an SSH agent proxy
2015-09-26 10:52:44 -04:00
Stuart
853d822992
Merge pull request #1 from bcook-r7/land-5380-pageantjacker
...
update pageantjacker to run as part of extapi
2015-09-23 09:45:53 +01:00
jvazquez-r7
415fa3a244
Fix #5968 , some modules not handling Rex::Post::Meterpreter::RequestError exceptions
...
* Related to the usage of ADSI on unsupported OSes
2015-09-21 14:33:00 -05:00
Stuart Morgan
cdd39f52b1
Merge branch 'master' of https://github.com/rapid7/metasploit-framework into pageant_extension
2015-09-21 14:34:56 +02:00
Stuart Morgan
e8e4f66aaa
Merge branch 'master' of ssh://github.com/stufus/metasploit-framework into pageant_extension
2015-09-21 14:34:38 +02:00
Brent Cook
61e7e1d094
update pageantjacker to run as part of extapi
2015-09-20 20:25:00 -05:00
William Vu
5f9f66cc1f
Fix nil bug in SSO gather module
2015-09-11 02:21:01 -05:00
William Vu
a1a7471154
Land #5949 , is_root? for remove_lock_root
2015-09-11 02:09:14 -05:00
wchen-r7
e9e4b60102
move require 'msf/core/post/android' to post.rb
2015-09-11 01:58:12 -05:00
wchen-r7
f2ccca97e0
Move require 'msf/core/post/android' to post.rb
2015-09-11 01:56:21 -05:00
wchen-r7
90ef9c11c9
Support meterpreter for OS X post modules
2015-09-10 15:57:43 -05:00
jvazquez-r7
30cb93b4df
Land #5940 , @hmoore-r7's fixes for busybox post modules
2015-09-08 15:12:23 -05:00
wchen-r7
122d57fc20
Land #5945 , Add auto-accept to osx/enum_keychain
2015-09-08 10:56:08 -05:00
wchen-r7
13afbc4eae
Properly check root for remove_lock_root (android post module)
...
This uses the Msf::Post::Android::Priv mixin.
2015-09-08 10:40:08 -05:00
joev
1b320bae6a
Add auto-accept to osx/enum_keychain.
2015-09-07 21:17:49 -05:00
HD Moore
ec5cbc842e
Cosmetic cleanups
2015-09-05 22:56:11 -05:00
HD Moore
8c0b0ad377
Fix up jailbreak commands & regex for success detection
2015-09-05 22:54:07 -05:00
wchen-r7
da0752e8c2
use fail_with
2015-09-04 15:12:05 -05:00
wchen-r7
7ab506dc06
Use Msf::Post::Android::System#get_build_prop to get the android ver
...
Instead of grabbing the android version from the module, this
is done by the mixin.
2015-09-04 15:05:45 -05:00
jvazquez-r7
eaf51a2113
Land #5722 , @vallejocc's busybox work
2015-09-04 13:36:44 -05:00
jvazquez-r7
5dd0cee36a
Add comment
2015-09-04 13:30:00 -05:00
jvazquez-r7
8bfa5bcd09
Do some more minor code cleaning
2015-09-04 13:08:27 -05:00
jvazquez-r7
ac49c80367
Do minor code cleanup
2015-09-04 12:46:21 -05:00
jvazquez-r7
60d2856444
Use id instead of whoami
2015-09-04 12:02:21 -05:00
jvazquez-r7
4fa58efaa0
Allow to configure the DOWNLOAD_TIMEOUT
2015-09-04 11:54:22 -05:00
jvicente
2b2dec3531
Fixed typo direcotry.
2015-09-04 18:52:55 +02:00
jvazquez-r7
319bc2d750
Use downcase
2015-09-04 11:18:09 -05:00
wchen-r7
d55757350d
Use the latest credential API, no more report_auth_info
2015-09-04 03:04:14 -05:00
HD Moore
f0ef035a0b
Update the module titles to clarify what these do
2015-09-03 12:53:25 -05:00
HD Moore
630057e23f
Implement suggestions from the PR discussion
2015-09-03 12:42:51 -05:00
HD Moore
57c8038f07
Merge branch 'master' into land-5413
2015-09-03 12:38:19 -05:00
HD Moore
0f1530adc1
Merge branch 'master' into land-5412
2015-09-03 12:22:00 -05:00
jvazquez-r7
9c7f97d124
Fix methods name schema
2015-08-28 13:26:52 -05:00
jvazquez-r7
be7db10e7d
Fix busybox_write_file
2015-08-28 13:15:07 -05:00
jvazquez-r7
c4a3b4f18e
Add busy_box_file_exist?
2015-08-28 11:56:12 -05:00
jvazquez-r7
8faf6f9cd0
Fix require
2015-08-28 11:51:26 -05:00
jvazquez-r7
e62b117fda
Include mixin correctly
2015-08-28 11:50:17 -05:00
jvazquez-r7
132f5c6a20
Review jailbreak
2015-08-28 11:44:57 -05:00
jvazquez-r7
e7f486e43a
Review wget_exec
2015-08-28 11:24:41 -05:00
jvazquez-r7
edc9982c8b
Review smb_share_root
2015-08-28 11:18:49 -05:00