Commit Graph

378 Commits (cadbeafc4b489f0c34bc032db4e3ac61f4105852)

Author SHA1 Message Date
Meatballs1 15a020dbda Clear EOL chars 2012-06-22 11:36:27 +01:00
Meatballs1 391a92ccfd More verbose and specific exception handling 2012-06-22 11:27:06 +01:00
Meatballs1 0ed49998e2 Allowed to run as SYSTEM 2012-06-22 11:17:24 +01:00
Meatballs1 2a3cd6e343 References 2012-06-22 11:14:19 +01:00
Meatballs1 9da2dd816c Fixed changed time to point to parent node 2012-06-22 11:03:34 +01:00
Meatballs1 e0966d5a3a Incorporated trolldbois comments about SYSTEM and changed date 2012-06-21 19:20:34 +01:00
Meatballs1 6768549c6d Fixed msftidy error 2012-06-21 18:46:20 +01:00
Meatballs1 5e64c2fb2e Will only enumerate one DC for each domain using the DOMAINS arg 2012-06-21 18:28:06 +01:00
Tod Beardsley 2729f33ff2 Merge Justin's TortoiseSVN module
This adds Justin's TortoiseSVN module with minor edits.

[Closes #508]
2012-06-21 11:56:08 -05:00
Tod Beardsley 504d3d477e Resolve http_proxy_host before reporting, too. 2012-06-21 11:55:13 -05:00
Tod Beardsley c795c2e438 Resolve hosts for tortoisesvn module reporting
report_host() does not expect a DNS name, but an IPv4 or IPv6 address.
In many cases, an SVN password is going to be associated with only a
hostname.

This may be a bug in report_host -- it's certainly inconveninent.
However, we don't usually wnat report_host to be making tons of DNS
lookups when importing hosts, so this forced step is likely intended.

Also, begin/rescue/end blocks that don't hint at what errors are
intended to be caught are rarely a good idea, so this at least informs
the user which exception was raised.
2012-06-21 11:47:37 -05:00
Meatballs1 9b943bc763 Removed redundant file 2012-06-21 17:29:52 +01:00
Meatballs1 82318f0dac Merge branch 'post_win_gather_creds_gpp_pass' of github:Meatballs1/metasploit-framework into post_win_gather_creds_gpp_pass 2012-06-21 17:27:45 +01:00
Meatballs1 81411374bc Removed old file 2012-06-21 17:23:14 +01:00
Meatballs1 56a8dda739 Reworking of module to incorporate all contributions 2012-06-21 17:23:13 +01:00
Meatballs1 bb60eacde7 Added store_loot 2012-06-21 17:23:12 +01:00
Meatballs1 be255d53c0 Initial post/windows/gather/credentials Windows Group Policy Preferences Passwords 2012-06-21 17:23:12 +01:00
sinn3r 4004b544c0 The condition for "else" doesn't really do anything for us 2012-06-21 02:53:44 -05:00
sinn3r d957c021cb Handle another possible condition
If the path actually doesn't exist on the victim, we may run into
a RequestError. Need to handle that... should be pretty common.
2012-06-21 01:38:51 -05:00
sinn3r 6a386b7a88 Rename the file for naming style consistency 2012-06-21 01:25:55 -05:00
sinn3r 367e75bb06 Multiple changes to file_collector.rb
This module received the following changes:
* Make msftidy happy
* Remove the GETDRIVES option, and make the SEARCH_FROM option
  smarter.
* MSF license
* Other minor changes
2012-06-21 01:21:53 -05:00
sinn3r 327e86e08c Merge branch 'file_collector' of https://github.com/3vi1john/metasploit-framework into 3vi1john-file_collector 2012-06-20 23:46:04 -05:00
justincmsf b9a2c88733 New Post Module: TortoiseSVN Saved Password Extraction 2012-06-19 09:57:22 -04:00
HD Moore c388cba421 Fix up modules calling report_vuln() to use new syntax 2012-06-17 23:39:20 -05:00
3vi1john cb1144c4ec Added Revised windows file collector and loot module 2012-06-16 11:14:08 -04:00
justincmsf 5e19918020 Updated MS Outlook post module 2012-06-15 15:06:18 -04:00
Meatballs1 6f1d5b3193 Added store_loot 2012-06-15 18:27:59 +01:00
Meatballs1 1b64fee5d2 Initial post/windows/gather/credentials Windows Group Policy Preferences Passwords 2012-06-15 17:50:36 +01:00
David Maloney 89e554de2b Adds post module for stealing GPP Passwords
Post module steals Group Policy Preferences account
passwords.
2012-06-11 21:20:18 -05:00
sinn3r 3f0431cf51 Massive whitespace destruction
Remove whitespace found at the end of the line
2012-06-06 00:36:17 -05:00
sinn3r c30af98b53 Massive whitespace destruction
Remove all the lines that have nothing but whitespace
2012-06-06 00:22:36 -05:00
David Maloney 5496beebbc fix bad proto name in winscp post mod
The service name would get set as SCP instead of SSH
this screws up bruteforce options later
2012-05-29 18:17:28 -05:00
sinn3r 6bbf018423 Fix bug #6815: A race condition that results in an invalid handle.
Under certain conditions, the module may run into an "The handle
is invalid" while obtaining registry keys and values from the
victim machine.  The fix is to retry a couple of times, and hope
we don't hit the race condition again.
2012-05-14 17:44:35 -05:00
sinn3r 69b60b88f8 Fix bug #6801: Error handling for get_imperstoken() 2012-05-04 11:44:05 -05:00
sinn3r 946ab1514e Correct module naming style 2012-04-18 20:45:25 -05:00
Tod Beardsley 2f3bbdc00c Sed replacement of exploit-db links with EDB refs
This is the result of:

find modules/ -name \*.rb -exec sed -i -e 's#\x27URL\x27,
\x27http://www.exploit-db.com/exploits/\([0-9]\+\).*\x27#\x27EDB\x27,
\1#' modules/*.rb {} \
2012-03-21 16:43:21 -05:00
sinn3r aeb691bbee Massive whitespace cleanup 2012-03-18 00:07:27 -05:00
James Lee 2b9acb61ad Clean up some incosistent verbosity
Modules should use `vprint_*` instead of `print... if
datastore["VERBOSE"]` or similar constructs
2012-03-06 12:01:20 -07:00
sinn3r d06848ba56 Default to token impersonation before migrating to a different process 2012-03-01 18:31:33 -06:00
sinn3r 687c50d0cd Indent level fix 2012-03-01 16:14:29 -06:00
Gregory Man eaf41769ed Fixed gather/apple_ios_backup to work with OSX
Also moved it to post/multi/gather
2012-02-29 10:31:26 +02:00
James Lee f3e0b46e5c Post mods should use session_host when reporting
target_host probably never worked anyway
2012-02-28 18:40:17 -07:00
James Lee 624e19fd8b Merge session-host-rework branch back to master
Squashed commit of the following:

commit 2f4e8df33c5b4baa8d6fd67b400778a3f93482aa
Author: James Lee <egypt@metasploit.com>
Date:   Tue Feb 28 16:31:03 2012 -0700

    Clean up some rdoc comments

    This adds categories for the various interfaces that meterpreter and
    shell sessions implement so they are grouped logically in the docs.

commit 9d31bc1b35845f7279148412f49bda56a39c9d9d
Author: James Lee <egypt@metasploit.com>
Date:   Tue Feb 28 13:00:25 2012 -0700

    Combine the docs into one output dir

    There's really no need to separate the API sections into their own
    directory.  Combining them makes it much easier to read.

commit eadd7fc136a9e7e4d9652d55dfb86e6f318332e0
Author: James Lee <egypt@metasploit.com>
Date:   Tue Feb 28 08:27:22 2012 -0700

    Keep the order of iface attributes the same accross rubies

    1.8 doesn't maintain insertion order for Hash keys like 1.9 does so we
    end up with ~random order for the display with the previous technique.
    Switch to an Array instead of a Hash so it's always the same.

commit 6f66dd40f39959711f9bacbda99717253a375d21
Author: James Lee <egypt@metasploit.com>
Date:   Tue Feb 28 08:23:35 2012 -0700

    Fix a few more compiler warnings

commit f39cb536a80c5000a5b9ca1fec5902300ae4b440
Author: James Lee <egypt@metasploit.com>
Date:   Tue Feb 28 08:17:39 2012 -0700

    Fix a type-safety warning

commit 1e52785f38146515409da3724f858b9603d19454
Author: James Lee <egypt@metasploit.com>
Date:   Mon Feb 27 15:21:36 2012 -0700

    LHOST should be OptAddress, not OptAddressRange

commit acef978aa4233c7bd0b00ef63646eb4da5457f67
Author: James Lee <egypt@metasploit.com>
Date:   Sun Feb 26 17:45:59 2012 -0700

    Fix a couple of warnings and a typo

commit 29d87f88790aa1b3e5db6df650ecfb3fb93c675b
Author: HD Moore <hdm@digitaloffense.net>
Date:   Mon Feb 27 11:54:29 2012 -0600

    Fix ctype vs content_type typo

commit 83b5400356c47dd1973e6be3aa343084dfd09c73
Author: Gregory Man <man.gregory@gmail.com>
Date:   Sun Feb 26 15:38:33 2012 +0200

    Fixed scripts/meterpreter/enum_firefox to work with firefox > 3.6.x

commit 49c2c80b347820d02348d694cc71f1b3028b4365
Author: Steve Tornio <swtornio@gmail.com>
Date:   Sun Feb 26 07:13:13 2012 -0600

    add osvdb ref

commit e18e1fe97b89c3a2b8c22bc6c18726853d2c2bee
Author: Matt Andreko <mandreko@gmail.com>
Date:   Sat Feb 25 18:02:56 2012 -0500

    Added aspx target to msfvenom.  This in turn added it to msfencode as well.
    Ref: https://github.com/rapid7/metasploit-framework/pull/188
    Tested on winxp with IIS in .net 1.1 and 2.0 modes

commit e6aa5072112d79bbf8a4d2289cf8d301db3932f5
Author: Joshua J. Drake <github.jdrake@qoop.org>
Date:   Sat Feb 25 13:00:48 2012 -0600

    Fixes #6308: Fall back to 127.0.0.1 when SocketError is raised from the resolver

commit b3371e8bfeea4d84f9d0cba100352b57d7e9e78b
Author: James Lee <egypt@metasploit.com>
Date:   Tue Feb 28 17:07:42 2012 -0700

    Simplify logic for whether an inner iface has the same address

commit 5417419f35a40d1c08ca11ca40744722692d3b0d
Author: James Lee <egypt@metasploit.com>
Date:   Tue Feb 28 16:58:16 2012 -0700

    Whitespace

commit 9036875c2918439ae23e11ee7b958e30ccc29545
Author: James Lee <egypt@metasploit.com>
Date:   Tue Feb 28 16:53:45 2012 -0700

    Set session info before worrying about address

    get_interfaces can take a while on Linux, grab uid and hostname earlier
    so we can give the user an idea of what they popped as soon as possible.

commit f34b51c6291031ab25b5bfb1ac6307a516ab0ee9
Author: James Lee <egypt@metasploit.com>
Date:   Tue Feb 28 16:48:42 2012 -0700

    Clean up rdoc

commit e61a0663454400ec66f59a80d18b0baff4cb8cd9
Author: HD Moore <hd_moore@rapid7.com>
Date:   Tue Feb 28 04:54:45 2012 -0600

    Ensure the architecture is only the first word (not the full WOW64
    message in some cases)

commit 4c701610976a92298c1182eecc9291a1b301e43b
Author: HD Moore <hd_moore@rapid7.com>
Date:   Tue Feb 28 04:49:17 2012 -0600

    More paranoia code, just in case RHOST is set to whitespace

commit c5ff89fe3dc9061e0fa9f761e6530f6571989d28
Author: HD Moore <hd_moore@rapid7.com>
Date:   Tue Feb 28 04:47:01 2012 -0600

    A few more small bug fixes to handle cases with an empty string target
    host resulting in a bad address

commit 462d0188a1298f29ac83b10349aec6737efc5b19
Author: HD Moore <hd_moore@rapid7.com>
Date:   Tue Feb 28 03:55:10 2012 -0600

    Fix up the logic (reversed by accident)

commit 2b2b0adaec2448423dbd3ec54d90a5721965e2df
Author: HD Moore <hd_moore@rapid7.com>
Date:   Mon Feb 27 23:29:52 2012 -0600

    Automatically parse system information and populate the db, identify and
    report NAT when detected, show the real session_host in the sessions -l
    listing

commit 547a4ab4c62dc3248f847dd5d305ad3b74157348
Author: HD Moore <hd_moore@rapid7.com>
Date:   Mon Feb 27 22:16:03 2012 -0600

    Fix typo introduced

commit 27a7b7961e61894bdecd55310a8f45d0917c5a5c
Author: HD Moore <hd_moore@rapid7.com>
Date:   Mon Feb 27 22:11:38 2012 -0600

    More session.session_host tweaks

commit e447302a1a9915795e89b5e29c89ff2ab9b6209b
Author: HD Moore <hd_moore@rapid7.com>
Date:   Mon Feb 27 22:08:20 2012 -0600

    Additional tunnel_peer changes

commit 93369fcffaf8c6b00d992526b4083acfce036bb3
Author: HD Moore <hd_moore@rapid7.com>
Date:   Mon Feb 27 22:06:21 2012 -0600

    Additional changes to session.session_host

commit c3552f66d158685909e2c8b51dfead7c240c4f40
Author: HD Moore <hd_moore@rapid7.com>
Date:   Mon Feb 27 22:00:19 2012 -0600

    Merge changes into the new branch
2012-02-28 18:29:39 -07:00
James Lee 9ddca81ab5 Fix test that always evals to false
Meterpreter does not respond_to? extension names, they're magic.
2012-02-23 14:52:48 -07:00
James Lee 464cf7f65f Normalize service names
Downcases lots and standardizes a few.  Notably, modules that reported a
service name of "TNS" are now "oracle".  Modules that report http
now check for SSL and report https instead.

[Fixes #6437]
2012-02-21 22:59:20 -07:00
David Maloney d3fad51f3a Fix my screwup in winscp for servicename 2012-02-21 20:31:52 -06:00
David Maloney dcf3f3579d Fix to the awful sname in this module 2012-02-21 20:28:27 -06:00
Tod Beardsley 4a631e463c Module title normalization
Module titles should read like titles. For
capitalization rules in English, see:
http://owl.english.purdue.edu/owl/resource/592/01/

The only exceptions are function names (like 'thisFunc()') and specific
filenames (like thisfile.ocx).
2012-02-21 11:07:44 -06:00
HD Moore ceb4888772 Fix up the boilerplate comment to use a better url 2012-02-20 19:40:50 -06:00
sinn3r f09ce04b00 Show where store_loot() saves the info 2012-02-20 14:22:05 -06:00
sinn3r cda9166180 This module should show where store_loot() saves the results 2012-02-20 14:15:55 -06:00
sinn3r 779e3cdcda Correct more post modules for naming style consistency 2012-02-20 13:49:23 -06:00
sinn3r 300558e009 Correct post module naming style 2012-02-20 12:34:35 -06:00
Rob Fuller 1f1e67cb16 Moved railgun function definitions into central storage and out of individual modules where possible 2012-02-09 04:56:13 +00:00
HD Moore e4faa33517 Fix a typo introduce in the usb dumper 2012-02-04 00:03:20 -06:00
HD Moore 0737ccb8e2 Remove nulls from the unicode drive name 2012-02-04 00:03:03 -06:00
David Maloney 36e37e04fb Fixes to post module cred reporting.
call to session.db_record.id would error if no db
was connected.
Fixes #6325
2012-02-01 12:26:35 -06:00
sinn3r 98fbf84dac Module should inform where the files are saved 2012-02-01 03:41:19 -06:00
Tod Beardsley 6068580813 Should fix the report_auth_info call -- needs a host, not a session. Be nice if it handled a session, though.
[See #146]
2012-01-30 19:23:05 -06:00
sinn3r 1dec4c0c45 These modules should use vprint_xxx() instead of print_xxx() ... if datastore['VERBOSE'] 2012-01-30 13:08:35 -06:00
sinn3r 21a05ce1d6 Fix bug: NoMethodError undefined method `report_vm' (#6298) 2012-01-30 00:44:45 -06:00
sinn3r a4c876a424 No need to manually add VERBOSE as an option, it already is (built-in) 2012-01-27 02:17:59 -06:00
sinn3r 3f4dbd9df6 Merge branch 'master' of https://github.com/averagesecurityguy/metasploit-framework 2012-01-27 01:58:42 -06:00
Stephen Haywood efda420e5f Updates to enum_artifacts 2012-01-26 19:35:39 -05:00
Tod Beardsley 33c53b1f3f Updates vm checking 2012-01-26 13:02:39 -06:00
Dave Hull 76ebbc48ec Update modules/post/windows/gather/dumplinks.rb 2012-01-24 23:16:40 -06:00
Tod Beardsley ad6f8257e1 MSFTidy fixes. 2012-01-18 15:01:32 -06:00
Stephen Haywood 6ad2eda24c Windows artifacts module 2012-01-12 17:26:35 -06:00
Stephen Haywood cb146f9021 Used msf library for digest, fixed name. 2012-01-12 12:49:50 -05:00
Stephen Haywood 2e60d2e01a Merge branch 'master' of git://github.com/rapid7/metasploit-framework 2012-01-06 17:46:42 -05:00
Stephen Haywood 72072c4ef3 Added enum_artifacts 2012-01-06 17:43:50 -05:00
sinn3r a330a5c63a Add e-mail for Brandon 2011-12-29 10:53:39 -06:00
David Maloney 05f3af1e77 Fixed typo in the windows autlogin post module 2011-12-26 11:17:17 -08:00
sinn3r a00937b4d8 Fix typo. 2011-12-24 15:32:08 -06:00
sinn3r 8a705c9223 Fix bug #6158 - session.db_record might return nil but wasn't checked 2011-12-24 15:06:43 -06:00
sinn3r 2e2e28afb8 Fix bug #6160 - undefined method '[] for nil:NilClass' due to an invalid path 2011-12-24 14:57:46 -06:00
sinn3r e991094bd2 Fix host info for report_auth_info(). Change print_status vs print_line order 2011-12-15 13:05:03 -06:00
sinn3r 2648e533a2 nil bug fix 2011-12-15 12:58:21 -06:00
sinn3r 829d96ffbe Add Windows Gather RazorSQL cred collector (Feature #6117) 2011-12-15 11:15:44 -06:00
sinn3r 4e95eb5d34 Update description (Feature #6080) 2011-12-12 11:33:17 -06:00
sinn3r fd1935b3de show is_admin 2011-12-07 00:23:06 -06:00
sinn3r 679ef457d8 Correct spelling, thx bannedit 2011-12-04 14:59:54 -06:00
sinn3r f26447e021 Correct my own weird grammar 2011-12-04 14:50:53 -06:00
sinn3r e07868d613 Catch possible exception if WTSGetActiveConsoleSessionId isn't available on the target machine 2011-12-04 14:48:45 -06:00
sinn3r 89ed25978d Add feature #6048 2011-12-04 13:44:21 -06:00
James Lee a91926716d don't dup the last part of the key, fixes #6036 2011-12-01 15:24:58 -07:00
sinn3r d0db88d35d Make key_base an instance var so other functions can access it. Bug #6036 2011-12-01 14:41:44 -06:00
sinn3r 8399ce6e41 Fix bug #6031 2011-11-30 15:22:52 -06:00
Tod Beardsley f503bd9488 Fixes #5749 by converting to unix-style linefeeds and forcing jtr modules to read files as binary, and updating msftidy to allow for r+b as a ghetto append. 2011-11-28 17:52:34 -06:00
Rob Fuller c411c216c0 Solved most of msftidy issues with the /modules directory 2011-11-28 17:10:29 -06:00
David Maloney f81567fb6f Fix to typo in the tables being pushed. 2011-11-21 15:49:57 -08:00
James Lee f35b6c5269 msftidy on post modules for spaces at EOL 2011-11-20 12:53:25 +11:00
Tod Beardsley 84fb5b441a Cleaning up some names and descs 2011-11-17 07:47:26 -06:00
David Maloney eae171b216 Addresses issue #5984 2011-11-16 19:07:56 -08:00
David Maloney d8347a1245 Fixes to post modules that store creds as loot.
All post modules that store creds as loot now store in
a CSV format with User and then Password always as the
first two columns.
2011-11-15 14:13:51 -08:00
David Maloney f6b0ffd630 Cleanup of the stack traces in the pidgin and filezilla client cred modules 2011-11-15 12:19:15 -08:00
David Maloney c8142043e9 Fixes to credential handling to downcase usernames whenever they are not case sensitive.
Also report_auth_info now checks to see if a non-case sensitive version of the cred
may already exist.
2011-11-14 22:50:52 -08:00
Tod Beardsley 2f6c9d6d08 Removing a hated semi-colon, noting that the rescue does nothing 2011-11-11 13:59:14 -06:00
sinn3r e1cea699a7 yo, format police is in town for some law and order around here 2011-11-11 11:39:13 -06:00
Tod Beardsley 184eee0e64 Merge branch 'duqu' 2011-11-11 10:22:12 -06:00