infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
27,000 Commits
7 Branches
556 Tags
421 MiB
Commit Graph

1885 Commits (d83131f1d97633f7308c74e7f707fa4a4147dd69)

Author SHA1 Message Date
sinn3r ebeb9880a6 Favor "unless" over "if" for negative conditions 
Please refer to https://github.com/bbatsov/ruby-style-guide
 2014-07-03 12:55:13 -05:00
sinn3r 1d828a951f string interpolation is preferred over concatenation 
Please refer to https://github.com/bbatsov/ruby-style-guide
 2014-07-03 12:46:56 -05:00
sinn3r b781b87d74 Avoid unnecessary "if not" 2014-07-03 12:44:17 -05:00
Your Name 9981a60b27 Add loot storage into the enum_service post module 2014-07-02 17:56:16 +01:00
Your Name 83abf4b523 Add loot storage into the enum_service post module 2014-07-02 17:48:48 +01:00
James Lee f0cb235393
Merge branch 'feature/MSP-9735/gpp' into staging/electro-release 2014-07-01 14:28:15 -05:00
Rob Fuller d341fc20a8 switch to use file? instead of stat 2014-07-01 00:58:17 -04:00
William Vu 92963d4999
Fix broken NTLM hash format 2014-06-30 11:35:28 -05:00
HD Moore c9b6c05eab Fix improper use of host-endian or signed pack/unpack 
Note that there are some cases of host-endian left, these
are intentional because they operate on host-local memory
or services.

When in doubt, please use:

```
ri pack
```
 2014-06-30 02:50:10 -05:00
William Vu 90fb07ba6d
Use downcase instead of upcase 2014-06-27 14:12:10 -05:00
William Vu aaeca5ce5b
Remove user field from PBKDF2 hash 2014-06-27 11:26:45 -05:00
William Vu 6e1fa8ff5a
Refactor OS X hashdump creds 2014-06-26 15:10:35 -05:00
James Lee 75be200b97
Merge branch 'feature/MSP-9714/jtr_aix' into staging/electro-release 2014-06-25 14:34:41 -05:00
James Lee db8692444f
Merge branch 'feature/MSP-9742/windows_autologin' into staging/electro-release 2014-06-25 04:31:57 -05:00
Rob Fuller 920bd1132e replace manual packing with rex version 2014-06-25 00:16:28 -04:00
David Maloney b875a803d0
fix aix hashdump 
aix hashdump now creates NonreplayableHash objects
 2014-06-24 15:23:37 -05:00
Rob Fuller 86869f0a81 remove extra parenthesis 2014-06-23 17:10:31 -04:00
Rob Fuller 8e37aea7c2 remove use of Q in packing and unpacking 2014-06-23 16:52:53 -04:00
Rob Fuller a7d00f8144 simplify SHA1 code 2014-06-23 15:39:06 -04:00
Rob Fuller 77620193a1 remove character restriction on aes.final call 2014-06-23 15:37:19 -04:00
Rob Fuller 2d0b4b96ee remove verbose exit if no salt found 2014-06-23 15:34:07 -04:00
Rob Fuller 275d8826bd skype post module to extract password hash 2014-06-23 15:16:50 -04:00
William Vu dbd0bc5fa2
Refactor windows_autologin creds 2014-06-19 14:38:31 -05:00
David Maloney 2b0bb608b1
Merge branch 'master' into staging/electro-release 2014-06-18 10:49:58 -05:00
Christian Mehlmauer 8e1949f3c8
Added newline at EOF 2014-06-17 21:03:18 +02:00
Tod Beardsley 19da7d551e
Kill newline (race @wvu-r7 on this) 
See PR #3453
 2014-06-16 11:46:08 -05:00
Tod Beardsley 2aa26fa290
Minor spacing and word choice fixups 2014-06-16 11:40:21 -05:00
jvennix-r7 2cedee1aef Merge pull request #74 from rapid7/feature/MSP-9744/autologin_password 
Land #74, @wvu-r7's refactor of osx autologin_password module.
 2014-06-16 11:29:49 -05:00
William Vu 29f5344d26
Drop merge of service_data, since it doesn't exist 2014-06-16 09:27:01 -05:00
James Lee 07d8921b0b
Merge branch 'feature/MSP-9747/pgpass_creds' into staging/electro-release 2014-06-13 16:06:15 -05:00
James Lee d246e28cb3
Merge branch 'feature/MSP-9733/ftpnavigator' into staging/electro-release 2014-06-13 16:03:06 -05:00
William Vu 2f1032d617
Add a missing comma and a comment 2014-06-13 15:48:14 -05:00
James Lee da74777570
Merge branch 'feature/MSP-9729/enum_cred_store' into staging/electro-release 2014-06-13 15:46:08 -05:00
William Vu 72fdf6a607
Get rid of the rest of the service stuff 2014-06-13 15:45:13 -05:00
James Lee 8be602e487
Merge branch 'feature/MSP-9734/ftpx' into staging/electro-release 2014-06-13 15:36:43 -05:00
James Lee 1df7362774
Merge branch 'feature/MSP-9740/outlook' into staging/electro-release 2014-06-13 15:34:06 -05:00
James Lee 81d47c4eb3
Merge branch 'feature/MSP-9730/epo_sql' into staging/electro-release 2014-06-13 15:31:41 -05:00
James Lee a3eea2f712
Add better handling of host and port 2014-06-13 15:22:09 -05:00
William Vu 4593c309f5 Fix a dummy because I can't read 2014-06-12 19:10:24 -05:00
William Vu 9d89730026
Use realm instead of private 2014-06-12 18:46:13 -05:00
William Vu 277c9d68bc
Remove service_name, since it doesn't make sense 2014-06-12 18:37:00 -05:00
William Vu 5d19410294
Don't use getaddress with session.session_host 2014-06-12 18:30:51 -05:00
William Vu 3a1578bead
Don't use getaddress with session.session_host 2014-06-12 18:29:46 -05:00
William Vu 3ad3ca88e5
Use session.session_host 2014-06-12 18:26:01 -05:00
James Lee a7416332e3
Merge branch 'feature/MSP-9732/flashfxp' into staging/electro-release 2014-06-12 18:02:20 -05:00
James Lee 1969c8f018
Merge branch 'feature/MSP-9727/bulletproof_ftp' into staging/electro-release 2014-06-12 15:41:57 -05:00
James Lee ff2fc68d11
Fix busted vars 2014-06-12 15:37:06 -05:00
James Lee 18a2e0928c
Merge branch 'feature/MSP-9737/wsftp_client' into staging/electro-release 2014-06-12 15:08:26 -05:00
David Maloney 96e492f572
Merge branch 'master' into staging/electro-release 2014-06-12 14:02:27 -05:00
William Vu 86671796b7
Refactor autologin_password creds 2014-06-12 13:54:52 -05:00
William Vu d9d16e436a
Refactor epo_sql creds 2014-06-12 13:23:11 -05:00
William Vu 74cb5cd79e
Fix bad copypasta 2014-06-12 13:17:12 -05:00
William Vu 302e495451
Fix bad indent 2014-06-12 13:13:05 -05:00
William Vu 89434a75c3
Fix bad indent 2014-06-12 13:10:50 -05:00
William Vu 512395395b
Refactor pgpass_creds creds 2014-06-12 13:08:47 -05:00
William Vu c7bb0f1eb8
Fix bad copypasta 2014-06-12 12:59:35 -05:00
William Vu 0d92ae08dd
Refactor enum_cred_store creds 2014-06-12 12:57:46 -05:00
William Vu 429d85dc5d
Refactor flashfxp creds 2014-06-12 12:40:33 -05:00
William Vu e96a70a0f5
Refactor outlook creds 2014-06-12 12:31:12 -05:00
sinn3r 2a7227f443
Land #3427 - Adds webcam module for firefox privileged sessions on OSX 2014-06-11 22:27:25 -05:00
HD Moore d5b32e31f8 Fix a typo where platform was 'windows' not 'win' 
This was reported by dracu on freenode
 2014-06-11 15:10:33 -05:00
joev 8b35815ead
Move module to post/firefox/manage. 2014-06-11 15:10:22 -05:00
joev bdd86bf863 Add check for windows bug (RM#8810). 2014-06-11 15:09:52 -05:00
William Vu ac94f8e861
Refactor bulletproof_ftp creds 2014-06-11 13:04:58 -05:00
William Vu 7147a88968
Refactor ftpnavigator creds 2014-06-11 12:57:45 -05:00
William Vu 676afe391a
Refactor gpp creds 2014-06-11 12:48:00 -05:00
William Vu 41ff4c3dce
Refactor ftpx creds 2014-06-11 12:35:15 -05:00
Luke Imhoff 4d923a4809
Update to Rubyzip 1.X API 
MSP-10004

`require 'zip'` instead of `'zip/zip'` and rename all classes to remove
redundant Zip prefix inside the Zip namespace.
 2014-06-10 13:41:42 -05:00
dmaloney-r7 9826a57429 Update coreftp.rb 2014-06-10 13:01:19 -05:00
William Vu dffc9b6852
Use the new hash syntax for consistency 2014-06-10 12:56:15 -05:00
William Vu d7fd7b8d1e
Refactor wsftp_client creds 2014-06-10 12:05:04 -05:00
Trevor Rosen 2c8c4f238c Merge pull request #49 from rapid7/feature/MSP-9746/ssh_creds 
refactor ssh_creds post module

MSP-9746 #land
 2014-06-10 09:32:11 -05:00
David Maloney 90c63efaeb
refactor ssh_creds post module 
the sssh_ creds post module now stores
SSH Keys as Metasploit::Credential objects
 2014-06-09 11:49:49 -05:00
joev a33de66da4 Fix transparent background, add VISIBLE option. 2014-06-06 16:52:00 -05:00
joev a45a5631f5 Make window invisible. 2014-06-06 16:40:55 -05:00
joev 4a9f50bb60 Clean up some dead code. 2014-06-06 16:20:40 -05:00
joev 7c762ad42c Fix some minor bugs in webrtc stuff, inline API code. 2014-06-06 16:18:39 -05:00
David Maloney 534c20d5e6
refactor linux hashdump post module 
linux hashdump now saves hashes as nonreplayable hash
credential objects
 2014-06-06 15:21:47 -05:00
jvennix-r7 f660f557e5 Merge pull request #38 from rapid7/feature/msp-9738/winscp 
Feature/msp 9738/winscp
 2014-06-06 11:43:50 -05:00
David Maloney ef8f237050
refactor filezilla_server 
you know the score
 2014-06-04 15:43:15 -05:00
David Maloney 28bf29980e
Merge branch 'master' into staging/electro-release 2014-06-04 10:21:08 -05:00
James Lee f2e1732878
Resolve hostnames before trying to save 2014-06-03 15:19:30 -05:00
Trevor Rosen 0272593923 Merge pull request #32 from rapid7/feature/MSP-9736/vnc-post 
refactor vnc post module

MSP-9736 #land
 2014-06-03 13:53:42 -05:00
James Lee 8abed15c77
Switch to Credential::* things 2014-06-03 11:48:08 -05:00
Trevor Rosen 883976c6a8 Merge pull request #33 from rapid7/feature/MSP-9741/smartftp 
refactor smartftp post module

MSP-9741 #land
 2014-06-03 10:04:09 -05:00
James Lee 9d9f3b5a03
Refactor to prepare for replacing report_auth_info 2014-06-02 18:07:44 -05:00
Tod Beardsley ea383b4139
Make print/descs/case consistent 2014-06-02 13:20:01 -05:00
Trevor Rosen 5c745c4b9c Merge pull request #31 from rapid7/feature/MSP-9728/coreftp 
refactor coreFTP post module

MSP-9728 #land
 2014-06-02 13:19:11 -05:00
David Maloney 9eb42cb80f
refactor smartftp post module 
refactor the smartftp credential post module to use
Metasploit::Credential
 2014-06-02 11:48:45 -05:00
David Maloney 34004908bb
Merge branch 'master' into staging/electro-release 
Conflicts:
	.ruby-version
 2014-06-02 11:10:33 -05:00
Trevor Rosen d9fd77fba7 Merge pull request #29 from rapid7/feature/MSP-9739/mremote_refactor 
Feature/msp 9739/mremote refactor

MSP-9739 #land
 2014-06-02 11:05:20 -05:00
David Maloney 1e2ae16713
refactor vnc post module 
this adds Metasploit::Credential functionality to
the post/windows/gather/credentials/vnc module
it also fixes a hostname resolution issue on windows
hashdump that could occur when the peerhost is an unresolved
hostname
 2014-05-30 14:27:44 -05:00
David Maloney 86fec3a33f
refactor coreFTP post module 
post/windows/gather/credentials/coreftp now uses
the new Metasploit::Credential methods
 2014-05-30 14:06:31 -05:00
jvazquez-r7 0d07fb6c39
Land #2858, @jiuweigui's post module to enumerate Enumerate MUICache 2014-05-29 17:08:50 -05:00
jvazquez-r7 a6229aedff Rescue RequestError when downloading file 2014-05-29 17:07:22 -05:00
jvazquez-r7 f2a71a47ca Use \&\& instead of and 2014-05-29 17:04:38 -05:00
jvazquez-r7 31c282153e Avoid ntuser.dat md5 because is causing problems, even when data is extracted 2014-05-29 17:02:28 -05:00
David Maloney e012d55d73
refactor mremote 
mremote post module now refactored to
use new metasploit credentials
 2014-05-29 16:27:41 -05:00
jvazquez-r7 95b71dee00 Try to fix crash while file_remote_digest 2014-05-29 16:12:51 -05:00
David Maloney a1131092b7
fix open rescue 
rescuing all exceptions bad
bad past dave bad
 2014-05-29 16:05:16 -05:00
jvazquez-r7 cbbd7bfdf4 Refacotor code 2014-05-29 15:55:44 -05:00
David Maloney bf3bb63e4a
fix mremote to work on mremoteNG 
fixed the mremote credential post module to work
against the newer mRemoteNG
 2014-05-29 15:43:02 -05:00
David Maloney f61aeb818a
smart hashdump refactor 
refactor the windows smart hashdump post module
to use the new cred creation methods
 2014-05-29 15:06:42 -05:00
jvazquez-r7 cdabb71d23 Make code cleanup 2014-05-29 14:51:10 -05:00
David Maloney e3c4745879
Windows Hashdump post module refactor 
refactor the Hashdump post module for window
to use the new cred creation methods.
Also some extra methods to do db safe checks
for record ids that we need
 2014-05-29 13:20:32 -05:00
joev ae3c334232 Getting closer. Still something f'd with local answerer.html. 2014-05-22 17:14:35 -05:00
joev 14b796acbf First stab at refactoring webrtc mixin. 2014-05-21 15:32:29 -05:00
Meatballs aeaff16f88
More legible output 2014-05-20 22:27:24 +01:00
Meatballs 92669cd4d6
Use parser 2014-05-20 22:26:13 +01:00
Meatballs fabaf52929
Tidyup of GPP 
Add Security Bulletin Reference
ProgramData is symlink to AllUsers anyway
Use NetAPI
 2014-05-20 21:53:53 +01:00
Tom Sellers 2b8dd9139c Fix cosmetic issue 
Fix cosmetic issue /w email address when it is output via 'info' or the Rapid7 module page.
 2014-05-11 16:14:51 -05:00
joev f94d1f6546 Refactors firefox js usage into a mixin. 2014-04-24 15:09:48 -05:00
sinn3r ba4b507cc7
Land #3280 - Multiplatform WLAN Enumeration and Geolocation 2014-04-24 13:52:32 -05:00
Tom Sellers d4c0d015c1 Update wlan_geolocate.rb 
Updated based on feedback.  Also added enumeration only support for BSD and Solaris.
 2014-04-24 07:04:50 -05:00
Tod Beardsley e514ff3607
Description and print_status fixes for release 
@cdoughty-r7, I choose you! Or @wvu-r7.
 2014-04-21 14:00:03 -05:00
James Lee ee413ac385
Remove previously deprecated modules 2014-04-20 22:15:44 -05:00
Tom Sellers 2fd004b69e New module: Multiplatform Wireless LAN Geolocation 
This is a new POST module that allows Windows, Linux, and OSX targets to be geolocated using Google services if the target has an active and functional wireless adapter.
 2014-04-19 17:31:48 -05:00
Meatballs 5bd9721d95
Redundant include 2014-04-15 21:34:21 +01:00
Meatballs 02b11afddc
Merge remote-tracking branch 'upstream/master' into netapi_change_passwd 
Conflicts:
	lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_netapi32.rb
 2014-04-15 21:23:45 +01:00
Meatballs bd9b5add49
Dont report creds 
We dont know if a DOMAIN or IP is specified etc.
 2014-04-15 21:14:49 +01:00
Meatballs fc018eb32e
Initial commit 2014-04-15 21:05:06 +01:00
Tod Beardsley 66a50b33fd
Errant whitespace 2014-04-14 13:34:39 -05:00
joev 5f0d723588 Adds history collection module for FF privileged JS. 2014-04-14 12:27:18 -05:00
joev 1715cf4650 Add base64 to prevent potential encoding issues. 2014-04-11 17:30:04 -05:00
joev 65d267032d
Fix wrong DisclosureDate. 2014-04-11 16:17:22 -05:00
joev 197a7e556b Add password colletion post module for Firefox shells. 2014-04-11 16:15:48 -05:00
Tod Beardsley 062175128b
Update @Meatballs and @FireFart in authors.rb 2014-04-09 10:46:10 -05:00
Meatballs ae3ead6ef9
Land #2107 Post Enum Domain Users 2014-04-09 11:32:12 +01:00
sinn3r f4e62a8dcd
Land #3146 - Firefox Gather Cookies from Privileged Javascript Shell 2014-03-27 13:14:22 -05:00
Joe Vennix b7f1cee8d3 Remove targets from post module. 2014-03-26 13:55:02 -05:00
Joe Vennix ed8bf6279b Use #run, not #exploit, for post modules. 2014-03-26 13:51:05 -05:00
Joe Vennix 6c51e0fd0d Add cookie gathering post module for FF privileged sessions. 2014-03-26 13:49:53 -05:00
Brandon Turner 460a1f551c
Fix for R7-2014-05 2014-03-24 14:12:12 -05:00
Tod Beardsley 3d3681801a
Fix linux download_exec for #2961 
Note! This module already seems pretty broken, in that it doesn't appear
to correctly locate curl or wget. Will open another bug on that.

[See RM #8777]
 2014-03-20 12:09:38 -05:00
OJ 3ea3968d88
Merge branch 'upstream/master' into stop_abusing_expand_path 
Conflicts:
	lib/msf/core/post/windows/shadowcopy.rb
	modules/exploits/windows/local/bypassuac.rb
	modules/post/windows/gather/wmic_command.rb
	modules/post/windows/manage/persistence.rb
 2014-03-11 23:13:39 +10:00
Meatballs 32d83887d3
Merge remote-tracking branch 'upstream/master' into wmic_post 2014-03-03 21:56:31 +00:00
Meatballs 63751c1d1a
Small msftidies 2014-02-28 22:18:59 +00:00
David Maloney 42a730745e
Land #2418, Use meterpreter hostname resolution 2014-02-28 14:45:39 -06:00
David Maloney 2b5e4bea2b
Landing Pull Request 3003 2014-02-28 10:10:12 -06:00
staaldraad 0dfa53840a Add @Meatballs1 to authors 
Add @Meatballs1 to author list, awesome changes and fixes to the code (almost complete rewrite)
 2014-02-22 12:24:56 +02:00
Meatballs ff4e91bb1b
Check domain return value 2014-02-18 23:34:17 +00:00
Meatballs e4aedfad43
Fixup netapi call 2014-02-18 23:30:29 +00:00
Meatballs 0480ad16aa
No common 2014-02-18 23:09:35 +00:00
Meatballs c06f86cc2b
Updates 2014-02-18 20:31:31 +00:00
Meatballs 6f988209ab
Merge remote-tracking branch 'upstream/master' into enum_domain_users_update 2014-02-18 20:02:39 +00:00
jvazquez-r7 4903b05214 Fix tabs 2014-02-18 13:51:40 -06:00
Meatballs 8a68323cf0
Dont keep checking domain 2014-02-18 17:52:34 +00:00
jvazquez-r7 1bc94b8a9d Merge for retab 2014-02-17 19:19:47 -06:00
Meatballs e290529841
Sadly this url is dead 2014-02-17 22:07:19 +00:00
Meatballs 6c32848b10
Use correct post methods 2014-02-17 22:03:07 +00:00