Commit Graph

26 Commits (e54442af36a8b7fc067ee5630e23e9a4e146ae2b)

Author SHA1 Message Date
URI Assassin 35d3bbf74d
Fix up comment splats with the correct URI
See the complaint on #4039. This doesn't fix that particular
issue (it's somewhat unrelated), but does solve around
a file parsing problem reported by @void-in
2014-10-17 11:47:33 -05:00
b00stfr3ak df98098b0c New shell_execute_option command
Also removed upload option
2014-08-01 17:12:04 -07:00
Meatballs 15c1ab64cd Quick rubocop 2014-07-31 23:11:00 +01:00
Meatballs b524507e4e
Merge remote-tracking branch 'upstream/master' into land_2551
Conflicts:
	modules/exploits/windows/local/ask.rb
2014-03-22 18:14:45 +00:00
Meatballs 7b2f0a64fc
Tidy up 2014-03-22 18:07:57 +00:00
Meatballs 04506d76f3
Dont check for admin 2014-03-22 17:57:27 +00:00
OJ 9fb081cb2d Add getenvs, update getenv, change extract_path use
Stacks of modules were using `extract_path` where it wasn't really semantically correct
because this was the only way to expand environment variables. This commit fixes that
up a bit.

Also, I changed the existing `getenv` function in `stdapi` to `getenvs`, and had it
support the splat operator. I added a `getenv` function which is used just for a
single variable and uses `getenvs` behind the scenes.

The meterpreter console `getenv` command now uses `getenvs`
2013-12-19 11:54:34 +10:00
b00stfr3ak 868b70c9ed Added priv lib and runas lib
Cleaned up code with using the new lib files
2013-10-25 14:05:33 -07:00
b00stfr3ak 9695b2d662 Added check method
The method checks to see if the user is a part of the admin group.  If
the user is the exploit continues, if not the exploit stops because it
will prompt the user for a password instead of just clicking ok.
2013-10-21 11:57:50 -07:00
b00stfr3ak 6881774c03 Updated with comments from jlee-r7 and Meatballs1
Added fail_with instead of just print_error
figured a way to execute the cmd_psh_payload with out using gsub
added case statment for datastore['TECHNIQUE']
2013-10-20 01:15:51 -07:00
b00stfr3ak a5dc75a82e Added PSH option to windows/local/ask exploit
Gives you the ability to use powershell to 'ask' for admin rights if the
user has them.  Using powershell makes the pop up blue instead of orange
and states that the company is Microsoft, it also doesn't drop an exe
on the system.  Looks like 32 bit https works but if you migrate out you
loose priv and if you run cachedump the session hangs.
2013-10-19 00:15:38 -07:00
Tod Beardsley c83262f4bd
Resplat another common boilerplate. 2013-10-15 14:07:48 -05:00
Tod Beardsley 23d058067a
Redo the boilerplate / splat
[SeeRM #8496]
2013-10-15 13:51:57 -05:00
Tab Assassin 845bf7146b Retab changes for PR #2304 2013-09-05 13:41:25 -05:00
James Lee 63adde2429 Fix load order in posts, hopefully forever 2013-08-29 13:37:50 -05:00
James Lee 2160718250 Fix file header comment
[See #1555]
2013-03-07 17:53:19 -06:00
Christian Mehlmauer 8f2dd8e2ce msftidy: Remove $Revision$ 2013-01-04 00:48:10 +01:00
Christian Mehlmauer 25aaf7a676 msftidy: Remove $Id$ 2013-01-04 00:41:44 +01:00
Tod Beardsley be9a954405 Merge remote branch 'jlee-r7/cleanup/post-requires' 2012-10-23 15:08:25 -05:00
Michael Schierl 21f6127e29 Platform windows cleanup
Change all Platform 'windows' to 'win', as it internally is an alias
anyway and only causes unnecessary confusion to have two platform names
that mean the same.
2012-10-23 20:33:01 +02:00
James Lee 9c95c7992b Require's for all the include's 2012-10-23 13:24:05 -05:00
sinn3r 33ce74fe8c Merge branch 'msftidy-1' of git://github.com/schierlm/metasploit-framework into schierlm-msftidy-1 2012-10-23 02:10:56 -05:00
Rob Fuller 7437d9844b standardizing author info 2012-10-22 17:01:58 -04:00
Michael Schierl 657d527f8d DisclosureDate cleanup: Try parsing all dates
Fix all dates unparsable by `Date.strptime(value, '%b %d %Y')`
2012-10-22 20:04:21 +02:00
sinn3r 33429c37fd Change print_error to print_debug as a warning 2012-10-06 02:08:19 -05:00
Rob Fuller b984d33996 add RunAs ask module 2012-10-06 00:51:44 -04:00