Commit Graph

1607 Commits (eb751822d8c603a397389e35414f7797cfec9bb7)

Author SHA1 Message Date
Meatballs b77aed1c56
UPN is optional, should use sAMAccountName 2015-02-16 15:08:09 +00:00
Meatballs 3a894a29de
Dont use magic values and use the userPrincipalName as the
username
2015-02-16 15:02:01 +00:00
Meatballs e42bbcbcbb
Enum_ad modules should retrive userPrincipalName as it may differ
to the sAMAccountName value.
2015-02-16 14:03:15 +00:00
William Vu d7fa06de06 Fix off-by-one whitespace 2015-02-12 13:12:13 -06:00
Tod Beardsley d89eda65fa
Moar fixes, thanks @wvu-r7
See #4755
2015-02-12 12:46:38 -06:00
Tod Beardsley e78d08e20d
Fix up titles, descriptions 2015-02-12 12:11:40 -06:00
Tod Beardsley 02fe57e2a1
Bump out to April, 60ish days 2015-02-11 12:56:37 -06:00
William Vu fd11afff1a Deprecate manage/pxexploit
modules/post/windows/manage/pxeexploit.rb
2015-02-11 12:39:10 -06:00
William Vu 6294cbf4de Fix manage/pxexploit datastore 2015-02-11 12:19:59 -06:00
Meatballs 133ae4cd04
Land #4679, Windows Post Gather File from raw NTFS. 2015-02-08 18:50:50 +00:00
Meatballs 69e53a46cb
Final tidyups, description etc 2015-02-08 18:49:17 +00:00
Meatballs 9518090b8b
Ignore some error conditions 2015-02-08 18:46:48 +00:00
Bazin Danil cc4fc1aefa use GetFileAttributesW and CreateFileW 2015-02-08 17:36:49 +01:00
Tod Beardsley a5b2e99136
Correct punctuation on outlook, too. 2015-02-07 22:26:14 -06:00
wez3 1390c81420 Fix fail_with text
Fix fail_with text, when the target system is locked.
2015-02-07 21:20:24 +01:00
Meatballs 358ab2590e
Small tidyup 2015-02-07 11:35:47 +00:00
Bazin Danil 970c5d115a spellcheck 2015-02-05 22:08:39 +01:00
scriptjunkie 5b2eb986c9
Land #4678 Add post module to phish credentials 2015-02-04 23:43:02 -06:00
William Vu 9e030143e7
Fix slow search due to method name conflict
Changed "search_filter" in enum_ad_users module to "query_filter" to
avoid conflicting with "search_filter" in command_dispatcher/core.rb.
2015-02-02 16:36:20 -06:00
wez3 904a99965d Sleep 1 added
Sleep 1 added to reduce network usage
2015-02-01 11:55:01 +01:00
Bazin Danil 03fcfc496a add a test to check if the file exist 2015-01-31 06:00:02 +01:00
Bazin Danil 2cf9a17f25 variable name clarification (file, file_path, path) 2015-01-31 05:07:07 +01:00
Bazin Danil 5d4a8e2f90 using store_loot 2015-01-31 05:01:28 +01:00
Bazin Danil d6fb445522 add begin...ensure block so that the CloseHandle call occurs 2015-01-31 04:46:02 +01:00
Bazin Danil 1205c0045f using r['ErrorMessage'] 2015-01-31 04:37:16 +01:00
Bazin Danil f7d2e2a27a twitter in comment 2015-01-31 04:36:07 +01:00
jvazquez-r7 c831de35a2
Land #4392, @Meatballs1's post module to enumerate AD users 2015-01-30 17:21:10 -06:00
wez3 25ac9c1ed9 Add post module to phish windows user credentials 2015-01-30 19:50:04 +01:00
Bazin Danil 68b735dbda Add a NTFS parser and a post module to dump files
This commit add a draft of an NTFS Parser and a post module
to gather file using the raw NTFS device (\\.\C:)
bypassing restriction like already open file with lock
Can be used to retreive file like NTDS.DIT without volume shadow copy
2015-01-30 19:16:44 +01:00
Meatballs 39004d265b Increase default buffer sizes to reduce railgun calls 2015-01-30 11:20:03 +00:00
Meatballs d4707b8e07 Spellingz 2015-01-30 11:20:03 +00:00
Meatballs 9670608380 Reformat, remove unnecessary guard statement 2015-01-30 11:20:02 +00:00
Meatballs 0e976041b7 Small description fix 2015-01-30 11:20:02 +00:00
Meatballs 14f6ef13f4 Remove hardcoded domain 2015-01-30 11:20:02 +00:00
Meatballs 79a3a48348 Correct description 2015-01-30 11:20:02 +00:00
Meatballs e492f56ac0 Error if no database 2015-01-30 11:20:02 +00:00
Meatballs e6dbc15f40 Line length modification 2015-01-30 11:20:02 +00:00
Meatballs 044e3bd608 Golden Ticketz Post module 2015-01-30 11:20:02 +00:00
Meatballs 81fa509b50
Only clean up handles if process started 2015-01-27 21:11:12 +00:00
Meatballs 3d0dc1a19d
Rubocop 2015-01-27 16:34:52 +00:00
Meatballs 215a590940
Refactor and fixes for post module 2015-01-27 16:14:59 +00:00
sinn3r d7375e84ea Move modules/post/windows/escalate/net_runtime_modify.rb
This module was scheduled to be removed on 01/08/2015.
Please use exploit/windows/local/service_permissions instead.
2015-01-26 00:29:43 -06:00
Jon Hart e7c21f3205
Land #4503, @m7x's post module for extracting McAfee VSE hashes 2015-01-21 20:44:41 -08:00
Jon Hart 9cc58a8d69
Lastly, rename the file so that it is specific to McAfee VSE 2015-01-21 20:44:34 -08:00
Jon Hart 683a541064
Tighten up prints to make it specific to VSE, not McAfee in general 2015-01-21 20:33:54 -08:00
Jon Hart 52be3d80b7
Minor ruby style cleanup 2015-01-21 20:27:38 -08:00
Jon Hart ceed293969
Remove unnecessary requires 2015-01-21 20:23:03 -08:00
Jon Hart f73052710d
Correct recent msftidy change in outlook gather 2015-01-21 13:27:48 -08:00
Jon Hart 46a0ec8a68
Make timeout for Powershell scripts configurable 2015-01-21 13:24:43 -08:00
wez3 bd0a20a717 Update outlook.rb execute_script time_out
I have been using the script in real life cases which have bigger e-mailboxes then in the testing environment. Because of execute_script default time_out no results return, as the powershell scripts run longer then 15 seconds. Changed the timeout to 120.
2015-01-20 11:16:37 +01:00
root 3a5d6b4717 Store password hash as loot 2015-01-17 14:17:41 +00:00
Tod Beardsley 375a7e1fe9
Typo. Filtering. 2015-01-16 16:30:52 -06:00
Jon Hart 8889f95920
Correct McAfee credential storage, prepare for store_loot 2015-01-16 12:10:01 -08:00
root f4f4787efe Move run method 2015-01-14 23:54:02 +00:00
David Maloney f42bda1a51
refactor parsing the results
moved the result parsing into its own method
cleaned up run method a bit more, added YARD docs
to the new methods
2015-01-14 14:15:57 -06:00
David Maloney c687ecca2e
refactor filter building
move the filter_string into a seperate method
and use shovel oeprator to keep it a little cleaner
2015-01-14 14:04:28 -06:00
David Maloney 9b344a9605
move query fields to a constant
these fields should never change, so put the array
in a constant and freeze it to prevent accidental tampering
2015-01-14 13:20:00 -06:00
David Maloney 82939595f8
Merge branch 'master' into feature/metaballs1/enum_ad_users 2015-01-14 13:06:18 -06:00
root 52b929c5ca Fix https://github.com/m7x/metasploit-framework/pull/1#issuecomment-69454590 2015-01-10 14:15:53 +00:00
Jon Hart 5c12f9da75
More cleanup
Handle multiple versions
Better print_
Actually extract
2015-01-09 18:01:17 -08:00
Jon Hart 35fd17c4f1
Cleanup style 2015-01-09 11:00:25 -08:00
Brent Cook e447a17795 bump deprecated date 2015-01-08 16:20:06 -06:00
Meatballs 0b0ac1455a
Merge remote-tracking branch 'upstream/master' into extapi_service_post
Conflicts:
	test/modules/post/test/services.rb
2015-01-07 20:53:34 +00:00
m7x 89699d1549 Typo workspace_id 2015-01-07 10:58:59 +00:00
Meatballs dd5c638ab0
Merge remote-tracking branch 'upstream/master' into extapi_service_post 2015-01-05 22:18:44 +00:00
sinn3r 44dfa746eb Resolve #4513 - Change #inspect to #to_s
Resolve #4513
2015-01-05 11:50:51 -06:00
root c348663204 Add McAfee Hashdump 2015-01-02 10:22:11 +00:00
Tod Beardsley 264d3f9faa
Minor grammar fixes on modules 2014-12-31 11:45:14 -06:00
Mark Judice 30228bcfe7 Added underscore to user regex in smart_hashdump.rb to support usernames that contain underscores. Issue #4349. 2014-12-23 22:36:11 -06:00
jvazquez-r7 01cf14d44e Fix banner 2014-12-23 01:02:09 -06:00
jvazquez-r7 4928cd36e4
Land #4187, @BorjaMerino's post module to get output rules 2014-12-23 01:01:03 -06:00
jvazquez-r7 49fef9e514 Do minor module clean up 2014-12-23 01:00:21 -06:00
Meatballs 6a822cca61
Move code out of begin/rescue block 2014-12-17 06:45:00 +00:00
Meatballs dd63d793e5
Bring in @darkoperator's filters 2014-12-17 06:14:21 +00:00
Meatballs 8c7ff728ef
Gather some more info 2014-12-17 05:46:01 +00:00
sinn3r 4c714b3eaf
Land #4386 - Fix issue #3852 (support for other languages for enable_rdp) 2014-12-15 11:37:05 -06:00
root 6480ae2c03 Show message at the end 2014-12-15 16:26:39 +01:00
root 288954afa0 recvfrom allocation changed 2014-12-14 18:58:48 +01:00
Meatballs 00b802cc68
Reindent description 2014-12-14 10:04:18 +00:00
Meatballs 6ecf537f40
Grab user creds to database 2014-12-13 20:30:20 +00:00
Meatballs e914061745
Gsub out funny character when storing to database 2014-12-13 18:35:31 +00:00
Meatballs 316710329b
Fix field.value 2014-12-13 18:31:29 +00:00
Meatballs d3d744a7cb
Make sure we get the field :value 2014-12-13 18:13:36 +00:00
jvazquez-r7 5eb510f7bc Use the correct variable for the filename 2014-12-12 17:40:26 -06:00
jvazquez-r7 27323bcaa5 Fix #3852, make enable_rdp with other languages 2014-12-12 17:30:14 -06:00
wez3 3b6e92726c Update outlook rb, "NL" to "nl_NL"
Update outlook rb, "NL" to "nl_NL"
2014-12-12 20:09:34 +01:00
Christian Mehlmauer 0f27c63720
fix msftidy warnings 2014-12-12 13:16:21 +01:00
Jon Hart e5e40307e6
Land #4373 2014-12-11 18:45:53 -08:00
Christian Mehlmauer 544f75e7be
fix invalid URI scheme, closes #4362 2014-12-11 23:34:10 +01:00
Tod Beardsley af9979d30b
Ruby style on methods please
Introduced in #4220. This ain't no JavaScript!
2014-12-11 15:24:30 -06:00
Tod Beardsley 909971e0bf
Margins on description, PowerShell not Powershell 2014-12-08 10:57:49 -06:00
Tod Beardsley 80dc781625
Email over E-mail
While I believe "e-mail" is the actually correct spelling, we tend to
say "email" everywhere else. See:

````
todb@mazikeen:~/git/rapid7/metasploit-framework$ grep -ri "print.*email"
modules/ | wc -l
19
[ruby-2.1.5@metasploit-framework](fixup-grammar)
todb@mazikeen:~/git/rapid7/metasploit-framework$ grep -ri
"print.*e-mail" modules/ | wc -l
1
````
2014-12-08 10:55:26 -06:00
Christian Mehlmauer 738fc78883
Land #4220, outlook gather post module 2014-12-07 22:41:28 +01:00
Christian Mehlmauer cc63d435c7
another whitespace 2014-12-06 09:32:22 +01:00
Christian Mehlmauer f0a47f98bc
final formatting 2014-12-06 00:38:05 +01:00
Christian Mehlmauer f1f743804e
more formatting 2014-12-06 00:31:38 +01:00
Christian Mehlmauer 9187a409ec
outlook post module fixes 2014-12-06 00:28:44 +01:00
wez3 7c62fa5c95 Add Windows post module for reading/searching Outlook e-mail #8 2014-12-04 14:28:40 +01:00
wez3 3cadcb942a Add Windows post module for reading/searching Outlook e-mail #7 2014-12-03 18:30:22 +01:00
wez3 611e8c72eb Add Windows post module for reading/searching Outlook e-mail #6 2014-12-02 14:05:08 +01:00
peregrino 84bb5b5215 Rex::Socket.to_sockaddr changed 2014-11-26 17:51:38 +01:00
peregrino 16b64ff42a Rex::Socket.to_sockaddr changed 2014-11-26 17:51:05 +01:00
peregrino 16a9450d43 session.tunnel_peer changed by session.session_host. Other minor changes 2014-11-26 12:08:54 +01:00
jvazquez-r7 5615d65aee Do minor cleanup 2014-11-25 17:35:07 -06:00
wez3 5294594379 dd Windows post module for reading/searching Outlook e-mail #5 Add DE 2014-11-25 14:36:14 +01:00
jvazquez-r7 71669b9f9e Change module filename 2014-11-24 20:34:12 -06:00
jvazquez-r7 5c4b1b0283 Output some information 2014-11-24 20:31:26 -06:00
jvazquez-r7 6e9cd331b3 Modify description 2014-11-24 20:28:38 -06:00
jvazquez-r7 261da9306e Use store_loot 2014-11-24 20:22:21 -06:00
jvazquez-r7 cf52dd895f Refactor search 2014-11-24 20:20:37 -06:00
jvazquez-r7 2fa5223d3b move check out of the begin block 2014-11-24 19:28:53 -06:00
jvazquez-r7 90bdc770b5 Use literal creation notation 2014-11-24 19:27:50 -06:00
jvazquez-r7 2c4caeed29 Clean metadata 2014-11-24 19:26:12 -06:00
jvazquez-r7 443dd7b6c0 Use constants 2014-11-24 19:04:02 -06:00
jvazquez-r7 250250beb0 Fix indentation 2014-11-24 18:58:07 -06:00
jvazquez-r7 88ccffacb4 Update from upstream master 2014-11-24 18:32:35 -06:00
wez3 53b69583f4 Add Windows post module for reading/searching Outlook e-mail #4 2014-11-21 20:00:30 +01:00
wez3 435c6eef81 Add Windows post module for reading/searching Outlook e-mail #3 2014-11-18 16:27:33 +01:00
wez3 91a53dc36c Add Windows post module for reading/searching Outlook e-mail 2014-11-18 12:41:24 +01:00
wez3 7a2b7208e7 Add Windows post module for reading/searching Outlook e-mail 2014-11-17 19:38:55 +01:00
jvazquez-r7 145e610c0f Avoid shadowing new method 2014-11-17 12:22:30 -06:00
Peregrino Gris 80a9fa4b5d Ports default values added, is_internal REX function added, reference added 2014-11-13 10:10:25 +01:00
Peregrino Gris 529f749abb Add post-exploitation module to get FW filtering rules 2014-11-12 17:38:49 +01:00
URI Assassin 35d3bbf74d
Fix up comment splats with the correct URI
See the complaint on #4039. This doesn't fix that particular
issue (it's somewhat unrelated), but does solve around
a file parsing problem reported by @void-in
2014-10-17 11:47:33 -05:00
jvazquez-r7 520e1bccca
Land #3692, @TomSellers's support for Metasploit Credential on enum_snmp 2014-10-09 15:18:44 -05:00
James Lee a65ee6cf30
Land #3373, recog
Conflicts:
	Gemfile
	Gemfile.lock
	data/js/detect/os.js
	lib/msf/core/exploit/remote/browser_exploit_server.rb
	modules/exploits/android/browser/webview_addjavascriptinterface.rb
2014-10-03 18:05:58 -05:00
James Lee a21752bc9c
Fix NoMethodError on os, mark DCs as 'server' 2014-10-01 16:02:46 -05:00
sinn3r 50fa5745bb Rm print_debug line
I forgot to remove this line while testing the module
2014-09-16 16:46:40 -05:00
sinn3r 07c14f5ee8
Land #3388 - Post mod to check Win32_QuickFixEngineering 2014-09-16 16:18:04 -05:00
sinn3r 36a3abe036 Add a reference 2014-09-16 16:17:22 -05:00
jvazquez-r7 5da6a450f1 fix find condition 2014-09-12 15:21:50 -05:00
jvazquez-r7 1749fc73c2 Change module filename 2014-09-12 15:05:33 -05:00
jvazquez-r7 95b6529579 Fix run method 2014-09-12 14:27:25 -05:00
Tom Sellers 20a02a9d29 Cleanup 2014-08-31 14:01:13 -05:00
Tom Sellers 6f7bc94db4 Creation of rdcmanager_creds.rb 2014-08-31 13:38:08 -05:00
Tom Sellers 0b820c59b1 Fix to self.refname 2014-08-27 18:34:15 -05:00
Tod Beardsley 6d45f75b47
Land #3690, credential_collect refactor
@TomSellers strikes again!
2014-08-27 18:31:59 -05:00
Tom Sellers 9b0c5dfb0c Minor fix 2014-08-27 18:31:13 -05:00
Tom Sellers fa502c9c69 Minor adjustments 2014-08-24 17:39:13 -05:00
Tom Sellers 601c5515f8 Corrected 3 issues identified by jlee-r7 2014-08-24 17:18:31 -05:00
Meatballs d2bc0baa87
Merge remote-tracking branch 'upstream/master' into extapi_service_post
Conflicts:
	lib/msf/core/post/windows/services.rb
2014-08-24 19:46:19 +01:00
Tom Sellers 081a3437a4 Refactor for Credentials gem 2014-08-24 09:38:15 -05:00
Tom Sellers 1fa43bfe64 Rework for Credential lib update 2014-08-23 10:53:55 -05:00
HD Moore 6d92d701d7 Merge feature/recog into post-electro master for this PR 2014-08-16 01:19:08 -05:00
Samuel Huckins 149c3ecc63
Various merge resolutions from master <- staging
* --ask option ported to new location
* --version option now works
* MSF version updated
* All specs passing
2014-08-15 11:33:31 -05:00
James Lee b7e4bd4080
Fix 'domain\user' reporting in mremote 2014-08-12 18:01:42 -05:00
Brandon Turner 91bb0b6e10 Metasploit Framework 4.9.3-2014072301
-----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1
 
 iQIcBAABAgAGBQJT0CeVAAoJEJMMBVMNnmqO/7AP/0CBRHjtgiR9VnFKSQ+iWTQV
 iPNMBevn0mpSRq/gpoKCeFBZ6b+YQYrOLXDKVk62VV9LCslkr/P8LW8ul+m+JtB0
 mM6V5esUXM1XhgGEyTnTLRx6BR/WQU1RHlb56ae3nZjQlwCuH/5zEmcy5toZxpsY
 6HO46zE0GGBoLr/VgyYlfT08bfoQ+ICyJN0H5ixoovCc3iW0K1MNqLMfdani8zBJ
 gYJaMysV7XtepumWWQMSC+b/EuertdXXzWDy2bwe0Q3cQXNXzrkPAvtMqucWG+gy
 783OLKCPtVoEZiX87xAptkwmVCRdNGPclaWH7YRZDAh1tqBfRQUg72V/TIrOHCP1
 /lYO7yp5pBQg+1UNnpH+xI2YePFfYdHpYDNT5FSQGOnQjJg30ll4SqCm7cVmo2h5
 BRSYXkPCsQeXGaFarxGERNb8e+qN/WzSrHzY45tQw8mDuhg94tlf3VtDag3FXxhj
 zCxd6bu+tdboVm7FERS85T46kxzmeIycZ4p+Sf7d8gXitl2RKbBdKFNDi1gzeK1T
 yN7bDl4sL7qtDgZLXjFrnyC8vXyAqIrAgmFr2JywMBRm6TiCGQvgnrs+sScU3RFU
 W2tblGbKQq+CwDeC59uQPqxRkm72SMUrKX9448VEQ+9XbKE3TMQ5Q4qCxmnw31Op
 aJ0QgKJz8thZgafZc89I
 =e1z9
 -----END PGP SIGNATURE-----
gpgsig -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1
 
 iQIcBAABCgAGBQJT4pb8AAoJEA+Ckxyj7hsHn+8P/3FlEYCmoqQ/JzsVtmP3Yi4Q
 gBRva+crY831mCCQXFrPJBvWfmy5HOzVh+Zh7zWF0GQ1WuuMppHfR5ARFVwmiDs3
 qwndhXwziDzBnznf0JKSgT5eJsH23s/ots1lyWymKJvPuT6hn6MRAHUawgnNmYR9
 ttnawmHvCM9Iha2oz3nmkLcNd+83bdBfEWi5l8AQ7jJxwMC2/8VPpMscVVwXqPzd
 CoQugAYZW5VeaEiGio5+19Ix9EPkIDvs6wnfGBtfPfeaOIDZV4XOFoIFUtEeZd5o
 olvEpYvdqscy4Qujzn4C++3wX3bUxkIbHTJHgrKmlD83dI7Cu1JH716G+yfLoJo0
 pQBWTGeWYKEh6leK/9J5Bo1/tOJ/ylbcbvH0Y0tmdu4icHar6uYe1QBrCB9xIdh1
 F+xo4guYnVo616DXJQSwjIye83b5dBxACrfA3bqCnFVFgTM5jXGV1cqiBgs9Dl++
 tIDPgUJkCe/bIdQ7PntlGRzxKihHahlxhCa++YaGKqSq7gXie8Rl4qgloIrbfNZ/
 z3XsoOLNdbMGO7ip88Zjwq4Khj5WZu7ijfCtXO7GU1UJZL1tJ2yK2ic7ZDLc251Y
 8EGMSTG53+6yvZYFtWMZeQzjwD2cpuF04dOmHOKi6KGJJ7KRPhn6gpsbc6U1mbH9
 AjGcfOzhhcsY+WAQ7OG+
 =Pjob
 -----END PGP SIGNATURE-----

Merge tag '2014072301' into staging/electro-release

Conflicts:
	Gemfile.lock
	modules/post/windows/gather/credentials/gpp.rb

This removes the active flag in the gpp.rb module.  According to Lance,
the active flag is no longer used.
2014-08-06 15:58:12 -05:00
James Lee 62240537db
Refactor sso to use Credential::Creation 2014-07-31 16:06:23 -05:00
scriptjunkie 8fe508207c Merge Meatballs' gpp_again pull into new branch 2014-07-19 11:10:14 -05:00
Trevor Rosen bebf11c969
Resolves some Login::Status migration issues
MSP-10730
2014-07-16 21:52:08 -05:00
William Vu 25f74b79b8
Land #3484, bad pack/unpack specifier fix 2014-07-16 14:52:23 -05:00
David Maloney 52a29856b3
Merge branch 'master' into staging/electro-release
Conflicts:
	Gemfile
	Gemfile.lock
2014-07-16 09:38:44 -05:00
jvazquez-r7 8937fbb2f5 Fix email format 2014-07-11 12:45:23 -05:00
James Lee 62a2f1dc0a
Credential -> Model for realm key constants 2014-07-10 14:30:25 -05:00
scriptjunkie 2cd9577278 Fix table printing. 2014-07-09 21:46:34 -05:00
Thomas Ring 37f159d80a corrections based on feedback 2014-07-09 09:54:04 -05:00
Thomas Ring 10713dd440 New module to build wordlist for use by JtR, oclhashcat, etc generated by pulling info from multiple Active Directory fields 2014-07-08 16:09:48 -05:00
David Maloney aeda74f394
Merge branch 'master' into staging/electro-release
Conflicts:
	Gemfile
	Gemfile.lock
2014-07-07 16:41:23 -05:00
Tod Beardsley 9fef2ca0f3
Description/whitespace changes (minor)
Four modules updated for the weekly release with minor cosmetic fixes.

- [ ] See all affected modules still load.
- [ ] See all affected modules have expected `info`
2014-07-07 12:39:05 -05:00
HD Moore b6b5435a3d Fix service pack parsing 2014-07-06 09:24:36 -05:00
HD Moore 43d65cc93a Merge branch 'master' into feature/recog
Resolves conflicts:
	Gemfile
	data/js/detect/os.js
	modules/exploits/android/browser/webview_addjavascriptinterface.rb
2014-07-06 09:17:44 -05:00
Meatballs ef0826c319
Fix bugs 2014-07-04 20:46:50 +01:00
Meatballs 05c9757624
Merge in #3488 2014-07-04 20:37:09 +01:00
sinn3r f1b7a9f421
Land #3488 - loot storage into the enum_services post module 2014-07-03 14:18:16 -05:00
sinn3r 2c999d3099 Better describe the problem 2014-07-03 13:06:19 -05:00
sinn3r 9aa3c75234 Do something for the shut-everything-up event handling practice 2014-07-03 13:04:56 -05:00
sinn3r 8a513058f6 Fix comments 2014-07-03 12:59:10 -05:00
sinn3r ebeb9880a6 Favor "unless" over "if" for negative conditions
Please refer to https://github.com/bbatsov/ruby-style-guide
2014-07-03 12:55:13 -05:00
sinn3r 1d828a951f string interpolation is preferred over concatenation
Please refer to https://github.com/bbatsov/ruby-style-guide
2014-07-03 12:46:56 -05:00
sinn3r b781b87d74 Avoid unnecessary "if not" 2014-07-03 12:44:17 -05:00
Your Name 9981a60b27 Add loot storage into the enum_service post module 2014-07-02 17:56:16 +01:00
Your Name 83abf4b523 Add loot storage into the enum_service post module 2014-07-02 17:48:48 +01:00
James Lee f0cb235393
Merge branch 'feature/MSP-9735/gpp' into staging/electro-release 2014-07-01 14:28:15 -05:00
Rob Fuller d341fc20a8 switch to use file? instead of stat 2014-07-01 00:58:17 -04:00
HD Moore c9b6c05eab Fix improper use of host-endian or signed pack/unpack
Note that there are some cases of host-endian left, these
are intentional because they operate on host-local memory
or services.

When in doubt, please use:

```
ri pack
```
2014-06-30 02:50:10 -05:00
Rob Fuller 920bd1132e replace manual packing with rex version 2014-06-25 00:16:28 -04:00
Rob Fuller 86869f0a81 remove extra parenthesis 2014-06-23 17:10:31 -04:00
Rob Fuller 8e37aea7c2 remove use of Q in packing and unpacking 2014-06-23 16:52:53 -04:00
Rob Fuller a7d00f8144 simplify SHA1 code 2014-06-23 15:39:06 -04:00
Rob Fuller 77620193a1 remove character restriction on aes.final call 2014-06-23 15:37:19 -04:00
Rob Fuller 2d0b4b96ee remove verbose exit if no salt found 2014-06-23 15:34:07 -04:00
Rob Fuller 275d8826bd skype post module to extract password hash 2014-06-23 15:16:50 -04:00
William Vu dbd0bc5fa2
Refactor windows_autologin creds 2014-06-19 14:38:31 -05:00
James Lee d246e28cb3
Merge branch 'feature/MSP-9733/ftpnavigator' into staging/electro-release 2014-06-13 16:03:06 -05:00
James Lee da74777570
Merge branch 'feature/MSP-9729/enum_cred_store' into staging/electro-release 2014-06-13 15:46:08 -05:00
James Lee 8be602e487
Merge branch 'feature/MSP-9734/ftpx' into staging/electro-release 2014-06-13 15:36:43 -05:00
James Lee 1df7362774
Merge branch 'feature/MSP-9740/outlook' into staging/electro-release 2014-06-13 15:34:06 -05:00
James Lee 81d47c4eb3
Merge branch 'feature/MSP-9730/epo_sql' into staging/electro-release 2014-06-13 15:31:41 -05:00
William Vu 3ad3ca88e5
Use session.session_host 2014-06-12 18:26:01 -05:00
James Lee a7416332e3
Merge branch 'feature/MSP-9732/flashfxp' into staging/electro-release 2014-06-12 18:02:20 -05:00
James Lee 1969c8f018
Merge branch 'feature/MSP-9727/bulletproof_ftp' into staging/electro-release 2014-06-12 15:41:57 -05:00
James Lee ff2fc68d11
Fix busted vars 2014-06-12 15:37:06 -05:00
James Lee 18a2e0928c
Merge branch 'feature/MSP-9737/wsftp_client' into staging/electro-release 2014-06-12 15:08:26 -05:00
David Maloney 96e492f572
Merge branch 'master' into staging/electro-release 2014-06-12 14:02:27 -05:00
William Vu d9d16e436a
Refactor epo_sql creds 2014-06-12 13:23:11 -05:00
William Vu 302e495451
Fix bad indent 2014-06-12 13:13:05 -05:00
William Vu c7bb0f1eb8
Fix bad copypasta 2014-06-12 12:59:35 -05:00
William Vu 0d92ae08dd
Refactor enum_cred_store creds 2014-06-12 12:57:46 -05:00
William Vu 429d85dc5d
Refactor flashfxp creds 2014-06-12 12:40:33 -05:00
William Vu e96a70a0f5
Refactor outlook creds 2014-06-12 12:31:12 -05:00
HD Moore d5b32e31f8 Fix a typo where platform was 'windows' not 'win'
This was reported by dracu on freenode
2014-06-11 15:10:33 -05:00
William Vu ac94f8e861
Refactor bulletproof_ftp creds 2014-06-11 13:04:58 -05:00
William Vu 7147a88968
Refactor ftpnavigator creds 2014-06-11 12:57:45 -05:00
William Vu 676afe391a
Refactor gpp creds 2014-06-11 12:48:00 -05:00
William Vu 41ff4c3dce
Refactor ftpx creds 2014-06-11 12:35:15 -05:00
Luke Imhoff 4d923a4809
Update to Rubyzip 1.X API
MSP-10004

`require 'zip'` instead of `'zip/zip'` and rename all classes to remove
redundant Zip prefix inside the Zip namespace.
2014-06-10 13:41:42 -05:00
dmaloney-r7 9826a57429 Update coreftp.rb 2014-06-10 13:01:19 -05:00
William Vu dffc9b6852
Use the new hash syntax for consistency 2014-06-10 12:56:15 -05:00
William Vu d7fd7b8d1e
Refactor wsftp_client creds 2014-06-10 12:05:04 -05:00
jvennix-r7 f660f557e5 Merge pull request #38 from rapid7/feature/msp-9738/winscp
Feature/msp 9738/winscp
2014-06-06 11:43:50 -05:00
David Maloney ef8f237050
refactor filezilla_server
you know the score
2014-06-04 15:43:15 -05:00
David Maloney 28bf29980e
Merge branch 'master' into staging/electro-release 2014-06-04 10:21:08 -05:00
James Lee f2e1732878
Resolve hostnames before trying to save 2014-06-03 15:19:30 -05:00
Trevor Rosen 0272593923 Merge pull request #32 from rapid7/feature/MSP-9736/vnc-post
refactor vnc post module

MSP-9736 #land
2014-06-03 13:53:42 -05:00
James Lee 8abed15c77
Switch to Credential::* things 2014-06-03 11:48:08 -05:00
Trevor Rosen 883976c6a8 Merge pull request #33 from rapid7/feature/MSP-9741/smartftp
refactor smartftp post module

MSP-9741 #land
2014-06-03 10:04:09 -05:00
James Lee 9d9f3b5a03
Refactor to prepare for replacing report_auth_info 2014-06-02 18:07:44 -05:00
Tod Beardsley ea383b4139
Make print/descs/case consistent 2014-06-02 13:20:01 -05:00
Trevor Rosen 5c745c4b9c Merge pull request #31 from rapid7/feature/MSP-9728/coreftp
refactor coreFTP post module

MSP-9728 #land
2014-06-02 13:19:11 -05:00
David Maloney 9eb42cb80f
refactor smartftp post module
refactor the smartftp credential post module to use
Metasploit::Credential
2014-06-02 11:48:45 -05:00
David Maloney 34004908bb
Merge branch 'master' into staging/electro-release
Conflicts:
	.ruby-version
2014-06-02 11:10:33 -05:00
Trevor Rosen d9fd77fba7 Merge pull request #29 from rapid7/feature/MSP-9739/mremote_refactor
Feature/msp 9739/mremote refactor

MSP-9739 #land
2014-06-02 11:05:20 -05:00
David Maloney 1e2ae16713
refactor vnc post module
this adds Metasploit::Credential functionality to
the post/windows/gather/credentials/vnc module
it also fixes a hostname resolution issue on windows
hashdump that could occur when the peerhost is an unresolved
hostname
2014-05-30 14:27:44 -05:00
David Maloney 86fec3a33f
refactor coreFTP post module
post/windows/gather/credentials/coreftp now uses
the new Metasploit::Credential methods
2014-05-30 14:06:31 -05:00
jvazquez-r7 0d07fb6c39
Land #2858, @jiuweigui's post module to enumerate Enumerate MUICache 2014-05-29 17:08:50 -05:00
jvazquez-r7 a6229aedff Rescue RequestError when downloading file 2014-05-29 17:07:22 -05:00
jvazquez-r7 f2a71a47ca Use \&\& instead of and 2014-05-29 17:04:38 -05:00
jvazquez-r7 31c282153e Avoid ntuser.dat md5 because is causing problems, even when data is extracted 2014-05-29 17:02:28 -05:00
David Maloney e012d55d73
refactor mremote
mremote post module now refactored to
use new metasploit credentials
2014-05-29 16:27:41 -05:00
jvazquez-r7 95b71dee00 Try to fix crash while file_remote_digest 2014-05-29 16:12:51 -05:00
David Maloney a1131092b7
fix open rescue
rescuing all exceptions bad
bad past dave bad
2014-05-29 16:05:16 -05:00
jvazquez-r7 cbbd7bfdf4 Refacotor code 2014-05-29 15:55:44 -05:00
David Maloney bf3bb63e4a
fix mremote to work on mremoteNG
fixed the mremote credential post module to work
against the newer mRemoteNG
2014-05-29 15:43:02 -05:00
David Maloney f61aeb818a
smart hashdump refactor
refactor the windows smart hashdump post module
to use the new cred creation methods
2014-05-29 15:06:42 -05:00
jvazquez-r7 cdabb71d23 Make code cleanup 2014-05-29 14:51:10 -05:00
David Maloney e3c4745879
Windows Hashdump post module refactor
refactor the Hashdump post module for window
to use the new cred creation methods.
Also some extra methods to do db safe checks
for record ids that we need
2014-05-29 13:20:32 -05:00
jvazquez-r7 e585d11499 make MSF_MODULES a constant 2014-05-25 19:36:40 -05:00
Rob Fuller 61603748bd two more tweaks 2014-05-25 10:45:09 -04:00
Rob Fuller 6435b4370a @Meatballs1 fixes 2014-05-25 10:40:23 -04:00
Rob Fuller e3a6782345 add post module based on @zeroSteiner idea 2014-05-24 23:37:17 -04:00
Meatballs aeaff16f88
More legible output 2014-05-20 22:27:24 +01:00
Meatballs 92669cd4d6
Use parser 2014-05-20 22:26:13 +01:00
Meatballs fabaf52929
Tidyup of GPP
Add Security Bulletin Reference
ProgramData is symlink to AllUsers anyway
Use NetAPI
2014-05-20 21:53:53 +01:00
HD Moore a844b5c30a Merge branch 'master' of github.com:hmoore-r7/metasploit-framework into feature/recog
Conflicts:
	Gemfile
	Gemfile.lock
	data/js/detect/os.js
	lib/msf/core/exploit/remote/browser_exploit_server.rb
2014-05-18 10:50:32 -05:00
Meatballs c474ff4465
Merge remote-tracking branch 'upstream/master' into extapi_service_post
Conflicts:
	modules/exploits/windows/local/service_permissions.rb
	modules/post/windows/manage/rpcapd_start.rb
2014-05-05 13:19:25 +01:00
Tod Beardsley e514ff3607
Description and print_status fixes for release
@cdoughty-r7, I choose you! Or @wvu-r7.
2014-04-21 14:00:03 -05:00
James Lee ee413ac385
Remove previously deprecated modules 2014-04-20 22:15:44 -05:00
Meatballs 5bd9721d95
Redundant include 2014-04-15 21:34:21 +01:00
Meatballs 02b11afddc
Merge remote-tracking branch 'upstream/master' into netapi_change_passwd
Conflicts:
	lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_netapi32.rb
2014-04-15 21:23:45 +01:00
Meatballs bd9b5add49
Dont report creds
We dont know if a DOMAIN or IP is specified etc.
2014-04-15 21:14:49 +01:00