052d233bd9
Land #17006 , Gather_RedisDesktopManager_Password
...
Merge branch 'land-17006' into upstream-master
2022-10-03 15:10:30 -05:00
9ad513dade
Land #16933 , Thycotic Secret Server post module
...
This PR adds a post exploitation module that exports
and decrypts Thycotic Secret Server credentials
2022-09-30 13:16:05 -04:00
9e74b9887d
Land #17048 , enum_tokens: Cleanup
...
Merge branch 'land-17048' into upstream-master
2022-09-29 15:58:46 -05:00
e06acc7df0
Update documentation/modules/post/windows/gather/credentials/thycotic_secretserver_dump.md
2022-09-29 13:59:01 -04:00
e8d4bcdcc6
Update documentation/modules/post/windows/gather/credentials/thycotic_secretserver_dump.md
2022-09-29 13:58:37 -04:00
713d63654b
Update documentation/modules/post/windows/gather/credentials/thycotic_secretserver_dump.md
2022-09-29 13:58:22 -04:00
3170eac829
Land #16981 , enum_domain_tokens: Cleanup and fix group member retrieval
...
Merge branch 'land-16981' into upstream-master
2022-09-27 09:47:34 -05:00
c74f480177
Land #17049 , enum_domain_group_users module clean up
2022-09-22 17:51:12 +01:00
ce48afd0db
wmic_command: Cleanup
2022-09-23 00:25:13 +10:00
9eab7eadab
enum_domain_group_users: Cleanup
2022-09-22 17:05:19 +10:00
eef42884e0
enum_tokens: Cleanup
2022-09-22 12:04:24 +10:00
bd4a062e5f
Land #17023 , Fix #16999 by using a compatible default action
2022-09-19 17:33:01 -05:00
5d7c7b0a09
Update documentation and change up the code to use action.name vs datastore['ACTION'] since that is no longer populated
2022-09-19 17:31:51 -05:00
88f14950a0
Land #16688 , Add Mimipenguin
...
Merge branch 'land-16688' into upstream-master
2022-09-19 12:43:16 -05:00
eae1adb8bb
Add getsystem module docs
2022-09-16 14:59:50 -04:00
cee6b6a111
Land #17003 , enum_patches: Cleanup, print patches as table, store patches as CSV
2022-09-15 18:07:11 -05:00
d278d6aa81
Add in missing require to make module work, then fix up some minor things observed during review process
2022-09-15 17:44:25 -05:00
e7d2fdfe0a
Rename module and fix up some issues with documentation
2022-09-14 17:03:42 -05:00
3c9b57c415
Land #16911 , enum_ms_product_keys: Cleanup and support non-meterpreter sessions
2022-09-13 16:06:55 +02:00
6467fb3a8f
Land #16906 , enum_snmp improvements
...
enum_snmp: Cleanup and support non-Meterpreter sessions
2022-09-13 09:05:15 -04:00
a0030ac667
enum_snmp: Cleanup and support non-Meterpreter sessions
2022-09-13 17:45:10 +10:00
2726f04e43
Gather_RedisDesktopManager_Password
2022-09-12 20:40:49 +08:00
ebaca4cd48
enum_patches: Cleanup, print patches as table, store patches as CSV
2022-09-12 13:50:32 +10:00
302bcfbc03
enum_domain_tokens: Cleanup and fix group member retrieval
2022-09-10 13:54:39 +10:00
b5686dc7ca
Update documentation to improve some explanations
2022-09-09 15:51:31 -05:00
8dc4107bed
enum_services: Cleanup and support non-Meterpreter sessions
2022-09-09 15:09:47 -05:00
290d70bd19
enum_domain: Cleanup and support non-Meterpreter sessions
2022-09-08 12:34:37 -05:00
446d891705
Land #16901 , killav: Cleanup and support non-meterpreter sessions
2022-09-07 14:02:11 -05:00
53b25d7d69
Land #16934 , support dumping mem by process name
2022-09-01 12:58:01 -05:00
da43f9c069
Refactor thycotic_secretserver_dump MKII
...
Removed all logic around the isSalted column since I have no idea what
that flag is actually supposed to represent.
Further optimized Thycotic decryption method for efficiency.
Fixed where the revision digit was being truncated after converting
ss_build to float.
Removed the offline 'decrypt' action as it required setting a reserved
value for session in order to operate.
Minor tweaks & correct typos and formatting.
Updated documentation.
2022-08-29 11:45:18 -04:00
8939d09efa
post/windows/gather/memory_dump: Support dumping processes by name
2022-08-24 18:04:29 +10:00
b5a5fb23fb
Add thycotic_secretserver_dump post module
...
Initial commit for post module targeting Windows servers with Secret
Server installed.
The module can decrypt secrets from Secret Server version 10.4 - 11.2
provided they are not protected by HSM.
An additional auxiliary module is being developed to perform offline
decryption and recovery of the database using the loot extracted via
this module.
2022-08-22 14:41:33 -04:00
b3f9847bc4
enum_ms_product_keys: Cleanup and support non-meterpreter sessions
2022-08-21 16:00:27 +10:00
28a599804e
enum_shares: Cleanup and support non-meterpreter sessions
2022-08-19 14:08:59 +10:00
16d5af62d5
killav: Cleanup and support non-meterpreter sessions
2022-08-14 05:16:57 +10:00
dc4d3ff21b
Land #16881 , fix crash in forward_pageant module
2022-08-11 17:40:33 -05:00
a68986599d
Land #16841 , add enum_powershell_env cleanup
2022-08-10 14:00:59 -05:00
c54658b035
Land #16878 , Clean up enum_logged_on_users
...
Adds support for non-Meterpreter sessions, fixes
rubo-cop and msftidy_docs violations
2022-08-10 14:17:50 -04:00
0ac1a9d704
forward_pageant: Cleanup and fix default UNIX socket path
2022-08-08 12:56:52 +10:00
b2683981dc
enum_logged_on_users: Cleanup
2022-08-08 01:50:36 +10:00
6380c69775
enum_artifacts: Cleanup and support non-meterpreter sessions
2022-08-07 16:01:45 +10:00
11a00fa1f2
post/multi/gather/env: Cleanup and support non-Meterpreter sessions
2022-08-01 13:37:15 +10:00
f324b8c24e
enum_powershell_env: Cleanup and support non-Meterpreter sessions
2022-08-01 00:56:21 +10:00
b21abbfb18
address review
...
includes using python on target for yescrypt
support, not failing on unsupported hash types,
documentation updates, etc
2022-07-01 12:56:44 -05:00
69342f5431
add docs and mixin
2022-07-01 12:56:43 -05:00
d225d4663c
Land #16413 , update local exploit suggester
2022-05-25 13:24:11 +01:00
6b1faf0e0e
Add 'run' commands to Local Exploit Suggester docs
2022-05-25 12:05:06 +01:00
7734161ffc
Update Local Exploit Suggester documentation
2022-05-24 14:48:40 +01:00
ecec8a5993
Clean up unrelated files.
2022-05-13 15:53:40 -04:00
1fe04caadd
Land #16406 , Create get_bookmarks.rb
...
Merge branch 'land-16406' into upstream-master
2022-05-13 13:42:31 -05:00
bwatters