adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
68,051 Commits 27 Branches 1,043 Tags
052d233bd973e6a7e8b39da038962ceffa4cc6de
Commit Graph

4263 Commits

Author SHA1 Message Date
bwatters 052d233bd9 Land #17006, Gather_RedisDesktopManager_Password 
Merge branch 'land-17006' into upstream-master
 2022-10-03 15:10:30 -05:00
bcoles 5f92d9418d Modules: Fix Stability/SideEffects/Reliability notes for several modules 2022-10-01 17:54:59 +10:00
Jack Heysel 9ad513dade Land #16933, Thycotic Secret Server post module 
This PR adds a post exploitation module that exports
and decrypts Thycotic Secret Server credentials
 2022-09-30 13:16:05 -04:00
bwatters 9e74b9887d Land #17048, enum_tokens: Cleanup 
Merge branch 'land-17048' into upstream-master
 2022-09-29 15:58:46 -05:00
jheysel-r7 3b150ab3db Update modules/post/windows/gather/credentials/thycotic_secretserver_dump.rb 2022-09-29 13:58:54 -04:00
jheysel-r7 30e27d832e Update modules/post/windows/gather/credentials/thycotic_secretserver_dump.rb 2022-09-29 13:58:30 -04:00
bwatters 3170eac829 Land #16981, enum_domain_tokens: Cleanup and fix group member retrieval 
Merge branch 'land-16981' into upstream-master
 2022-09-27 09:47:34 -05:00
adfoster-r7 c436f42c8c Land #16994, Fix Multiple Registry Related Issues 2022-09-27 11:43:02 +01:00
cgranleese-r7 c74f480177 Land #17049, enum_domain_group_users module clean up 2022-09-22 17:51:12 +01:00
bcoles ce48afd0db wmic_command: Cleanup 2022-09-23 00:25:13 +10:00
bcoles 9eab7eadab enum_domain_group_users: Cleanup 2022-09-22 17:05:19 +10:00
bcoles eef42884e0 enum_tokens: Cleanup 2022-09-22 12:04:24 +10:00
Grant Willcox 98aea3f2ae Land #17002, Msf::Post::Windows: Replace load_extapi with ExtAPI capability check 2022-09-20 13:29:45 -05:00
Grant Willcox 3366179697 Add in guard clauses to wmic_command to handle sessions without sysinfo available. 2022-09-20 13:09:36 -05:00
Grant Willcox bd4a062e5f Land #17023, Fix #16999 by using a compatible default action 2022-09-19 17:33:01 -05:00
Grant Willcox 5d7c7b0a09 Update documentation and change up the code to use action.name vs datastore['ACTION'] since that is no longer populated 2022-09-19 17:31:51 -05:00
bwatters 88f14950a0 Land #16688, Add Mimipenguin 
Merge branch 'land-16688' into upstream-master
 2022-09-19 12:43:16 -05:00
adfoster-r7 9b59698cbf Land #17029, Add getsystem module docs 2022-09-16 23:46:51 +01:00
Spencer McIntyre eae1adb8bb Add getsystem module docs 2022-09-16 14:59:50 -04:00
cgranleese-r7 55119aaac7 Land #16940, Rewrite datastore, and add support for option fallback lookups 2022-09-16 14:19:19 +01:00
adfoster-r7 3a281234df Add feature flagged datastore rewrite, with support for option fallback lookups 2022-09-16 12:59:02 +01:00
Grant Willcox cee6b6a111 Land #17003, enum_patches: Cleanup, print patches as table, store patches as CSV 2022-09-15 18:07:11 -05:00
Grant Willcox d278d6aa81 Add in missing require to make module work, then fix up some minor things observed during review process 2022-09-15 17:44:25 -05:00
Spencer McIntyre 4f46905e3c Fix #16999 by using a compatible default action 
Fixes the default action, fixes running on WOW64, applies rubocop
changes.
 2022-09-15 17:10:51 -04:00
Grant Willcox e7d2fdfe0a Rename module and fix up some issues with documentation 2022-09-14 17:03:42 -05:00
Christophe De La Fuente 3c9b57c415 Land #16911, enum_ms_product_keys: Cleanup and support non-meterpreter sessions 2022-09-13 16:06:55 +02:00
Spencer McIntyre 6467fb3a8f Land #16906, enum_snmp improvements 
enum_snmp: Cleanup and support non-Meterpreter sessions
 2022-09-13 09:05:15 -04:00
bcoles a0030ac667 enum_snmp: Cleanup and support non-Meterpreter sessions 2022-09-13 17:45:10 +10:00
Grant Willcox 05283d30a3 Fix up edge case checks 2022-09-12 14:11:04 -05:00
cn-kali-team 91be73b077 lint 2022-09-12 21:08:48 +08:00
cn-kali-team 2726f04e43 Gather_RedisDesktopManager_Password 2022-09-12 20:40:49 +08:00
bcoles ebaca4cd48 enum_patches: Cleanup, print patches as table, store patches as CSV 2022-09-12 13:50:32 +10:00
bcoles 302bcfbc03 enum_domain_tokens: Cleanup and fix group member retrieval 2022-09-10 13:54:39 +10:00
bcoles 8dc4107bed enum_services: Cleanup and support non-Meterpreter sessions 2022-09-09 15:09:47 -05:00
Grant Willcox 7869e92298 Fix up error handling for some failure cases 2022-09-08 13:35:22 -05:00
bcoles 290d70bd19 enum_domain: Cleanup and support non-Meterpreter sessions 2022-09-08 12:34:37 -05:00
space-r7 beb08e1130 add arm support 2022-09-08 08:48:33 -05:00
Grant Willcox 446d891705 Land #16901, killav: Cleanup and support non-meterpreter sessions 2022-09-07 14:02:11 -05:00
Grant Willcox 9a8afda0a2 Fix check on length 2022-09-07 14:01:53 -05:00
bwatters a289cf9759 Land #16968, Update deprecated parameter in enum_system.rb 
Merge branch 'land-16968' into upstream-master
 2022-09-07 08:17:04 -05:00
Spencer McIntyre f1a7be6c49 Fix how REG_MULTI_SZ is handled 2022-09-06 16:53:30 -04:00
npm-cesium137-io 8eed4fb617 thycotic_secretserver_dump refinements 
Significant refactor of exception handling: less 'fail_with', more
'return false'.

Optimized interactions with SQL for less code redundancy.

Removed references to LOOT_ONLY in the module info.

Various tweaks and bug fixes.
 2022-09-05 11:00:12 -04:00
space-r7 53b25d7d69 Land #16934, support dumping mem by process name 2022-09-01 12:58:01 -05:00
luisfso 3ddf761f4b Update enum_system.rb 
the command "find / -xdev -type f -perm +6000 -perm -1 2> /dev/null" don't work in new linux systems

-perm +mode
       Deprecated,  old  way  of  searching  for  files with any of the permission bits in mode set.  You
       should use -perm /mode instead. Trying to use the  `+'  syntax  with  symbolic  modes  will  yield
       surprising results.  For example, `+u+x' is a valid symbolic mode (equivalent to +u,+x, i.e. 0111)
       and will therefore not be evaluated as -perm +mode but instead as the exact mode  specifier  -perm
       mode  and  so  it  matches files with exact permissions 0111 instead of files with any execute bit
       set.  If you found this paragraph confusing, you're not alone - just use -perm /mode.   This  form
       of  the  -perm test is deprecated because the POSIX specification requires the interpretation of a
       leading `+' as being part of a symbolic mode, and so we switched to using `/' instead.
 2022-09-01 14:56:28 -03:00
Spencer McIntyre 35c2a2cc7a Land #16903, enum_shares Cleanup and shell support 
enum_shares: Cleanup and support non-meterpreter sessions
 2022-08-31 13:21:31 -04:00
Spencer McIntyre 9960fe1393 Fix the constant definition 2022-08-31 12:31:09 -04:00
space-r7 90c220a39f fix failing hash checks 2022-08-29 17:50:49 -05:00
npm-cesium137-io da43f9c069 Refactor thycotic_secretserver_dump MKII 
Removed all logic around the isSalted column since I have no idea what
that flag is actually supposed to represent.

Further optimized Thycotic decryption method for efficiency.

Fixed where the revision digit was being truncated after converting
ss_build to float.

Removed the offline 'decrypt' action as it required setting a reserved
value for session in order to operate.

Minor tweaks & correct typos and formatting.

Updated documentation.
 2022-08-29 11:45:18 -04:00
npm-cesium137-io dbbccf43ef thycotic_secretserver_dump offline support 
Added support for sessionless execution if the SESSION is set to -1.

Misc cleanup.
 2022-08-27 13:12:31 -04:00
npm-cesium137-io be2a8e564f Refine thycotic_secretserver_dump 
Added much-needed support for SQL integrated authentication.

Significant improvement to the decryption routine: better version
detection and less churning through faulty decryption attempts.

Various tweaks and optimizations based on feedback.

Lots of bug fixes.
 2022-08-27 09:05:16 -04:00