The default firefox profile directory now no longer ends in `.default`
but instead `.default-release`. For backwards compat the new regex
supports both. For more information see:
https://support.mozilla.org/bm/questions/1264072#answer-1235567
It's possible we might want to also support things like
`.default-nightly`, etc but really if we want to do more than grab
the default profile we should read the `profiles.ini` file to get
an itemized list of profiles from Firefox itself. This would also
future-proof this script.
Since profiles are not generally used by most Firefox users just going
for the simpler solution of looking for `.default-release`.
Update modules/post/windows/gather/forensics/fanny_bmp_check.rb
Thanks, I thought the comments on it would be needed/ (this is my first module)
Co-authored-by: bcoles <bcoles@gmail.com>
Update modules/post/windows/gather/forensics/fanny_bmp_check.rb
[+] thanks!
Co-authored-by: bcoles <bcoles@gmail.com>
Update modules/post/windows/gather/forensics/fanny_bmp_check.rb
Co-authored-by: bcoles <bcoles@gmail.com>
Update modules/post/windows/gather/forensics/fanny_bmp_check.rb
Co-authored-by: bcoles <bcoles@gmail.com>
Update modules/post/windows/gather/forensics/fanny_bmp_check.rb
[+] thanks for the sharp eye! It certainly does. I tried at my side to make it look as a "flow" but never really succeeded with it. Again, thanks!
Co-authored-by: bcoles <bcoles@gmail.com>
Update modules/post/windows/gather/forensics/fanny_bmp_check.rb
Co-authored-by: bcoles <bcoles@gmail.com>
Update modules/post/windows/gather/forensics/fanny_bmp_check.rb
Of course, this is my first module - I'm sorry, thanks for pointing it out!
Co-authored-by: Spencer McIntyre <58950994+smcintyre-r7@users.noreply.github.com>
Update fanny_bmp_check.rb
Changed
...on #{sysinfo['Computer']} for...
to
"Target #{match} result(s) found in
And as well as the + 'shell' in the session types.
And, as well as commented some stuff I will remove (the comments, that is) when this is done.
The URL (ref) at the Desc. of the module needs to be a bit more short. Will do this too.
Changed (if not already?) the src link.
Create fanny_bmp_check_Docs.md
Rename fanny_bmp_check_Docs.md to fanny_bmp_check.md
Docs ready to go, (msftidy_docs done[x])
./tools/dev/msftidy_docs.rb documentation/modules/post/windows/gather/forensics/fanny_bmp_check.md
(no results) - so It's ready to go
msftidy.rb Done [no errors)
msftidy.rb Done [no errors)
Update fanny_bmp_check.md
Update fanny_bmp_check.md
Removed References since they were not (really) meant for being included, It was more of my own Notes/Comments that accidentally came with it. 👍
Indentation (2 spaces, + the 33 to 44 lineblock fixed[x])
Update modules/post/windows/gather/forensics/fanny_bmp_check.rb
Co-authored-by: bcoles <bcoles@gmail.com>
fanny_bmp_check.rb
Updated fanny_bmp_check.rb to use arrays instead.
Update fanny_bmp_check.rb
Rubocop fixed
Update fanny_bmp_check.rb
Added report_vuln() as Jmartin suggested
Update fanny_bmp_check.rb
Update v2
Update modules/post/windows/gather/forensics/fanny_bmp_check.rb
Oh, yes - Thank you, again - sorry
Co-authored-by: Jeffrey Martin <jeffrey_martin@rapid7.com>
Sorry for confusion; 2 problems(line 66+line 61) (work arounded for now)
2 Problems, first; it did not work with the info line (line 66, 61)
If It's still wrong ( the loop , which I have tried to fix)
I am not entirely sue what the problem is, because If I had the end there it was (commented out, line 61) - then it gets, unexpected 'end' expecting end-of-input,
Coming back again, sorry for the confusion.
Update modules/post/windows/gather/forensics/fanny_bmp_check.rb
Ah, tried it over here - and it worked, Thanks!
Co-authored-by: Jeffrey Martin <jeffrey_martin@rapid7.com>
Update documentation/modules/post/windows/gather/forensics/fanny_bmp_check.md
Of course, thanks, committing this suggestion.
Regards
Co-authored-by: Shelby Pace <40177151+space-r7@users.noreply.github.com>
Update modules/post/windows/gather/forensics/fanny_bmp_check.rb
Co-authored-by: Shelby Pace <40177151+space-r7@users.noreply.github.com>
friedrico