11c886b30f
Land #17616 , Run rubocop on post modules
2023-02-08 14:09:16 +00:00
a81a71c5df
Run rubocop on post modules
2023-02-08 13:47:34 +00:00
433bafdccf
Add missing module notes for stability reliability and side effects
2023-02-08 11:45:17 +00:00
bbf9e3163a
Fix file reads on Windows for binary files
2022-03-21 12:47:39 +00:00
c17c2636ae
post/osx/gather/hashdump: Add 'meterpreter' to supported SessionTypes
2022-01-20 13:11:24 +00:00
4a9a15e638
Run Rubocop layout rules on modules
2021-08-27 17:19:43 +01:00
ee8838eea5
added validation to make sure the file path is set
2021-04-14 17:47:19 -04:00
b42a22c4de
Updated documentation
2021-04-01 13:30:39 -04:00
c0531f4208
OSX Post exploitation .gitignore retrieval
...
This post exploitation module is meant to locate all .gitignore files in a user's home directory as well as retrieve the contents of both the .gitignore as well as the files contained in the .gitignore. There are two modes. Mode 1 finds the .gitignore files. Mode 2 retrieves the file. You must set the FILE path with the gitignore file you'd like to retrieve. This could be used to retrieve potentially sensitive artifacts.
After establishing a meterpreter session:
* use post/osx/gather/gitignore
* set mode 1
* set session n (where n is the session in which you'd like to run the module)
* run
The module will take some time to complete but will recursively search all directories from the user's home directory for .gitignore files and then print the absolute path of each file it finds. Copy the path of whichever gitignore you'd like to read and paste into the FILE variable.
* set mode 2
* set file /path/to/.gitignore
* run
At this point, the module will display the contents of the gitignore file. If it contains something of interest, you can copy the filename and replace it in the absolute path for which you found the .gitignore.
* set file /path/to/artifact
* run
This will retrieve the contents of the artifact you are looking to read.
2021-03-31 14:47:48 -04:00
319f15d938
Handle nil versions for rubygems 4
2021-02-25 16:47:49 +00:00
1617b3ec9b
Use zeitwerk for lib/msf/core folder
2020-12-07 10:31:45 +00:00
30809787c4
Convert disclosure dates to iso8601
2020-10-02 21:00:37 +01:00
3f689ccae9
Add warning for screen effect to tccbypass
2020-09-11 15:07:52 -05:00
93cdba483d
add documentation
2020-09-11 17:31:40 +08:00
686ef94e37
fix mkdir
2020-09-09 15:36:31 +08:00
c725a713af
more feedback from bcoles
2020-09-09 14:21:03 +08:00
d447bbc3dc
feedback from bcoles
2020-09-09 13:27:11 +08:00
42d70bb2a2
Add module for CVE-2020-9934
2020-09-09 13:27:11 +08:00
a765c1d994
post/osx/gather/enum_osx: Fix typos
2020-08-18 16:02:24 +00:00
8eca964ced
Update path in osx_enum to fix keychain download
...
Looks like an anchoring "/" has always been missing for the keychain download in enum_osx to function.
2020-08-16 22:50:03 -05:00
da820f08e6
don't interact with other apps to avoid asking permissions
2020-02-13 16:17:33 +01:00
fe2b3f8f29
Remove targets from post modules
2019-09-23 17:26:36 +01:00
0d041df91f
Actually test command shell support and fix it
2019-07-25 15:09:35 -05:00
3eb3ab1db2
Add side effects
2019-07-22 18:56:23 -05:00
283f9d2e08
Add OS X Manage Sonic Pi post module
2019-07-22 18:46:02 -05:00
06256cc05b
fix osx 10.7 hash IDing, and JTR ids
2019-05-30 18:33:45 -04:00
4137135ad4
Land #11737 , store password from osx/gather/password_prompt_spoof
2019-04-24 05:06:20 -05:00
4d2962386e
save creds from password prompt spoof
2019-04-16 20:44:45 -04:00
621c7182bf
osx docs and cleanup
2019-04-15 21:01:05 -04:00
9f6b9d586b
updating jtr formats in hashdumpers
2019-01-30 20:16:08 -05:00
6dd36bd8da
Land #10427 , add OSX VNC password gather module
2018-10-02 14:47:51 +08:00
b5cf682169
cleanup post/osx/gather/vnc_password_osx and add loot/credentials
2018-10-02 14:22:09 +08:00
3e61a98f25
use non-system users for hashdump
2018-09-24 22:17:58 -05:00
e1ec0ec899
hash_dump now working properly up to Mac OS X High Sierra (10.13.6 included)
2018-09-06 12:00:36 +02:00
41dd8a62cb
rename class name
...
rename for snake case
2018-08-10 17:27:19 +02:00
bb208118c3
Ruby decrypt
...
The decryption of the key in the msf has been added
2018-08-10 16:25:33 +02:00
0e8180f263
delete space
...
delete bad spaces
2018-08-06 19:01:32 +02:00
5e7a77dea8
add new functiom
...
added checking directory of VNC
2018-08-06 18:45:24 +02:00
d6a60bd10e
remove dependencies
...
removed not necessary dependencies
2018-08-06 17:20:25 +02:00
e194922855
Add vnc password osx
...
This module show Apple VNC Password from Mac OS X High Sierra.
2018-08-06 17:11:42 +02:00
45481f26b6
Add Msf::Post::OSX::Priv mixin
2018-05-22 22:25:39 +00:00
520b8bc3c0
remove many duplicate code paths
2018-05-17 08:14:32 -05:00
406f1fe165
fix #10046 , remove invalid timeout argument on cmd_exec
2018-05-17 07:38:22 -05:00
67c7a718db
Land #9868 , fix post/osx/capture/keylog_recorder
2018-05-10 16:47:57 +08:00
9ae0acd489
Removing debug statement
2018-04-28 15:56:56 -07:00
c7caac627b
Replacing Import with Fiddle, adding fork compatibility for High Sierra
2018-04-28 15:53:23 -07:00
72cd97d3e4
minor documentation and comment tweaks
2018-04-18 14:22:32 +08:00
b282db3c6a
Fixing broken imports for keylog_recorder.rb and improving control chars
2018-04-12 02:08:53 -07:00
ee6f83c281
match newfs_apfs regex
2018-04-10 14:45:14 +08:00
3f40f43609
Make final output more readable
2018-04-07 11:05:47 -04:00
dwelch-r7