Update modules/post/multi/sap/smdagent_get_properties.rb
Update modules/auxiliary/admin/sap/cve_2020_6207_solman_rce.rb
Update documentation for auxiliary module cve_2020_6207_solman_rce.md
Update documentation for post module smdagent_get_properties.md
Move setup_xml_and_variables to `run` method in auxiliary module cve_2020_6207_solman_rce.rb
Delete list_dir, read_file, file_exist in post module smdagent_get_properties.rb
This post exploitation module is meant to locate all .gitignore files in a user's home directory as well as retrieve the contents of both the .gitignore as well as the files contained in the .gitignore. There are two modes. Mode 1 finds the .gitignore files. Mode 2 retrieves the file. You must set the FILE path with the gitignore file you'd like to retrieve. This could be used to retrieve potentially sensitive artifacts.
After establishing a meterpreter session:
* use post/osx/gather/gitignore
* set mode 1
* set session n (where n is the session in which you'd like to run the module)
* run
The module will take some time to complete but will recursively search all directories from the user's home directory for .gitignore files and then print the absolute path of each file it finds. Copy the path of whichever gitignore you'd like to read and paste into the FILE variable.
* set mode 2
* set file /path/to/.gitignore
* run
At this point, the module will display the contents of the gitignore file. If it contains something of interest, you can copy the filename and replace it in the absolute path for which you found the .gitignore.
* set file /path/to/artifact
* run
This will retrieve the contents of the artifact you are looking to read.
The default firefox profile directory now no longer ends in `.default`
but instead `.default-release`. For backwards compat the new regex
supports both. For more information see:
https://support.mozilla.org/bm/questions/1264072#answer-1235567
It's possible we might want to also support things like
`.default-nightly`, etc but really if we want to do more than grab
the default profile we should read the `profiles.ini` file to get
an itemized list of profiles from Firefox itself. This would also
future-proof this script.
Since profiles are not generally used by most Firefox users just going
for the simpler solution of looking for `.default-release`.
gianpyc