adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
73,452 Commits 27 Branches 1,043 Tags
3da170a43c7f288fe9bc88fe325da488733acac3
Commit Graph

4625 Commits

Author SHA1 Message Date
Quentin Kaiser 5d89b32f58 prepend class rather than import it 2020-12-02 10:03:38 +01:00
Quentin Kaiser 8edcae4bb7 Handle a case where Pulse Secure is installed but no saved entry exists in the registry. Handle a case where the session runs as system on an affected version. 2020-12-02 09:57:28 +01:00
h00die 5ac5a0c68a print command outputs 2020-12-01 17:26:51 -05:00
h00die 797e1ec35b now saves creds 2020-11-29 07:45:59 -05:00
h00die 79caa33589 gather roster, gather data from minions 2020-11-28 17:49:32 -05:00
Quentin Kaiser 7842d746d3 Wrong return code when Pulse is not installed. 2020-11-27 16:19:52 +01:00
Quentin Kaiser 0ed2b0d253 Fix active record issue when realm is blank due to empty path. 2020-11-27 16:18:21 +01:00
Quentin Kaiser 013a1e4312 Username was not found when running the module just after the connection creation. Turns out it was saved in .tmp rather than .dat or .bak. 2020-11-27 15:11:14 +01:00
h00die 600007a0d7 worked out a bunch of syntax and added some catches 2020-11-26 11:11:37 -05:00
Quentin Kaiser 54e836e797 Add guard clause to gather_creds function to remove conditional block. 2020-11-25 15:36:37 +01:00
Quentin Kaiser 15bdffdee1 Remove redundant else after return. 
Co-authored-by: bcoles <bcoles@gmail.com>
 2020-11-25 15:31:13 +01:00
Quentin Kaiser 7f130b4414 Switch to idiomatic next guard clause. 
Co-authored-by: bcoles <bcoles@gmail.com>
 2020-11-25 15:30:38 +01:00
Quentin Kaiser c4b0253d93 Switch to idiomatic guard clause. 
Co-authored-by: bcoles <bcoles@gmail.com>
 2020-11-25 15:29:44 +01:00
Quentin Kaiser 53a1f2f19b conditional next call style update 1 
Co-authored-by: bcoles <bcoles@gmail.com>
 2020-11-25 15:27:22 +01:00
Quentin Kaiser e069b0d607 Execute data conversion using built-in methods rather than custom encoders. 2020-11-25 14:41:21 +01:00
Quentin Kaiser 8024c08882 Do not save entry to service data if we can't resolve the host. 2020-11-25 13:52:42 +01:00
Quentin Kaiser a0265e0d6c Remove unnecessary second argument to registry_enumvals. 2020-11-25 13:39:37 +01:00
Quentin Kaiser fc083d197a Finally found how to encode entropy to UTF-16LE representation in Ruby. 2020-11-25 12:58:19 +01:00
Quentin Kaiser cf405879d6 Fix hash wording. 2020-11-25 12:46:23 +01:00
Quentin Kaiser 6a4237f4e3 Uniform error handling. 2020-11-25 12:40:42 +01:00
Quentin Kaiser debaa44733 Safer connection store file reading by handling the case where user does not have permissions to read the file. 2020-11-25 12:33:28 +01:00
Quentin Kaiser 26a3342a3d Move version verification to a check function using Msf::Exploit::Remote::AutoCheck. Safer version file reading by handling the case where user does not have permissions to read the file. Cleaner status messages in check function. 2020-11-25 12:12:34 +01:00
Quentin Kaiser 50b25989fa Safer handling of registry access operation when executing from unprivileged process. 2020-11-25 11:41:34 +01:00
h00die 48affc5c90 dont read files that dont exist 2020-11-25 05:10:39 -05:00
h00die 1082f31c38 beta draft 2020-11-24 19:36:58 -05:00
Grant Willcox e648a055fc Add in RuboCop fixes to the module 2020-11-24 12:31:05 -06:00
Grant Willcox bd00ce9177 Add in fixes from review 2020-11-24 12:08:51 -06:00
A Galway 3fcea08cb8 Land #14405, presents new error message on attempted meterpreter upgrade 2020-11-23 14:09:42 +00:00
DLL_Cool_J 0ec6d4c142 Update modules/post/windows/gather/avast_memory_dump.rb 
Co-authored-by: bcoles <bcoles@gmail.com>
 2020-11-21 22:16:55 -05:00
Tim W 634a2f3c61 prevent upgrading of meterpreter sessions with shell_to_meterpreter 2020-11-20 17:26:21 +00:00
dwelch-r7 c7b5616319 Land #14341, Fix NIL Dereference Issues 
Fix NIL Dereference Issues, Missing fail_with Statements, and Update Regex Inside SecureCRT Password Gatherer
 2020-11-18 16:17:25 +00:00
Grant Willcox d96f257842 Fix up mistake where I thought .to_s on an empty string would return an empty string 2020-11-18 09:54:50 -06:00
Tim W fd3f64ed0a fix encoding and comspec in shell_to_meterpreter 2020-11-18 22:46:09 +08:00
Grant Willcox ef108eae4c Add in Dean's suggested fix to make the check a little neater 2020-11-17 10:02:02 -06:00
Grant Willcox dab01ea179 Add in fixes to use string capture group functionality and also improve the regex so that we get extra info such as port numbers and protocol info from logins other than SSH 2020-11-13 14:14:45 -06:00
Spencer McIntyre 76ab0ee849 Land #14304, execute_dotnet_assembly fix parameters management 2020-11-10 09:56:18 -05:00
Quentin Kaiser 26f39b5819 Checks if Pulse Secure Connect client is actually installed. Raise an exception if it's not. 2020-11-10 13:54:22 +01:00
Spencer McIntyre 0ccb50ac02 Adjust how HostingCLR arguments are packed 2020-11-09 12:24:55 -05:00
Quentin Kaiser 8eeca7cafd Fix rdoc. 2020-11-09 16:33:16 +01:00
Quentin Kaiser f2f360ff5f msftidy run 2020-11-09 16:27:19 +01:00
Quentin Kaiser 68e3f6a146 Refactor run function, makes build information easier to understand by using print_good and print_warning. 2020-11-09 16:25:06 +01:00
Quentin Kaiser a17434050c Document each function for easier review. 2020-11-09 16:21:08 +01:00
Quentin Kaiser c62a6716c5 Remove spaces at EOL. 2020-11-09 15:46:13 +01:00
Quentin Kaiser d8f5dc5143 IVE definitions are shared by every user running on the same host. I fixed the data structure to reflect that. 2020-11-06 16:53:02 +01:00
Quentin Kaiser 05fa4b235d Fix vulnerable builds range. Finally supports DPAPI decryption as elevated user. Lots of cleanup to do. 2020-11-06 16:00:48 +01:00
Jared Stroud e7e8765473 removing spaces EOL 2020-11-05 20:54:04 -05:00
Grant Willcox e0209b34c6 Apply initial fixes from Adam's review 2020-11-05 11:53:38 -06:00
Quentin Kaiser ca3055a009 Proper version checks. Comment on future work regarding data left in registy by previous version and dumping when in elevated mode. 2020-11-05 13:28:42 +01:00
Quentin Kaiser a800536df2 For some reason, the first profile will be stored in connstore.dat while subsequent ones will be stored in connstore.tmp. Note that even if it ends with '.tmp', this file is not temporary. This commit provides support for deployments with multiple VPN connections. 2020-11-05 12:41:38 +01:00
Grant Willcox 84af718ad9 Fix up the fail_with statements as I used the wrong error codes on them 2020-11-03 15:20:59 -06:00