f6b032b744
Add warning about Linux results to documentation and to the module's description field
2020-09-18 10:35:59 -05:00
de4008984a
Add in a few more package managers, think I'll stop after this given the diminishing returns atm
2020-09-17 18:00:36 -05:00
02bf9561e5
Switch over to using a packager manager orientated approach for gathering installed software on Linux
2020-09-17 17:18:29 -05:00
83a8f87438
Fix some mistakes with the command for some package managers that weren't returning the version numbers as expected
2020-09-17 16:08:35 -05:00
7323447c0a
Land #14117 ', Hyper-V VM Enumeration Module
2020-09-17 17:52:27 +02:00
85ef2b602e
Fix up regex in module to address changes noted in review. Also update documentation to remove an extra line and to address review recommendtations
2020-09-16 16:02:54 -05:00
bc9986f72c
Apply RuboCop edits and also edit the %w[] entries so they didn't include the stray single quotes in the resulting string
2020-09-16 15:14:52 -05:00
798e5cce61
Add in casting the results of cmd_exec calls to strings using .to_s as @bcoles recommended and also check for potential cases where no results are returned. This should make the code more defensive and help protect against potential failure cases
2020-09-16 15:06:11 -05:00
3e10ec5fc9
Redo the checks using the command_exists? command that @bcoles recommended
2020-09-16 12:49:36 -05:00
e3ffa39e57
Implement the case change from the review as mentioned by @wvu-r7
2020-09-16 12:15:40 -05:00
4f0f63e3ea
Silly edit to fix an extra space. Feel free to merge me with the last commit.
2020-09-16 11:57:59 -05:00
1795edfa29
Fix up enum_software_versions.rb and its code based on initial feedback
2020-09-16 11:40:37 -05:00
08fbce5220
Land #14125 , add SCREEN_EFFECTS note to tccbypass
2020-09-16 15:14:29 +08:00
2544b1a4cc
Add RuboCop fixes to the module and also update the Android code to be correct
2020-09-15 17:16:11 -05:00
3d883cd5e5
Merge me with last commit, remove erronious extra require
2020-09-15 16:59:28 -05:00
96a0fca456
Initial upload of enum_software_versions.rb
2020-09-15 16:27:22 -05:00
e11840c2a5
land #14031 , F5 processor
2020-09-14 18:38:58 +02:00
daa10ea735
enhance user data parsing
2020-09-12 10:07:23 -04:00
6ba06f2e74
add protocols
2020-09-12 15:29:02 +08:00
03c410215e
Add HyperSine as an author since he discovered the decryption keys, update some of the logic to use ternary operators to be more explicit in nature, update securecrt_crypto to fix a bug where it could end up with a defined return value, update the warnings to be a bit more explicit, and fix a logic bug in the run function due to how expand_path and registry_getvaldata interact with one another
2020-09-11 16:55:16 -05:00
3f689ccae9
Add warning for screen effect to tccbypass
2020-09-11 15:07:52 -05:00
f248f20b9e
Land #13942 , Add module for CVE-2020-9934
...
Merge branch 'land-13942' into upstream-master
2020-09-11 14:58:50 -05:00
2a520606f7
Apply fixes to module and documentation so that the output is easier to understand, contains better installation instructions, and also reflects the fact that this module really gathers SecureCRT sessions and decrypts the password if it is available, aka its still useful even if we don't decrypt the password
2020-09-11 13:41:56 -05:00
b3d386bdb4
Apply msftidy_docs.rb fixes and RuboCop the module
2020-09-11 09:40:37 -05:00
93cdba483d
add documentation
2020-09-11 17:31:40 +08:00
2a50368591
remove comment
2020-09-11 11:54:12 +08:00
7267c504c3
add Gather_Securecrt_Password module
2020-09-11 11:40:52 +08:00
905fb73b7a
Add in initial copy of module and documentation
2020-09-10 18:52:13 -05:00
686ef94e37
fix mkdir
2020-09-09 15:36:31 +08:00
c725a713af
more feedback from bcoles
2020-09-09 14:21:03 +08:00
d447bbc3dc
feedback from bcoles
2020-09-09 13:27:11 +08:00
42d70bb2a2
Add module for CVE-2020-9934
2020-09-09 13:27:11 +08:00
a870b1df71
Fix user path on newer Windows
2020-09-05 10:43:41 -05:00
b2bd40ef03
Updated module description
...
Changed string description to call out the modified WMI query that now also pulls in the InstalledOn metadata for a given KB.
2020-09-02 11:33:50 -07:00
ca846fa8c1
Changing print statements to follow Ruby style
...
In response to PR feedback
2020-09-02 10:59:15 -07:00
fb4acd53b5
Include KB installation date in enum_patches
...
Currently, the output of this module only lists the KB packages installed on a Windows PC.
This change improves the module by also having it output when a given patch package was installed (this information can also be retrieved from the WMI query); this will provide insight into how regularly and reliably a PC (and by extension, environment) patches - for example, are they late in installing patches by months, when did they last patch etc.
2020-08-31 17:38:02 -07:00
26a83d5d5c
rubocop
2020-08-20 14:31:18 -04:00
c8a541c187
pre rubocop
2020-08-20 14:27:51 -04:00
3326d86db7
review comments
2020-08-20 10:26:13 -05:00
a765c1d994
post/osx/gather/enum_osx: Fix typos
2020-08-18 16:02:24 +00:00
8eca964ced
Update path in osx_enum to fix keychain download
...
Looks like an anchoring "/" has always been missing for the keychain download in enum_osx to function.
2020-08-16 22:50:03 -05:00
231ad83773
Land #13860,Mikrotik Processing
...
Merge branch 'land-13860' into upstream-master
2020-08-07 14:48:22 -05:00
35017886b8
Land #13935 , Preliminary Version 6
2020-08-06 10:19:34 -05:00
63ca46bc0c
Land #13844 , Add Linux Container Enumeration Module
2020-08-06 08:46:17 -05:00
2cb1eb9fb3
rubocop changes
2020-08-06 09:31:17 +01:00
0e1ae86511
More RuboCop fixes...
2020-08-05 21:14:24 -05:00
88e96bab22
Add in support so that if a command is specified, we store its results for the host in the loot.
2020-08-05 20:47:06 -05:00
283aa6156c
Fix a small typo on my side
2020-08-05 20:26:11 -05:00
822ad64c62
Given that the current code skips the command execution part if a command is not supplied, there is no need to supply a default command.
2020-08-05 20:18:10 -05:00
96215a586d
Fix up code to appropriately handle cases where container_execute, list_running_containers_id, and list_containers might fail due to an invalid container type
2020-08-05 19:40:22 -05:00
Grant Willcox