adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
73,452 Commits 27 Branches 1,043 Tags
3da170a43c7f288fe9bc88fe325da488733acac3
Commit Graph

4625 Commits

Author SHA1 Message Date
Brent Cook 99ed2b7bf2 merge modules and documentation 2019-10-29 04:27:25 -05:00
Brent Cook 4abee63936 only loot config files with passwords 2019-10-29 04:18:08 -05:00
Brent Cook 4c1f117566 add auto targeting from grub.d and FILENAME option 2019-10-29 04:17:47 -05:00
Brent Cook 0ebcda3aaa merge credits 2019-10-29 04:17:26 -05:00
Brent Cook 4d8e9bad26 expand file list from grub_cred 2019-10-29 03:42:23 -05:00
Brent Cook bd76e1f2cb initial tidy pass w/rubocop 2019-10-29 03:42:01 -05:00
Brent Cook c6ecef3dc7 Merge #11426, other grub password extraction module 2019-10-29 03:34:36 -05:00
Brendan Coles e9a7ceaf1c Use CheckCode.message - Fix #12499 2019-10-28 03:24:20 +00:00
Brendan Coles a27af6b631 Add BSD Dump Password Hashes module 2019-10-27 06:46:31 +00:00
Brent Cook 58b8990131 Land #12462, add post module to gather grub passwords 2019-10-21 12:35:52 -05:00
Francesco Soncina e992480b5c Update shellcode_inject.rb 2019-10-17 16:02:59 +02:00
Taeber Rapczak 1c9a3c74d5 Add post module to collect grub passwords 
closes #11166
 2019-10-16 00:45:33 -04:00
Shelby Pace d4ac2efcc9 add parsing function and cred table 2019-10-14 09:34:55 -05:00
Wei Chen 12c930a445 Land #12136, Add post module for dumping credentials out of NagiosXI 2019-10-10 16:59:40 -05:00
Wei Chen ffdfe33e11 Check unexpected scenarios 2019-10-10 16:57:49 -05:00
Francesco Soncina 74ae445128 Add AUTOUNHOOK support for shellcode_inject post module 
The module will now first inject the unhook dll and then the provided shellcode.
 2019-10-10 16:35:57 +02:00
bwatters-r7 47dd96df68 Remove duplicate module in the wrong place 2019-10-08 08:48:11 -05:00
h00die 905eb17132 begining to fix spelling errors 2019-10-05 14:26:34 -04:00
h00die f95f952b65 fix separated spelling 2019-10-05 14:13:38 -04:00
b4rtik bc4f706b0d Execute Assembly 2019-10-05 12:47:03 +02:00
Francesco Soncina dd9fb2d9d6 Add shellcode_inject post module 
This module injects an arbitrary shellcode into a target process.
 2019-10-03 16:47:10 +02:00
Brent Cook 2227903585 Land #12313, Add mazda_ic_mover module that moves the instrument cluster 2019-09-26 03:50:29 -05:00
Brent Cook c86511722a Land #12258, Update gpp.rb to display GPO name 2019-09-26 03:36:28 -05:00
Brent Cook 026f9cbd96 Land #12354, Remove unused targets from aux and post modules 2019-09-25 07:40:06 -05:00
dwelch-r7 285244e877 Remove commented out code 2019-09-24 13:51:54 +01:00
dwelch-r7 a587668b9e Remove Default targets from aux modules 2019-09-24 12:15:43 +01:00
Brent Cook 0ed09cc9bf Land #11927, Add Brocade post module and config parser 2019-09-24 05:59:21 -05:00
dwelch-r7 fe2b3f8f29 Remove targets from post modules 2019-09-23 17:26:36 +01:00
Jay Turla b879a888f8 Indent everything in super to 2 spaces 2019-09-13 09:32:21 +08:00
Jay Turla 5fa9c5e21a Update mazda_ic_mover.rb 
Changed ```0x10``` to ```0x01```
 2019-09-12 12:49:45 +08:00
Jay Turla b3240a1819 Add mazda_ic_mover module that moves the instrument cluster 
This module moves the needle of the accelorometer and speedometer of the Mazda 2 instrument cluster
 2019-09-12 00:07:42 +08:00
h00die f60e8a3dbd less indents 2019-09-08 00:11:11 -04:00
h00die ce5f8d8d2f add datastore option 2019-09-08 00:06:49 -04:00
gkweb76 795e0ebeb5 Restore a "print" to "print_good" 
Aesthetics modification
 2019-09-07 09:02:04 +02:00
gkweb76 a2d2475618 Fixed wrong previous commit 2019-09-05 22:12:33 +02:00
gkweb76 88d424cf3f Make the modification suggested by @acammack-r7 
Directly insert the new value in the "table", instead of modifying the screen output manually. Simpler and cleaner, thanks @acammack-r7 !
 2019-09-05 21:44:18 +02:00
James Lee 56d81052e8 Save the data we just collected 
Instead of just throwing it away after printing.
 2019-09-05 09:47:04 -05:00
gkweb76 13560e93c0 Improve ADSI GPO filter to return only one result 2019-09-02 20:15:00 +02:00
gkweb76 71b825ee06 Update gpp.rb to display GPO name 
GPO files on SYSVOL do only include the GPO GUID, not the GPO name defined by the administrator. This modification makes this gpp module make an ADSI query to retrieve all of the domain's GPOs, and compare their GUID. If one GUID matches, then we know the GPO name and we can display it. On a pentest, a client is much more interested by knowing the GPO name rather than the obscure GUID. The ADSI query relies on meterpreter "extapi" extension.
 2019-08-31 12:37:49 +02:00
William Vu 32334c2386 Update all module splats from http:// to https:// 2019-08-15 18:10:44 -05:00
Brendan Coles efd6bec827 Store opasswd password history 2019-08-04 01:12:06 +00:00
Brent Cook 5b8a75f544 Land #12119, Add OS X post module to manage Sonic Pi 2019-07-28 23:12:26 -05:00
breeh c48a43a771 Adding post module for dumping credentials out of NagiosXI 2019-07-27 11:22:58 -06:00
Francesco Soncina b6b3a54b79 fix typo in payload_inject 
:)
 2019-07-27 19:02:33 +02:00
William Vu 0d041df91f Actually test command shell support and fix it 2019-07-25 15:09:35 -05:00
William Vu 3eb3ab1db2 Add side effects 2019-07-22 18:56:23 -05:00
William Vu 283f9d2e08 Add OS X Manage Sonic Pi post module 2019-07-22 18:46:02 -05:00
h00die f19ddc11e8 cisco docs and bug fixes 2019-07-21 20:57:47 -04:00
RageLtMan f874f50748 Update Author fields for several modules 
Add hirura to authors list for the Ruby reverse_ssh payloads.

Update all modules with author-per-line name references to be
consistent (useful given the difference in names between commiter
in git log and GitHub account).

Next steps:
  See if HrrRbSsh client-side implementation can be fleshed out
enough to create alternative payload outputs for both of the Ruby
modules (using TARGET/ACTION to select between net/ or hrr_).
 2019-06-25 20:49:26 -04:00
h00die 4d60f38177 brocade working 2019-06-09 15:10:05 -04:00