This technically only finds usernames and not full sets of credentials so I removed the credential reporting method call. Instead, I have the module print out the number of users it found followed by a list of those users. I feel this will be more useful to the users.
When no password cracker is installed `cracker_version` returns `nil`.
Guard against `nil` in the version check and consolidate detection of
a viable environment and application as a responsibility of the factory
that provides the instance.
This patch adds the OptBool NullFreeVersion advanced option.
Its default value is false. When set as true, generate will output a
self included null-free version of the payload without need of encoding.
Signed-off-by: Geyslan G. Bem <geyslan@gmail.com>
This patch converts shellcode to metasm and adds new behaviour to CMD option.
Now if CMD is empty or unset, a 20 byte not null-free execve payload is build.
The arbitrary command option continues the same when CMD is set.
Signed-off-by: Geyslan G. Bem <geyslan@gmail.com>
Update modules/post/windows/gather/forensics/fanny_bmp_check.rb
Thanks, I thought the comments on it would be needed/ (this is my first module)
Co-authored-by: bcoles <bcoles@gmail.com>
Update modules/post/windows/gather/forensics/fanny_bmp_check.rb
[+] thanks!
Co-authored-by: bcoles <bcoles@gmail.com>
Update modules/post/windows/gather/forensics/fanny_bmp_check.rb
Co-authored-by: bcoles <bcoles@gmail.com>
Update modules/post/windows/gather/forensics/fanny_bmp_check.rb
Co-authored-by: bcoles <bcoles@gmail.com>
Update modules/post/windows/gather/forensics/fanny_bmp_check.rb
[+] thanks for the sharp eye! It certainly does. I tried at my side to make it look as a "flow" but never really succeeded with it. Again, thanks!
Co-authored-by: bcoles <bcoles@gmail.com>
Update modules/post/windows/gather/forensics/fanny_bmp_check.rb
Co-authored-by: bcoles <bcoles@gmail.com>
Update modules/post/windows/gather/forensics/fanny_bmp_check.rb
Of course, this is my first module - I'm sorry, thanks for pointing it out!
Co-authored-by: Spencer McIntyre <58950994+smcintyre-r7@users.noreply.github.com>
Update fanny_bmp_check.rb
Changed
...on #{sysinfo['Computer']} for...
to
"Target #{match} result(s) found in
And as well as the + 'shell' in the session types.
And, as well as commented some stuff I will remove (the comments, that is) when this is done.
The URL (ref) at the Desc. of the module needs to be a bit more short. Will do this too.
Changed (if not already?) the src link.
Create fanny_bmp_check_Docs.md
Rename fanny_bmp_check_Docs.md to fanny_bmp_check.md
Docs ready to go, (msftidy_docs done[x])
./tools/dev/msftidy_docs.rb documentation/modules/post/windows/gather/forensics/fanny_bmp_check.md
(no results) - so It's ready to go
msftidy.rb Done [no errors)
msftidy.rb Done [no errors)
Update fanny_bmp_check.md
Update fanny_bmp_check.md
Removed References since they were not (really) meant for being included, It was more of my own Notes/Comments that accidentally came with it. 👍
Indentation (2 spaces, + the 33 to 44 lineblock fixed[x])
Update modules/post/windows/gather/forensics/fanny_bmp_check.rb
Co-authored-by: bcoles <bcoles@gmail.com>
fanny_bmp_check.rb
Updated fanny_bmp_check.rb to use arrays instead.
Update fanny_bmp_check.rb
Rubocop fixed
Update fanny_bmp_check.rb
Added report_vuln() as Jmartin suggested
Update fanny_bmp_check.rb
Update v2
Update modules/post/windows/gather/forensics/fanny_bmp_check.rb
Oh, yes - Thank you, again - sorry
Co-authored-by: Jeffrey Martin <jeffrey_martin@rapid7.com>
Sorry for confusion; 2 problems(line 66+line 61) (work arounded for now)
2 Problems, first; it did not work with the info line (line 66, 61)
If It's still wrong ( the loop , which I have tried to fix)
I am not entirely sue what the problem is, because If I had the end there it was (commented out, line 61) - then it gets, unexpected 'end' expecting end-of-input,
Coming back again, sorry for the confusion.
Update modules/post/windows/gather/forensics/fanny_bmp_check.rb
Ah, tried it over here - and it worked, Thanks!
Co-authored-by: Jeffrey Martin <jeffrey_martin@rapid7.com>
Update documentation/modules/post/windows/gather/forensics/fanny_bmp_check.md
Of course, thanks, committing this suggestion.
Regards
Co-authored-by: Shelby Pace <40177151+space-r7@users.noreply.github.com>
Update modules/post/windows/gather/forensics/fanny_bmp_check.rb
Co-authored-by: Shelby Pace <40177151+space-r7@users.noreply.github.com>
Grant Willcox