62a3f73e70
Update rubocop target ruby version
2024-07-24 16:47:17 +01:00
f8c69e434d
Land #19173 , Add CarotDAV FTP PackRat module
...
Merge branch 'land-19173' into upstream-master
2024-05-17 16:49:33 -05:00
8a68eebbf6
Land #19171 , Add Sylpheed Email PackRat module
...
Merge branch 'land-19171' into upstream-master
2024-05-17 10:39:56 -05:00
175e16a29a
Removed unused regex search
...
Co-authored-by: cgranleese-r7 <69522014+cgranleese-r7@users.noreply.github.com >
2024-05-17 09:59:20 -05:00
a8f1d35773
Re-structured artifact enumeration option
...
Co-authored-by: cgranleese-r7 <69522014+cgranleese-r7@users.noreply.github.com >
2024-05-17 09:59:20 -05:00
39630f1d2b
Added post module for Adi IRC Client
2024-05-17 09:58:23 -05:00
6de0048354
Removed unused regex search
...
Co-authored-by: cgranleese-r7 <69522014+cgranleese-r7@users.noreply.github.com >
2024-05-16 19:15:00 -05:00
d08247776c
Re-arranged Author list
2024-05-16 19:12:54 -05:00
cf15b1f858
Added post module for Quassel IRC Client
2024-05-16 19:12:54 -05:00
7a33970ef8
Re-structured artifact enumeration option
...
Co-authored-by: cgranleese-r7 <69522014+cgranleese-r7@users.noreply.github.com >
2024-05-15 14:58:51 +01:00
554c5c3cb4
Re-structured artifact enumeration option
...
Co-authored-by: cgranleese-r7 <69522014+cgranleese-r7@users.noreply.github.com >
2024-05-15 14:52:58 +01:00
121d3ded85
Re-structured artifact enumeration option
...
Co-authored-by: cgranleese-r7 <69522014+cgranleese-r7@users.noreply.github.com >
2024-05-15 14:07:48 +01:00
8259db4756
Removed unused regex search
...
Co-authored-by: cgranleese-r7 <69522014+cgranleese-r7@users.noreply.github.com >
2024-05-15 14:06:58 +01:00
1326849076
Added post module & documentation for CarotDAV FTP Client
2024-05-08 10:54:33 -04:00
c5500a3337
Added post module & documentation for Sylpheed email Client
2024-05-08 10:09:49 -04:00
b3f2904e75
Re-arranged Author list
2024-05-07 16:22:51 -04:00
37c068a66e
RuboCop Fixes
2024-05-07 13:25:52 -04:00
ee2ca6a35b
Added post module for Halloy IRC Client
2024-05-07 12:51:25 -04:00
8b1ff6d44e
change bloodhound OutputDirectory to OptString
...
OptPath is intended for a local path and performs validation. Attempting to set it to a target path that doesn't exist on the local fails.
2024-02-29 07:12:37 -06:00
5fa1ce8ed2
Add support for newer sqlcmd versions
2024-02-12 11:51:02 +00:00
48221e594d
Land #18704 , Leverage the module metadata cache in the module_sets
2024-02-02 14:16:46 +00:00
2cf045d3c4
Leverage the module metadata cache in the module_sets
2024-01-15 14:56:46 +00:00
57c882cab5
Land #18604 , Add Post Windows Gather to perform Mikrotik Winbox "Keep Password" credentials extraction
...
Merge branch 'land-18604' into upstream-master
2024-01-09 15:38:35 -06:00
dc6d84d823
Update modules/post/windows/gather/credentials/winbox_settings.rb
...
Co-authored-by: Brendan <bwatters@rapid7.com >
2024-01-09 00:43:10 +01:00
a0bc08c6ec
Quick change to add support for more sessions and to only read the file once
2024-01-05 17:33:54 -06:00
3bad98afc6
Land #18488 , add kerberos_tickets post module
...
Adds a module to manage kerberos tickets from a compromised
host. This PR also includes rail gun enhancements.
2023-12-07 19:12:48 -05:00
48e2e09dfc
msftidy fix
2023-12-07 19:23:33 +01:00
05800296f3
RuboCop fixes and msftidy fixes
2023-12-07 13:45:19 +01:00
4039ea523a
RuboCop Fixes
2023-12-07 13:19:13 +01:00
32e5dfb12d
Windows gather credentials for Mikrotik Winbox 'Keep Password' feature
2023-12-07 13:14:37 +01:00
13ae9fcded
Refactor things in #decrypt_data
...
* Check that the initial memory was actually allocated before writing to
it
* Don't pass 16 to CryptUnprotectData as the ppszDataDescr parameter
because it is not a valid LPWSTR
* Don't leak memory in the event that CryptUnprotectData by ensuring mem
and addr are always free'ed
* Combine free calls into one for speed
* Don't assume the sessions is ARCH_X64 if it is not ARCH_X86 because
that may change some day
2023-11-20 16:40:42 -05:00
b5aeab0c9f
Merge #18491 , Add Module for PL/SQL Developer to gather credentials
...
Merge branch 'land-18491' into upstream-master
2023-11-09 11:18:52 -06:00
893da00c6a
Modify Table DisplayName and password matching regex
2023-11-09 13:58:14 +08:00
a4750b11bc
Optimize AES key
2023-11-09 05:26:20 +08:00
9c23f86d83
Add support for v15 new encryption algorithm
2023-11-09 05:08:27 +08:00
d4166098a8
Update to be compatible for PL/SQL 14
2023-11-08 01:15:22 +08:00
ce5188a76c
Land #18218 , improve Windows checkvm post module
...
This PR includes a number of enhancements to the windows
checkvm post module, including reducing the number of requests
set to the targets among other things.
2023-11-03 12:17:06 -04:00
23110e2ee3
Update modules/post/windows/gather/checkvm.rb
2023-11-03 11:18:55 -04:00
763fae6cd7
Fix typo to pass msftidy
2023-11-02 10:41:53 +08:00
7b76cc01f9
Add x86 support to windows/manage/kerberos_tickets
2023-10-27 12:47:19 -04:00
54bce7fcb5
Add module docs
2023-10-27 12:47:19 -04:00
b44bf1ce7e
Resolve the ticket host
2023-10-27 12:47:19 -04:00
7137820381
Refactor the module and update output handling
2023-10-27 12:47:19 -04:00
79a3e756b3
Add the ENUM_LUIDS action
2023-10-27 12:47:19 -04:00
98906a5976
Add the SHOW_LUID action, refactor printed output
2023-10-27 12:47:19 -04:00
7b4caf79f8
Move the code into libraries for reuse
2023-10-27 12:47:19 -04:00
3a6086d88b
Initial kerberos_tickets WIP
2023-10-27 12:47:19 -04:00
5b5d5ade40
Free data using the new util API
2023-10-27 12:47:19 -04:00
93c13ad6a7
Apply document suggestions from code review
...
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com >
2023-10-27 02:02:00 +08:00
013e4b5af2
Add Module for PL/SQL Developer to gather credentials
2023-10-26 19:38:02 +08:00
adfoster-r7