71b825ee06
Update gpp.rb to display GPO name
...
GPO files on SYSVOL do only include the GPO GUID, not the GPO name defined by the administrator. This modification makes this gpp module make an ADSI query to retrieve all of the domain's GPOs, and compare their GUID. If one GUID matches, then we know the GPO name and we can display it. On a pentest, a client is much more interested by knowing the GPO name rather than the obscure GUID. The ADSI query relies on meterpreter "extapi" extension.
2019-08-31 12:37:49 +02:00
b6b3a54b79
fix typo in payload_inject
...
:)
2019-07-27 19:02:33 +02:00
f874f50748
Update Author fields for several modules
...
Add hirura to authors list for the Ruby reverse_ssh payloads.
Update all modules with author-per-line name references to be
consistent (useful given the difference in names between commiter
in git log and GitHub account).
Next steps:
See if HrrRbSsh client-side implementation can be fleshed out
enough to create alternative payload outputs for both of the Ruby
modules (using TARGET/ACTION to select between net/ or hrr_).
2019-06-25 20:49:26 -04:00
53557cc92e
replace trivial usage of expand_path with getenv
...
expand_path is not implemented consistently across platforms and
sessions, which leads to confusing behavior. In places where we have trivial
single variable expansions, this changes modules and library code to just use
getenv.
We'll look at the rest individually to see if they can also be reimplemented in
terms of getenv.
2019-05-31 17:44:35 -05:00
9d71020d9c
Removed credit
2019-03-24 19:11:22 -04:00
8a36a0f410
Added support for later versions of Outlook, rubocop complaints
2019-03-24 18:39:55 -04:00
85066938df
Land #11157 , Add Windows Gather Power Shell History module
2019-02-13 12:39:28 -06:00
366d060b5d
Minor changes for psreadline_history
2019-02-13 12:38:36 -06:00
28283809f9
Add nil check to enum_patches
2019-02-02 15:33:48 +00:00
e9a8d5708a
Land #11234 , @bcoles revisionism
2019-01-11 20:15:34 -06:00
24f807490f
revisionism
2019-01-10 19:19:14 +00:00
307cc8c107
fix comment
2019-01-09 11:12:51 -06:00
0c984fa232
Fix messages /successfuly/successfully
2019-01-09 06:32:22 -06:00
81f4ed6db3
Add references and remove reserved function calls
2018-12-22 00:30:37 +05:30
5838ad87fb
Check if directory and file exist and report accordingly
2018-12-21 19:36:01 +05:30
ba9c7039f7
Add psreadline_history module
2018-12-21 18:18:21 +05:30
df9c3da47e
Land #10842 , Add Windows Post Module to roll back Windows Defender signatures
...
Merge branch 'land-10842' into upstream-master
2018-12-03 10:57:38 -06:00
a801d741c9
Remove old module
2018-11-30 17:28:54 -06:00
70031b6721
Shut up msftidy and document updates
2018-11-30 16:41:40 -06:00
3c992b7af1
Updated documentation and added options in the module to update or roll back
...
definitions
2018-11-30 16:25:33 -06:00
a41b9a77d8
Change the module name, fix cleanup, add documentation
2018-11-30 15:20:34 -06:00
1304f93f1f
Add more checks and a cleanup function
2018-11-29 10:39:46 -06:00
d6db5ebdfe
Land #10716 , Create PureVPN Credential Collector Post Explotation Module
2018-11-27 17:42:23 -06:00
830a80e598
Check -1 user/pass condition and improved exception handling
2018-11-27 16:23:09 -06:00
7f26364d5b
Changes suggested by OJ
2018-10-29 22:01:47 -05:00
b4c005c4d4
Land #10561 , Add Windows local privilege escalation - CVE-2018-0824
...
Merge branch 'land-10561' into upstream-master
2018-10-25 13:22:31 -05:00
569c2e03c9
Fix exploit relics and documentation
2018-10-23 17:15:34 -05:00
927a29530b
Remove duplicated files
2018-10-23 12:31:18 -05:00
74683ce951
Add Windows Post Module to disable Windows Defender signatures
2018-10-21 12:07:54 -05:00
47353553e5
Get everything together finally (still needs cleanup)
2018-10-19 18:15:44 -05:00
b678db8bb6
Remove spaces at EOL
2018-09-29 15:29:51 -04:00
8d1d6ff29f
Create PureVPN Credential Collector Post Explotation Module
2018-09-28 12:00:34 -04:00
87eb600510
Land #10611 , mRemote creds gather module fixes
...
Also update #10612 to align with these changes.
2018-09-10 15:25:09 -05:00
93a73f5e71
Fix store_loot OID
...
It's supposed to be a loot type, not the filename (now stored).
2018-09-10 15:19:28 -05:00
3ec4d2f22b
Normalize loot type OID
...
1. Include the vendor, product, and technology
2. Content type is already reported, extension changed
3. Original filename including extension is also reported
Can we get some sort of standard on the OID?
2018-09-10 15:06:07 -05:00
39a2d9d2a8
save xml files as xml
2018-09-09 21:24:39 -04:00
0072d9b9b1
save as xml since it is
2018-09-09 21:22:15 -04:00
70e22707c0
vi loves tabs but i dont
2018-09-09 21:19:17 -04:00
f926f6e9af
fix pathing in mremoteng
2018-09-09 21:07:47 -04:00
0aac9a4881
unmarshal
2018-08-30 20:49:09 +05:30
20daba6e2d
fix line endings
2018-08-28 11:33:17 -05:00
f1e4079641
move add_thread code to lib/rex/post/meterpreter/extensions/peinjector/peinjector.rb
2018-08-28 09:02:21 -05:00
015abca8af
MSFTidy module
2018-08-28 09:02:21 -05:00
bb151bb727
MSFTidy module
2018-08-28 09:02:21 -05:00
2251c4a712
Add peinjector post module
2018-08-28 09:02:21 -05:00
a020d48caf
Move module documentation to documentation directory
2018-07-13 04:46:25 +00:00
dbb0748c1c
Land #9998 , customizable golden ticket duration
2018-06-27 15:51:56 -05:00
d7770a98b2
s/Seperated/Separated/
2018-06-27 15:36:41 -05:00
c4bf12cbe0
ntds_grabber msftidy fixes
2018-06-26 08:22:11 -05:00
14da99bb3d
Fix missing RequestError in a few post modules
...
Should be Rex::Post::Meterpreter::RequestError.
2018-06-12 17:11:29 -05:00
gkweb76