adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
55,054 Commits 27 Branches 1,043 Tags
94de45d856b7d4ea32456bbdc7531af67bfbcaa1
Commit Graph

3586 Commits

Author SHA1 Message Date
jiuweigui 2a0b503f06 Minor fix 2013-12-08 18:17:22 +02:00
Joe Vennix eacab1b2ad Fix description, kill dead constant. 2013-12-07 22:28:16 -06:00
Joe Vennix 969f45fd32 Refactor OSX hashdump post module. 
* Adds support for MATCHUSER regex option
* Adds support for OSX 10.8 and 10.9 hashes (PBKDF2)
* DRYs up a bunch of older code, adds lots of helper fns
* Ends up shaving off ~20 lines
 2013-12-07 22:22:23 -06:00
Joe Vennix 3066e62711 Fix typo, fix no-autologin users bug. 2013-12-07 19:27:36 -06:00
Joe Vennix 4cb788b9de Adds osx autologin password post module. 2013-12-07 19:01:35 -06:00
Joe Vennix c6eac67ab5 Kill meterpreter support for osx media modules. 
There is some bug that I haven't been able to track down that causes the
osx call to run the event queue to just hang on latest OSX + Java/python
meterpreter. I tried rewriting these modules using OSX's new Media API,
but I run into the same problem. Until I find a solution, we should mark
these shell-only.
 2013-12-07 17:46:26 -06:00
bmerinofe 5e5fd6b01a Unless replaced 2013-12-06 15:01:35 +01:00
Meatballs 3aebe968bb Land #2721 Reflective DLL Mixin 
Adds support to load a dll and identify the ReflectiveLoader offset.
Adds support to inject dll into process and execute it.

Updates kitrap0d, ppr_flatten_rec, reflective_dll_inject modules and
payload modules to use above features.
 2013-12-06 12:26:51 +00:00
OJ 73d3ea699f Remove the last redundant error check 2013-12-06 09:32:21 +10:00
OJ 2cb991cace Shuffle RDI stuff into more appropriate structure 
Now broken into two modules, one for loading RDI DLLs off disk and
finding the loader function offset, and another for doing the process
specific stuff of loading into the target.
 2013-12-06 08:25:24 +10:00
William Vu 79e23a1e13 Land #2675, @JonValt's forensics/browser_history 
Great job!
 2013-12-05 09:35:53 -06:00
Joshua Harper PI GCFE GCFA GSEC cd5172384f Rename gather_browser_history.rb to browser_history.rb 2013-12-05 08:43:19 -06:00
Joshua Harper 3957bbc710 capitalization ("skype") 
(https://github.com/rapid7/metasploit-framework/pull/2675#discussion_r8120307)

Removed some Chrome artifacts and renamed one to reflect "Archived History."  
(https://github.com/rapid7/metasploit-framework/pull/2675#discussion_r8120314)
((Will include other doxxes in another module.))
 2013-12-05 08:33:47 -06:00
jiuweigui 717f45ac09 Minor modification 2013-12-05 09:07:28 +02:00
jiuweigui 902d48efab Delete debug prints 2013-12-05 09:03:42 +02:00
jiuweigui 492cd1ca07 Modifications how info is collected from pf files. 2013-12-05 08:56:26 +02:00
OJ b936831125 Renamed the mixin module 2013-12-05 08:13:54 +10:00
bmerinofe 1833b6fd95 More changes. No admin privs check 2013-12-04 14:51:46 +01:00
OJ 7e8db8662e Update name of the mixin 
Changed `RdiMixin` to `ReflectiveDLLInjection`.
 2013-12-04 22:18:29 +10:00
bmerinofe 05479b2a19 Added new options 2013-12-04 11:45:37 +01:00
OJ f79af4c30e Add RDI mixin module 
MSF was starting to see more modules using RDI to load binaries into
remote processes, so it made sense to create a mixin which contained
the functionality that was being used in various locations.

This commit contains the new mixin, and adjustments to all the existing
exploits and modules which use RDI.
 2013-12-04 16:09:41 +10:00
bmerinofe 5c266adfd7 added ie_proxypac post meterpreter module 2013-12-03 22:23:09 +01:00
sinn3r 19293d89dd Land #2704 - rm script launcher and fix file_exists? 2013-12-02 15:05:01 -06:00
Peter Toth 44e37f1b98 Improved meterpreter compatibility 2013-12-02 21:43:58 +01:00
Joshua Harper d1dd7c291b cosmetic (indentation) 
https://github.com/rapid7/metasploit-framework/pull/2675#discussion_r7977962
 2013-12-02 13:16:48 -06:00
jvazquez-r7 7e379376dc Land #2635, @peto01 and @jvennix-r7's osx post module to manage volumes 2013-12-02 09:22:23 -06:00
jvazquez-r7 cc2b7950bf Do minor cleanup to mount_share 2013-12-02 09:21:36 -06:00
joev 040a629f34 Kill meterpreter support. 
* Meterpreter seems to fall over on the cmd escaping, and dies if you
try to pass it an array of args (python/java meterpreter on various versions
of osx).
 2013-12-01 20:17:43 -06:00
joev 2de9a4f3c1 Add support for 10.5 shares. 2013-12-01 20:13:54 -06:00
Joshua Harper cdf6ffa70d Complete refactor with lots of help from @kernelsmith and @OJ. Thank you guys so much. 2013-11-27 21:02:48 -06:00
sinn3r a8af050c16 Update post module Apache Tomcat description 
This module's description needs to be more descriptive, otherwise
you kind of have to pull the source code to see what it actually
does for you.
 2013-11-27 19:21:27 -06:00
Joshua Harper 1c17383eff removed return file_loc 
removed extra space
 2013-11-27 15:04:31 -06:00
Joshua Harper 036cd8c5ad couple cosmetic changes per wvu-r7 2013-11-27 14:44:39 -06:00
Peter Toth 95a98529c4 Removed script launcher wrapper and fixed the file_exists so that the module now detects input 2013-11-27 21:38:20 +01:00
joev 6561f149a8 DRY up URL_REGEX constant. 2013-11-27 06:16:25 -06:00
joev b0416b802d Change the Recent shares implementation. 
* Allows us to see protocol of Recent Shares
* Parses protocol from file share URL
 2013-11-27 06:08:48 -06:00
joev e876155e1a More tweaks to mount_share. 
* Adds some docs to some of the methods to further distinguish
the separate sets of shares.
 2013-11-27 05:45:46 -06:00
joev 485e38ebca Some code tweaks to post/osx/mount_share. 
* Make PROTOCOL an Enum
* Move path override options to advanced section
* More Enumerable rework
* Move one-off regexes back to inline, pull out protocol list
 2013-11-27 05:22:12 -06:00
William Vu f3e71c2c9d Be more specific 
Perl!
 2013-11-27 01:03:41 -06:00
William Vu b202b98a42 Anchor the scheme 2013-11-27 00:57:45 -06:00
William Vu e8da97aa17 Fix extraneous use of which and cmdsub 
I don't even.
 2013-11-27 00:43:07 -06:00
William Vu 288476441f Fix improper use of expand_path 
I don't even.
 2013-11-27 00:42:09 -06:00
jonvalt 9dbeb55b9a removed single quotes from inside %q{} on line 22 per https://github.com/rapid7/metasploit-framework/pull/2675#discussion_r7913331 
removed empty advanced options registration on line 28 per https://github.com/rapid7/metasploit-framework/pull/2675#discussion_r7913342
 2013-11-26 10:29:38 -06:00
sinn3r 48578c3bc0 Update description about suitable targets 
The same technique work for Microsoft Office 2013 as well. Tested.
 2013-11-24 23:02:37 -06:00
jvazquez-r7 49441875f3 Land #2683, @wchen-r7's module name consistency fix 2013-11-24 16:51:22 -06:00
Meatballs b015dd4f1c Land #2532 Enum LSA Secrets 
With refactoring of common methods from smart_hashdump, hashdump,
cachedump to Windows::Post::Privs
 2013-11-24 18:09:33 +00:00
Meatballs 7f048bcd2c Merge HOSTFILE and CSV input 
And remember to uniq the array.
 2013-11-24 15:28:44 +00:00
Meatballs 511d176128 Add hostfile resolution 2013-11-24 15:20:04 +00:00
Meatballs 23a267b65c Undo move 2013-11-24 15:06:36 +00:00
Meatballs 23ac7ad75a Merge remote-tracking branch 'upstream/master' into getaddrinfo 2013-11-24 15:00:00 +00:00