bc9fcf40d4
2016
2018-08-03 07:07:21 +00:00
79527809e2
Fix is_system? in Msf::Post::Windows::Priv for non-English systems
...
Switch to comparing the SID string, instead of comparing the resolved user name
2018-05-17 10:08:56 +02:00
a347dee372
Land #9150 , fix broken and simplify unusual RuntimeError exceptions
2017-11-01 06:03:36 -05:00
90766ceceb
remove more unusual raise RuntimeError patterns
2017-11-01 05:59:12 -05:00
3b8ef02c29
sid vs side
2017-10-29 08:36:05 -04:00
29c48f9d8d
cleanup accounts post API
2017-08-21 23:00:57 -05:00
e3a9ddfc22
fix retry case for acquiring security descriptor
2017-08-21 22:52:53 -05:00
0d17e94f54
handle unmapped sids consistently
2017-08-21 22:36:26 -05:00
0da9f4d64a
Refactor railgun "DLL" references to library
2017-06-27 17:34:06 -04:00
f39e378496
Land #8330 , fix ps_wmi_exec and psh staging
2017-05-13 14:26:47 -04:00
3cbeebe3af
Rename env_ variable to be more accurately named
2017-05-13 14:24:00 -04:00
f8fb03682a
Fix issue in ps_wmi_exec and powershell staging
...
The staging function in the post/windows/powershell class was broken
in a previous commit as the definition for env_variable was removed and
env_prefix alone is now used. This caused an error to be thrown when
attempting to stage the payload. This changes the reference from
env_variable to env_prefix.
Additionally, the ps_wmi_exec module created a powershell script to be
run that was intended to be used with the EncodedCommand command line
option; however the script itself was never actually encoded. This
change passes the compressed script to the encode_script function to
resolve that issue.
2017-04-28 03:31:56 -04:00
3cc089bcef
Support loading platform specific railgun defs
2017-04-24 19:46:56 -04:00
03698ec214
Fix how the psh mixing issues meterpreter commands
2017-03-16 08:45:10 -04:00
836da6177f
Cipher::Cipher is deprecated
2017-01-22 10:20:03 -06:00
f69b4a330e
handle Ruby 2.4 Fixnum/Bignum -> Integer deprecations
2017-01-22 10:20:03 -06:00
0737d7ca12
Tidy code, remove regex and use comparison for platform checks
2016-10-29 13:41:20 +10:00
1d617ae389
Implement first pass of architecture/platform refactor
2016-10-28 07:16:05 +10:00
63bf93be1b
code and style cleanups
2016-10-08 21:04:15 -05:00
3f5ed75198
Relocate Rex::Platform:Windows content (fixes MS-1714)
2016-09-19 14:34:44 -05:00
265adebd50
Fix typo
2016-08-19 10:44:24 -05:00
0f4d26af19
Update yard doc
2016-08-18 17:18:16 -05:00
2a61450511
Add new POST exploitation APIs for stealing a token
2016-08-18 17:08:21 -05:00
b25b2a5188
Cleaned up code per suggestions in the PR
2016-08-16 16:16:25 -05:00
0778b77f7b
Cleaned up a little
2016-08-15 12:20:28 -07:00
7730e0eb27
Added ability to retrieve .NET versions
2016-08-15 11:29:00 -07:00
e08c4a8bef
Remove .Net check
...
cmd_exec doesn't seem to be the best way to go because there is
some issue grabbing the output sometimes.
2016-08-11 10:49:06 -05:00
3851db7bcb
Use powershell when possible
2016-08-10 15:14:11 -05:00
766c0cc539
return nil if no .Net is installed
2016-08-05 11:36:32 -05:00
11f94a6efc
Do a different wmic query for newer systems
2016-08-04 14:50:46 -05:00
3ea3d95744
Add methods to check .Net and Powershell versions
2016-08-03 17:49:15 -05:00
194a84c793
Modify stdapi so it also uses exist? over exists? for ruby parity
...
Also add an alias for backward compatibility.
2016-04-23 17:31:22 -04:00
3898d11aa7
Add Windows 10 entry to the version check regex
2016-04-13 08:23:01 +10:00
d5a010c230
Add support for registry_key_exist?
2015-10-22 16:07:38 -05:00
53f995b9c3
Do first prototype
2015-09-10 19:35:26 -05:00
a2d5511e39
Land #5379 , new post modules to load into powershell sessions
2015-08-26 17:11:40 -05:00
b14889ad5c
Small typo fix
2015-08-26 17:09:33 -05:00
ef33f36bda
Remove untrusted il
2015-08-01 23:20:00 +01:00
2d9bc64457
Fix WMIC Post Library for SYSTEM
...
SYSTEM doesn't have a proper clipboard?
2015-08-01 23:11:09 +01:00
5bcb63476d
Add high integrity level check
2015-08-01 23:10:51 +01:00
366d42a0d8
Land #5609 , Fuzzer.rb and file_info.rb YARD doc update
2015-07-06 14:12:55 -05:00
02cd2a9cd9
Fix #3951 Update Windows::Registry to use cmd_exec
2015-06-29 12:07:37 -05:00
1d9caeffc0
Update documentation for fuzzer.rb and file_info.rb
...
See #5599
2015-06-26 11:22:30 -05:00
15f9fc5d8f
Land #5599 , YARD for fuzzer.rb
2015-06-25 14:37:55 -05:00
31c35715fc
YARD Documentation for file_info.rb
2015-06-25 11:08:35 -05:00
b3754d750f
Compression on a pre-script does not work in this context. Removed the elsif part of this code
2015-06-14 22:46:42 +01:00
d9c046449d
Fix comparison of string to Fixnum
2015-06-14 16:55:46 -04:00
6d5e0b93d3
Use random id generator appropriately
...
Powershell::Script includes a random generator (@rig) which can
produce non repeating randomized identifiers to be used as var
names within the PSH code.
Unwrap script handling in powershell env stager to instantate a
method-local Powershell::Script object and access its :rig to
generate identifiers.
2015-06-14 14:53:51 -04:00
f575b31d58
Remove double assignment typo
2015-05-29 05:05:35 -04:00
1a08da09cb
Fix compression check logic
...
Initial check logic would compress any script, even those which
would not need it since an uncompressed script fitting the buffer
would likely fit compressed (unless its uncompressable and the
decoder stub overflows). Ensure that compression occurs only when
a compressed script would fit while the uncompressed one does not.
2015-05-29 04:15:57 -04:00
Brendan Coles