adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
50,629 Commits 27 Branches 1,043 Tags
c48a6ddbdfc02bf92b8d4e247dbe89bdfba4e821
Commit Graph

451 Commits

Author SHA1 Message Date
Garvit Dewan c48a6ddbdf Add /boot/grub2/user.cfg path to grub_password 2019-02-21 14:17:15 +05:30
Garvit Dewan a1b1ace18f Save the gathered credentials to database 2019-02-17 23:33:12 +05:30
Garvit Dewan 85add746e1 Make suggested changes to grub_password module 2019-02-17 21:31:58 +05:30
Garvit Dewan 68414d07ce Make suggested changes to grub_password module 2019-02-17 20:23:26 +05:30
Garvit Dewan 22340ab2c1 Add *nix Gather Grub Password module 2019-02-17 19:29:47 +05:30
Jacob Robles 04363b7b7e Doc update 
post:chrome_cookies
 2019-01-15 07:19:46 -06:00
Jacob Robles a95384e288 Additional support and code cleanup 2019-01-08 06:57:56 -06:00
Alex 811605a9b8 Cleanup headless Chrome process for meterpreter sessions 2018-12-30 18:05:41 +11:00
Jacob Robles 3838be0a03 Windows Hide Chrome Window 2018-12-19 05:58:11 -06:00
Jacob Robles 0464f941a7 Add Windows Support 2018-12-18 14:17:10 -06:00
Alex c5015c62b8 Simplify Chrome Gather Cookies 
Module now uses Chrome itself as a websocket client, reading websockets
via js. It no longer downloads and executes `websocat`.
 2018-12-09 09:52:45 +11:00
Tim W b993d74f6c minor tweak 2018-10-02 11:41:58 +08:00
Tim W 5cfc19b804 fix post/multi/gather/wlan_geolocate on Android 2018-10-02 11:35:47 +08:00
William Vu 87eb600510 Land #10611, mRemote creds gather module fixes 
Also update #10612 to align with these changes.
 2018-09-10 15:25:09 -05:00
William Vu 3ec4d2f22b Normalize loot type OID 
1. Include the vendor, product, and technology
2. Content type is already reported, extension changed
3. Original filename including extension is also reported

Can we get some sort of standard on the OID?
 2018-09-10 15:06:07 -05:00
h00die 39a2d9d2a8 save xml files as xml 2018-09-09 21:24:39 -04:00
reka193 d60aa55e07 Modified regex 
Based on the comment: https://github.com/rapid7/metasploit-framework/pull/10394#discussion_r207042496
 2018-08-02 15:55:24 +02:00
reka193 ece9a72d13 Removed tabs 2018-07-30 15:07:55 +02:00
reka193 5962fa752e Fixes in aws_ec2_instance_metadata 
@@ -36,7 +36,7 @@ def initialize(info = {})

    - unless resp =~ /^instance-id.$/m
    + unless resp =~ /^instance-id$/m
The original regex requires one character after 'instance-id' which is not present in the instance.

@@ -50,15 +50,16 @@ def check_curl

    - base_resp.split(/\r\n/).each do |l|
    -    new_uri = base_uri.merge("./#{l}")
    + base_resp.split(/\r?\n/).each do |l|
    +   new_uri = "#{base_uri}#{l}"

    - key_uri = new_uri.merge("./#{key_id}/")
    - key_resp = simple_get(key_uri)
    + new_uri = new_uri.slice(0..(new_uri.index(%r{/public-keys/})+'/public-keys'.length))
    + key_uri = "#{new_uri}#{key_id}/"
    + key_resp = simple_get(key_uri)

1. merge function was causing 'rescue in merge' errors
2. the split function could not succeed, there were no '\r\n' between the lines but '\n' only
3. the special case was not handled correctly 
was trying to curl http://169.254.169.254/latest/meta-data/public-keys/0=Key0/ instead of http://169.254.169.254/latest/meta-data/public-keys/0/

@@ -94,6 +95,6 @@ def setup

    - cmd_exec("curl #{url}")
    + cmd_exec("curl -s #{url}")
Curl was causing issues when not in silent mode.
 2018-07-30 14:02:15 +02:00
reka193 6790ac1998 Reset to original 2018-07-30 10:48:32 +02:00
reka193 408dc7793f Update aws_ec2_instance_metadata.rb 2018-07-23 10:00:12 +02:00
reka193 4c4f0c1d3e Update 
Fixes for Kali linux 4.14 with ruby 2.3.
 2018-07-18 10:42:51 +00:00
thesubtlety 970c164e06 fix undefined method capitalize error for array 2018-07-05 14:33:51 -07:00
Adam Cammack 9b219f42c5 Land #9029, Fix Linux post module file assumptions 2017-10-12 17:56:40 -05:00
h00die fc66683502 fixes #8928 2017-10-01 19:49:32 -04:00
h00die a676f600d6 fixes to more modules 2017-09-30 15:45:52 -04:00
h00die 08dea910e1 pbarry-r7 comments 2017-09-17 19:38:43 -04:00
h00die c90f885938 Finished spelling issues 2017-09-17 16:00:04 -04:00
Jeffrey Martin a992a3c427 Land #8774, Post module for gather Docker credentials 2017-09-14 10:15:03 -05:00
Erik Lenoir a8067070f2 Fix typo 2017-08-26 17:52:11 +02:00
Erik Lenoir 801e3e2d68 Replace REXML with Nokogiri and try to cross id with mirror/repository tag 2017-08-25 18:28:09 +02:00
Jon P abaf80f3df jmartin improvements (iter on keys + save as credentials) 2017-08-25 18:15:24 +02:00
Erik Lenoir be2739d335 Transform loots into creds 2017-08-22 11:57:51 +02:00
Erik Lenoir cde319a5ec Optim module and add doc 2017-08-18 19:30:41 +02:00
Erik Lenoir b529c3551c Remove unused variable 2017-08-18 19:00:32 +02:00
Erik Lenoir b4055a8071 Rename command 2017-08-14 23:26:18 +02:00
Erik Lenoir 55db70ec3e Handle case when locate is not here by using enum_directories_map 2017-08-14 23:25:01 +02:00
Erik Lenoir 27822c2ccf Add Maven creds module 2017-08-14 14:59:59 +02:00
bwatters-r7 dd79aa3afb Land #8627, Add post module multi/gather/jenkins 2017-08-09 10:43:21 -05:00
Jon P adbeab81da Avoid exceptions 2017-08-02 15:03:36 +02:00
Jon P 85f48b96bb Fix syntax 2017-07-28 10:16:59 +02:00
Jon P 2e87a3d3f8 Multi Gather Docker Credentials Collection 2017-07-26 15:14:16 +02:00
Brent Cook 6300758c46 use https for metaploit.com links 2017-07-24 06:26:21 -07:00
g0tmi1k 524373bb48 OCD - Removed un-needed full stop 2017-07-21 07:41:51 -07:00
thesubtlety 7d033688ce clean up formatting 2017-07-19 17:27:44 -04:00
g0tmi1k 3f6925196b OCD - store_loot & print_good 2017-07-19 13:02:49 +01:00
g0tmi1k ef826b3f2c OCD - print_good & print_error 2017-07-19 12:48:52 +01:00
g0tmi1k 0f453c602e Even more print_status -> print_good 2017-07-19 11:46:39 +01:00
g0tmi1k b8d80d87f1 Remove last newline after class - Make @wvu-r7 happy 2017-07-19 11:19:49 +01:00
thesubtlety 5d4105db33 minor fixes per rubocop 2017-07-18 22:36:45 -04:00