adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
58,920 Commits 27 Branches 1,043 Tags
e26d6ca683cf309d255a016de18cafcb66076216
Commit Graph

3878 Commits

Author SHA1 Message Date
Grant Willcox 5961bf700d Land #14314, Pulse Secure Connect Client Credentials Gatherer 2020-12-04 10:04:43 -06:00
Quentin Kaiser e8ea9e56ee Print a status message when no credentials are found. 2020-12-03 10:19:56 +01:00
Quentin Kaiser c8f534e420 Merge branch 'enum_pulsesecure' of github.com:QKaiser/metasploit-framework into enum_pulsesecure 2020-12-03 10:12:54 +01:00
Quentin Kaiser 4f947ac2cb Properly close files that we open and properly capture file open error in get_username. 2020-12-03 10:12:33 +01:00
Quentin Kaiser 585bc99903 Proper return values 
Co-authored-by: Grant Willcox <63261883+gwillcox-r7@users.noreply.github.com>
 2020-12-02 21:34:56 +01:00
Quentin Kaiser f4bb5f7e10 Uniform error handling applied to all functions interacting with 'session' object. 2020-12-02 20:51:29 +01:00
Quentin Kaiser 94af390649 Document Ruby construct that might be unclear to newcomers. 2020-12-02 20:43:39 +01:00
Quentin Kaiser dbd3f2e1bf Revert back on AutoCheck. 2020-12-02 20:42:05 +01:00
bwatters 5d7014bf39 Land #14298, Windows post-exploitation gather module - Memory dumping via Avast AvDump utility 
Merge branch 'land-14298' into upstream-master
 2020-12-02 08:30:38 -06:00
Quentin Kaiser bf0d4b4c3f Better regular expression for version line. 2020-12-02 10:05:17 +01:00
Quentin Kaiser 5d89b32f58 prepend class rather than import it 2020-12-02 10:03:38 +01:00
Quentin Kaiser 8edcae4bb7 Handle a case where Pulse Secure is installed but no saved entry exists in the registry. Handle a case where the session runs as system on an affected version. 2020-12-02 09:57:28 +01:00
Quentin Kaiser 7842d746d3 Wrong return code when Pulse is not installed. 2020-11-27 16:19:52 +01:00
Quentin Kaiser 0ed2b0d253 Fix active record issue when realm is blank due to empty path. 2020-11-27 16:18:21 +01:00
Quentin Kaiser 013a1e4312 Username was not found when running the module just after the connection creation. Turns out it was saved in .tmp rather than .dat or .bak. 2020-11-27 15:11:14 +01:00
Quentin Kaiser 54e836e797 Add guard clause to gather_creds function to remove conditional block. 2020-11-25 15:36:37 +01:00
Quentin Kaiser 15bdffdee1 Remove redundant else after return. 
Co-authored-by: bcoles <bcoles@gmail.com>
 2020-11-25 15:31:13 +01:00
Quentin Kaiser 7f130b4414 Switch to idiomatic next guard clause. 
Co-authored-by: bcoles <bcoles@gmail.com>
 2020-11-25 15:30:38 +01:00
Quentin Kaiser c4b0253d93 Switch to idiomatic guard clause. 
Co-authored-by: bcoles <bcoles@gmail.com>
 2020-11-25 15:29:44 +01:00
Quentin Kaiser 53a1f2f19b conditional next call style update 1 
Co-authored-by: bcoles <bcoles@gmail.com>
 2020-11-25 15:27:22 +01:00
Quentin Kaiser e069b0d607 Execute data conversion using built-in methods rather than custom encoders. 2020-11-25 14:41:21 +01:00
Quentin Kaiser 8024c08882 Do not save entry to service data if we can't resolve the host. 2020-11-25 13:52:42 +01:00
Quentin Kaiser a0265e0d6c Remove unnecessary second argument to registry_enumvals. 2020-11-25 13:39:37 +01:00
Quentin Kaiser fc083d197a Finally found how to encode entropy to UTF-16LE representation in Ruby. 2020-11-25 12:58:19 +01:00
Quentin Kaiser cf405879d6 Fix hash wording. 2020-11-25 12:46:23 +01:00
Quentin Kaiser 6a4237f4e3 Uniform error handling. 2020-11-25 12:40:42 +01:00
Quentin Kaiser debaa44733 Safer connection store file reading by handling the case where user does not have permissions to read the file. 2020-11-25 12:33:28 +01:00
Quentin Kaiser 26a3342a3d Move version verification to a check function using Msf::Exploit::Remote::AutoCheck. Safer version file reading by handling the case where user does not have permissions to read the file. Cleaner status messages in check function. 2020-11-25 12:12:34 +01:00
Quentin Kaiser 50b25989fa Safer handling of registry access operation when executing from unprivileged process. 2020-11-25 11:41:34 +01:00
Grant Willcox e648a055fc Add in RuboCop fixes to the module 2020-11-24 12:31:05 -06:00
Grant Willcox bd00ce9177 Add in fixes from review 2020-11-24 12:08:51 -06:00
A Galway 3fcea08cb8 Land #14405, presents new error message on attempted meterpreter upgrade 2020-11-23 14:09:42 +00:00
DLL_Cool_J 0ec6d4c142 Update modules/post/windows/gather/avast_memory_dump.rb 
Co-authored-by: bcoles <bcoles@gmail.com>
 2020-11-21 22:16:55 -05:00
Tim W 634a2f3c61 prevent upgrading of meterpreter sessions with shell_to_meterpreter 2020-11-20 17:26:21 +00:00
dwelch-r7 c7b5616319 Land #14341, Fix NIL Dereference Issues 
Fix NIL Dereference Issues, Missing fail_with Statements, and Update Regex Inside SecureCRT Password Gatherer
 2020-11-18 16:17:25 +00:00
Grant Willcox d96f257842 Fix up mistake where I thought .to_s on an empty string would return an empty string 2020-11-18 09:54:50 -06:00
Tim W fd3f64ed0a fix encoding and comspec in shell_to_meterpreter 2020-11-18 22:46:09 +08:00
Grant Willcox ef108eae4c Add in Dean's suggested fix to make the check a little neater 2020-11-17 10:02:02 -06:00
Grant Willcox dab01ea179 Add in fixes to use string capture group functionality and also improve the regex so that we get extra info such as port numbers and protocol info from logins other than SSH 2020-11-13 14:14:45 -06:00
Spencer McIntyre 76ab0ee849 Land #14304, execute_dotnet_assembly fix parameters management 2020-11-10 09:56:18 -05:00
Quentin Kaiser 26f39b5819 Checks if Pulse Secure Connect client is actually installed. Raise an exception if it's not. 2020-11-10 13:54:22 +01:00
Spencer McIntyre 0ccb50ac02 Adjust how HostingCLR arguments are packed 2020-11-09 12:24:55 -05:00
Quentin Kaiser 8eeca7cafd Fix rdoc. 2020-11-09 16:33:16 +01:00
Quentin Kaiser f2f360ff5f msftidy run 2020-11-09 16:27:19 +01:00
Quentin Kaiser 68e3f6a146 Refactor run function, makes build information easier to understand by using print_good and print_warning. 2020-11-09 16:25:06 +01:00
Quentin Kaiser a17434050c Document each function for easier review. 2020-11-09 16:21:08 +01:00
Quentin Kaiser c62a6716c5 Remove spaces at EOL. 2020-11-09 15:46:13 +01:00
Quentin Kaiser d8f5dc5143 IVE definitions are shared by every user running on the same host. I fixed the data structure to reflect that. 2020-11-06 16:53:02 +01:00
Quentin Kaiser 05fa4b235d Fix vulnerable builds range. Finally supports DPAPI decryption as elevated user. Lots of cleanup to do. 2020-11-06 16:00:48 +01:00
Jared Stroud e7e8765473 removing spaces EOL 2020-11-05 20:54:04 -05:00