53a52fafd5
make code to be readable / rebuild / testing
2016-02-22 00:34:49 +08:00
3e22de116f
Changes to fix peer and style as recommended by jhart-r7.
2016-02-20 13:53:32 -08:00
27af59ea7c
minor tweaks
2016-02-20 08:35:56 +00:00
c8b28d90d1
Fix old comment.
2016-02-19 19:08:38 -06:00
8a15c36770
Land #6563 , VNC creds scraper uninstall location
2016-02-19 15:01:23 -06:00
bfd204ac50
Fix some cosmetic issues
2016-02-19 15:00:56 -06:00
c0180b23fa
Update description
2016-02-19 13:39:13 -06:00
873250dbec
Land #6557 , bug fix priv_migrate user migration
2016-02-19 12:03:30 -06:00
33aaeb4ac9
Update authors
2016-02-19 11:53:17 -06:00
91822f2861
Merge pull request #12 from jhart-r7/pr/fixup-6187
...
More fixup for #6187 (auxiliary/gather/enum_dns)
2016-02-19 19:12:17 +08:00
1f5285bca7
Better handling of AXFR if ns records won't resolve on target NS
2016-02-18 22:15:06 -08:00
0e185a34bf
get_ns / notes nameservers
2016-02-19 14:03:05 +08:00
42c64b51bb
Remove all report_host instances in enum_dns
...
the forced resolution of names won't fly
2016-02-18 21:41:51 -08:00
65a3cc2921
Remove duplicated SIP SRV record lookup
2016-02-18 21:41:09 -08:00
da3c382869
add function domain2ip
2016-02-19 12:35:31 +08:00
4ef5cf420c
rename the module
2016-02-19 11:18:55 +08:00
a87c503ae4
merge bing/yahoo subdomains search
2016-02-19 11:17:08 +08:00
b3e8cd4f51
Save some bytes on the padded string.
2016-02-18 20:36:52 -06:00
2b784a48b9
Include cached size.
2016-02-18 20:29:42 -06:00
e67e477362
Make x86/shell_reverse_tcp's shell path configurable.
...
Also removes shell_reverse_tcp2 shell.
2016-02-18 20:24:35 -06:00
bc7bf28872
Land #6591 , don't require username for wrt110 cmd exec module
2016-02-18 20:20:15 -06:00
45d1cd5111
Land #6572 , update play_youtube module with android support
2016-02-18 20:16:58 -06:00
b58166a9a8
add android platform to the hash
2016-02-18 20:13:39 -06:00
3b9502cb1d
Don't require username in wrt110 module.
2016-02-18 18:45:04 -06:00
a82ce40c40
Update ibm_tsm_dos name
...
For some reason I actually modified the name, but I didn't mean
to.
2016-02-18 16:07:46 -06:00
adb175136e
Fix extra whitespace and unused vars in call
2016-02-18 15:18:29 -06:00
6d88c26474
Change title, and remove requires
2016-02-18 14:26:38 +10:00
2ae1e6df7d
Address concerns from @wvu-r7
2016-02-18 14:21:35 +10:00
2f4ec0af31
Add module for AppLocker bypass
...
This commit includes a new module that allows for payloads to be
uploaded and executed from disk while bypassing AppLocker in the
process. This module is useful for when you're attempting to generate
new shells on the target once you've already got a session. It is also
a handy way of switching between 32 and 64 bit sessions (in the case of
the InstallUtil technique).
The code is taken from Casey Smith's AppLocker bypass research (added in
the references), and includes just one technique at this point. This
technique uses the InstallUtil feature that comes with .NET. Other
techiques can be added at any time.
The code creates a C# file and uploads it to the target. The csc.exe
compiler is used to create a .NET assembly that contains an uninstaller
that gets invoked by InstallUtil behind the scenes. This function is
what contains the payload.
This was tested on Windows 7 x64. It supports running of both 32 and 64
bit payloads out of the box, and checks to make sure that .NET is
installed on the target as well as having a payload that is valid for
the machine (ie. don't run x64 on x86 OSes).
This appears to work fine with both staged and stageless payloads.
2016-02-18 13:46:32 +10:00
9afe5517f7
return unless domains -> return if domains.empty?
2016-02-18 10:26:45 +08:00
15f6992aec
add yahoo_search_domain(domain) / yahoo_search_ip(ip)
2016-02-18 00:03:28 +08:00
29185271a7
report domains/ips to (notes / hosts)
2016-02-17 11:41:59 +08:00
ffce1cc321
Update easyfilesharing_seh.rb
2016-02-15 22:43:28 -05:00
3d1861b3f4
Land #6526 , integrate {peer} string into logging by default
2016-02-15 15:19:26 -06:00
2428d5127c
add Yahoo Search Engine Subdomains Collector
2016-02-16 03:11:38 +08:00
7ca0255ea1
Module should not be marked executable
2016-02-15 12:57:43 +08:00
f35230b908
add Linknat Vos Manager Traversal
2016-02-15 12:39:40 +08:00
3416a24dda
Adding vprint_status for loot path
...
Adding a vprint_status to show users the loot
path as per a comment on the pull request.
2016-02-14 11:19:20 -06:00
5c92076a1e
more cleanup
2016-02-14 09:15:25 +00:00
c9c4f49aca
Add get_file method and parse the server response
2016-02-13 17:20:37 -05:00
b2765a296f
Land #6547 , IBM Tivoli Storage Manager Fastback Denial of Service
2016-02-11 22:05:21 -06:00
3121093898
Update metadata, plus other minor changes
2016-02-11 22:04:05 -06:00
bc74ceb8c5
Handle errors when parsing interfaces.xml, add check for several locations
2016-02-11 15:56:58 +01:00
e738b5922d
fix play_youtube to work on Android
2016-02-11 07:16:40 +00:00
9791e66683
fix remove_lock to work with 4.3 devices
2016-02-11 07:10:05 +00:00
ff1cb4a2a4
update payload sizes
2016-02-10 22:44:17 -06:00
cdaa2a8c43
Adding Apache Karaf Command Execution Module
...
This module establishes an SSH session using default
credentials and then executes a user defined operating system
command. This is part of GitHub Issue #4358 .
2016-02-10 16:48:08 -06:00
8118198628
Add vprint of the exception message
2016-02-10 22:47:51 +01:00
1637891ece
Add check for the uninstall location in vnc post module
2016-02-10 20:30:41 +01:00
c874699b82
removed ranking
2016-02-10 11:45:09 -06:00
nixawk