adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
69,798 Commits 27 Branches 1,043 Tags
fbda738da98a60146a0bef98b68fc8fc595eb8f5
Commit Graph

2611 Commits

Author SHA1 Message Date
Spencer McIntyre 26d9026fc2 Fix a filter error 
When FILTER was nil, the check would fail causing `()` to be appended to
the LDAP query filter which would cause it to fail.
 2023-02-24 13:51:58 -05:00
adfoster-r7 b56213b168 Update linting on post modules 2023-02-08 14:12:43 +00:00
dwelch-r7 11c886b30f Land #17616, Run rubocop on post modules 2023-02-08 14:09:16 +00:00
adfoster-r7 a81a71c5df Run rubocop on post modules 2023-02-08 13:47:34 +00:00
adfoster-r7 433bafdccf Add missing module notes for stability reliability and side effects 2023-02-08 11:45:17 +00:00
Jack Heysel c90a6f9068 Land #17406, veeam_credential_dump post module 
Veeam Backup & Recovery and Veeam ONE Monitor credential
capture post module for versions 9.x and 11.x.
 2023-02-01 17:29:05 -05:00
npm-cesium137-io 8ed4f59c60 veeam_credential_dump refinement 
Fixed stupid typo in markdown.

Fixed a bug in the export code that prevented the disposition column
from being exported.
 2023-01-18 14:27:28 -05:00
npm-cesium137-io 499d1ccfd7 Refactor veeam_credential_dump 
Changed the SQL queries for DB dump to explicit VARCHAR(4096) to get
around sqlcmd's 256-char column limit.

Refactored the BATCH_DPAPI functionality because I can't seem to let
this pattern go: now actually batches with byte threshold set by
advanced option.

Reduced clutter and redundancy.

Various tweaks and bug fixes.

Updated documentation.
 2023-01-09 16:31:44 -05:00
Grant Willcox 3d9ea4492f Fix up extra blank lines and make ticket type being saved clearer 2023-01-06 14:48:53 -06:00
Matthew Dunn d64c4b6e7e Store the binary format of the ccache 
update key to be correct
 2023-01-06 14:48:53 -06:00
Matthew Dunn ccfc253eb8 Updates to get ccache in golden ticket 
Fix incorrect reference
Use proper encoding
 2023-01-06 14:48:52 -06:00
Matthew Dunn ff029842ce Verify NT hash and store golden ticket as kirbi and ccache 2023-01-06 14:48:38 -06:00
npm-cesium137-io 9cc8d41388 veeam_credential_dump post module revisions 
Cleanup for initial PR.
 2022-12-21 15:53:46 -05:00
Christophe De La Fuente 6758c8313f Land #17258, Update sharphound 2022-12-21 14:04:09 +01:00
Christophe De La Fuente fa5e4df3f5 Land #17278, Add solarwinds_orion_dump post module 2022-12-20 15:42:25 +01:00
npm-cesium137-io e3c6aa7820 solarwinds_orion_dump attribution update 
Updated original research attribution to align with reality.
 2022-12-20 08:55:19 -05:00
npm-cesium137-io 03ca00e6e6 solarwinds_orion_dump refine CSV input handling 
Improved CSV input error handling and various minor bug fixes.
 2022-12-19 11:39:44 -05:00
npm-cesium137-io d04111ad6f solarwinds_orion_dump markdown update 
Nuked the last embarrassing typo in the module description.

Updated the documentation to include detail on sqlcmd / CSV export
process when manually exporting the data.
 2022-12-12 10:54:41 -05:00
npm-cesium137-io 6eaa0bfab2 Add veeam_credential_dump post module 
Post module for Veeam Backup and Replication / Veeam ONE Monitor Server
credential extract
 2022-12-10 16:21:59 -05:00
npm-cesium137-io 8075654f10 Revise solarwinds_orion_dump MKII 
Fixed humiliating typos in the markdown doc.

Updated the Author section of the module per guidelines.

Changed credential type for AES key loot storage.

Updated database config code to include the case where the SQL password
is not encrypted (needs testing).

Additional tweaks and fixes.
 2022-12-09 14:47:18 -05:00
npm-cesium137-io 2f3fd6c917 Revise solarwinds_orion_dump 
Made modifications to documentation to add further detail for each
action.

Significant refactor of error handling, now with (hopefully) proper use
of exceptions.

Various suggested code improvements and optimization.

Fixed some redundant and buggy code.
 2022-12-07 07:55:43 -05:00
adfoster-r7 0d3c1dc122 Land #17333, Fix typos: Replace 'the the' with 'the' 2022-12-05 11:46:27 +00:00
bcoles 431804ef15 Fix typos: Replace 'the the' with 'the' 2022-12-04 17:41:24 +11:00
bcoles d90dee8235 enum_proxy: Cleanup and support non-Meterpreter sessions 2022-12-04 15:10:47 +11:00
bcoles 60180a4442 checkvm: Add notes and add powershell to supported SessionTypes 2022-11-29 21:28:15 +11:00
npm-cesium137-io 6f885ba700 Add solarwinds_orion_dump post module 
Post module for extracting encrypted credentials from SolarWinds Orion
NPM. Tested on the 2020 version.
 2022-11-18 10:40:10 -05:00
h00die 496a6f74ff remove verbiage of list 2022-11-17 16:49:11 -05:00
h00die f6eba6a836 updated bloodhound module 2022-11-13 14:29:28 -05:00
h00die 7abbdbe567 bloodhound module working with exe with sharphound v4 2022-11-13 10:26:15 -05:00
adfoster-r7 3599221002 Land #17229, add post/multi/recon/reverse_lookup module 2022-11-09 11:28:45 +00:00
Christophe De La Fuente 929d4f2fa4 Land #17097, Gather Navicat 2022-11-07 12:30:16 +01:00
Christophe De La Fuente 85137056b9 Use fail_with instead of return 2022-11-07 12:28:10 +01:00
bcoles 7bf29c0a4e Add post/multi/recon/reverse_lookup 2022-11-05 13:18:35 +11:00
cn-kali-team e227f1c464 update 2022-10-14 19:57:17 +08:00
三米前有蕉皮 414819f0d1 Update modules/post/windows/gather/credentials/navicat.rb 
Co-authored-by: Christophe De La Fuente <56716719+cdelafuente-r7@users.noreply.github.com>
 2022-10-14 09:45:37 +08:00
bwatters 4aa2b76bde Land #17092, netlm_downgrade Cleanup and support non-Meterpreter sessions 
Merge branch 'land-17092' into upstream-master
 2022-10-12 11:40:20 -05:00
cn-kali-team f553e6e0f7 update 2022-10-12 21:55:05 +08:00
cn-kali-team d77a965345 update 2022-10-12 21:54:23 +08:00
三米前有蕉皮 bff7d4c320 Update modules/post/windows/gather/credentials/navicat.rb 
Co-authored-by: Christophe De La Fuente <56716719+cdelafuente-r7@users.noreply.github.com>
 2022-10-12 13:53:26 +08:00
三米前有蕉皮 13e92407c1 Update modules/post/windows/gather/credentials/navicat.rb 
Co-authored-by: Jeffrey Martin <jeffrey_martin@rapid7.com>
 2022-10-12 13:51:45 +08:00
三米前有蕉皮 1c788b797c Update modules/post/windows/gather/credentials/navicat.rb 
Co-authored-by: Christophe De La Fuente <56716719+cdelafuente-r7@users.noreply.github.com>
 2022-10-12 13:51:05 +08:00
三米前有蕉皮 2c2d82dd42 Update modules/post/windows/gather/credentials/navicat.rb 
Co-authored-by: Christophe De La Fuente <56716719+cdelafuente-r7@users.noreply.github.com>
 2022-10-12 11:30:05 +08:00
三米前有蕉皮 70400960f4 Update modules/post/windows/gather/credentials/navicat.rb 
Co-authored-by: Jeffrey Martin <jeffrey_martin@rapid7.com>
 2022-10-12 11:28:36 +08:00
三米前有蕉皮 dc5b2ae4a6 Update modules/post/windows/gather/credentials/navicat.rb 
Co-authored-by: Jeffrey Martin <jeffrey_martin@rapid7.com>
 2022-10-12 10:41:01 +08:00
三米前有蕉皮 0c9e874a65 Update modules/post/windows/gather/credentials/navicat.rb 
Co-authored-by: Christophe De La Fuente <56716719+cdelafuente-r7@users.noreply.github.com>
 2022-10-12 10:31:16 +08:00
bwatters ef0ca2edbb Land #17057, Msf::Post::Windows::ExtAPI: Remove load_extapi method 
Merge branch 'land-17057' into upstream-master
 2022-10-07 15:54:52 -05:00
Jack Heysel 60c21da50e Land #17009, Add MobaXterm cred gather module 
This module determines if MobaXterm is installed and if
it is dumps all saved session information from the target
 2022-10-05 14:14:27 -04:00
三米前有蕉皮 9155f42553 Update modules/post/windows/gather/credentials/moba_xterm.rb 
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com>
 2022-10-06 01:39:28 +08:00
cn-kali-team 819dcd7889 update 2022-10-04 17:57:28 +08:00
bwatters 052d233bd9 Land #17006, Gather_RedisDesktopManager_Password 
Merge branch 'land-17006' into upstream-master
 2022-10-03 15:10:30 -05:00