Update fork #1

Tidy up test Return a string instead of a URI object Code review comments Rubcocop

Always use module cache for searching

… fixes

…cessary parameters. Uphold the law.

… codes

add randomize ssh cred function

Fix features help command

Reload module after toggling feature

in particular: •passed workspace as an object instead of calling `.name` *loot and task processing now consumes `wspace` parameter *fixed typo in `.delete` method

Co-authored-by: Spencer McIntyre <58950994+smcintyre-r7@users.noreply.github.com>

Oops, the Scanner mixin was silently catching them.

author Hynek Petrak <hynek.petrak@gmail.com> 1595628792 +0200 committer Spencer McIntyre <Spencer_McIntyre@rapid7.com> 1598532753 -0400 Added module to dump hashes from LDAP added hash formatters, documentation, ldap authentication typo sanitizing added scenario for NASDeluxe added few hash attribute examples typo correction Co-authored-by: bcoles <bcoles@gmail.com> typo correction Co-authored-by: bcoles <bcoles@gmail.com> typo correction Co-authored-by: bcoles <bcoles@gmail.com> avoid option name conflicts added test scenario linted linted Dump all nameContexts, not just the first one. Search creds in multiple attributes. attemt to dump special and operational attributes check if ldap bind succeeded sanitize the ldap hashes, skip invalid, remove {crypt} prefix memory optimization for large LDAP servers spaces at eols put header to the ldif loot added other LDAP hash formats, don't save empty ldif, dump root DSE now we handle vmdir case too explictly set md5crypt for $ Converted to scanner to improve performance on large networks krbprincipalkey, memory optimization for ldap.search handle additional hash types be verbose about search errors added per host timeout catch exception from Net::Ldap shorten the param value handle pwdhistory entries added comment about sambapwdhistory value reject shorter empty sambapassordhistory entries reject null nt and lm hashes report assumed clear text passwords refactored timeout for the sake of the loot ignore {SASL} pass-trough auth entries distinguish unresolved hashes from clear passwords print ldap server error message, meaningful loot name correct exception handling handle hashes with eol remove debug line handle pkcs12 in binary form attemt to control timeout on bind operation leave LDAP#bind to be called implicitly in #search remove debug line fixed bug, when pillage broke the outer LDAP#search learning ruby monkey patched ldap connection handling, ignoring bind errors commenting the net:LDAP misbehaviour review fixes review fixes moving ldap.search into a function remove fail_with, store loot from one place, print statistics linting consolidated ldap_new and connect, don't catch exceptions in the mixin Complete the credential creation Co-authored-by: Spencer McIntyre <58950994+smcintyre-r7@users.noreply.github.com>

Work was already done, just need the args passed in

…option

… returned

…to_file method

as the #get_cookies method is getting fixed to support case-insensitive cookie presence checking Co-authored-by: Jeffrey Martin <jeffrey_martin@rapid7.com>

…ta as possible

…dBlind class (sleepdelay)

…ch will now require for all words to be matched

Git has this cool sheild button on the ribbon on every project now that indicates the vulnerability reporting policy for that project. We should totally populate this so people don't accidnetally dox our bugs on Issues.

…n exploit/multi/misc/java_rmi_server

Reduce msfvenom run time by only loading relevant modules

- Improved path detection - Check for bash with python / python3 and use it if it exists - Minor grammatical improvements

- Fixed spacing (Tabs VS Spaces)

- Converted a missed tab to spaces

@smcintyre-r7

- Implement changes suggested by @smcintyre-r7

- Added py_create_exec_stub required for #14072

@smcintyre-r7

- Implemented bug fix and naming improvement as suggested by @smcintyre-r7 Co-authored-by: Spencer McIntyre <58950994+smcintyre-r7@users.noreply.github.com>

Currently, the output of this module only lists the KB packages installed on a Windows PC. This change improves the module by also having it output when a given patch package was installed (this information can also be retrieved from the WMI query); this will provide insight into how regularly and reliably a PC (and by extension, environment) patches - for example, are they late in installing patches by months, when did they last patch etc.

…es implemented

Merge branch 'land-14068' into upstream-master

In response to PR feedback

Changed string description to call out the modified WMI query that now also pulls in the InstalledOn metadata for a given KB.

… changes to its code and output

… date

Merge branch 'land-14075' into upstream-master

Use Array.select! instead of Array.filter! (which is an alias for the former) in the smb_version scanner module to be compatible with ruby versions <= 2.5.

Merge branch 'land-13992' into upstream-master

…r for backwards compatibility

Co-authored-by: bcoles <bcoles@gmail.com>

…vements, validation of the UNIT_ID value, and fixes to the return values of some functions. Also update the documentation to address issues from first round of the review.

…the documentation, and update the module with a link to the Modbus protocol specification.

… get the version number in the major.minor version format. Also fix up the Options section to remove the default option and replace it with a line that I think should be more appropriate

…review, and then apply RuboCop fixes

… Windows

…lPluginDll abuse

…run.

…ter the module executes. Added OS check (>= Server 2003 is vulnerable so far). Now cleans up dropped DLL and modified registry value.

…uations the module could run into, and also include some new documentation on the new option we have added in to try to prevent this from happening

… other processes deleted the uploaded DLL file, thereby preventing a situation where the DNS server is unable to restart. Also add in some warning's r.e when we enter the danger section and when we exit it so that users at more aware of when this is happening.

… loop state. New code should prevent this from happening

…n the GitHub comments. Also RuboCop the exploit module code.

…th is used, as there is no chance the AV on the host can remove the file on the UNC share, and the UNC share won't be accessed until the exact moment it is needed

… 'Enable insecure guest logons' enabled if their build number is greater than or equal to 10.0.16299.0, which was the build where this change first was implemented.

…d the fact that the use of UNC paths could cause an issue if they are not typed in correctly. Also update the module documentation to use the output from recent tests to reflect recent changes. Shortern the module description and update its stability rating. Finally add in a reliability rating for the exploit module.

…calation

Merge branch 'land-13942' into upstream-master

Commits on Sep 3, 2020

Bump version of framework to 6.0.5

msjenkins-r7 committed Sep 3, 2020

Configuration menu

View commit details

Copy full SHA for d8447e9

Browse repository at this point

Copy the full SHA

d8447e9 View commit details

Browse the repository at this point in the history

Commits on Sep 5, 2020

Fix user path on newer Windows

egypt committed Sep 5, 2020

Configuration menu

View commit details

Copy full SHA for a870b1d

Browse repository at this point

Copy the full SHA

a870b1d View commit details

Browse the repository at this point in the history

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Update fork #1

Update fork #1

Commits on Aug 18, 2020

Commits on Aug 19, 2020

Commits on Aug 20, 2020

Commits on Aug 21, 2020

Commits on Aug 24, 2020

Commits on Aug 25, 2020

Commits on Aug 26, 2020

Commits on Aug 27, 2020

Commits on Aug 28, 2020

Commits on Aug 29, 2020

Commits on Aug 30, 2020

Commits on Aug 31, 2020

Commits on Sep 1, 2020

Commits on Sep 2, 2020

Commits on Sep 3, 2020

Commits on Sep 4, 2020

Commits on Sep 5, 2020

Commits on Sep 7, 2020

Commits on Sep 8, 2020

Commits on Sep 9, 2020

Commits on Sep 10, 2020

Commits on Sep 11, 2020