Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix output of MSV creds dumping in Kiwi #8624

Merged
merged 1 commit into from
Jun 30, 2017
Merged

Fix output of MSV creds dumping in Kiwi #8624

merged 1 commit into from
Jun 30, 2017

Conversation

OJ
Copy link
Contributor

@OJ OJ commented Jun 27, 2017

The data being pulled out of the MSV credential dump was not being rendered propertly because it was assumed that all accounts would provide the same set of hashes/details for each entry found. However, this was not the case. Some have NTLM & SHA1, others have LM & NTLM,
some have DPAPI when others don't.

This code generates tables based on the values found, and renders those values in the appropriate columns, and if the values don't exist for a given account, the column is left blank.

Fixes #8620

Verification

  • Create a meterpreter session running as SYSTEM on a machine with various accounts on it (preferably a DC).
  • Run creds_all or creds_msv.
  • Note that the output contains all the appropriate values in the MSV dump, with the values in the correct columns.

@OJ
Fix output of MSV creds dumping in Kiwi
8e1e505 
The data being pulled out of the MSV credential dump was not being
rendered propertly because it was assumed that all accounts would
provide the same set of hashes/details for each entry found. However,
this was not the case. Some have NTLM & SHA1, others have LM & NTLM,
some have DPAPI when others don't.

This code generates tables based on the values found, and renders those
values in the appropriate columns, and if the values don't exist for
a given account, the column is left blank.

Fixes rapid7#8620
@OJ OJ requested a review from mubix June 27, 2017 05:48
@egypt egypt merged commit 8e1e505 into rapid7:master Jun 30, 2017
egypt added a commit that referenced this pull request Jun 30, 2017
@egypt
Land #8624, fix mis-ordered kiwi output
ada954a
@egypt egypt self-assigned this Jun 30, 2017
@egypt
Copy link
Contributor

egypt commented Jun 30, 2017
edited by alrosenthal-r7
Loading

Release notes

This fix resolves a bug causing the kiwi plugin to put hashes under the wrong header when displaying msv credentials.

@alrosenthal-r7 alrosenthal-r7 added the rn-fix release notes fix label Jul 12, 2017
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@mubix mubix Awaiting requested review from mubix

Assignees

@egypt egypt

Labels
library meterpreter rn-fix release notes fix
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@OJ @egypt @alrosenthal-r7