不好意思,由于本文太长,我用程序生成此博文的锚点链接,可是一发布就没有。是不是csdn不支持锚点,还是我操作错误。在这里给大家带来的不便,还请见谅!
Name Disclosure Date Rank Description
---- --------------- ---- -----------
aix/hashdump normal AIX Gather Dump Password Hashes
cisco/gather/enum_cisco normal Gather Cisco Device General Information
linux/gather/checkvm normal Linux Gather Virtual Environment Detection
linux/gather/enum_configs normal Linux Gather Configurations
linux/gather/enum_network
normal Linux Gather Network Information
linux/gather/enum_protections normal Linux Gather Protection Enumeration
linux/gather/enum_system normal Linux Gather System and User Information
linux/gather/enum_users_history normal Linux Gather User History
linux/gather/enum_xchat normal Linux Gather XChat Enumeration
linux/gather/hashdump normal Linux Gather Dump Password Hashes for Linux Systems
linux/gather/mount_cifs_creds normal Linux Gather Saved mount.cifs/mount.smbfs Credentials
multi/gather/apple_ios_backup normal Windows Gather Apple iOS MobileSync Backup File Collection
multi/gather/dns_bruteforce normal Multi Gather DNS Forward Lookup Bruteforce
multi/gather/dns_reverse_lookup normal Multi Gather DNS Reverse Lookup Scan
multi/gather/dns_srv_lookup normal Multi Gather DNS Service Record Lookup Scan
multi/gather/enum_vbox normal Multi Gather VirtualBox VM Enumeration
multi/gather/env normal Multi Gather Generic Operating System Environment Settings
multi/gather/fetchmailrc_creds normal UNIX Gather .fetchmailrc Credentials
multi/gather/filezilla_client_cred normal Multi Gather FileZilla FTP Client Credential Collection
multi/gather/find_vmx normal Multi Gather VMWare VM Identification
multi/gather/firefox_creds normal Multi Gather Firefox Signon Credential Collection
multi/gather/multi_command normal Multi Gather Run Shell Command Resource File
multi/gather/netrc_creds normal UNIX Gather .netrc Credentials
multi/gather/pidgin_cred normal Multi Gather Pidgin Instant Messenger Credential Collection
multi/gather/ping_sweep normal Multi Gather Ping Sweep
multi/gather/run_console_rc_file normal Multi Gather Run Console Resource File
multi/gather/skype_enum normal Multi Gather Skype User Data Enumeration
multi/gather/ssh_creds normal Multi Gather OpenSSH PKI Credentials Collection
multi/gather/thunderbird_creds normal Multi Gather Mozilla Thunderbird Signon Credential Collection
multi/general/close normal Multi Generic Operating System Session Close
multi/general/execute normal Multi Generic Operating System Session Command Execution
multi/manage/multi_post normal Multi Manage Post Module Macro Execution
multi/manage/sudo normal Multiple Linux / Unix Post Sudo Upgrade Shell
multi/manage/system_session normal Multi Manage System Remote TCP Shell Session
osx/admin/say normal OSX Text to Speech Utility
osx/gather/enum_adium normal OSX Gather Adium Enumeration
osx/gather/enum_airport normal OSX Gather Airport Wireless Preferences
osx/gather/enum_chicken_vnc_profile normal OSX Gather Chicken of the VNC Profile
osx/gather/enum_colloquy normal OSX Gather Colloquy Enumeration
osx/gather/enum_osx normal OS X Gather Mac OS X System Information Enumeration
osx/gather/hashdump normal OS X Gather Mac OS X Password Hash Collector
solaris/gather/checkvm normal Solaris Gather Virtual Environment Detection
solaris/gather/enum_packages normal Solaris Gather Installed Packages
solaris/gather/enum_services normal Solaris Gather Configured Services
solaris/gather/hashdump normal Solaris Gather Dump Password Hashes for Solaris Systems
windows/capture/keylog_recorder normal Windows Capture Keystroke Recorder
windows/capture/lockout_keylogger normal Winlogon Lockout Credential Keylogger
windows/escalate/bypassuac 2010-12-31 normal Windows Escalate UAC Protection Bypass
windows/escalate/droplnk normal Windows Escalate SMB Icon LNK dropper
windows/escalate/getsystem normal Windows Escalate Get System via Administrator
windows/escalate/ms10_073_kbdlayout 2010-10-12 normal Windows Escalate NtUserLoadKeyboardLayoutEx Privilege Escalation
windows/escalate/ms10_092_schelevator 2010-09-13 normal Windows Escalate Task Scheduler XML Privilege Escalation
windows/escalate/net_runtime_modify normal Windows Escalate Microsoft .NET Runtime Optimization Service Privilege Escalation
windows/escalate/screen_unlock normal Windows Escalate Locked Desktop Unlocker
windows/escalate/service_permissions normal Windows Escalate Service Permissions Local Privilege Escalation
windows/gather/arp_scanner normal Windows Gather ARP Scanner
windows/gather/bitcoin_jacker normal Windows Gather Bitcoin wallet.dat
windows/gather/cachedump normal Windows Gather Credential Cache Dump
windows/gather/checkvm normal Windows Gather Virtual Environment Detection
windows/gather/credentials/coreftp normal Windows Gather CoreFTP Saved Password Extraction
windows/gather/credentials/credential_collector normal Windows Gather Credential Collector
windows/gather/credentials/dyndns normal Windows Gather Dyn-Dns Client Password Extractor
windows/gather/credentials/enum_cred_store normal Windows Gather Credential Store Enumeration and Decryption Module
windows/gather/credentials/enum_picasa_pwds normal Windows Gather Google Picasa Password Extractor
windows/gather/credentials/epo_sql normal Windows Gather McAfee ePO 4.6 Config SQL Credentials
windows/gather/credentials/filezilla_server normal Windows Gather FileZilla FTP Server Credential Collection
windows/gather/credentials/flashfxp normal Windows Gather FlashFXP Saved Password Extraction
windows/gather/credentials/ftpnavigator normal Windows Gather FTP Navigator Saved Password Extraction
windows/gather/credentials/idm normal Windows Gather Internet Download Manager (IDM) Password Extractor
windows/gather/credentials/imail normal Windows Gather IPSwitch iMail User Data Enumeration
windows/gather/credentials/imvu normal Windows Gather Credentials IMVU Game Client
windows/gather/credentials/meebo normal Windows Gather Meebo Password Extractor
windows/gather/credentials/mremote normal Windows Gather mRemote Saved Password Extraction
windows/gather/credentials/nimbuzz normal Windows Gather Nimbuzz Instant Messenger Password Extractor
windows/gather/credentials/outlook normal Windows Gather Microsoft Outlook Saved Password Extraction
windows/gather/credentials/razorsql normal Windows Gather RazorSQL Credentials
windows/gather/credentials/smartftp normal Windows Gather SmartFTP Saved Password Extraction
windows/gather/credentials/total_commander normal Windows Gather Total Commander Saved Password Extraction
windows/gather/credentials/trillian normal Windows Gather Trillian Password Extractor
windows/gather/credentials/vnc normal Windows Gather VNC Password Extraction
windows/gather/credentials/windows_autologin normal Windows Gather AutoLogin User Credential Extractor
windows/gather/credentials/winscp normal Windows Gather WinSCP Saved Password Extraction
windows/gather/credentials/wsftp_client normal Windows Gather WS_FTP Saved Password Extraction
windows/gather/dumplinks normal Windows Gather Dump Recent Files lnk Info
windows/gather/enum_applications normal Windows Gather Installed Application Enumeration
windows/gather/enum_artifacts normal Windows Gather File and Registry Artifacts Enumeration
windows/gather/enum_chrome normal Windows Gather Google Chrome User Data Enumeration
windows/gather/enum_computers normal Windows Gather Enumerate Computers
windows/gather/enum_devices normal Windows Gather Hardware Enumeration
windows/gather/enum_dirperms normal Windows Gather Directory Permissions Enumeration
windows/gather/enum_domain normal Windows Gather Enumerate Domain
windows/gather/enum_domain_group_users normal Windows Gather Enumerate Domain Group
windows/gather/enum_domain_tokens normal Windows Gather Enumerate Domain Tokens
windows/gather/enum_domains normal Windows Gather Domain Enumeration
windows/gather/enum_hostfile normal Windows Gather Windows Host File Enumeration
windows/gather/enum_ie normal Windows Gather Internet Explorer User Data Enumeration
windows/gather/enum_logged_on_users normal Windows Gather Logged On User Enumeration (Registry)
windows/gather/enum_ms_product_keys normal Windows Gather Product Key
windows/gather/enum_powershell_env normal Windows Gather Powershell Environment Setting Enumeration
windows/gather/enum_services normal Windows Gather Service Info Enumeration
windows/gather/enum_shares normal Windows Gather SMB Share Enumeration via Registry
windows/gather/enum_snmp normal Windows Gather SNMP Settings Enumeration (Registry)
windows/gather/enum_termserv normal Windows Gather Terminal Server Client Connection Information Dumper
windows/gather/enum_tokens normal Windows Gather Enumerate Domain Admin Tokens (Token Hunter)
windows/gather/forensics/duqu_check normal Windows Gather Forensics Duqu Registry Check
windows/gather/forensics/enum_drives normal Windows Gather Physical Drives and Logical Volumes
windows/gather/forensics/imager normal Windows Gather Forensic Imaging
windows/gather/forensics/nbd_server normal Windows Gather Local NBD Server
windows/gather/hashdump normal Windows Gather Local User Account Password Hashes (Registry)
windows/gather/memory_grep normal Windows Gather Process Memory Grep
windows/gather/resolve_sid normal Windows Gather Local User Account SID Lookup
windows/gather/reverse_lookup normal Windows Gather IP Range Reverse Lookup
windows/gather/screen_spy normal Windows Gather Screen Spy
windows/gather/smart_hashdump normal Windows Gather Local and Domain Controller Account Password Hashes
windows/gather/usb_history normal Windows Gather USB Drive History
windows/gather/win_privs normal Windows Gather Privileges Enumeration
windows/gather/wmic_command normal Windows Gather Run Specified WMIC command
windows/manage/add_user_domain normal Windows Manage Add User to the Domain and/or to a Domain Group
windows/manage/autoroute normal Windows Manage Network Route via Meterpreter Session
windows/manage/delete_user normal Windows Manage Local User Account Deletion
windows/manage/download_exec normal Windows Manage Download and/or Execute
windows/manage/enable_rdp normal Windows Manage Enable Remote Desktop
windows/manage/inject_ca normal Windows Manage Certificate Authority Injection
windows/manage/inject_host normal Windows Manage Hosts File Injection
windows/manage/migrate normal Windows Manage Process Migration
windows/manage/multi_meterpreter_inject normal Windows Manage Inject in Memory Multiple Payloads
windows/manage/nbd_server normal Windows Manage Local NBD Server for Remote Disks
windows/manage/payload_inject normal Windows Manage Memory Payload Injection Module
windows/manage/persistence normal Windows Manage Persistent Payload Installer
windows/manage/powershell/exec_powershell normal Windows Manage PowerShell Download and/or Execute
windows/manage/pxexploit normal Windows Manage PXE Exploit Server
windows/manage/remove_ca normal Windows Certificate Authority Removal
windows/manage/remove_host normal Windows Manage Host File Entry Removal
windows/manage/run_as normal Windows Manage Run Command As User
windows/manage/vss_create normal Windows Manage Create Shadow Copy
windows/manage/vss_list normal Windows Manage List Shadow Copies
windows/manage/vss_mount normal Windows Manage Mount Shadow Copy
windows/manage/vss_set_storage normal Windows Manage Set Shadow Copy Storage Space
windows/manage/vss_storage normal Windows Manage Get Shadow Copy Storage Info
windows/recon/computer_browser_discovery normal Windows Recon Computer Browser Discovery
windows/recon/resolve_hostname normal Windows Recon Resolve Hostname
windows/wlan/wlan_bss_list normal Windows Gather Wireless BSS Info
windows/wlan/wlan_current_connection normal Windows Gather Wireless Current Connection Info
windows/wlan/wlan_disconnect normal Windows Disconnect Wireless Connection
windows/wlan/wlan_profile normal Windows Gather Wireless Profile
resource (display/show_post.rc)> info aix/hashdump
Name: AIX Gather Dump Password Hashes
Module: post/aix/hashdump
Version: $Revision$
Platform: AIX
Arch:
Rank: Normal
Provided by:
thelightcosine <thelightcosine@metasploit.com>
Description:
Post Module to dump the password hashes for all users on an AIX
System
resource (display/show_post.rc)> info cisco/gather/enum_cisco
Name: Gather Cisco Device General Information
Module: post/cisco/gather/enum_cisco
Version: 14822
Platform: Cisco
Arch:
Rank: Normal
Provided by:
Carlos Perez <carlos_perez@darkoperator.com>
Description:
This module collects a Cisco IOS or NXOS device information and
configuration.
resource (display/show_post.rc)> info linux/gather/checkvm
Name: Linux Gather Virtual Environment Detection
Module: post/linux/gather/checkvm
Version: 14812
Platform: Linux
Arch:
Rank: Normal
Provided by:
Carlos Perez <carlos_perez@darkoperator.com>
Description:
This module attempts to determine whether the system is running
inside of a virtual environment and if so, which one. This module
supports detection of Hyper-V, VMWare, VirtualBox, Xen, and
QEMU/KVM.
resource (display/show_post.rc)> info linux/gather/enum_configs
Name: Linux Gather Configurations
Module: post/linux/gather/enum_configs
Version: 0
Platform: Linux
Arch:
Rank: Normal
Provided by:
ohdae <bindshell@live.com>
Description:
This module collects configuration files found on commonly installed
applications and services, such as Apache, MySQL, Samba, Sendmail,
etc. If a config file is found in its default path, the module will
assume that is the file we want.
resource (display/show_post.rc)> info linux/gather/enum_network
Name: Linux Gather Network Information
Module: post/linux/gather/enum_network
Version: $Revision$
Platform: Linux
Arch:
Rank: Normal
Provided by:
ohdae <bindshell@live.com>
Stephen Haywood <averagesecurityguy@gmail.com>
Description:
This module gathers network information from the target system
IPTables rules, interfaces, wireless information, open and listening
ports, active network connections, DNS information and SSH
information.
resource (display/show_post.rc)> info linux/gather/enum_protections
Name: Linux Gather Protection Enumeration
Module: post/linux/gather/enum_protections
Version: 0
Platform: Linux
Arch:
Rank: Normal
Provided by:
ohdae <bindshell@live.com>
Description:
This module tries to find certain installed applications that can be
used to prevent, or detect our attacks, which is done by locating
certain binary locations, and see if they are indeed executables.
For example, if we are able to run 'snort' as a command, we assume
it's one of the files we are looking for. This module is meant to
cover various antivirus, rootkits, IDS/IPS, firewalls, and other
software.
resource (display/show_post.rc)> info linux/gather/enum_system
Name: Linux Gather System and User Information
Module: post/linux/gather/enum_system
Version: $Revision$
Platform: Linux
Arch:
Rank: Normal
Provided by:
Carlos Perez <carlos_perez@darkoperator.com>
Stephen Haywood <averagesecurityguy@gmail.com>
sinn3r <sinn3r@metasploit.com>
ohdae <bindshell@live.com>
Description:
This module gathers system information. We collect installed
packages, installed services, mount information, user list, user
bash history and cron jobs
resource (display/show_post.rc)> info linux/gather/enum_users_history
Name: Linux Gather User History
Module: post/linux/gather/enum_users_history
Version: $Revision$
Platform: Linux
Arch:
Rank: Normal
Provided by:
ohdae <bindshell@live.com>
Description:
This module gathers user specific information. User list, bash
history, mysql history, vim history, lastlog and sudoers.
resource (display/show_post.rc)> info linux/gather/enum_xchat
Name: Linux Gather XChat Enumeration
Module: post/linux/gather/enum_xchat
Version: 0
Platform: Linux
Arch:
Rank: Normal
Provided by:
sinn3r <sinn3r@metasploit.com>
Description:
This module will collect XChat's config files and chat logs from the
victim's machine. There are three actions you may choose: CONFIGS,
CHATS, and ALL. The CONFIGS option can be used to collect
information such as channel settings, channel/server passwords, etc.
The CHATS option will simply download all the .log files.
resource (display/show_post.rc)> info linux/gather/hashdump
Name: Linux Gather Dump Password Hashes for Linux Systems
Module: post/linux/gather/hashdump
Version: 14774
Platform: Linux
Arch:
Rank: Normal
Provided by:
Carlos Perez <carlos_perez@darkoperator.com>
Description:
Post Module to dump the password hashes for all users on a Linux
System
resource (display/show_post.rc)> info linux/gather/mount_cifs_creds
Name: Linux Gather Saved mount.cifs/mount.smbfs Credentials
Module: post/linux/gather/mount_cifs_creds
Version: 0
Platform: Linux
Arch:
Rank: Normal
Provided by:
Jon Hart <jhart@spoofed.org>
Description:
Post Module to obtain credentials saved for mount.cifs/mount.smbfs
in /etc/fstab on a Linux system.
resource (display/show_post.rc)> info multi/gather/apple_ios_backup
Name: Windows Gather Apple iOS MobileSync Backup File Collection
Module: post/multi/gather/apple_ios_backup
Version: 14834
Platform: Windows, OSX
Arch:
Rank: Normal
Provided by:
hdm <hdm@metasploit.com>
bannedit <bannedit@metasploit.com>
Description:
This module will collect sensitive files from any on-disk iOS device
backups
resource (display/show_post.rc)> info multi/gather/dns_bruteforce
Name: Multi Gather DNS Forward Lookup Bruteforce
Module: post/multi/gather/dns_bruteforce
Version: 14774
Platform: Windows, Linux, OSX, BSD, Solaris
Arch:
Rank: Normal
Provided by:
Carlos Perez <carlos_perez@darkoperator.com>
Description:
Brute force subdomains and hostnames via wordlist.
resource (display/show_post.rc)> info multi/gather/dns_reverse_lookup
Name: Multi Gather DNS Reverse Lookup Scan
Module: post/multi/gather/dns_reverse_lookup
Version: 14774
Platform: Windows, Linux, OSX, BSD, Solaris
Arch:
Rank: Normal
Provided by:
Carlos Perez <carlos_perez@darkoperator.com>
Description:
Performs DNS reverse lookup using the OS included DNS query command.
resource (display/show_post.rc)> info multi/gather/dns_srv_lookup
Name: Multi Gather DNS Service Record Lookup Scan
Module: post/multi/gather/dns_srv_lookup
Version: 14774
Platform: Windows, Linux, OSX, BSD, Solaris
Arch:
Rank: Normal
Provided by:
Carlos Perez <carlos_perez@darkoperator.com>
Description:
Enumerates know SRV Records for a given domaon using target host DNS
query tool.
resource (display/show_post.rc)> info multi/gather/enum_vbox
Name: Multi Gather VirtualBox VM Enumeration
Module: post/multi/gather/enum_vbox
Version: $Revision$
Platform: Unix, BSD, Linux, OSX, Windows
Arch:
Rank: Normal
Provided by:
TheLightCosine <thelightcosine@metasploit.com>
Description:
This module will attempt to enumerate any VirtualBox VMs on the
target machine. Due to the nature of VirtualBox, this module can
only enumerate VMs registered for the current user, thereforce, this
module needs to be invoked from a user context.
resource (display/show_post.rc)> info multi/gather/env
Name: Multi Gather Generic Operating System Environment Settings
Module: post/multi/gather/env
Version: 14976
Platform: Linux, Windows
Arch:
Rank: Normal
Provided by:
Carlos Perez <carlos_perez@darkoperator.com>
egypt <egypt@metasploit.com>
Description:
This module prints out the operating system environment variables
resource (display/show_post.rc)> info multi/gather/fetchmailrc_creds
Name: UNIX Gather .fetchmailrc Credentials
Module: post/multi/gather/fetchmailrc_creds
Version: 0
Platform: BSD, Linux, OSX, Unix
Arch:
Rank: Normal
Provided by:
Jon Hart <jhart@spoofed.org>
Description:
Post Module to obtain credentials saved for IMAP, POP and other mail
retrieval protocols in fetchmail's .fetchmailrc
resource (display/show_post.rc)> info multi/gather/filezilla_client_cred
Name: Multi Gather FileZilla FTP Client Credential Collection
Module: post/multi/gather/filezilla_client_cred
Version: 14935
Platform: Unix, BSD, Linux, OSX, Windows
Arch:
Rank: Normal
Provided by:
bannedit <bannedit@metasploit.com>
Carlos Perez <carlos_perez@darkoperator.com>
Description:
This module will collect credentials from the FileZilla FTP client
if it is installed.
resource (display/show_post.rc)> info multi/gather/find_vmx
Name: Multi Gather VMWare VM Identification
Module: post/multi/gather/find_vmx
Version: $Revision$
Platform: Unix, BSD, Linux, OSX, Windows
Arch:
Rank: Normal
Provided by:
TheLightCosine <thelightcosine@metasploit.com>
Description:
This module will attempt to find any VMWare virtual machines stored
on the target.
resource (display/show_post.rc)> info multi/gather/firefox_creds
Name: Multi Gather Firefox Signon Credential Collection
Module: post/multi/gather/firefox_creds
Version: 14852
Platform: Windows, Linux, BSD, Unix, OSX
Arch:
Rank: Normal
Provided by:
bannedit <bannedit@metasploit.com>
Description:
This module will collect credentials from the Firefox web browser if
it is installed on the targeted machine. Additionally, cookies are
downloaded. Which could potentially yield valid web sessions.
Firefox stores passwords within the signons.sqlite database file.
There is also a keys3.db file which contains the key for decrypting
these passwords. In cases where a Master Password has not been set,
the passwords can easily be decrypted using third party tools. If a
Master Password was used the only option would be to bruteforce.
resource (display/show_post.rc)> info multi/gather/multi_command
Name: Multi Gather Run Shell Command Resource File
Module: post/multi/gather/multi_command
Version: 14774
Platform: Windows, Linux, BSD, Unix, OSX
Arch:
Rank: Normal
Provided by:
Carlos Perez <carlos_perez@darkoperator.com>
Description:
This module will read shell commands from a resource file and
execute the commands in the specified Meterpreter or shell session.
resource (display/show_post.rc)> info multi/gather/netrc_creds
Name: UNIX Gather .netrc Credentials
Module: post/multi/gather/netrc_creds
Version: 0
Platform: BSD, Linux, OSX, Unix
Arch:
Rank: Normal
Provided by:
Jon Hart <jhart@spoofed.org>
Description:
Post Module to obtain credentials saved for FTP and other services
in .netrc
resource (display/show_post.rc)> info multi/gather/pidgin_cred
Name: Multi Gather Pidgin Instant Messenger Credential Collection
Module: post/multi/gather/pidgin_cred
Version: 14774
Platform: Unix, BSD, Linux, OSX, Windows
Arch:
Rank: Normal
Provided by:
bannedit <bannedit@metasploit.com>
Carlos Perez <carlos_perez@darkoperator.com>
Description:
This module will collect credentials from the Pidgin IM client if it
is installed.
resource (display/show_post.rc)> info multi/gather/ping_sweep
Name: Multi Gather Ping Sweep
Module: post/multi/gather/ping_sweep
Version: 14774
Platform: Windows, Linux, OSX, BSD, Solaris
Arch:
Rank: Normal
Provided by:
Carlos Perez <carlos_perez@darkoperator.com>
Description:
Performs IPv4 ping sweep using the OS included ping command.
resource (display/show_post.rc)> info multi/gather/run_console_rc_file
Name: Multi Gather Run Console Resource File
Module: post/multi/gather/run_console_rc_file
Version: 14774
Platform: Windows
Arch:
Rank: Normal
Provided by:
Carlos Perez <carlos_perez@darkoperator.com>
Description:
This module will read console commands from a resource file and
execute the commands in the specified Meterpreter session.
resource (display/show_post.rc)> info multi/gather/skype_enum
Name: Multi Gather Skype User Data Enumeration
Module: post/multi/gather/skype_enum
Version: $Revision$
Platform: Windows, OSX
Arch:
Rank: Normal
Provided by:
Carlos Perez <carlos_perez@darkoperator.com>
Description:
This module will enumerate Skype account settings, contact list,
call history, chat logs, file transfer history, and voicemail logs,
saving all the data to CSV files for analysis.
resource (display/show_post.rc)> info multi/gather/ssh_creds
Name: Multi Gather OpenSSH PKI Credentials Collection
Module: post/multi/gather/ssh_creds
Version: 14795
Platform: Linux, BSD, Unix, OSX
Arch:
Rank: Normal
Provided by:
Jim Halfpenny
Description:
This module will collect the contents of user's .ssh directory on
the targeted machine. Additionally, known_hosts and authorized_keys
and any other files are also downloaded. This module is largely
based on firefox_creds.rb.
resource (display/show_post.rc)> info multi/gather/thunderbird_creds
Name: Multi Gather Mozilla Thunderbird Signon Credential Collection
Module: post/multi/gather/thunderbird_creds
Version: 0
Platform: Windows, Linux, OSX
Arch:
Rank: Normal
Provided by:
sinn3r <sinn3r@metasploit.com>
Description:
This module will collect credentials from Mozilla Thunderbird by
downloading the necessary files such as 'signons.sqlite', 'key3.db',
and 'cert8.db' for offline decryption with third party tools. If
necessary, you may also set the PARSE optioin to true to parse the
sqlite file, which contains sensitive information such as the
encrypted username/password. However, this feature is not enabled by
default, because it requires SQLITE3 gem to be installed on your
machine.
resource (display/show_post.rc)> info multi/general/close
Name: Multi Generic Operating System Session Close
Module: post/multi/general/close
Version: 14976
Platform: Linux, Windows, Unix, OSX
Arch:
Rank: Normal
Provided by:
hdm <hdm@metasploit.com>
Description:
This module closes the specified session. This can be useful as a
finisher for automation tasks
resource (display/show_post.rc)> info multi/general/execute
Name: Multi Generic Operating System Session Command Execution
Module: post/multi/general/execute
Version: $Revision$
Platform: Linux, Windows, Unix, OSX
Arch:
Rank: Normal
Provided by:
hdm <hdm@metasploit.com>
Description:
This module executes an arbitrary command line
resource (display/show_post.rc)> info multi/manage/multi_post
Name: Multi Manage Post Module Macro Execution
Module: post/multi/manage/multi_post
Version: 14774
Platform: Windows, Unix, OSX, Linux, Solaris
Arch:
Rank: Normal
Provided by:
carlos_perez <carlos_perez@darkoperator.com>
Description:
This module will execute a list of modules given in a macro file in
the format of <module> <opt=val,opt=val> against the select session
checking for compatibility of the module against the sessions and
validation of the options provided.
resource (display/show_post.rc)> info multi/manage/sudo
Name: Multiple Linux / Unix Post Sudo Upgrade Shell
Module: post/multi/manage/sudo
Version: $
Platform: Linux, Unix, OSX, Solaris, AIX
Arch:
Rank: Normal
Provided by:
todb <todb@metasploit.com>
Description:
This module attempts to upgrade a shell account to UID 0 by reusing
the given password and passing it to sudo. This technique relies on
sudo versions from 2008 and later which support -A.
References:
http://www.sudo.ws/repos/sudo/file/05780f5f71fd/sudo.h
resource (display/show_post.rc)> info multi/manage/system_session
Name: Multi Manage System Remote TCP Shell Session
Module: post/multi/manage/system_session
Version: 14976
Platform: Unix, OSX, Linux
Arch:
Rank: Normal
Provided by:
Carlos Perez <carlos_perez@darkoperator.com>
Description:
This module will create a Reverse TCP Shell on the target system
using the system own scripting enviroments installed on the target.
resource (display/show_post.rc)> info osx/admin/say
Name: OSX Text to Speech Utility
Module: post/osx/admin/say
Version: 0
Platform: OSX
Arch:
Rank: Normal
Provided by:
sinn3r <sinn3r@metasploit.com>
Description:
This module will speak whatever is in the 'TEXT' option on the
victim machine.
References:
http://www.gabrielserafini.com/blog/2008/08/19/mac-os-x-voices-for-using-with-the-say-command/
resource (display/show_post.rc)> info osx/gather/enum_adium
Name: OSX Gather Adium Enumeration
Module: post/osx/gather/enum_adium
Version: 0
Platform: OSX
Arch:
Rank: Normal
Provided by:
sinn3r <sinn3r@metasploit.com>
Description:
This module will collect Adium's account plist files and chat logs
from the victim's machine. There are three different actions you may
choose: ACCOUNTS, CHATS, and ALL. Note that to use the 'CHATS'
action, make sure you set the regex 'PATTERN' option in order to
look for certain log names (which consists of a contact's name, and
a timestamp). The current 'PATTERN' option is configured to look for
any log created on February 2012 as an example. To loot both account
plists and chat logs, simply set the action to 'ALL'.
resource (display/show_post.rc)> info osx/gather/enum_airport
Name: OSX Gather Airport Wireless Preferences
Module: post/osx/gather/enum_airport
Version: 0
Platform: OSX
Arch:
Rank: Normal
Provided by:
sinn3r <sinn3r@metasploit.com>
Description:
This module will download OSX Airport Wireless preferences from the
victim machine. The preferences file (which is a plist) contains
information such as: SSID, Channels, Security Type, Password ID,
etc.
resource (display/show_post.rc)> info osx/gather/enum_chicken_vnc_profile
Name: OSX Gather Chicken of the VNC Profile
Module: post/osx/gather/enum_chicken_vnc_profile
Version: 0
Platform: OSX
Arch:
Rank: Normal
Provided by:
sinn3r <sinn3r@metasploit.com>
Description:
This module will download the "Chicken of the VNC" client
application's profile file, which is used to store other VNC
servers' information such as as the IP and password.
resource (display/show_post.rc)> info osx/gather/enum_colloquy
Name: OSX Gather Colloquy Enumeration
Module: post/osx/gather/enum_colloquy
Version: 0
Platform: OSX
Arch:
Rank: Normal
Provided by:
sinn3r <sinn3r@metasploit.com>
Description:
This module will collect Colloquy's info plist file and chat logs
from the victim's machine. There are three actions you may choose:
INFO, CHATS, and ALL. Please note that the CHAT action may take a
long time depending on the victim machine, therefore we suggest to
set the regex 'PATTERN' option in order to search for certain log
names (which consists of the contact's name, and a timestamp). The
default 'PATTERN' is configured as "^alien" as an example to search
for any chat logs associated with the name "alien".
resource (display/show_post.rc)> info osx/gather/enum_osx
Name: OS X Gather Mac OS X System Information Enumeration
Module: post/osx/gather/enum_osx
Version: 15406
Platform: OSX
Arch:
Rank: Normal
Provided by:
Carlos Perez <carlos_perez@darkoperator.com>
Description:
This module gathers basic system information from Mac OS X Tiger,
Leopard, Snow Leopard and Lion systems.
resource (display/show_post.rc)> info osx/gather/hashdump
Name: OS X Gather Mac OS X Password Hash Collector
Module: post/osx/gather/hashdump
Version: 15406
Platform: OSX
Arch:
Rank: Normal
Provided by:
Carlos Perez <carlos_perez@darkoperator.com>
hammackj <jacob.hammack@hammackj.com>
Description:
This module dumps SHA-1, LM and NT Hashes of Mac OS X Tiger,
Leopard, Snow Leopard and Lion Systems.
resource (display/show_post.rc)> info solaris/gather/checkvm
Name: Solaris Gather Virtual Environment Detection
Module: post/solaris/gather/checkvm
Version: 14976
Platform: Solaris
Arch:
Rank: Normal
Provided by:
Carlos Perez <carlos_perez@darkoperator.com>
Description:
This module attempts to determine whether the system is running
inside of a virtual environment and if so, which one. This module
supports detectoin of Solaris Zone, VMWare, VirtualBox, Xen, and
QEMU/KVM.
resource (display/show_post.rc)> info solaris/gather/enum_packages
Name: Solaris Gather Installed Packages
Module: post/solaris/gather/enum_packages
Version: 14774
Platform: Solaris
Arch:
Rank: Normal
Provided by:
Carlos Perez <carlos_perez@darkoperator.com>
Description:
Post Module to enumerate installed packages on a Solaris System
resource (display/show_post.rc)> info solaris/gather/enum_services
Name: Solaris Gather Configured Services
Module: post/solaris/gather/enum_services
Version: 14774
Platform: Solaris
Arch:
Rank: Normal
Provided by:
Carlos Perez <carlos_perez@darkoperator.com>
Description:
Post Module to enumerate services on a Solaris System
resource (display/show_post.rc)> info solaris/gather/hashdump
Name: Solaris Gather Dump Password Hashes for Solaris Systems