Open mubix opened 7 years ago
Following is the first go towards getting rid of the scripts directory.
Replacement of scripts inside the scripts/meterpreter directory:
arp_scanner.rb
<empty>
autoroute.rb
post/windows/manage/autoroute
checkvm.rb
post/windows/gather/checkvm
credcollect.rb
<empty>
domain_list_gen.rb
<empty>
dumplinks.rb
<empty>
duplicate.rb
post/windows/manage/payload_inject.rb
post/windows/manage/multi_meterpreter_inject.rb
enum_chrome.rb
post/windows/gather/enum_chrome.rb
enum_firefox.rb
post/windows/gather/enum_firefox.rb
enum_logged_on_users.rb
post/windows/gather/enum_logged_on_users.rb
enum_powershell_env.rb
post/windows/gather/enum_powershell_env.rb
enum_putty.rb
post/windows/gather/enum_putty_saved_sessions.rb
enum_shares
post/windows/gather/enum_shares.rb
enum_vmware.rb
<empty>
event_manager.rb
<empty>
file_collector.rb
post/windows/gather/enum_files.rb
get_application_list.rb
post/windows/gather/enum_applications.rb
getcountermeasures.rb
post/windows/manager/killav.rb
getenv.rb
<empty>
get_filezilla_creds.rb
post/windows/gather/credentials/filezilla_server.rb
get_pidgin_creds.rb
<empty>
getgui.rb
post/windows/manage/enable_rdp.rb
get_local_subnets.rb
post/windows/manage/autoroute.rb
get_pidgin_creds.rb
<empty>
gettelnet.rb
<empty>
get_valid_community.rb
post/windows/gather/enum_snmp.rb
getvncpw.rb
post/windows/gather/credentials/vnc.rb
hashdump.rb
post/windows/gather/smart_hashdump.rb
hostsedit.rb
post/windows/manage/inject_host.rb
keylogrecorder.rb
post/windows/capture/keylog_recorder.rb
killav.rb (duplicate of getcountermeasures - need to check)
metsvc.rb
post/windows/manage/persistence_exe.rb
migrate.rb
post/windows/manage/migrate.rb
multicommand.rb
<empty>
multi_console_command.rb
<empty>
multiscript.rb
<empty>
netenum.rb
<empty>
packetrecorder.rb
post/windows/manage/rpcapd_start.rb
panda_2007_pavsrv51.rb
<empty>
persistence.rb
post/window/manager/persistence_exe.rb
pml_driver_config.rb
<empty>
powerdump.rb
<empty>
prefetchtool.rb
post/windows/gather/enum_prefetch.rb
process_memdump.rb
post/windows/gather/memory_grep.rb (only partially since the script allow complete dump of the process memory on the client side while the post module only searches the process on the remote machine)
remotewinenum.rb
post/windows/gather/wmic_command.rb
scheduleme.rb
<empty>
schelevator.rb
exploits/windows/local/ms10_092_schelevator.rb
schtasksabuse.rb
<empty>
scraper.rb
post/windows/manage/autoroute
sysinfo command of meterpreter
post/windows/gather/tcpnetstat.rb
post/windows/gather/enum_shares.rb
post/windows/gather/enum_services.rb
post/windows/gather/smart_hashdump.rb
screenspy
post/windows/gather/screen_spy.rb
screen_unlock.rb
post/windows/escalate/screen_unlock.rb
search_dwld.rb
post/windows/gather/enum_files.rb
service_manager.rb
<empty>
service_permissions_escalate.rb
exploits/windows/local/service_permissions.rb
sound_recorder.rb
<empty>
srt_webdrive_priv.rb
<empty>
uploadexec.rb
post/windows/manage/download_exec.rb
virtualbox_sysenter_dos.rb
<empty>
virusscan_bypass.rb
<empty>
vnc.rb
<empty>
webcam.rb
post/windows/manage/webcam.rb
win32-sshclient.rb
<empty>
win32-sshserver.rb
<empty>
winbf.rb
<empty>
winenum.rb
post/windows/manage/autoroute
sysinfo command of meterpreter
post/windows/gather/tcpnetstat.rb
post/windows/gather/enum_shares.rb
post/windows/gather/enum_services.rb
post/windows/gather/smart_hashdump.rb
wmic.rb
post/windows/gather/wmic_command.rb
Would appreciate if a committer find a mistake in the above list or a module is available for a script where I have written <empty>
to edit it inline so that we can have a single point to refer to. For non committers who don't have the edit options, just comment below and I will add it to the list.
Update:
The scripts/ps/ and scripts/shell/ directory can be removed without any problem since scripts/ps/flags contain $someText = "Hello from Metasploit!" ; $someText > "C:\flag.txt"
while scripts/shell/migrate contains
#
# Simply print a message that migrating is not supported on CommandShell sessions...
#
# -jduck
#
print_error("Error: command shell sessions do not support migration")
The scripts/resources/ directory contain .rc scripts for automation so we can keep it as it is since all it do is use the existing modules in the modules tree.
Updated TODO:
Make sure all the <empty>
tags are covered by existing modules.
get_pidgin_creds.rb
appears in the list twice.
This script gets the creds, buddies and logs from Pidgin.
post/multi/gather/pidgin_cred module exists which gets the creds and buddies, but does not get the logs.
Bug appeared in scripts/meterpreter/scheduleme.rb checking the prerequisites ==
vs !=
.
Edit: added pr in #8854
Whoever wrote get_filezilla_creds was not a fan of future proofing:
125 if os =~ /7|Vista|2008/
126 path4users = sysdrv + "\\users\\"
127 path2purple = "\\AppData\\Roaming\\"
128 else
129 path4users = sysdrv + "\\Documents and Settings\\"
130 path2purple = "\\Application Data\\"
131 end
* [x] rm all the scripts that already have a post module counterpart
I have a better idea: #11412
The following scripts are yet to be ported to post modules, deprecated and deleted:
#!/usr/bin/env ruby
require 'json'
f = File.open('lib/msf/base/sessions/scriptable.rb', 'rb')
junk = f.read.scan(/^\s*def legacy_script_to_post_module\(script_name\)\s*\{(.*?)\}/m).flatten.first
f.close
scripts = []
junk.each_line do |line|
next if line.strip.to_s == ''
scripts << line.split('=>').first.strip.tr("'", '')
end
scripts.sort!
files = Dir.glob('./scripts/meterpreter/*.rb').select{ |e| File.file? e }.sort.each do |script|
s = File.basename(script).strip.sub(/\.rb$/, '')
puts s unless scripts.include? s
end
This, me, week of 2017/01/17->?