Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add Windows Gather Power Shell History module #11157

Merged
merged 4 commits into from Feb 13, 2019

Conversation

@dgarvit
Copy link
Contributor

dgarvit commented Dec 21, 2018

Resolves #10979.

The module works! Here is the screenshot:
image

dgarvit added 2 commits Dec 20, 2018
@bcoles

This comment has been minimized.

Copy link
Contributor

bcoles commented Dec 21, 2018

Please add reference URLs to References key in the module data.

https://docs.microsoft.com/en-us/powershell/module/psreadline/
https://github.com/KalibRx/PoshHarvestPy/blob/master/poshharvest.py
https://0xdf.gitlab.io/2018/11/08/powershell-history-file.html
@dgarvit

This comment has been minimized.

Copy link
Contributor Author

dgarvit commented Dec 21, 2018

Thanks for pointing out all the changes and improvements @bcoles ! I have pushed the updated module!

@dgarvit

This comment has been minimized.

Copy link
Contributor Author

dgarvit commented Dec 22, 2018

@bcoles what needs to be done next to get this merged?

@bcoles

This comment has been minimized.

Copy link
Contributor

bcoles commented Dec 22, 2018

Someone will read it, review it, and offer feedback if required. Given that xmas is approaching, there may be delays with handling PRs.

Also, please add some module documentation for this module.

@dgarvit

This comment has been minimized.

Copy link
Contributor Author

dgarvit commented Dec 22, 2018

Wanted to know exactly about that. Thanks!

@bcoles bcoles added docs and removed needs-docs labels Dec 23, 2018
@acammack-r7 acammack-r7 self-assigned this Jan 2, 2019
@wchen-r7 wchen-r7 assigned wchen-r7 and unassigned acammack-r7 Feb 13, 2019
@wchen-r7

This comment has been minimized.

Copy link
Contributor

wchen-r7 commented Feb 13, 2019

Seems to work for me. I'll land it. Thanks!

@wchen-r7 wchen-r7 merged commit b7dce68 into rapid7:master Feb 13, 2019
3 checks passed
3 checks passed
Metasploit Automation - Sanity Test Execution Successfully completed all tests.
Details
Metasploit Automation - Test Execution Successfully completed all tests.
Details
continuous-integration/travis-ci/pr The Travis CI build passed
Details
wchen-r7 added a commit that referenced this pull request Feb 13, 2019
@wchen-r7

This comment has been minimized.

Copy link
Contributor

wchen-r7 commented Feb 13, 2019

Release Notes

The post/windows/gather/psreadline_history module has been added to the framework. This post-exploitation module can be used to extract PowerShell history from PSReadLine.

msjenkins-r7 added a commit that referenced this pull request Feb 13, 2019
@dgarvit

This comment has been minimized.

Copy link
Contributor Author

dgarvit commented Feb 13, 2019

I had been wondering when this would get merged! Thanks @wchen-r7 ! 😄

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
6 participants
You can’t perform that action at this time.