New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Puppet: post module to gather configs and such #18628
Conversation
keep a WIP as the agent deployer is close, but not 100% yet, but figured this is a heads up that its being worked. |
don't think i'm going to get back around to puppet, unless theres a puppet admin who wants to explain things to me, as its too confusing to actually use. |
No worries @h00die - does this mean this PR can be closed? Or is it ready for review in the state that it's in? |
Ready for review in it's current state. My original idea to have a node deployer hasn't planned out as I can't seem to understand how puppet works |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks for the module @h00die! Looking good, just a couple minor comments.
msf6 post(linux/gather/puppet) > rexploit
[*] Reloading module...
[+] Stored puppet config to: /Users/jheysel/.msf4/loot/20240124105544_default_172.22.0.3_puppet.conf_973478.txt
[+] Puppet Configuration
====================
Parameter Value Loot Location
--------- ----- -------------
cacert /etc/puppetlabs/puppetserver/ca/ca_crt.pem /Users/jheysel/.msf4/loot/20240124105545_default_172.22.0.3_etcpuppetlabs_488284.txt
cakey /etc/puppetlabs/puppetserver/ca/ca_key.pem /Users/jheysel/.msf4/loot/20240124105545_default_172.22.0.3_etcpuppetlabs_252907.txt
passfile /etc/puppetlabs/puppet/ssl/private/password
server puppet
user puppet
[+] Stored facter to: /Users/jheysel/.msf4/loot/20240124105546_default_172.22.0.3_puppet.modules_861636.txt
[+] Puppet Modules
==============
Module Version
------ -------
puppetlabs-apache v12.0.2
puppetlabs-concat v9.0.2
puppetlabs-stdlib v9.4.1
[+] Puppet Filebucket Files
=======================
Hash Date Filename Loot location
---- ---- -------- -------------
f2ca1bb6c7e907d06dafe4687e579fce76b37e4e93b7605022da52e6ccc26fd2 2024-01-24 02:24:18 /tmp/TestFile /Users/jheysel/.msf4/loot/20240124105550_default_172.22.0.3_puppet.filebucke_436017.txt
[+] Stored facter to: /Users/jheysel/.msf4/loot/20240124105551_default_172.22.0.3_puppet.facter_573034.txt
[+] Stored packages to: /Users/jheysel/.msf4/loot/20240124105554_default_172.22.0.3_puppet.packages_036470.txt
[+] Puppet Packages
===============
Package Version Source
------- ------- ------
adduser 3.118ubuntu5 apt
apt 2.4.11 apt
base-files 12ubuntu4.4 apt
base-passwd 3.5.52build1 apt
base64 0.2.0 puppet_gem
bash 5.1-6ubuntu1 apt
<redacted>
yaml 0.1.0 puppet_gem
zlib 1.1.0 puppet_gem
zlib1g 1:1.2.11.dfsg-2ubuntu9.2 apt
[*] Post module execution completed
Thanks for the patience @jheysel-r7 . I think I've now resolved everything |
Thanks for pushing those update @h00die, looking good!
|
Release NotesThis PR adds a post gather module to get Puppet configs and other sensitive files. |
This PR adds a post gather module to get puppet configs and sensitive files!
Verification
see individual markdowns for instructions