New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add enum_trusted_locations.rb #6966
Conversation
Quickly enumerates trusted locations for file planting :)
Fix some changes, I had emet references.
As always, I am sure there are code improvemnets you guys have for me :) |
Fixed MSFTidy stuff
Fixed some msftidy issues. |
Thank you, looks neat, will test this out. |
For future I am looking at modules such as: post/windows/gather/av/enum_comodo post/windows/gather/enum_applocker? Easy enough to make and saves remembering paths for registry keys. Also this helps you automate it. |
print_good("Results stored in: #{path}") | ||
end | ||
end | ||
end |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This is the end, beautiful friend / This is the end, my only friend, the end
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
or hopefully not as I want to write more :D
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Maybe we can refactor the level of nesting here. :)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
my Ruby sucks but any advice hugely appreciated.
haha @wvu-r7 yes it is the end. |
Added product it found the locations in.
Changed some colours
Some tidyup vysecurity#1 |
Trusted locations cleanup
Thanks Meatballs :) |
"A trusted location is typically a folder on your hard disk or a network share. Any file that you put in a trusted location can be opened without being checked by the Trust Center security feature." - https://support.office.com/en-us/article/Create-remove-or-change-a-trusted-location-for-your-files-f5151879-25ea-4998-80a5-4208b3540a62
This adds a post exploitation module to enumerate all trusted locations for different office software on a machine.
Verification
msfconsole
use post/windows/gather/enum_trusted_locations
set SESSION 1
run
Output
Quickly enumerates trusted locations for file planting :)