Tfs variable decrypt

[rindert-fox]

It is possible within Team Foundation Server to store variables with encrypted content. Use cases for this can vary from secretive information or username and password to deploy builds. The decryption key for these values is encrypted with another key which is stored in the same database. This module uses a script to query and decrypt the secret variables.
Integrated authentication will be used unless DBA_USERNAME and DBA_PASSWORD are specified.

Verification

List the steps needed to make sure this thing works

• Start msfconsole
• Create meterpreter session on server with access to TFS database
• Make sure the meterpreter runs under a user account with read access to the TFS database
• use post/windows/gather/tfs_secret_variables_decrypt
• run
• Verify result:
  
• Blogpost with more explanation will be added later.

[bwatters-r7]

Hi there! Thanks for the contribution, but I think the reason it has not gotten a lot of motion is that someone is going to need to test it, and not a lot of us have experience setting up TFS. It would be very helpful if you explained how you created your test environment, including the versions at play both for TFS and any underlying operating system. The requested documentation is a where this information normally resides, so if you get a chance, that's where the information should go. Once there's a clear path for testing and evaluating, I think this PR will get more attention.

[acammack-r7]

Echoing what @bwatters-r7 said above, it is hard for us to test these contributions on complicated/proprietary environments with documentation. I am closing this and adding the attic label, because it does look amazing and we don't want to lose track of it, but it also isn't currently making progress. You can learn about our new PR label on our wiki. Feel free to reopen when you have a chance to add documentation or instructions on how we can set up an environment to test.