Hi Robin, Same thoughts here..a solution (perhaps weak..) that i have in mind would be to make a first run of multiscripts ...for gathering some info ...like the user..and set a persistence reverse connect... (thinking also at the right order of this multiscript queue..) then another script ...when the box comes back the second time ...for getting specific files related to previous gathered info...(docs and .pst..of course...) But i'm not so far in my test..cause at the moment i'm not able to see an already pwned box :/ ...for changing actions and over all use previous info for gettin interesting files automatically :/ David.
Il giorno 02/feb/2010, alle ore 22.48, Robin Wood <[email protected]> ha scritto: > I'm sure everyone has a set of files they look for when they get > access to a box. For example, I like to look through all the "My > Documents" and Desktop directories to see if there is anything useful > in there, I would also look for .pst files. > > I'm thinking of creating a Metasploit module, similar to winenum, > which will search the compromised machine for these files or check the > specified directories so having a good base list to start with would > be useful. > > Any suggestions? > > Robin > _______________________________________________ > Pauldotcom mailing list > [email protected] > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom > Main Web Site: http://pauldotcom.com > _______________________________________________ Pauldotcom mailing list [email protected] http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
