Skip to content

Commit 1cd8e56

Browse files
committed
Formatting
1 parent c4e3045 commit 1cd8e56

File tree

5 files changed

+42
-43
lines changed

5 files changed

+42
-43
lines changed

documentation/modules/post/windows/gather/arp_scanner.md

Lines changed: 10 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -3,27 +3,27 @@
33
This Module will perform an ARP scan for a given IP range through a Meterpreter Session.
44

55
## Verification Steps
6-
1. Start `msfconsole`
6+
1. Start msfconsole
77
2. Get meterpreter session
8-
3. Do: `use post/windows/gather/arp_scanner`
9-
4. Do: `set SESSION <session id>`
10-
5. Do: `run`
8+
3. Do: ```use post/windows/gather/arp_scanner```
9+
4. Do: ```set SESSION <session id>```
10+
5. Do: ```run```
1111

1212
## Options
1313

14-
```
14+
***
1515
RHOSTS
16-
```
16+
***
1717
The target address range or CIDR identifier.
1818

19-
```
19+
***
2020
SESSION
21-
```
21+
***
2222
The session to run this module on.
2323

24-
```
24+
***
2525
THREADS
26-
```
26+
***
2727
The number of concurrent threads.
2828

2929
## Scenarios

documentation/modules/post/windows/gather/bitlocker_fvek.md

Lines changed: 13 additions & 13 deletions
Original file line numberDiff line numberDiff line change
@@ -3,28 +3,28 @@
33
This module enumerates ways to decrypt Bitlocker volume and if a recovery key is stored locally or can be generated, dump the Bitlocker master key (FVEK)
44

55
## Verification Steps
6-
1. Start `msfconsole`
6+
1. Start msfconsole
77
2. Get meterpreter session
8-
3. Do: `use post/windows/gather/bitlocker_fvek`
9-
4. Do: `set SESSION <session id>`
10-
5. Do: `set DRIVE_LETTER <letter>`
11-
6. Do: `run`
8+
3. Do: ```use post/windows/gather/bitlocker_fvek```
9+
4. Do: ```set SESSION <session id>```
10+
5. Do: ```set DRIVE_LETTER <letter>```
11+
6. Do: ```run```
1212

1313
## Options
1414

15-
```
15+
***
1616
DRIVE_LETTER
17-
```
18-
Dump informations from the DRIVE_LETTER encrypted with Bitlocker.
17+
***
18+
Dump information from the DRIVE_LETTER encrypted with Bitlocker.
1919

20-
```
20+
***
2121
RECOVERY_KEY
22-
```
22+
***
2323
Use the recovery key provided to decrypt the Bitlocker master key (FVEK).
2424

25-
```
25+
***
2626
SESSION
27-
```
27+
***
2828
The session to run this module on.
2929

3030
## Scenarios
@@ -49,7 +49,7 @@ This module enumerates ways to decrypt Bitlocker volume and if a recovery key is
4949
[+] This hard drive could later be decrypted using : dislocker -k <key_file> ...
5050
[*] Post Successful
5151
[*] Post module execution completed
52-
msf5 post(windows/gather/bitlocker_fvek) > sessions 1
52+
msf post(windows/gather/bitlocker_fvek) > sessions 1
5353
[*] Starting interaction with 1...
5454
5555
meterpreter > sysinfo

documentation/modules/post/windows/gather/cachedump.md

Lines changed: 6 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -3,17 +3,17 @@
33
This module uses the registry to extract the stored domain hashes that have been cached as a result of a GPO setting. The default setting on Windows is to store the last ten successful logins.
44

55
## Verification Steps
6-
1. Start `msfconsole`
6+
1. Start msfconsole
77
2. Get meterpreter session
8-
3. Do: `use post/windows/gather/cachedump`
9-
4. Do: `set SESSION <session id>`
10-
6. Do: `run`
8+
3. Do: ```use post/windows/gather/cachedump```
9+
4. Do: ```set SESSION <session id>```
10+
6. Do: ```run```
1111

1212
## Options
1313

14-
```
14+
***
1515
SESSION
16-
```
16+
***
1717
The session to run this module on.
1818

1919

documentation/modules/post/windows/gather/dnscache_dump.md

Lines changed: 7 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -3,17 +3,17 @@
33
This module displays the records stored in the DNS cache.
44

55
## Verification Steps
6-
1. Start `msfconsole`
6+
1. Start msfconsole
77
2. Get meterpreter session
8-
3. Do: `use post/windows/gather/dnscache_dump`
9-
4. Do: `set SESSION <session id>`
10-
6. Do: `run`
8+
3. Do: ```use post/windows/gather/dnscache_dump```
9+
4. Do: ```set SESSION <session id>```
10+
6. Do: ```run```
1111

1212
## Options
1313

14-
```
14+
***
1515
SESSION
16-
```
16+
***
1717
The session to run this module on.
1818

1919

@@ -24,7 +24,7 @@ This module displays the records stored in the DNS cache.
2424
```
2525
[*] Meterpreter session 1 opened (192.168.1.3:4444 -> 192.168.1.6:49184) at 2019-12-11 12:51:59 -0700
2626
27-
msf post(windows/gather/cachedump) > use post/windows/gather/dnscache_dump
27+
msf > use post/windows/gather/dnscache_dump
2828
msf post(windows/gather/dnscache_dump) > set SESSION 1
2929
SESSION => 1
3030
msf post(windows/gather/dnscache_dump) > run

documentation/modules/post/windows/gather/enum_applications.md

Lines changed: 6 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -3,17 +3,17 @@
33
This module will enumerate all installed applications on a Windows system.
44

55
## Verification Steps
6-
1. Start `msfconsole`
6+
1. Start msfconsole
77
2. Get meterpreter session
8-
3. Do: `use post/windows/gather/enum_applications`
9-
4. Do: `set SESSION <session id>`
10-
5. Do: `run`
8+
3. Do: ```use post/windows/gather/enum_applications```
9+
4. Do: ```set SESSION <session id>```
10+
5. Do: ```run```
1111

1212
## Options
1313

14-
```
14+
***
1515
SESSION
16-
```
16+
***
1717
The session to run this module on.
1818

1919
## Scenarios
@@ -36,7 +36,6 @@ This module will enumerate all installed applications on a Windows system.
3636
Name Version
3737
---- -------
3838
PuTTY release 0.73 0.73.0.0
39-
PuTTY release 0.73 0.73.0.0
4039
4140
4241
[+] Results stored in: /root/.msf4/loot/20191211092812_default_192.168.1.4_host.application_951840.txt

0 commit comments

Comments
 (0)