Skip to content

Commit cc2e734

Browse files
zeroSteinerzeroSteiner
committed
Clean up the data model, organize by authentication and trigger
1 parent 82c13a6 commit cc2e734

File tree

6 files changed

+1371
-522
lines changed

6 files changed

+1371
-522
lines changed

data/neo4j_transforms.yml

Lines changed: 116 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -36,10 +36,18 @@ platform_edits:
3636

3737
# Artisanal property modifications for specific modules
3838
module_edits:
39+
auxiliary/analyze/crack_windows:
40+
add:
41+
authentication_in:
42+
- hash/net-ntlm
43+
- hash/ntlm
44+
authentication_out:
45+
- plaintext
46+
3947
auxiliary/admin/dcerpc/icpr_cert:
4048
add:
4149
authentication_out:
42-
- schannel
50+
- certificate
4351

4452
auxiliary/admin/kerberos/forge_ticket:
4553
add:
@@ -52,15 +60,15 @@ module_edits:
5260
add:
5361
authentication_in:
5462
- plaintext
55-
- schannel # schannel isn't quite the right term but we'll use it as an alias for cert-based
63+
- certificate
5664
authentication_out:
5765
- kerberos
5866

5967
auxiliary/admin/ldap/bad_successor:
6068
remove:
6169
authentication_in:
6270
- kerberos
63-
- schannel
71+
- certificate
6472

6573
auxiliary/admin/sccm/get_naa_credentials:
6674
add:
@@ -71,9 +79,19 @@ module_edits:
7179
add:
7280
authentication_out:
7381
- plaintext
74-
- ntlm
82+
- hash/ntlm
7583
- kerberos/keys
7684

85+
auxiliary/scanner/dcerpc/dfscoerce:
86+
add:
87+
trigger_out:
88+
- coercion/smb
89+
90+
auxiliary/scanner/dcerpc/petitpotam:
91+
add:
92+
trigger_out:
93+
- coercion/smb
94+
7795
auxiliary/scanner/ldap/ldap_login:
7896
add:
7997
authentication_out:
@@ -98,89 +116,178 @@ module_edits:
98116
add:
99117
authentication_out:
100118
- plaintext
119+
trigger_in:
120+
- coercion
101121

102122
auxiliary/server/capture/ftp:
103123
add:
104124
authentication_out:
105125
- plaintext
126+
trigger_in:
127+
- coercion
106128

107129
auxiliary/server/capture/imap:
108130
add:
109131
authentication_out:
110132
- plaintext
133+
trigger_in:
134+
- coercion
111135

112136
auxiliary/server/capture/ldap:
113137
add:
114138
authentication_out:
115139
- plaintext
140+
trigger_in:
141+
- coercion
116142

117143
auxiliary/server/capture/mssql:
118144
add:
119145
authentication_out:
120146
- plaintext
147+
trigger_in:
148+
- coercion
121149

122150
auxiliary/server/capture/mysql:
123151
add:
124152
authentication_out:
125153
- plaintext
154+
trigger_in:
155+
- coercion
126156

127157
auxiliary/server/capture/pop3:
128158
add:
129159
authentication_out:
130160
- plaintext
161+
trigger_in:
162+
- coercion
131163

132164
auxiliary/server/capture/postgresql:
133165
add:
134166
authentication_out:
135167
- plaintext
168+
trigger_in:
169+
- coercion
136170

137171
auxiliary/server/capture/printjob_capture:
138172
add:
139173
authentication_out:
140174
- plaintext
175+
trigger_in:
176+
- coercion
141177

142178
auxiliary/server/capture/sip:
143179
add:
144180
authentication_out:
145181
- plaintext
182+
trigger_in:
183+
- coercion
146184

147185
auxiliary/server/capture/smb:
148186
add:
149187
authentication_out:
150-
- ntlm
151-
- plaintext
188+
- hash/net-ntlm
189+
trigger_in:
190+
- coercion
191+
- coercion/smb
152192

153193
auxiliary/server/capture/smtp:
154194
add:
155195
authentication_out:
156196
- plaintext
197+
trigger_in:
198+
- coercion
157199

158200
auxiliary/server/capture/telnet:
159201
add:
160202
authentication_out:
161203
- plaintext
204+
trigger_in:
205+
- coercion
162206

163207
auxiliary/server/capture/vnc:
164208
add:
165209
authentication_out:
166210
- plaintext
211+
trigger_in:
212+
- coercion
213+
214+
auxiliary/server/relay/esc8:
215+
add:
216+
authentication_out:
217+
- certificate
218+
- hash/net-ntlm
219+
trigger_in:
220+
- coercion
221+
- coercion/smb
167222

168223
auxiliary/server/relay/relay_get_naa_credentials:
169224
add:
170225
authentication_out:
226+
- hash/net-ntlm
171227
- plaintext
228+
trigger_in:
229+
- coercion
230+
- coercion/smb
231+
232+
auxiliary/server/relay/smb_to_ldap:
233+
add:
234+
authentication_out:
235+
- hash/net-ntlm
236+
- session/ldap
237+
session_out:
238+
- ldap
239+
trigger_in:
240+
- coercion
241+
- coercion/smb
242+
243+
auxiliary/server/relay/smb_to_mssql:
244+
add:
245+
authentication_out:
246+
- hash/net-ntlm
247+
- session/mssql
248+
session_out:
249+
- mssql
250+
trigger_in:
251+
- coercion
252+
- coercion/smb
253+
254+
auxiliary/spoof/llmnr/llmnr_response:
255+
add:
256+
trigger_out:
257+
- coercion
258+
259+
auxiliary/spoof/mdns/mdns_response:
260+
add:
261+
trigger_out:
262+
- coercion
263+
264+
auxiliary/spoof/nbns/nbns_response:
265+
add:
266+
trigger_out:
267+
- coercion
268+
269+
exploit/windows/smb/smb_relay:
270+
add:
271+
authentication_out:
272+
- hash/net-ntlm
273+
- session/smb
274+
session_out:
275+
- smb
276+
trigger_in:
277+
- coercion
278+
- coercion/smb
172279

173280
post/windows/gather/hashdump:
174281
add:
175282
authentication_out:
176-
- ntlm
283+
- hash/ntlm
177284

178285
post/windows/gather/smart_hashdump:
179286
add:
180287
authentication_out:
181-
- ntlm
288+
- hash/ntlm
182289

183290
post/windows/manage/kerberos_tickets:
184291
add:
185292
authentication_out:
186-
- kerberos
293+
- kerberos

0 commit comments

Comments
 (0)