From 3aaab1a0e0f09b6362c6d7cc1ea4864f3e4bfc27 Mon Sep 17 00:00:00 2001 From: Paul White Date: Sun, 12 Jan 2014 22:15:42 -0500 Subject: [PATCH 1/9] Add Meterpreter Commands --- msf/meterpreter.md | 141 ++++++++++++++++++++++++++++++++++++++++++++- 1 file changed, 139 insertions(+), 2 deletions(-) diff --git a/msf/meterpreter.md b/msf/meterpreter.md index ce411ec..004707f 100644 --- a/msf/meterpreter.md +++ b/msf/meterpreter.md @@ -1,3 +1,140 @@ -# Meterpreter +Core Commands +============= + + Command Description + ------- ----------- + ? Help menu + background Backgrounds the current session + bgkill Kills a background meterpreter script + bglist Lists running background scripts + bgrun Executes a meterpreter script as a background thread + channel Displays information about active channels + close Closes a channel + disable_unicode_encoding Disables encoding of unicode strings + enable_unicode_encoding Enables encoding of unicode strings + exit Terminate the meterpreter session + help Help menu + info Displays information about a Post module + interact Interacts with a channel + irb Drop into irb scripting mode + load Load one or more meterpreter extensions + migrate Migrate the server to another process + quit Terminate the meterpreter session + read Reads data from a channel + resource Run the commands stored in a file + run Executes a meterpreter script or Post module + use Deprecated alias for 'load' + write Writes data to a channel + + +Stdapi: File system Commands +============================ + + Command Description + ------- ----------- + cat Read the contents of a file to the screen + cd Change directory + download Download a file or directory + edit Edit a file + getlwd Print local working directory + getwd Print working directory + lcd Change local working directory + lpwd Print local working directory + ls List files + mkdir Make directory + mv Move source to destination + pwd Print working directory + rm Delete the specified file + rmdir Remove directory + search Search for files + upload Upload a file or directory + + +Stdapi: Networking Commands +=========================== + + Command Description + ------- ----------- + arp Display the host ARP cache + getproxy Display the current proxy configuration + ifconfig Display interfaces + ipconfig Display interfaces + netstat Display the network connections + portfwd Forward a local port to a remote service + route View and modify the routing table + + +Stdapi: System Commands +======================= + + Command Description + ------- ----------- + clearev Clear the event log + drop_token Relinquishes any active impersonation token. + execute Execute a command + getenv Get one or more environment variable values + getpid Get the current process identifier + getprivs Attempt to enable all privileges available to the current process + getuid Get the user that the server is running as + kill Terminate a process + ps List running processes + reboot Reboots the remote computer + reg Modify and interact with the remote registry + rev2self Calls RevertToSelf() on the remote machine + shell Drop into a system command shell + shutdown Shuts down the remote computer + steal_token Attempts to steal an impersonation token from the target process + suspend Suspends or resumes a list of processes + sysinfo Gets information about the remote system, such as OS + + +Stdapi: User interface Commands +=============================== + + Command Description + ------- ----------- + enumdesktops List all accessible desktops and window stations + getdesktop Get the current meterpreter desktop + idletime Returns the number of seconds the remote user has been idle + keyscan_dump Dump the keystroke buffer + keyscan_start Start capturing keystrokes + keyscan_stop Stop capturing keystrokes + screenshot Grab a screenshot of the interactive desktop + setdesktop Change the meterpreters current desktop + uictl Control some of the user interface components + + +Stdapi: Webcam Commands +======================= + + Command Description + ------- ----------- + record_mic Record audio from the default microphone for X seconds + webcam_list List webcams + webcam_snap Take a snapshot from the specified webcam + webcam_stream Play a video stream from the specified webcam + + +Priv: Elevate Commands +====================== + + Command Description + ------- ----------- + getsystem Attempt to elevate your privilege to that of local system. + + +Priv: Password database Commands +================================ + + Command Description + ------- ----------- + hashdump Dumps the contents of the SAM database + + +Priv: Timestomp Commands +======================== + + Command Description + ------- ----------- + timestomp Manipulate file MACE attributes -Just the commands built in to meterpreter, post modules and railgun are in their own sections. From e3c7134e0ea9ac9824359572ae3b445c445fdbb8 Mon Sep 17 00:00:00 2001 From: Paul White Date: Mon, 13 Jan 2014 15:13:55 -0500 Subject: [PATCH 2/9] Added side bar navigation and began work on sections for each meterpreter flavor --- msf/meterpreter.md | 141 +------------------------------------ msf/windows_meterpreter.md | 140 ++++++++++++++++++++++++++++++++++++ 2 files changed, 143 insertions(+), 138 deletions(-) create mode 100644 msf/windows_meterpreter.md diff --git a/msf/meterpreter.md b/msf/meterpreter.md index 004707f..0697584 100644 --- a/msf/meterpreter.md +++ b/msf/meterpreter.md @@ -1,140 +1,5 @@ -Core Commands -============= +# Meterpreter - Command Description - ------- ----------- - ? Help menu - background Backgrounds the current session - bgkill Kills a background meterpreter script - bglist Lists running background scripts - bgrun Executes a meterpreter script as a background thread - channel Displays information about active channels - close Closes a channel - disable_unicode_encoding Disables encoding of unicode strings - enable_unicode_encoding Enables encoding of unicode strings - exit Terminate the meterpreter session - help Help menu - info Displays information about a Post module - interact Interacts with a channel - irb Drop into irb scripting mode - load Load one or more meterpreter extensions - migrate Migrate the server to another process - quit Terminate the meterpreter session - read Reads data from a channel - resource Run the commands stored in a file - run Executes a meterpreter script or Post module - use Deprecated alias for 'load' - write Writes data to a channel - - -Stdapi: File system Commands -============================ - - Command Description - ------- ----------- - cat Read the contents of a file to the screen - cd Change directory - download Download a file or directory - edit Edit a file - getlwd Print local working directory - getwd Print working directory - lcd Change local working directory - lpwd Print local working directory - ls List files - mkdir Make directory - mv Move source to destination - pwd Print working directory - rm Delete the specified file - rmdir Remove directory - search Search for files - upload Upload a file or directory - - -Stdapi: Networking Commands -=========================== - - Command Description - ------- ----------- - arp Display the host ARP cache - getproxy Display the current proxy configuration - ifconfig Display interfaces - ipconfig Display interfaces - netstat Display the network connections - portfwd Forward a local port to a remote service - route View and modify the routing table - - -Stdapi: System Commands -======================= - - Command Description - ------- ----------- - clearev Clear the event log - drop_token Relinquishes any active impersonation token. - execute Execute a command - getenv Get one or more environment variable values - getpid Get the current process identifier - getprivs Attempt to enable all privileges available to the current process - getuid Get the user that the server is running as - kill Terminate a process - ps List running processes - reboot Reboots the remote computer - reg Modify and interact with the remote registry - rev2self Calls RevertToSelf() on the remote machine - shell Drop into a system command shell - shutdown Shuts down the remote computer - steal_token Attempts to steal an impersonation token from the target process - suspend Suspends or resumes a list of processes - sysinfo Gets information about the remote system, such as OS - - -Stdapi: User interface Commands -=============================== - - Command Description - ------- ----------- - enumdesktops List all accessible desktops and window stations - getdesktop Get the current meterpreter desktop - idletime Returns the number of seconds the remote user has been idle - keyscan_dump Dump the keystroke buffer - keyscan_start Start capturing keystrokes - keyscan_stop Stop capturing keystrokes - screenshot Grab a screenshot of the interactive desktop - setdesktop Change the meterpreters current desktop - uictl Control some of the user interface components - - -Stdapi: Webcam Commands -======================= - - Command Description - ------- ----------- - record_mic Record audio from the default microphone for X seconds - webcam_list List webcams - webcam_snap Take a snapshot from the specified webcam - webcam_stream Play a video stream from the specified webcam - - -Priv: Elevate Commands -====================== - - Command Description - ------- ----------- - getsystem Attempt to elevate your privilege to that of local system. - - -Priv: Password database Commands -================================ - - Command Description - ------- ----------- - hashdump Dumps the contents of the SAM database - - -Priv: Timestomp Commands -======================== - - Command Description - ------- ----------- - timestomp Manipulate file MACE attributes +Commands for the various flavors of meterpreter. +* [Windows](windows_meterpreter.md) - Windows Meterpreter diff --git a/msf/windows_meterpreter.md b/msf/windows_meterpreter.md new file mode 100644 index 0000000..8460f5c --- /dev/null +++ b/msf/windows_meterpreter.md @@ -0,0 +1,140 @@ +Core Commands +---------------------- + + Command Description + ------- ----------- + ? Help menu + background Backgrounds the current session + bgkill Kills a background meterpreter script + bglist Lists running background scripts + bgrun Executes a meterpreter script as a background thread + channel Displays information about active channels + close Closes a channel + disable_unicode_encoding Disables encoding of unicode strings + enable_unicode_encoding Enables encoding of unicode strings + exit Terminate the meterpreter session + help Help menu + info Displays information about a Post module + interact Interacts with a channel + irb Drop into irb scripting mode + load Load one or more meterpreter extensions + migrate Migrate the server to another process + quit Terminate the meterpreter session + read Reads data from a channel + resource Run the commands stored in a file + run Executes a meterpreter script or Post module + use Deprecated alias for 'load' + write Writes data to a channel + + +Stdapi: File system Commands +---------------------- + + Command Description + ------- ----------- + cat Read the contents of a file to the screen + cd Change directory + download Download a file or directory + edit Edit a file + getlwd Print local working directory + getwd Print working directory + lcd Change local working directory + lpwd Print local working directory + ls List files + mkdir Make directory + mv Move source to destination + pwd Print working directory + rm Delete the specified file + rmdir Remove directory + search Search for files + upload Upload a file or directory + + +Stdapi: Networking Commands +---------------------- + + Command Description + ------- ----------- + arp Display the host ARP cache + getproxy Display the current proxy configuration + ifconfig Display interfaces + ipconfig Display interfaces + netstat Display the network connections + portfwd Forward a local port to a remote service + route View and modify the routing table + + +Stdapi: System Commands +---------------------- + + Command Description + ------- ----------- + clearev Clear the event log + drop_token Relinquishes any active impersonation token. + execute Execute a command + getenv Get one or more environment variable values + getpid Get the current process identifier + getprivs Attempt to enable all privileges available to the current process + getuid Get the user that the server is running as + kill Terminate a process + ps List running processes + reboot Reboots the remote computer + reg Modify and interact with the remote registry + rev2self Calls RevertToSelf() on the remote machine + shell Drop into a system command shell + shutdown Shuts down the remote computer + steal_token Attempts to steal an impersonation token from the target process + suspend Suspends or resumes a list of processes + sysinfo Gets information about the remote system, such as OS + + +Stdapi: User interface Commands +---------------------- + + Command Description + ------- ----------- + enumdesktops List all accessible desktops and window stations + getdesktop Get the current meterpreter desktop + idletime Returns the number of seconds the remote user has been idle + keyscan_dump Dump the keystroke buffer + keyscan_start Start capturing keystrokes + keyscan_stop Stop capturing keystrokes + screenshot Grab a screenshot of the interactive desktop + setdesktop Change the meterpreters current desktop + uictl Control some of the user interface components + + +Stdapi: Webcam Commands +---------------------- + + Command Description + ------- ----------- + record_mic Record audio from the default microphone for X seconds + webcam_list List webcams + webcam_snap Take a snapshot from the specified webcam + webcam_stream Play a video stream from the specified webcam + + +Priv: Elevate Commands +---------------------- + + Command Description + ------- ----------- + getsystem Attempt to elevate your privilege to that of local system. + + +Priv: Password database Commands +---------------------- + + Command Description + ------- ----------- + hashdump Dumps the contents of the SAM database + + +Priv: Timestomp Commands +---------------------- + + Command Description + ------- ----------- + timestomp Manipulate file MACE attributes + From 49040a34306bef5ae28a6f55715ec58a869b1105 Mon Sep 17 00:00:00 2001 From: Paul White Date: Mon, 13 Jan 2014 19:00:22 -0500 Subject: [PATCH 3/9] Added Android Meterpreter --- msf/android_meterpreter.md | 83 ++++++++++++++++++++++++++++++++++++++ msf/meterpreter.md | 1 + 2 files changed, 84 insertions(+) create mode 100644 msf/android_meterpreter.md diff --git a/msf/android_meterpreter.md b/msf/android_meterpreter.md new file mode 100644 index 0000000..dc36ceb --- /dev/null +++ b/msf/android_meterpreter.md @@ -0,0 +1,83 @@ +Core Commands +---------------------- + + Command Description + ------- ----------- + ? Help menu + background Backgrounds the current session + bgkill Kills a background meterpreter script + bglist Lists running background scripts + bgrun Executes a meterpreter script as a background thread + channel Displays information about active channels + close Closes a channel + disable_unicode_encoding Disables encoding of unicode strings + enable_unicode_encoding Enables encoding of unicode strings + exit Terminate the meterpreter session + help Help menu + info Displays information about a Post module + interact Interacts with a channel + irb Drop into irb scripting mode + load Load one or more meterpreter extensions + quit Terminate the meterpreter session + read Reads data from a channel + resource Run the commands stored in a file + run Executes a meterpreter script or Post module + use Deprecated alias for 'load' + write Writes data to a channel + + +Stdapi: File system Commands +---------------------- + + Command Description + ------- ----------- + cat Read the contents of a file to the screen + cd Change directory + download Download a file or directory + edit Edit a file + getlwd Print local working directory + getwd Print working directory + lcd Change local working directory + lpwd Print local working directory + ls List files + mkdir Make directory + pwd Print working directory + rm Delete the specified file + rmdir Remove directory + search Search for files + upload Upload a file or directory + + +Stdapi: Networking Commands +---------------------- + + Command Description + ------- ----------- + ifconfig Display interfaces + ipconfig Display interfaces + portfwd Forward a local port to a remote service + route View and modify the routing table + + +Stdapi: System Commands +---------------------- + + Command Description + ------- ----------- + execute Execute a command + getuid Get the user that the server is running as + ps List running processes + shell Drop into a system command shell + sysinfo Gets information about the remote system, such as OS + + +Stdapi: Webcam Commands +---------------------- + + Command Description + ------- ----------- + record_mic Record audio from the default microphone for X seconds + webcam_list List webcams + webcam_snap Take a snapshot from the specified webcam + webcam_stream Play a video stream from the specified webcam + diff --git a/msf/meterpreter.md b/msf/meterpreter.md index 0697584..61e3d12 100644 --- a/msf/meterpreter.md +++ b/msf/meterpreter.md @@ -3,3 +3,4 @@ Commands for the various flavors of meterpreter. * [Windows](windows_meterpreter.md) - Windows Meterpreter +* [Android](android_meterpreter.md) - Android Meterpreter From 6ce37635e5290c1c23024c6c00c2aefa093ab245 Mon Sep 17 00:00:00 2001 From: Paul White Date: Mon, 13 Jan 2014 22:34:17 -0500 Subject: [PATCH 4/9] Added Java, Linux, and PHP Meterpreter + Created folder for files linked to meterpreter.md --- msf/meterpreter.md | 7 +- msf/meterpreter_files/android_meterpreter.md | 83 +++++++++++ msf/meterpreter_files/java_meterpreter.md | 88 ++++++++++++ msf/meterpreter_files/linux_meterpreter.md | 79 +++++++++++ msf/meterpreter_files/php_meterpreter.md | 71 ++++++++++ msf/meterpreter_files/windows_meterpreter.md | 140 +++++++++++++++++++ 6 files changed, 466 insertions(+), 2 deletions(-) create mode 100644 msf/meterpreter_files/android_meterpreter.md create mode 100644 msf/meterpreter_files/java_meterpreter.md create mode 100644 msf/meterpreter_files/linux_meterpreter.md create mode 100644 msf/meterpreter_files/php_meterpreter.md create mode 100644 msf/meterpreter_files/windows_meterpreter.md diff --git a/msf/meterpreter.md b/msf/meterpreter.md index 61e3d12..6f1078f 100644 --- a/msf/meterpreter.md +++ b/msf/meterpreter.md @@ -2,5 +2,8 @@ Commands for the various flavors of meterpreter. -* [Windows](windows_meterpreter.md) - Windows Meterpreter -* [Android](android_meterpreter.md) - Android Meterpreter +* [Windows](meterpreter_files/windows_meterpreter.md) - Windows Meterpreter +* [Linux](meterpreter_files/linux_meterpreter.md) - Linux Meterpreter +* [Java](meterpreter_files/java_meterpreter.md) - Java Meterpreter +* [PHP](meterpreter_files/php_meterpreter.md) - PHP Meterpreter +* [Android](meterpreter_files/android_meterpreter.md) - Android Meterpreter diff --git a/msf/meterpreter_files/android_meterpreter.md b/msf/meterpreter_files/android_meterpreter.md new file mode 100644 index 0000000..dc36ceb --- /dev/null +++ b/msf/meterpreter_files/android_meterpreter.md @@ -0,0 +1,83 @@ +Core Commands +---------------------- + + Command Description + ------- ----------- + ? Help menu + background Backgrounds the current session + bgkill Kills a background meterpreter script + bglist Lists running background scripts + bgrun Executes a meterpreter script as a background thread + channel Displays information about active channels + close Closes a channel + disable_unicode_encoding Disables encoding of unicode strings + enable_unicode_encoding Enables encoding of unicode strings + exit Terminate the meterpreter session + help Help menu + info Displays information about a Post module + interact Interacts with a channel + irb Drop into irb scripting mode + load Load one or more meterpreter extensions + quit Terminate the meterpreter session + read Reads data from a channel + resource Run the commands stored in a file + run Executes a meterpreter script or Post module + use Deprecated alias for 'load' + write Writes data to a channel + + +Stdapi: File system Commands +---------------------- + + Command Description + ------- ----------- + cat Read the contents of a file to the screen + cd Change directory + download Download a file or directory + edit Edit a file + getlwd Print local working directory + getwd Print working directory + lcd Change local working directory + lpwd Print local working directory + ls List files + mkdir Make directory + pwd Print working directory + rm Delete the specified file + rmdir Remove directory + search Search for files + upload Upload a file or directory + + +Stdapi: Networking Commands +---------------------- + + Command Description + ------- ----------- + ifconfig Display interfaces + ipconfig Display interfaces + portfwd Forward a local port to a remote service + route View and modify the routing table + + +Stdapi: System Commands +---------------------- + + Command Description + ------- ----------- + execute Execute a command + getuid Get the user that the server is running as + ps List running processes + shell Drop into a system command shell + sysinfo Gets information about the remote system, such as OS + + +Stdapi: Webcam Commands +---------------------- + + Command Description + ------- ----------- + record_mic Record audio from the default microphone for X seconds + webcam_list List webcams + webcam_snap Take a snapshot from the specified webcam + webcam_stream Play a video stream from the specified webcam + diff --git a/msf/meterpreter_files/java_meterpreter.md b/msf/meterpreter_files/java_meterpreter.md new file mode 100644 index 0000000..3e5b270 --- /dev/null +++ b/msf/meterpreter_files/java_meterpreter.md @@ -0,0 +1,88 @@ +Core Commands +---------------------- + + Command Description + ------- ----------- + ? Help menu + background Backgrounds the current session + bgkill Kills a background meterpreter script + bglist Lists running background scripts + bgrun Executes a meterpreter script as a background thread + channel Displays information about active channels + close Closes a channel + disable_unicode_encoding Disables encoding of unicode strings + enable_unicode_encoding Enables encoding of unicode strings + exit Terminate the meterpreter session + help Help menu + info Displays information about a Post module + interact Interacts with a channel + irb Drop into irb scripting mode + load Load one or more meterpreter extensions + quit Terminate the meterpreter session + read Reads data from a channel + resource Run the commands stored in a file + run Executes a meterpreter script or Post module + use Deprecated alias for 'load' + write Writes data to a channel + + +Stdapi: File system Commands +---------------------- + + Command Description + ------- ----------- + cat Read the contents of a file to the screen + cd Change directory + download Download a file or directory + edit Edit a file + getlwd Print local working directory + getwd Print working directory + lcd Change local working directory + lpwd Print local working directory + ls List files + mkdir Make directory + pwd Print working directory + rm Delete the specified file + rmdir Remove directory + search Search for files + upload Upload a file or directory + + +Stdapi: Networking Commands +---------------------- + + Command Description + ------- ----------- + ifconfig Display interfaces + ipconfig Display interfaces + portfwd Forward a local port to a remote service + route View and modify the routing table + + +Stdapi: System Commands +---------------------- + + Command Description + ------- ----------- + execute Execute a command + getuid Get the user that the server is running as + ps List running processes + shell Drop into a system command shell + sysinfo Gets information about the remote system, such as OS + + +Stdapi: User interface Commands +---------------------- + + Command Description + ------- ----------- + screenshot Grab a screenshot of the interactive desktop + + +Stdapi: Webcam Commands +---------------------- + + Command Description + ------- ----------- + record_mic Record audio from the default microphone for X seconds + diff --git a/msf/meterpreter_files/linux_meterpreter.md b/msf/meterpreter_files/linux_meterpreter.md new file mode 100644 index 0000000..566f143 --- /dev/null +++ b/msf/meterpreter_files/linux_meterpreter.md @@ -0,0 +1,79 @@ +Core Commands +---------------------- + + Command Description + ------- ----------- + ? Help menu + background Backgrounds the current session + bgkill Kills a background meterpreter script + bglist Lists running background scripts + bgrun Executes a meterpreter script as a background thread + channel Displays information about active channels + close Closes a channel + disable_unicode_encoding Disables encoding of unicode strings + enable_unicode_encoding Enables encoding of unicode strings + exit Terminate the meterpreter session + help Help menu + info Displays information about a Post module + interact Interacts with a channel + irb Drop into irb scripting mode + load Load one or more meterpreter extensions + quit Terminate the meterpreter session + read Reads data from a channel + resource Run the commands stored in a file + run Executes a meterpreter script or Post module + use Deprecated alias for 'load' + write Writes data to a channel + + +Stdapi: File system Commands +---------------------- + + Command Description + ------- ----------- + cat Read the contents of a file to the screen + cd Change directory + download Download a file or directory + edit Edit a file + getlwd Print local working directory + getwd Print working directory + lcd Change local working directory + lpwd Print local working directory + ls List files + mkdir Make directory + mv Move source to destination + pwd Print working directory + rm Delete the specified file + rmdir Remove directory + upload Upload a file or directory + + +Stdapi: Networking Commands +---------------------- + + Command Description + ------- ----------- + arp Display the host ARP cache + ifconfig Display interfaces + ipconfig Display interfaces + netstat Display the network connections + portfwd Forward a local port to a remote service + route View and modify the routing table + + +Stdapi: System Commands +---------------------- + + Command Description + ------- ----------- + execute Execute a command + getpid Get the current process identifier + getprivs Attempt to enable all privileges available to the current process + getuid Get the user that the server is running as + kill Terminate a process + ps List running processes + rev2self Calls RevertToSelf() on the remote machine + shell Drop into a system command shell + suspend Suspends or resumes a list of processes + sysinfo Gets information about the remote system, such as OS + diff --git a/msf/meterpreter_files/php_meterpreter.md b/msf/meterpreter_files/php_meterpreter.md new file mode 100644 index 0000000..4b7d062 --- /dev/null +++ b/msf/meterpreter_files/php_meterpreter.md @@ -0,0 +1,71 @@ +Core Commands +---------------------- + + Command Description + ------- ----------- + ? Help menu + background Backgrounds the current session + bgkill Kills a background meterpreter script + bglist Lists running background scripts + bgrun Executes a meterpreter script as a background thread + channel Displays information about active channels + close Closes a channel + disable_unicode_encoding Disables encoding of unicode strings + enable_unicode_encoding Enables encoding of unicode strings + exit Terminate the meterpreter session + help Help menu + info Displays information about a Post module + interact Interacts with a channel + irb Drop into irb scripting mode + load Load one or more meterpreter extensions + quit Terminate the meterpreter session + read Reads data from a channel + resource Run the commands stored in a file + run Executes a meterpreter script or Post module + use Deprecated alias for 'load' + write Writes data to a channel + + +Stdapi: File system Commands +---------------------- + + Command Description + ------- ----------- + cat Read the contents of a file to the screen + cd Change directory + download Download a file or directory + edit Edit a file + getlwd Print local working directory + getwd Print working directory + lcd Change local working directory + lpwd Print local working directory + ls List files + mkdir Make directory + pwd Print working directory + rm Delete the specified file + rmdir Remove directory + search Search for files + upload Upload a file or directory + + +Stdapi: Networking Commands +---------------------- + + Command Description + ------- ----------- + portfwd Forward a local port to a remote service + + +Stdapi: System Commands +---------------------- + + Command Description + ------- ----------- + execute Execute a command + getenv Get one or more environment variable values + getpid Get the current process identifier + getuid Get the user that the server is running as + kill Terminate a process + ps List running processes + shell Drop into a system command shell + sysinfo Gets information about the remote system, such as OS diff --git a/msf/meterpreter_files/windows_meterpreter.md b/msf/meterpreter_files/windows_meterpreter.md new file mode 100644 index 0000000..8460f5c --- /dev/null +++ b/msf/meterpreter_files/windows_meterpreter.md @@ -0,0 +1,140 @@ +Core Commands +---------------------- + + Command Description + ------- ----------- + ? Help menu + background Backgrounds the current session + bgkill Kills a background meterpreter script + bglist Lists running background scripts + bgrun Executes a meterpreter script as a background thread + channel Displays information about active channels + close Closes a channel + disable_unicode_encoding Disables encoding of unicode strings + enable_unicode_encoding Enables encoding of unicode strings + exit Terminate the meterpreter session + help Help menu + info Displays information about a Post module + interact Interacts with a channel + irb Drop into irb scripting mode + load Load one or more meterpreter extensions + migrate Migrate the server to another process + quit Terminate the meterpreter session + read Reads data from a channel + resource Run the commands stored in a file + run Executes a meterpreter script or Post module + use Deprecated alias for 'load' + write Writes data to a channel + + +Stdapi: File system Commands +---------------------- + + Command Description + ------- ----------- + cat Read the contents of a file to the screen + cd Change directory + download Download a file or directory + edit Edit a file + getlwd Print local working directory + getwd Print working directory + lcd Change local working directory + lpwd Print local working directory + ls List files + mkdir Make directory + mv Move source to destination + pwd Print working directory + rm Delete the specified file + rmdir Remove directory + search Search for files + upload Upload a file or directory + + +Stdapi: Networking Commands +---------------------- + + Command Description + ------- ----------- + arp Display the host ARP cache + getproxy Display the current proxy configuration + ifconfig Display interfaces + ipconfig Display interfaces + netstat Display the network connections + portfwd Forward a local port to a remote service + route View and modify the routing table + + +Stdapi: System Commands +---------------------- + + Command Description + ------- ----------- + clearev Clear the event log + drop_token Relinquishes any active impersonation token. + execute Execute a command + getenv Get one or more environment variable values + getpid Get the current process identifier + getprivs Attempt to enable all privileges available to the current process + getuid Get the user that the server is running as + kill Terminate a process + ps List running processes + reboot Reboots the remote computer + reg Modify and interact with the remote registry + rev2self Calls RevertToSelf() on the remote machine + shell Drop into a system command shell + shutdown Shuts down the remote computer + steal_token Attempts to steal an impersonation token from the target process + suspend Suspends or resumes a list of processes + sysinfo Gets information about the remote system, such as OS + + +Stdapi: User interface Commands +---------------------- + + Command Description + ------- ----------- + enumdesktops List all accessible desktops and window stations + getdesktop Get the current meterpreter desktop + idletime Returns the number of seconds the remote user has been idle + keyscan_dump Dump the keystroke buffer + keyscan_start Start capturing keystrokes + keyscan_stop Stop capturing keystrokes + screenshot Grab a screenshot of the interactive desktop + setdesktop Change the meterpreters current desktop + uictl Control some of the user interface components + + +Stdapi: Webcam Commands +---------------------- + + Command Description + ------- ----------- + record_mic Record audio from the default microphone for X seconds + webcam_list List webcams + webcam_snap Take a snapshot from the specified webcam + webcam_stream Play a video stream from the specified webcam + + +Priv: Elevate Commands +---------------------- + + Command Description + ------- ----------- + getsystem Attempt to elevate your privilege to that of local system. + + +Priv: Password database Commands +---------------------- + + Command Description + ------- ----------- + hashdump Dumps the contents of the SAM database + + +Priv: Timestomp Commands +---------------------- + + Command Description + ------- ----------- + timestomp Manipulate file MACE attributes + From db859566ea8a2e136e71a5ff7401f013323ca0ab Mon Sep 17 00:00:00 2001 From: Paul White Date: Tue, 14 Jan 2014 14:45:07 -0500 Subject: [PATCH 5/9] Added Python Meterpreter --- msf/meterpreter.md | 1 + msf/meterpreter_files/python_meterpreter.md | 72 +++++++++++++++++++++ 2 files changed, 73 insertions(+) create mode 100644 msf/meterpreter_files/python_meterpreter.md diff --git a/msf/meterpreter.md b/msf/meterpreter.md index 6f1078f..710a498 100644 --- a/msf/meterpreter.md +++ b/msf/meterpreter.md @@ -6,4 +6,5 @@ Commands for the various flavors of meterpreter. * [Linux](meterpreter_files/linux_meterpreter.md) - Linux Meterpreter * [Java](meterpreter_files/java_meterpreter.md) - Java Meterpreter * [PHP](meterpreter_files/php_meterpreter.md) - PHP Meterpreter +* [Python](meterpreter_files/python_meterpreter.md) - Python Meterpreter * [Android](meterpreter_files/android_meterpreter.md) - Android Meterpreter diff --git a/msf/meterpreter_files/python_meterpreter.md b/msf/meterpreter_files/python_meterpreter.md new file mode 100644 index 0000000..22aa541 --- /dev/null +++ b/msf/meterpreter_files/python_meterpreter.md @@ -0,0 +1,72 @@ +Core Commands +---------------------- + + Command Description + ------- ----------- + ? Help menu + background Backgrounds the current session + bgkill Kills a background meterpreter script + bglist Lists running background scripts + bgrun Executes a meterpreter script as a background thread + channel Displays information about active channels + close Closes a channel + disable_unicode_encoding Disables encoding of unicode strings + enable_unicode_encoding Enables encoding of unicode strings + exit Terminate the meterpreter session + help Help menu + info Displays information about a Post module + interact Interacts with a channel + irb Drop into irb scripting mode + load Load one or more meterpreter extensions + quit Terminate the meterpreter session + read Reads data from a channel + resource Run the commands stored in a file + run Executes a meterpreter script or Post module + use Deprecated alias for 'load' + write Writes data to a channel + + +Stdapi: File system Commands +---------------------- + + Command Description + ------- ----------- + cat Read the contents of a file to the screen + cd Change directory + download Download a file or directory + edit Edit a file + getlwd Print local working directory + getwd Print working directory + lcd Change local working directory + lpwd Print local working directory + ls List files + mkdir Make directory + mv Move source to destination + pwd Print working directory + rm Delete the specified file + rmdir Remove directory + search Search for files + upload Upload a file or directory + + +Stdapi: Networking Commands +---------------------- + + Command Description + ------- ----------- + portfwd Forward a local port to a remote service + + +Stdapi: System Commands +---------------------- + + Command Description + ------- ----------- + execute Execute a command + getenv Get one or more environment variable values + getpid Get the current process identifier + getuid Get the user that the server is running as + ps List running processes + shell Drop into a system command shell + sysinfo Gets information about the remote system, such as OS + From 62a18ac3e0c9504fee3d6b3f8039ca32532a27fa Mon Sep 17 00:00:00 2001 From: webbreacher Date: Wed, 22 Jan 2014 21:40:49 -0500 Subject: [PATCH 6/9] Adding content from Issue #9. Reorg'ing content to put it with similar stuff and in the right places. --- persistence/windows/general.md | 26 +++++++++++++------------- pivoting/windows/remote.md | 26 +++++++++++++------------- presence/windows/find_files.md | 8 +++++++- 3 files changed, 33 insertions(+), 27 deletions(-) diff --git a/persistence/windows/general.md b/persistence/windows/general.md index 241ab27..651fbfd 100644 --- a/persistence/windows/general.md +++ b/persistence/windows/general.md @@ -13,21 +13,21 @@ return false; Commands to run to maintain persistence after you have exploited it and are usually executed from the context of the `cmd.exe` or `command.exe` prompt. +### Remote Assistance Enable + * **Command with arguments**: `reg add “HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server” /v fAllowToGetHelp /t REG_DWORD /d 1 /f` + * **Description**: **Must be admin to run this.** Enable remote assistance through adding a registry entry on the local system. + * **Output**: + *
**Windows 2008:** Show/Hide
C:\Windows\system32>reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server" /v fDenyTSConnections /t REG_DWORD /d 0 /f +The operation completed successfully.
-### Enable `psexec` -The [`psexec` tool](http://technet.microsoft.com/en-us/sysinternals/bb897553.aspx) executes processes on other systems over a network. Most systems now disable the "clipbook" which `psexec` required. According to Val Smith's and Colin Ames' [BlackHat 2008 presentation (page 50)](http://www.blackhat.com/presentations/bh-usa-08/Smith_Ames/BH_US_08_Smith_Ames_Meta-Post_Exploitation.pdf), you can re-enable the sub-systems needed to use `psexec` using the `sc` commands below. - -
-c:\> net use \\[TargetIP]\ipc$ username /user:password
-c:\> sc \\[TargetIP] config netdde start= auto
-c:\> sc \\[TargetIP] config netddedsdm start= auto
-c:\> sc \\[TargetIP] config clipsrv start= auto
-c:\> sc \\[TargetIP] start netdde
-c:\> sc \\[TargetIP] start netddedsdm
-c:\> sc \\[TargetIP] start clipsrv
-
+### Remote Desktop Enable - Method 1 + * **Command with arguments**: `reg add “HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server” /v fDenyTSConnections /t REG_DWORD /d 0 /f` + * **Description**: **Must be admin to run this.** Enable remote desktop through adding a registry entry on the local system. + * **Output**: + *
**Windows 2008:** Show/Hide
C:\Windows\system32>reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server" /v fDenyTSConnections /t REG_DWORD /d 0 /f +The operation completed successfully.
-### Enable Remote Desktop +### Remote Desktop Enable - Method 2 Remote Desktop allows a remote user to receive a graphical "desktop" of the target (compromised) system. According to Val Smith's and Colin Ames' [BlackHat 2008 presentation (page 53)](http://www.blackhat.com/presentations/bh-usa-08/Smith_Ames/BH_US_08_Smith_Ames_Meta-Post_Exploitation.pdf), you can remotely enable remote desktop using the commands below. 1. On the compromised system, create a file named `fix_ts_policy.ini` containing the contents below. Change the *"hacked_account"* value to the account you have compromised on the remote system. diff --git a/pivoting/windows/remote.md b/pivoting/windows/remote.md index cc95915..ff0d4e1 100644 --- a/pivoting/windows/remote.md +++ b/pivoting/windows/remote.md @@ -71,19 +71,19 @@ Commands that move data and files between systems on a network and are usually e * **Output**: *
**Windows 2008:** Show/Hide
C:\Users\johndoe>qwinsta
SESSIONNAME USERNAME ID STATE TYPE DEVICE
services 0 Disc
>console johndoe 1 Active
rdp-tcp 65536 Listen
-### Remote Assistance Enable - * **Command with arguments**: `reg add “HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server” /v fAllowToGetHelp /t REG_DWORD /d 1 /f` - * **Description**: **Must be admin to run this.** Enable remote assistance through adding a registry entry on the local system. - * **Output**: - *
**Windows 2008:** Show/Hide
C:\Windows\system32>reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server" /v fDenyTSConnections /t REG_DWORD /d 0 /f -The operation completed successfully.
- -### Remote Desktop Enable - * **Command with arguments**: `reg add “HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server” /v fDenyTSConnections /t REG_DWORD /d 0 /f` - * **Description**: **Must be admin to run this.** Enable remote desktop through adding a registry entry on the local system. - * **Output**: - *
**Windows 2008:** Show/Hide
C:\Windows\system32>reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server" /v fDenyTSConnections /t REG_DWORD /d 0 /f -The operation completed successfully.
+### psexec + * **Command with arguments**: `psexec \\[computername|IP] [cmd]` + * **Description**: The [`psexec` tool](http://technet.microsoft.com/en-us/sysinternals/bb897553.aspx) executes processes on other systems over a network. Most systems now disable the "clipbook" which `psexec` required. According to Val Smith's and Colin Ames' [BlackHat 2008 presentation (page 50)](http://www.blackhat.com/presentations/bh-usa-08/Smith_Ames/BH_US_08_Smith_Ames_Meta-Post_Exploitation.pdf), you can re-enable the sub-systems needed to use `psexec` using the `sc` commands below. +
+c:\> net use \\[computername|IP]\ipc$ username /user:password
+c:\> sc \\[computername|IP] config netdde start= auto
+c:\> sc \\[computername|IP] config netddedsdm start= auto
+c:\> sc \\[computername|IP] config clipsrv start= auto
+c:\> sc \\[computername|IP] start netdde
+c:\> sc \\[computername|IP] start netddedsdm
+c:\> sc \\[computername|IP] start clipsrv
+
+ * **Example Command**: `psexec \\1.1.1.1 ipconfig /all` would retrieve the IP settings for the 1.1.1.1 system. ### tasklist * **Command with arguments**: `tasklist /v /s [computername|IP]` diff --git a/presence/windows/find_files.md b/presence/windows/find_files.md index 2dbcb7a..307d48a 100644 --- a/presence/windows/find_files.md +++ b/presence/windows/find_files.md @@ -18,7 +18,13 @@ Commands that find files on the filesystem and are usually executed from the con * **Command with arguments**: `dir /a` * **Description**: Displays files with specified attributes. Examples: D=Directories, R=Read-only files, H=Hidden files, A=Files ready for archiving, S=System files * **Output**: - *
**Windows 2008:** Show/Hide
C:\Users\johndoe>dir /a c:\
Volume in drive C has no label. Volume Serial Number is 1A09-5F16

Directory of c:\

01/19/2008 03:45 AM $Recycle.Bin
09/18/2006 04:43 PM 24 autoexec.bat
10/08/2013 10:27 PM Boot
04/11/2009 08:00 AM 333,257 bootmgr
10/08/2013 10:27 PM 8,192 BOOTSECT.BAK
09/18/2006 04:43 PM 10 config.sys
01/19/2008 06:47 AM Documents and Settings [C:\Users]
10/23/2013 07:39 PM 2,460,454,912 pagefile.sys
01/19/2008 04:40 AM PerfLogs
10/08/2013 06:36 PM Program Files
10/08/2013 06:36 PM
10/10/2013 07:59 PM Users
10/23/2013 07:38 PM Windows
5 File(s) 2,460,796,395 bytes
10 Dir(s) 33,311,416,320 bytes free
+ *
**Windows 2008:** Show/Hide
C:\Users\johndoe>dir /a c:\
Volume in drive C has no label. Volume Serial Number is 1A09-5F16

Directory of c:\

01/19/2008 03:45 AM $Recycle.Bin
09/18/2006 04:43 PM 24 autoexec.bat
10/08/2013 10:27 PM Boot
04/11/2009 08:00 AM 333,257 bootmgr
10/08/2013 10:27 PM 8,192 BOOTSECT.BAK
09/18/2006 04:43 PM 10 config.sys
01/19/2008 06:47 AM Documents and Settings [C:\Users]
10/23/2013 07:39 PM 2,460,454,912 pagefile.sys
01/19/2008 04:40 AM PerfLogs
10/08/2013 06:36 PM Program Files
10/08/2013 06:36 PM
10/10/2013 07:59 PM Users
10/23/2013 07:38 PM Windows
5 File(s) 2,460,796,395 bytes
10 Dir(s) 33,311,416,320 bytes free
+ +### Searching Sub-directories + * **Command with arguments**: `dir /s *[term]*` + * **Description**: Searches for the word entered in the [term] section in all sub-directories ofthe current directory. + * **Example Terms**: `pass`, `cred`, `vnc`, `.config`, `sysprep.*` + * **Attribution**: http://www.slideshare.net/mubix/windows-attacks-at-is-the-new-black-26665607 ### Recursive * **Command with arguments**: `dir /b /s [directory or filename]` From 0f442d0f80ff8b085047c83d1f84e0e6e111f5e2 Mon Sep 17 00:00:00 2001 From: webbreacher Date: Wed, 22 Jan 2014 21:54:18 -0500 Subject: [PATCH 7/9] Continued to add content from Rob's talk. Stopped at slide 35. More to come. --- privesc/windows/index.md | 13 ++++++++++++- 1 file changed, 12 insertions(+), 1 deletion(-) diff --git a/privesc/windows/index.md b/privesc/windows/index.md index bb4f8e1..7511fe1 100644 --- a/privesc/windows/index.md +++ b/privesc/windows/index.md @@ -2,4 +2,15 @@ Command that can be executed from the context of a shell prompt that help escalate or increase attacker privilege of the target. - * [UAC](uac.md) - How to bypass UAC. \ No newline at end of file + * [UAC](uac.md) - How to bypass UAC. + +# General Commands +### at (Scheduler) + * **Command with arguments**: `at [TIME] [cmd]` + * **Description**: This command can be used locally to escalate privilege to SYSTEM or be used across a network to execute commands on another system. + * **Examples**: + * Locally - `at 13:20 /interactive cmd` + * Remotely - From http://www.slideshare.net/mubix/windows-attacks-at-is-the-new-black-26665607 + * `net use \\[computername|IP] /user:DOMAIN\username password` + * `net time \\[computername|IP]` + * `at \\[computername|IP] 13:20 c:|temp\evil.bat` \ No newline at end of file From abd704773de96f86170af962098b995887540ea4 Mon Sep 17 00:00:00 2001 From: Rob Fuller Date: Thu, 23 Jan 2014 09:22:56 -0500 Subject: [PATCH 8/9] Quick fix to evil.bat bath --- privesc/windows/index.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/privesc/windows/index.md b/privesc/windows/index.md index 7511fe1..3186a55 100644 --- a/privesc/windows/index.md +++ b/privesc/windows/index.md @@ -13,4 +13,4 @@ Command that can be executed from the context of a shell prompt that help escala * Remotely - From http://www.slideshare.net/mubix/windows-attacks-at-is-the-new-black-26665607 * `net use \\[computername|IP] /user:DOMAIN\username password` * `net time \\[computername|IP]` - * `at \\[computername|IP] 13:20 c:|temp\evil.bat` \ No newline at end of file + * `at \\[computername|IP] 13:20 c:\temp\evil.bat` From 23121ff41e4f7666a6924e0a9d5ebb32863c99c8 Mon Sep 17 00:00:00 2001 From: Glenn Barrett Date: Thu, 23 Jan 2014 11:29:29 -0500 Subject: [PATCH 9/9] Remove redunant files from PR #63 --- msf/android_meterpreter.md | 83 ---------------------- msf/windows_meterpreter.md | 140 ------------------------------------- 2 files changed, 223 deletions(-) delete mode 100644 msf/android_meterpreter.md delete mode 100644 msf/windows_meterpreter.md diff --git a/msf/android_meterpreter.md b/msf/android_meterpreter.md deleted file mode 100644 index dc36ceb..0000000 --- a/msf/android_meterpreter.md +++ /dev/null @@ -1,83 +0,0 @@ -Core Commands ----------------------- - - Command Description - ------- ----------- - ? Help menu - background Backgrounds the current session - bgkill Kills a background meterpreter script - bglist Lists running background scripts - bgrun Executes a meterpreter script as a background thread - channel Displays information about active channels - close Closes a channel - disable_unicode_encoding Disables encoding of unicode strings - enable_unicode_encoding Enables encoding of unicode strings - exit Terminate the meterpreter session - help Help menu - info Displays information about a Post module - interact Interacts with a channel - irb Drop into irb scripting mode - load Load one or more meterpreter extensions - quit Terminate the meterpreter session - read Reads data from a channel - resource Run the commands stored in a file - run Executes a meterpreter script or Post module - use Deprecated alias for 'load' - write Writes data to a channel - - -Stdapi: File system Commands ----------------------- - - Command Description - ------- ----------- - cat Read the contents of a file to the screen - cd Change directory - download Download a file or directory - edit Edit a file - getlwd Print local working directory - getwd Print working directory - lcd Change local working directory - lpwd Print local working directory - ls List files - mkdir Make directory - pwd Print working directory - rm Delete the specified file - rmdir Remove directory - search Search for files - upload Upload a file or directory - - -Stdapi: Networking Commands ----------------------- - - Command Description - ------- ----------- - ifconfig Display interfaces - ipconfig Display interfaces - portfwd Forward a local port to a remote service - route View and modify the routing table - - -Stdapi: System Commands ----------------------- - - Command Description - ------- ----------- - execute Execute a command - getuid Get the user that the server is running as - ps List running processes - shell Drop into a system command shell - sysinfo Gets information about the remote system, such as OS - - -Stdapi: Webcam Commands ----------------------- - - Command Description - ------- ----------- - record_mic Record audio from the default microphone for X seconds - webcam_list List webcams - webcam_snap Take a snapshot from the specified webcam - webcam_stream Play a video stream from the specified webcam - diff --git a/msf/windows_meterpreter.md b/msf/windows_meterpreter.md deleted file mode 100644 index 8460f5c..0000000 --- a/msf/windows_meterpreter.md +++ /dev/null @@ -1,140 +0,0 @@ -Core Commands ----------------------- - - Command Description - ------- ----------- - ? Help menu - background Backgrounds the current session - bgkill Kills a background meterpreter script - bglist Lists running background scripts - bgrun Executes a meterpreter script as a background thread - channel Displays information about active channels - close Closes a channel - disable_unicode_encoding Disables encoding of unicode strings - enable_unicode_encoding Enables encoding of unicode strings - exit Terminate the meterpreter session - help Help menu - info Displays information about a Post module - interact Interacts with a channel - irb Drop into irb scripting mode - load Load one or more meterpreter extensions - migrate Migrate the server to another process - quit Terminate the meterpreter session - read Reads data from a channel - resource Run the commands stored in a file - run Executes a meterpreter script or Post module - use Deprecated alias for 'load' - write Writes data to a channel - - -Stdapi: File system Commands ----------------------- - - Command Description - ------- ----------- - cat Read the contents of a file to the screen - cd Change directory - download Download a file or directory - edit Edit a file - getlwd Print local working directory - getwd Print working directory - lcd Change local working directory - lpwd Print local working directory - ls List files - mkdir Make directory - mv Move source to destination - pwd Print working directory - rm Delete the specified file - rmdir Remove directory - search Search for files - upload Upload a file or directory - - -Stdapi: Networking Commands ----------------------- - - Command Description - ------- ----------- - arp Display the host ARP cache - getproxy Display the current proxy configuration - ifconfig Display interfaces - ipconfig Display interfaces - netstat Display the network connections - portfwd Forward a local port to a remote service - route View and modify the routing table - - -Stdapi: System Commands ----------------------- - - Command Description - ------- ----------- - clearev Clear the event log - drop_token Relinquishes any active impersonation token. - execute Execute a command - getenv Get one or more environment variable values - getpid Get the current process identifier - getprivs Attempt to enable all privileges available to the current process - getuid Get the user that the server is running as - kill Terminate a process - ps List running processes - reboot Reboots the remote computer - reg Modify and interact with the remote registry - rev2self Calls RevertToSelf() on the remote machine - shell Drop into a system command shell - shutdown Shuts down the remote computer - steal_token Attempts to steal an impersonation token from the target process - suspend Suspends or resumes a list of processes - sysinfo Gets information about the remote system, such as OS - - -Stdapi: User interface Commands ----------------------- - - Command Description - ------- ----------- - enumdesktops List all accessible desktops and window stations - getdesktop Get the current meterpreter desktop - idletime Returns the number of seconds the remote user has been idle - keyscan_dump Dump the keystroke buffer - keyscan_start Start capturing keystrokes - keyscan_stop Stop capturing keystrokes - screenshot Grab a screenshot of the interactive desktop - setdesktop Change the meterpreters current desktop - uictl Control some of the user interface components - - -Stdapi: Webcam Commands ----------------------- - - Command Description - ------- ----------- - record_mic Record audio from the default microphone for X seconds - webcam_list List webcams - webcam_snap Take a snapshot from the specified webcam - webcam_stream Play a video stream from the specified webcam - - -Priv: Elevate Commands ----------------------- - - Command Description - ------- ----------- - getsystem Attempt to elevate your privilege to that of local system. - - -Priv: Password database Commands ----------------------- - - Command Description - ------- ----------- - hashdump Dumps the contents of the SAM database - - -Priv: Timestomp Commands ----------------------- - - Command Description - ------- ----------- - timestomp Manipulate file MACE attributes -