557a15a115
spelling fixes on docs
2023-10-10 14:46:18 -04:00
ae4faca1ba
Update module docs to discuss KB5014754 changes
2023-06-14 16:18:04 -04:00
6870efc34a
Land #17426 , Update all references to old Wiki to point to new docs site
2023-02-01 23:49:20 +00:00
c68ab9b77f
Add Metasploit prompt color highlighting to docs
2023-01-28 22:43:33 +00:00
6043d0ffba
Update all links from Wiki site to new docs site.
2023-01-27 09:58:53 -06:00
672fb9ce9f
Land #17460 , add support for feature kerberos authentication
2023-01-26 17:47:27 +00:00
2d30909a2f
Change option name namespacing convention
2023-01-26 16:17:50 +00:00
d18beb486d
Update kerberos to negotiate rc4 if aes256 is disabled
2023-01-25 00:27:00 +00:00
82fe7120d4
Update ADCS to be AD CS so we have appropriate spelling
2023-01-18 17:07:48 -06:00
ebfcfd4cb9
Land #17066 , Add module for Certifried
...
Add exploit module for Certifried exploit
2023-01-18 14:51:03 -05:00
2072111713
Fix from code review & some improvments
...
- Improve option validation
- Always request an impersonated TGS for `cifs/...` SPN
- SPN option now is used to request an additional TGS for another SPN
- Add exception handling for Kerberos errors
- Only remove the computer account if it has been created
2023-01-18 19:28:06 +01:00
c55fcb6ca6
Add additional kerberos documentation
2023-01-18 16:58:34 +00:00
3d22fbcad9
Add exploit module for Certifried exploit
...
- Move all the logic from `modules/auxiliary/admin/dcerpc/icpr_cert.rb`
to `lib/msf/core/exploit/remote/ms_icpr.rb` library
- Move all the logic from `modules/auxiliary/admin/dcerpc/samr_computer.rb`
to `lib/msf/core/exploit/remote/ms_samr.rb` library
- Add `modules/auxiliary/admin/dcerpc/cve_2022_26923_certifried.rb` module
- Update the SMB client to disable SSL by default
- Add documentation
- Kerbero client: pass `options` as argument to `send_request_as`
- `calculate_shared_key` returns an EncryptionKey instead of the raw key
- Update `pkinit_login` module to make it compatible
- Add support to `additional_tickets` when requesting tickets
- Add support to PAC CredentialInfo structures
- Add impersonation to escalate privileges
- Add ACTIONS
- Use elevated TGS to delete the computer account
- Update and add specs
2023-01-13 15:30:50 +01:00
b2f6f0c792
Update the module docs for ESC2 and ESC3
2022-11-17 12:12:35 -05:00
f4a65a220a
Support ON_BEHALF_OF in icpr_cert
...
Add the code necessary to request certificates on behalf of other users.
This is necessary to exploit templates vulnerable to ESC2 and ESC3.
2022-11-17 12:12:35 -05:00
69cc144e04
Add module docs
2022-08-30 11:12:36 -04:00
41ba2d263b
Address PR feedback
...
Simplify the application_key usage, update docs and catch another
exception.
2022-06-28 11:53:05 -04:00
825604dda9
Add docs and a configurable password
2022-06-15 08:51:47 -04:00
02e7a65b93
Just move the auxiliary module into an exploit
2022-05-16 17:44:31 -04:00
f99438b9d1
Add target security settings info to the documentation
2022-02-07 16:48:34 +01:00
c593ec9e8f
Fix the markdown formatting in the module docs
2021-07-12 15:03:39 -04:00
e155bb64cd
Improved check method for PrintNightmare
2021-07-09 12:15:39 -04:00
70fd9376e3
Final documentation improvements to explain SMB setup and improvements to module to fix one minor error output
2021-07-07 17:05:22 -05:00
f42aa3742c
Automatically reconnect to the named pipe
2021-07-07 13:25:51 -04:00
d5d48949b2
Update PrintNightmare module docs
2021-07-06 16:30:51 -04:00
9c6b023b0d
Add PrintNightmare module docs
2021-07-02 16:00:39 -04:00
bf13ffc692
Update documentation based on feedback
2020-10-01 09:19:15 -04:00
377c019d99
Update the module docs for CVE-2020-1472
2020-09-30 17:41:14 -04:00
a810d37c47
Move the NetrServerPasswordSet2 DCERPC data defs into RubySMB
2020-09-18 16:19:23 -04:00
fdedcfa600
Updates to use the latest proposed RubySMB changes
2020-09-18 14:27:14 -04:00
27b6c8a55b
Add module docs and apply rubocop fixes to the module
2020-09-17 14:28:53 -04:00
h00die