2d30909a2f
Change option name namespacing convention
2023-01-26 16:17:50 +00:00
a2aef99bb2
Fix force encoding issue on nil kerberos username
2023-01-26 15:25:49 +00:00
992883b1a6
Remove KRB5CCNAME env on bootup
2023-01-26 12:09:55 +00:00
d5781ed021
Land #17532 , Fix bad DN discovery code and fix bug with querying schema data
2023-01-26 10:43:13 +00:00
2a73ac01e0
Land #17544 , Fix ticket cache client metadata
2023-01-25 21:58:36 +00:00
71aa4bdace
Update ldap_query with find_schema_dn function to find the schema DN which may not be the same as the base DN so we can query security attributes of entries
2023-01-25 15:19:29 -06:00
086e2f1b05
FIx ticket cache client metadata
2023-01-25 20:17:51 +00:00
21f33296b7
Consolidate PKINIT hash extraction code
2023-01-25 12:16:42 -05:00
4f574d141a
Land #17533 , Combine pkinit_login with get_ticket
2023-01-25 15:43:12 +00:00
c7ba117fed
Land #17534 , Update kerberos cipher negotiattion
...
Update kerberos to negotiate rc4 if aes256 is disabled
2023-01-25 10:19:40 -05:00
a5e2c5b3b7
Unify pkinit_login with get_ticket
2023-01-25 08:36:26 -05:00
785e2caa9f
Refactor #send_request_tgt_pkinit, clarify docs
2023-01-25 08:36:26 -05:00
c143124344
Add feature to set the status of ticket/ccache via klist
2023-01-25 13:28:43 +00:00
8d4b1ce3c1
Use the credential etype instead of the encrypted ticket etype
2023-01-25 13:20:50 +00:00
d18beb486d
Update kerberos to negotiate rc4 if aes256 is disabled
2023-01-25 00:27:00 +00:00
e81bed0378
Land #17526 , groups the show options command by their conditions
2023-01-24 13:21:17 +00:00
854fc1400e
Improve show options to include options with conditions
2023-01-24 10:43:14 +00:00
d356b34422
Land #17499 , Show extended error information for ICPR
...
Merge branch 'land-17499' into upstream-kerberos
2023-01-23 12:19:13 -06:00
d9716ebecf
core updates for Rails 7
2023-01-23 09:57:09 -06:00
af740aea85
Land #17515 , Use shared helper for creating kerberos options
2023-01-23 13:37:00 +00:00
9a6c298a43
Use shared helper for creating kerberos options
2023-01-23 11:04:01 +00:00
1975c92e92
Remove extra info from verbose mode of LDAP output
2023-01-20 16:51:34 -06:00
a37cec40fc
Show extended error information for ICPR
2023-01-20 16:29:18 -05:00
9be26eb0ff
improve SMTP delivery error handling
2023-01-20 11:26:25 -06:00
ebaf51108c
Land #17490 , Update impacket get user spns
2023-01-20 13:21:19 +00:00
aaad9436f2
Fix winrm offered etypes
2023-01-20 10:59:25 +00:00
6419f2d5a5
add 'favorite -l' and 'favorites' as aliases for show favorites
2023-01-19 14:21:45 +02:00
9bf7617409
Return if there is no certificate to process
2023-01-18 15:05:54 -05:00
ebfcfd4cb9
Land #17066 , Add module for Certifried
...
Add exploit module for Certifried exploit
2023-01-18 14:51:03 -05:00
ed0ede0cad
Land #17472 , Always autocomplete options regardless of condition filtering
...
Merge branch 'land-17472' into upstream-kerberos
2023-01-18 10:59:16 -06:00
c0ddead75f
Land #17480 , Add payload exploit command
2023-01-17 17:52:32 -06:00
b8bea10296
Land #17491 , Fix LDAP Failure References
2023-01-17 17:22:10 -06:00
470972b91d
Land #17385 , Return success code for writing and appending file in command shells
2023-01-17 16:37:06 -06:00
d810267f8d
Pull in Dean's changes from #17443 to fix LDAP failure references.
2023-01-17 16:31:08 -06:00
7f62fa33f3
Update impacket get user spns
2023-01-17 19:53:42 +00:00
202eb85066
Land #17470 , Update kerberos login to support diacritics
2023-01-16 12:22:44 +00:00
5ef1f9f4f4
Update kerberos login to support diacritics
2023-01-16 12:08:54 +00:00
7a2f6fef86
Land #17477 , Merge 6.2.36 master into kerberos feature branch
2023-01-16 11:53:21 +00:00
f637885f0a
Land #17468 , Fix error when printing ticket contents from a kirbi file format
2023-01-16 10:07:36 +00:00
a28b203f73
payload exploit command
2023-01-15 05:38:15 -05:00
90a12cf3b0
unquoted service path tweaks
2023-01-13 17:06:42 -05:00
eddac9321c
Merge 6.2.36 master into kerberos feature branch
2023-01-13 17:31:02 +00:00
274bf6dcb7
Make SSM keepalive optional
2023-01-13 09:54:34 -05:00
3d22fbcad9
Add exploit module for Certifried exploit
...
- Move all the logic from `modules/auxiliary/admin/dcerpc/icpr_cert.rb`
to `lib/msf/core/exploit/remote/ms_icpr.rb` library
- Move all the logic from `modules/auxiliary/admin/dcerpc/samr_computer.rb`
to `lib/msf/core/exploit/remote/ms_samr.rb` library
- Add `modules/auxiliary/admin/dcerpc/cve_2022_26923_certifried.rb` module
- Update the SMB client to disable SSL by default
- Add documentation
- Kerbero client: pass `options` as argument to `send_request_as`
- `calculate_shared_key` returns an EncryptionKey instead of the raw key
- Update `pkinit_login` module to make it compatible
- Add support to `additional_tickets` when requesting tickets
- Add support to PAC CredentialInfo structures
- Add impersonation to escalate privileges
- Add ACTIONS
- Use elevated TGS to delete the computer account
- Update and add specs
2023-01-13 15:30:50 +01:00
19d2e985ef
Enable new datastore implementation by default
2023-01-13 13:51:56 +00:00
a36882aee3
Always autocomplete options regardless of condition filtering
2023-01-13 13:11:32 +00:00
75153aded3
Fix missing method error when printing ticket contents from a kirbi file format
2023-01-13 10:19:07 +00:00
0669ee1f72
Land #17395 , Adds docs for RPC workflows to docs site
2023-01-12 12:50:55 +00:00
2f145769da
Actually, offered_etypes needs to be an array
2023-01-11 17:08:27 -05:00
fd7fbb76af
fix: cmd_run: remove unnecessary map
...
Removing the call to .map over args[:datastore_options] avoids an unnecessary call to Msf::DataStore#import_options_from_s. args[:datastore_options] is already a hash, converting it to string and using Msf::DataStore#import_options_from_s converts it back to hash, which is not necessary. The Msf::Simple::Module mixin already offers support for Options, which is expected to be a hash.
This change also prevents sending corner case option strings to Msf::DataStore#import_options_from_s when using post modules, which does not support strings like: "COMMAND='date --date=2023-01-01'".
2023-01-11 16:54:13 -05:00
adfoster-r7