9579e355c1
Land #16749 , Add winrm kerberos authentication support
2022-07-15 16:24:36 +01:00
c675c104d3
LAnd #16771 , Fix msfconsole crashing with openssl3
2022-07-14 11:06:48 -05:00
55079515ca
implement code review suggestions
2022-07-14 06:04:14 -07:00
1103f525a6
Stop msfconsole crashing with openssl3
2022-07-14 12:05:01 +01:00
44e4714b9b
Land #16764 , Rex::Proto::Http: Add evasion options to shuffle GET / POST parameters
2022-07-11 14:17:07 +01:00
39f288bfe3
Rex::Proto::Http: Add evasion options to shuffle GET / POST parameters
2022-07-11 01:37:41 +10:00
728cf97f6e
Land #16718 , Fix run_as module on x64 systems
2022-07-08 09:22:22 -04:00
d3e7152954
Changes from code review
2022-07-08 11:47:54 +10:00
ade10650a8
Set the NTLM flags for LDAP authentication
...
The sign and seal flags need to be removed for LDAP. Because sign and
seal are not set, key56 and key128 can also be removed.
The rest of the flags are taken from
https://github.com/rapid7/ruby_smb/blob/cc5228730f9bc39215322ab6e07fd8da33602bb9/lib/ruby_smb/ntlm.rb#L31
2022-07-07 13:20:34 -04:00
f9f3be3644
Fix unit tests
2022-07-07 18:04:22 +10:00
b2eb348d94
Added WinRM using Kerberos, including encryption
2022-07-07 13:17:09 +10:00
b8ca08d3ce
Support NTLM and kerberos auth in LDAP
2022-07-06 17:12:27 -04:00
4abef7d373
Remove an unused option and require SmbRhostname
2022-07-06 15:16:50 -04:00
e53bccae85
Set the session key for older SMB dialects too
2022-07-06 15:16:40 -04:00
aea37f7137
Add initial SMB Kerberos authentication support
2022-07-06 16:15:33 +01:00
5b8680ee91
Land #16567 from h00die/juniper_enhancements
...
Juniper config processor enhancements
2022-07-05 12:06:34 +01:00
065fe425d3
pass in read permissions to process_open()
2022-07-01 13:05:38 -05:00
8094c67465
switch to hash, reorder args
2022-07-01 13:05:38 -05:00
722241ed3e
Update lib/msf/core/post/linux/process.rb
...
Co-authored-by: Spencer McIntyre <58950994+smcintyre-r7@users.noreply.github.com >
2022-07-01 12:56:44 -05:00
6ffd9a8cfa
Update lib/msf/core/post/linux/process.rb
...
Co-authored-by: Spencer McIntyre <58950994+smcintyre-r7@users.noreply.github.com >
2022-07-01 12:56:44 -05:00
69342f5431
add docs and mixin
2022-07-01 12:56:43 -05:00
d31ffa27d3
Add and use a new kerberos CCache model definition
2022-07-01 11:57:30 -04:00
5bc618e642
Remove initial code duplication between mssql clients
2022-07-01 14:26:04 +01:00
4861bbb337
add sanity check, move check method logic to lib, rescue failed socket creation
2022-07-01 05:13:14 -04:00
e40e835fd8
Land #16706 , Kerberos login enhancements
2022-06-30 14:51:30 +01:00
0e3fdd0799
Fix from code review
2022-06-29 19:18:47 +02:00
66009ca5e5
Exploit::CmdStager: Expose CMDSTAGER::URIPATH option for HTTP stagers
2022-06-25 23:49:47 +10:00
997f9b92d9
Changes from code review
2022-06-24 09:33:57 +10:00
96046f9aec
Remove unnecessary freeze calls
...
Co-authored-by: adfoster-r7 <60357436+adfoster-r7@users.noreply.github.com >
2022-06-24 08:36:44 +10:00
2553bae018
Report correct password when clock is wrong or password has expired
2022-06-23 11:33:45 +10:00
3e33e2694d
Include information on whether account is disabled or locked.
...
We can do this more precisely for Windows' implementation of Kerberos
by using the undocumented PA-PW-SALT entry.
2022-06-23 10:46:25 +10:00
8d1d2d5aad
Fix bugs from #16685
2022-06-23 10:20:59 +10:00
a4a0fc3028
Changes from code review.
...
Use kwargs instead of default values for rarer crypto args.
Revert case-sensitivity change; we'll leave krb5 on Linux til later.
More constants
2022-06-22 16:03:36 +10:00
15446fd173
Incorporated new encryption methods into login scanner, including negotiating
2022-06-22 09:36:25 +10:00
19b62a5af6
Support several new encryption types for Kerberos.
...
Supports DES-CBC-MD5, DES3-CBC-SHA1, AES128, AES256
2022-06-22 09:13:33 +10:00
7983f878a8
Land #16597 , psh cmd adapter fix for encrypt shell
2022-06-21 09:47:05 -05:00
f8901a8b17
Add Kerberos LoginScanner support
2022-06-20 16:38:32 +01:00
b10386ba08
Land #16650 , Add #read_from_file for MSSQL and PostgreSQL, fix the MySQL implementation
2022-06-17 14:58:22 -05:00
d47d1bc259
Remove newlines from base64 output on MySQL also
2022-06-17 00:51:52 +02:00
be45688dbc
Land #16602 , Fix error when service is already running and update exception documentation in lib/msf/core/post/windows/services.rb
2022-06-16 10:59:35 -05:00
c94f22cebe
Add in fixes from discussion and also update documentation to correctly note what functions can raise
2022-06-15 19:28:31 -05:00
d20fa45f7a
Add in guard clause to check that page isn't nil before trying to use it for processing pages
2022-06-15 11:35:30 -05:00
9373ab6bd3
HTTP Crawler: don't expect page object for msg
...
The `crawler_process_page` method in HttpCrawler assumes that the
`page` object passed into the method is not nil when formatting the
`msg` string for printing to console.
Address the assumption with a ternary check leaving the `|| "ERR"`
handling for `page.code` itself being nil inside the assignment
when page is not nil.
Testing:
`Error accessing page undefined method '[]' for nil:NilClass` is
no longer being thrown when scanning an odd HTTP service.
2022-06-10 21:44:29 -04:00
ba83b1bdf5
add manageengine adaudit plus and datasecurity plus xnode enum modles and manageengine_xnode lib
2022-06-10 10:32:25 -04:00
affc5bc294
Fix Kerberos flags decoding logic
2022-06-09 12:22:20 +01:00
b292586fb3
Avoid exception 'TypeError exception class/object expected'
2022-06-09 11:58:01 +02:00
63822f6e37
Land #16651 , [SQLi library] Ensure the encoder is always used in the #test_vulnerable methods
2022-06-08 17:15:22 -05:00
88036a7f1f
Check for nil before using the decoder in test_vulnerable
2022-06-08 22:00:03 +02:00
67ea2bc23c
Land #16630 Fix duplicate ntlm hash storage
...
Net-NTLM (v1 and v2) hashes were being duplicated when
stored in the database due to the unique data in the challenge
dispite being the same. This fixes that issue
2022-06-08 14:07:34 -04:00
1a7cbe5b4f
Update lib/msf/core/exploit/remote/smb/server/hash_capture.rb
2022-06-08 13:45:57 -04:00
adfoster-r7