- Move all the logic from `modules/auxiliary/admin/dcerpc/icpr_cert.rb`
to `lib/msf/core/exploit/remote/ms_icpr.rb` library
- Move all the logic from `modules/auxiliary/admin/dcerpc/samr_computer.rb`
to `lib/msf/core/exploit/remote/ms_samr.rb` library
- Add `modules/auxiliary/admin/dcerpc/cve_2022_26923_certifried.rb` module
- Update the SMB client to disable SSL by default
- Add documentation
- Kerbero client: pass `options` as argument to `send_request_as`
- `calculate_shared_key` returns an EncryptionKey instead of the raw key
- Update `pkinit_login` module to make it compatible
- Add support to `additional_tickets` when requesting tickets
- Add support to PAC CredentialInfo structures
- Add impersonation to escalate privileges
- Add ACTIONS
- Use elevated TGS to delete the computer account
- Update and add specs
Removing the call to .map over args[:datastore_options] avoids an unnecessary call to Msf::DataStore#import_options_from_s. args[:datastore_options] is already a hash, converting it to string and using Msf::DataStore#import_options_from_s converts it back to hash, which is not necessary. The Msf::Simple::Module mixin already offers support for Options, which is expected to be a hash.
This change also prevents sending corner case option strings to Msf::DataStore#import_options_from_s when using post modules, which does not support strings like: "COMMAND='date --date=2023-01-01'".
Metasploit will negotiate the strongest mutually supported encryption
with the target. When the target supports AES-256 as Server 2022 and
Windows 11 do, the key needs to be 32-bytes long and not 16 as it is
when AES-128 is in use. This updates the logic to check if the
encryption algorithm is set to ensure that the key is the correct size.
Grant Willcox