b67f001e2a
post-testing typo fix
2023-01-12 20:02:20 +00:00
1afecd0884
force t3 over ssl option
2023-01-12 19:42:55 +00:00
551990a945
Land #17466 , report smb version information
...
fix #16394 : SMB_Version Module does not report SMB Version into Notes
2023-01-12 13:16:05 -05:00
29968fb76e
Land #17337 , Gather Dbeaver Password
2023-01-12 16:06:00 +01:00
145589f7a2
Add GetPteBaseW10
2023-01-12 01:15:23 -05:00
becf613022
fix #16394 : SMB_Version Module does not report SMB Version into Notes
2023-01-12 09:29:53 +05:30
2f145769da
Actually, offered_etypes needs to be an array
2023-01-11 17:08:27 -05:00
f9b1c17c39
Fix exception handler logic and small improvements
2023-01-11 20:00:09 +01:00
a4a5162b92
Remove the etype option in favor of offered_etypes
2023-01-11 10:17:52 -05:00
ada6e73af6
Land #17341 , MinIO_Client Post Exploitation Credential Gatherer
2023-01-11 15:36:23 +01:00
43051a2811
Add missing curly bracket
2023-01-11 14:30:23 +01:00
6738ca2c43
Support multiple platforms
2023-01-11 18:04:29 +08:00
ce83086c00
Update modules/post/multi/gather/minio_client.rb
...
Co-authored-by: Christophe De La Fuente <56716719+cdelafuente-r7@users.noreply.github.com >
2023-01-11 09:31:42 +08:00
633d807dbc
Update modules/post/multi/gather/minio_client.rb
...
Co-authored-by: Christophe De La Fuente <56716719+cdelafuente-r7@users.noreply.github.com >
2023-01-11 09:29:13 +08:00
e00a86b6d6
Update modules/post/multi/gather/minio_client.rb
...
Co-authored-by: Christophe De La Fuente <56716719+cdelafuente-r7@users.noreply.github.com >
2023-01-11 09:28:26 +08:00
3dd794a97f
Update modules/post/multi/gather/minio_client.rb
...
Co-authored-by: Christophe De La Fuente <56716719+cdelafuente-r7@users.noreply.github.com >
2023-01-11 09:27:48 +08:00
8b6387867d
Update modules/post/multi/gather/minio_client.rb
...
Co-authored-by: Christophe De La Fuente <56716719+cdelafuente-r7@users.noreply.github.com >
2023-01-11 09:27:08 +08:00
243c57c1fe
Add whatsupgold_credential_dump post module
...
Add a post module for credential extraction from WhatsUp Gold instances
on Windows hosts. The module should theoretically decrypt ciphertext
from any version of WhatsUp Gold, although it has only been verified
working on WhatsUp Gold versions 11.0 through 22.0.
2023-01-10 15:50:53 -05:00
6ef38e305f
Support multiple platforms
2023-01-10 15:01:55 +08:00
5845c7cb1f
Update modules/post/windows/gather/credentials/minio_client.rb
...
Co-authored-by: Christophe De La Fuente <56716719+cdelafuente-r7@users.noreply.github.com >
2023-01-10 09:22:50 +08:00
ba5b100fe5
Update modules/post/windows/gather/credentials/minio_client.rb
...
Co-authored-by: Christophe De La Fuente <56716719+cdelafuente-r7@users.noreply.github.com >
2023-01-10 09:20:32 +08:00
138f3bb4b2
Make the encryption type configurable
2023-01-09 17:20:57 -05:00
499d1ccfd7
Refactor veeam_credential_dump
...
Changed the SQL queries for DB dump to explicit VARCHAR(4096) to get
around sqlcmd's 256-char column limit.
Refactored the BATCH_DPAPI functionality because I can't seem to let
this pattern go: now actually batches with byte threshold set by
advanced option.
Reduced clutter and redundancy.
Various tweaks and bug fixes.
Updated documentation.
2023-01-09 16:31:44 -05:00
990d5ccfad
Action linter warnings in changes
2023-01-09 21:17:22 +00:00
16c176dbe0
Accept protocol option change to optenum from optstring
...
Co-authored-by: bcoles <bcoles@gmail.com >
2023-01-10 12:54:28 +00:00
a368f76a2a
Update weblogic_deserialize_badattrval.rb
2023-01-10 10:47:31 +00:00
551edbe0d1
Review and lint fixes
2023-01-09 13:27:35 -06:00
a1ee09d544
New exploit for CVE-2022-46770 Mirage firewall DoS
2023-01-09 13:27:35 -06:00
60bfa329fa
Add t3s protocol support to weblogic_deserialize_badattrval
2023-01-09 18:47:43 +00:00
f8ce1219e1
Remove extra line
2023-01-09 11:23:26 -06:00
2df3920432
fix #17436 : truncated file names in the logged data in module auxiliary/scanner/smb/smb_enumshares
2023-01-09 22:11:25 +05:30
ade00718c6
fix #17436 : truncated file names in the logged data in module auxiliary/scanner/smb/smb_enumshares
2023-01-09 19:32:37 +05:30
0c418d05e8
jtr cracking of netntlm
2023-01-08 16:54:36 -05:00
0c3026c201
crack netntlm*
2023-01-08 14:32:04 -05:00
4c6c8fcf8b
crack netntlm*
2023-01-08 14:29:21 -05:00
3d9ea4492f
Fix up extra blank lines and make ticket type being saved clearer
2023-01-06 14:48:53 -06:00
d64c4b6e7e
Store the binary format of the ccache
...
update key to be correct
2023-01-06 14:48:53 -06:00
ccfc253eb8
Updates to get ccache in golden ticket
...
Fix incorrect reference
Use proper encoding
2023-01-06 14:48:52 -06:00
ff029842ce
Verify NT hash and store golden ticket as kirbi and ccache
2023-01-06 14:48:38 -06:00
9dce44f195
Merge pull request #17390 from dwelch-r7/move-debug-ticket-to-new_module
...
Move debug ticket to new module
2023-01-06 11:35:18 -06:00
4a1c75ae73
dbeaver_store_config
2023-01-06 14:55:49 +08:00
1f938781d9
Land #17438 , exchange_proxylogon_collector bugfix
...
exchange_proxylogon_collector bugfix: prevent empty on nil by changing empty to blank
2023-01-05 16:24:58 -05:00
98b3b29cc2
Land #17439 , Removing Rex::ConnectionError exception handler from module template
2023-01-05 14:24:58 -06:00
1ede6661d4
Land #17382 , Update pkinit tgt response to include key
2023-01-05 20:45:20 +01:00
25f4c023b4
Removing Rex::ConnectionError exception handler
2023-01-05 20:26:11 +01:00
725f83601f
Land #17435 , Restore raw_send_recv for module using SMTP mixin
2023-01-05 11:29:53 -06:00
a18efb7882
Improve description and error messages
2023-01-05 14:24:08 +00:00
5eae5068cc
update
2023-01-05 20:56:06 +08:00
f222bccf6c
prevent empty on nil by changing empty to blank
2023-01-05 10:38:09 +02:00
f39973de86
Fix up missing option in documentation and also add some additional validation on server response.
2023-01-04 17:02:05 -06:00
Steve E