db12c7e0f0
Added tests for parsing new Kerberos structures
2022-10-07 14:04:24 +11:00
58c30f10aa
Send and Receive PKINIT responses
2022-10-07 01:04:10 +11:00
781ce211fe
remove un-needed spec tests
2022-09-30 16:55:49 -04:00
5d345e6689
Merge branch 'upstream-master' into feature-kerberos-authentication
2022-09-29 16:42:58 +01:00
8b53b0d878
add payload tests for new windows custom stager
2022-09-19 08:28:25 -05:00
3a281234df
Add feature flagged datastore rewrite, with support for option fallback lookups
2022-09-16 12:59:02 +01:00
5f85175f56
Add module for golden/silver ticket forging
2022-09-01 16:12:07 +01:00
97bce45e69
Land #16915 , Add exploit for CVE-2022-23277 (Exchange RCE)
2022-08-19 11:11:46 -05:00
df35cb2040
ipv4 checking in vcenter
2022-08-14 16:48:38 -04:00
5faee26f10
Add the DataSetTypeSpoof .NET deserialization chain
2022-08-08 17:52:51 -04:00
852fac48b1
Add the DataSet .NET deserialization chain
2022-08-08 17:51:37 -04:00
ed3a0959ae
vcenter post lib and spec
2022-08-06 14:01:56 -04:00
756c910b9a
Add warning if OPENSSL_CONF is already present
2022-08-05 15:45:50 +01:00
f65119b353
Support OpenSSL3 and run Ubuntu 22.04 in test matrix
2022-08-03 15:49:53 +01:00
cd81ced5cb
Land #16822 , Fix msfrpcd console read failures
2022-08-02 17:29:25 -04:00
778ee0ed06
Add in updated spec tests
2022-07-28 15:51:00 -05:00
00b85e9bb4
Fix msfrpcd console read failures
2022-07-27 13:11:11 +01:00
7c82c1cf32
Land #16817 , Consolidate the config directory lookups
2022-07-26 14:57:50 -05:00
488d361721
Fix --tag for 'hosts' -t | --tag command
...
Enable parsing of the -t argument
2022-07-26 11:39:38 -05:00
f779f0f482
consolidate the config directory lookups
...
The user configuration directory can be overridden via environment
variables or configuration files.
In the current implementation `Msf::Config.config_directory` should be
utilized for consistent location reporting. `Msf::Config.get_config_root`
is reserved to generation of a default location and should be considered
`private` as it ignores some injected configuration options. Currently
autoloading does not allow application of the `private` keyword to this method,
requiring guidance during development that module writers should access the
full configured `user` value of `Msf::Config.config_directory`.
2022-07-25 15:27:21 -05:00
210bd33a01
Land #16774 , Suggest a correct datastore option
2022-07-21 14:37:45 -05:00
f02012a8ee
Add openssl version to debug command
2022-07-19 15:26:05 +01:00
c388499acf
Suggest a correct datastore option
2022-07-18 09:32:45 -04:00
171f81803a
Land #16747 , add lotus domino hash extraction spec
2022-07-11 14:20:22 +01:00
728cf97f6e
Land #16718 , Fix run_as module on x64 systems
2022-07-08 09:22:22 -04:00
39f90d95b1
Create sessions for winrm_login successes.
...
Reuses the connection, so that authentication doesn't need to happen again
2022-07-08 16:57:09 +10:00
d3e7152954
Changes from code review
2022-07-08 11:47:54 +10:00
cdd12b3b11
expand proof verification string
2022-07-07 09:05:16 -05:00
f319d6e509
more explicitly cross platform file location
2022-07-07 08:41:55 -05:00
e7134d5244
code review adjusments for double and context
2022-07-07 08:26:46 -05:00
f9f3be3644
Fix unit tests
2022-07-07 18:04:22 +10:00
b2eb348d94
Added WinRM using Kerberos, including encryption
2022-07-07 13:17:09 +10:00
aea37f7137
Add initial SMB Kerberos authentication support
2022-07-06 16:15:33 +01:00
a41f655060
add lotus domino hash extraction spec
...
Adds a spec targeting a single method in the `lotus_domino_hashes` module. This is a start on
offering example on how a spec can be written to test part of the code in a module using example
responses from a unit testing perspective.
2022-07-05 11:38:25 -05:00
5b8680ee91
Land #16567 from h00die/juniper_enhancements
...
Juniper config processor enhancements
2022-07-05 12:06:34 +01:00
d31ffa27d3
Add and use a new kerberos CCache model definition
2022-07-01 11:57:30 -04:00
8e32beeeef
Update specs
2022-06-30 11:11:11 +02:00
997f9b92d9
Changes from code review
2022-06-24 09:33:57 +10:00
2cce4ac1c1
Fix unit tests
2022-06-23 16:55:30 +10:00
89187c1fa9
Land #16685 , Add missing Kerberos encryption types
2022-06-22 13:13:30 +01:00
e672fad870
Land #16689 , Update Kerberos to support host addresses in tickets
2022-06-22 12:52:17 +01:00
a4a0fc3028
Changes from code review.
...
Use kwargs instead of default values for rarer crypto args.
Revert case-sensitivity change; we'll leave krb5 on Linux til later.
More constants
2022-06-22 16:03:36 +10:00
15446fd173
Incorporated new encryption methods into login scanner, including negotiating
2022-06-22 09:36:25 +10:00
19b62a5af6
Support several new encryption types for Kerberos.
...
Supports DES-CBC-MD5, DES3-CBC-SHA1, AES128, AES256
2022-06-22 09:13:33 +10:00
f8901a8b17
Add Kerberos LoginScanner support
2022-06-20 16:38:32 +01:00
3f56f9891d
Update keberos to support host addresses in tickets
2022-06-18 04:16:36 +01:00
ac5a885f16
Land #16660 , Fix Kerberos flags decoding logic
2022-06-17 17:38:09 +01:00
3ce8b2e3bc
Land #16678 , Support decoding pa_data as part of kdc enc response
2022-06-17 17:19:45 +01:00
5dd650fc76
Support decoding pa_data as part of kdc enc response
2022-06-15 20:46:45 +01:00
bcac5a1274
add missing payload tests
2022-06-15 14:34:08 -05:00
Ashley Donaldson