97aef31180
Removed vestigial code while we're at it
2022-11-30 11:31:27 +11:00
1231eefe55
Fixed WQL module while I'm at it
2022-11-30 10:26:19 +11:00
704cee436b
Apply suggestions from code review
2022-11-29 15:25:14 +01:00
c1236500f1
Apply suggestions from code review
...
Co-authored-by: Shelby Pace <40177151+space-r7@users.noreply.github.com >
2022-11-29 14:12:39 +01:00
750192afa4
Add pkinit error codes
2022-11-29 10:36:10 +00:00
cd828a82c8
Fix the DH key construction for OpenSSL3
2022-11-28 14:54:10 -05:00
abe0549db6
Land #17226 , Module to request TGT/TGS tickets
...
Module to request TGT/TGS Kerberos tickets from the KDC
2022-11-28 11:59:17 -05:00
f24df8a051
Change an exception class and drop DOMAIN passing
2022-11-28 10:06:14 -05:00
009c6c5350
Add the MaxBackendRetries datastore option
2022-11-28 09:45:04 -05:00
3805a79079
Add support for Exchange Data Access Group (DAG)
...
This updates the HttpSsrf class to retry requests to the Powershell
backend when they fail because they were routed to a new server. Now
when the transport is initialized, it will store the backend used by the
first successful request.
2022-11-23 15:37:58 -05:00
a05cbdbc30
Impreve error handling
2022-11-20 12:09:05 +01:00
34d191b06c
Added Ruby serialized payload generator
2022-11-19 15:20:49 +01:00
f1b97de78d
Added Gitlab mixin
2022-11-19 15:19:29 +01:00
29d57dde66
Consolidate into ProxyMaybeShell
2022-11-18 17:01:01 -05:00
d1a7170020
Land #17021 , Gitea Git fetch RCE module - CVE-2022-30781
2022-11-17 12:28:29 +01:00
8efc6c5304
Land #17103 , Consolidate KdcOptionFlags and TicketFlags
2022-11-09 17:27:17 +00:00
7c2134d941
Consolidate KdcOptionFlags and TicketFlags
2022-11-09 17:08:26 +00:00
65f6aaca82
Land #17077 , Add support for AES keys for silver/golden ticket forging
2022-11-09 16:51:11 +00:00
23ff829e52
Add support for AES keys for silver/golden ticket forging
2022-11-09 13:01:13 +00:00
645a1c25a3
Update method documentation and indentation
2022-11-09 16:27:31 +07:00
13bb31feeb
Update module
...
- move repository migration to execute_command.
NOTE: the stageless payload is still unsuccessfull but keep this anyway for christophe to review.
2022-11-09 04:52:18 +07:00
37fd441b0f
Land #17117 , Authenticate to Kerberos with PKINIT
2022-11-08 18:54:03 +01:00
a50cca27e6
remove cookie_jar manipulation
2022-11-09 00:48:23 +07:00
52d867bbc7
follow Ruby coding convetions
...
- combine gitea_version into get_gitea_version for the check method
- validate empty username
2022-11-09 00:41:30 +07:00
c980f4f9ee
add more custom error exception
2022-11-09 00:27:12 +07:00
e70861fc87
Land #17239 , Fix broken kerberos login module
2022-11-08 11:21:17 -05:00
30fe07801b
Fix broken kerberos login module
2022-11-08 15:49:21 +00:00
540984804d
Apply suggestions from code review
...
Co-authored-by: Christophe De La Fuente <56716719+cdelafuente-r7@users.noreply.github.com >
2022-11-08 14:09:31 +07:00
c1d092b70d
Minor tweaks
...
Filter out enrollable certs by default and print the warning higher. Add
periods to all messages for consistency. Drop the message from
vprint_good to vprint_status when the query works.
2022-11-07 10:37:12 -05:00
ee46d18505
Add yard docs and address review comments
2022-11-07 12:10:01 +00:00
a110465fe4
Add module for converting kerberos ticket formats
2022-11-07 12:10:01 +00:00
79ac775443
Perform updates from code review.
2022-11-04 15:44:28 -05:00
8922e5b203
Add in first initial implementation of ESC module and updates to associated libraries.
2022-11-04 15:43:34 -05:00
eb051ec9a7
Add get_ticket module
2022-11-04 18:46:47 +01:00
6e453a3f4f
Fix a bug in #extract_user_and_realm
...
While iterating over asn_san_seq, if the tag doesn't match either of the
two conditions, user and domain will be nil which leads to a problem
later on.
2022-11-03 10:51:52 -04:00
45ddcf02c9
Remove unused mix in, add low bound to check
2022-11-01 10:42:43 -05:00
af9175325b
Update lib/msf/core/exploit/remote/http/webmin/login.rb
...
Co-authored-by: Shelby Pace <40177151+space-r7@users.noreply.github.com >
2022-11-01 10:42:42 -05:00
ad5b03ed96
Finished TODOs and added docs
2022-11-01 10:40:00 -05:00
7774b7ddcf
Merge remote-tracking branch 'upstream/master' into merge-6.2.25-master-into-kerberos-feature-branch
2022-10-31 23:15:11 +00:00
fa7d677d45
Consolidate and improve LDAP error handling
2022-10-31 10:56:17 -04:00
4ec7eea436
Fixes from code review
2022-10-28 15:33:34 +02:00
52904b8cb6
Add support to Kerberos
...
- Add kerberos authenticator to `scanner/smb/smb_login` and the
corresponding login scanner library
- Add new options: `UseCachedCredentials` and `StoreCredentialCache`
- Add `use_cached_credentials` attribute to
Kerberos::ServiceAuthenticator::Base. This enables/disables the use of
cached Kerberos credentials from the database.
- Add `store_credential_cache` attribute to
Kerberos::ServiceAuthenticator::Base. This enables/disables storing
Kerberos TGS MIT Credential Cache to the database.
2022-10-21 16:16:10 +02:00
1e50ba3415
Move to Hashes module, address requested changes
...
Fix rubocop
Move identify to hashes module up one layer, use full reference to identify_hash instead of full include
Fix SMTP require
Remove hashes require statement
Remove hashes require statement
Remove hashes require statement
Remove hashes require statement
Address remaining requested changes, reference constants directly
Add all the missing direct references
Co-Authored-By: Jeffrey Martin <jeffrey_martin@rapid7.com >
2022-10-17 17:28:31 -04:00
09e740d48d
Changes from code review
2022-10-17 17:19:50 +11:00
c7bab60a3e
Fix to support DNS entries in certificate files
2022-10-07 15:17:07 +11:00
80bb1867bc
Added documentation for the module
2022-10-07 14:24:37 +11:00
793a05f9f3
Added comments for new functions
2022-10-07 11:55:47 +11:00
b5a076a1f1
Neaten parameter and error handling
2022-10-07 11:24:39 +11:00
58c30f10aa
Send and Receive PKINIT responses
2022-10-07 01:04:10 +11:00
06aefb630a
string true to bool true
2022-10-03 19:50:04 -04:00
Ashley Donaldson