adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
59,500 Commits 27 Branches 1,043 Tags
9beec65ef34c4e90a00a41ee1c8de0f9e6effd2a
Commit Graph

12 Commits

Author SHA1 Message Date
William Vu f601c49ba9 Default to LDAPS in vCenter Server vmdir modules 2020-07-22 15:40:10 -05:00
William Vu f736b0192f Add LDAPS support and update vCenter vmdir modules 2020-07-22 14:23:00 -05:00
William Vu 5f5a2e7508 Refactor code (untested) 2020-07-21 01:09:46 -05:00
William Vu 06f9099d7f Add BASE_DN and ROOT_KEY to vmdir and Salt modules 2020-05-22 11:16:58 -05:00
William Vu 00b28da98c Move username and password check to top of run 
Check the options first, since they're unrequired. Missed this.
 2020-04-22 20:36:27 -05:00
William Vu ef68c66d31 Persist base_dn value, since the code is stable 
I wasn't sure before. We should be able to rely on @base_dn doing the
right thing now. There is no need to check the value every time.

Practically, I think the base DN will always be dc=vsphere,dc=local.
 2020-04-22 17:38:12 -05:00
William Vu 0c0de73afa Reformat post-RuboCop code, mostly to 80 columns 
Now with more horizontal space!
 2020-04-22 17:38:12 -05:00
William Vu 0dc6ac7133 RuboCop for the RuboCop gods 2020-04-22 17:38:12 -05:00
William Vu b810f44fde Remove ill-fated VMware advice 2020-04-22 17:38:12 -05:00
William Vu 676ab353ff Rename aux/gather/vmware_vcenter_vmdir{,_ldap} 2020-04-22 17:38:12 -05:00
William Vu 0bacda8117 Use auxiliary/gather/vmware_vcenter_vmdir as check 2020-04-22 17:38:12 -05:00
William Vu 9633f5daf4 Exploit an LDAP auth bypass to add an admin user 
Thanks to JJ Lehmann and Ofri Ziv of Guardicore Labs for their work.

https://www.guardicore.com/2020/04/pwning-vmware-vcenter-cve-2020-3952/
 2020-04-22 17:38:11 -05:00