c68ab9b77f
Add Metasploit prompt color highlighting to docs
2023-01-28 22:43:33 +00:00
672fb9ce9f
Land #17460 , add support for feature kerberos authentication
2023-01-26 17:47:27 +00:00
2d30909a2f
Change option name namespacing convention
2023-01-26 16:17:50 +00:00
4f574d141a
Land #17533 , Combine pkinit_login with get_ticket
2023-01-25 15:43:12 +00:00
dbe9ee3a77
Update documentation
2023-01-25 08:39:52 -05:00
a5e2c5b3b7
Unify pkinit_login with get_ticket
2023-01-25 08:36:26 -05:00
d18beb486d
Update kerberos to negotiate rc4 if aes256 is disabled
2023-01-25 00:27:00 +00:00
4c17b93ca8
Update get ticket module to use aes_key and username convention
2023-01-20 10:47:35 +00:00
82fe7120d4
Update ADCS to be AD CS so we have appropriate spelling
2023-01-18 17:07:48 -06:00
ebfcfd4cb9
Land #17066 , Add module for Certifried
...
Add exploit module for Certifried exploit
2023-01-18 14:51:03 -05:00
2072111713
Fix from code review & some improvments
...
- Improve option validation
- Always request an impersonated TGS for `cifs/...` SPN
- SPN option now is used to request an additional TGS for another SPN
- Add exception handling for Kerberos errors
- Only remove the computer account if it has been created
2023-01-18 19:28:06 +01:00
c55fcb6ca6
Add additional kerberos documentation
2023-01-18 16:58:34 +00:00
3d22fbcad9
Add exploit module for Certifried exploit
...
- Move all the logic from `modules/auxiliary/admin/dcerpc/icpr_cert.rb`
to `lib/msf/core/exploit/remote/ms_icpr.rb` library
- Move all the logic from `modules/auxiliary/admin/dcerpc/samr_computer.rb`
to `lib/msf/core/exploit/remote/ms_samr.rb` library
- Add `modules/auxiliary/admin/dcerpc/cve_2022_26923_certifried.rb` module
- Update the SMB client to disable SSL by default
- Add documentation
- Kerbero client: pass `options` as argument to `send_request_as`
- `calculate_shared_key` returns an EncryptionKey instead of the raw key
- Update `pkinit_login` module to make it compatible
- Add support to `additional_tickets` when requesting tickets
- Add support to PAC CredentialInfo structures
- Add impersonation to escalate privileges
- Add ACTIONS
- Use elevated TGS to delete the computer account
- Update and add specs
2023-01-13 15:30:50 +01:00
6f7d7bcd1c
Land #17394 , Add ticket converter docs
2023-01-11 02:11:59 +00:00
9dce44f195
Merge pull request #17390 from dwelch-r7/move-debug-ticket-to-new_module
...
Move debug ticket to new module
2023-01-06 11:35:18 -06:00
d69564f3df
Minor update to merge output and example together.
2023-01-06 10:15:16 -06:00
2de3477eb0
Add msfconsole examples
2023-01-05 17:02:23 +00:00
a18efb7882
Improve description and error messages
2023-01-05 14:24:08 +00:00
cb95d92201
Fix keytab docs typo
2023-01-04 15:39:59 +00:00
4e1e85f8ad
Add ticket converter docs
2022-12-16 13:53:05 +00:00
cf332a2b20
Move DEBUG_TICKET action from forge ticket to it's own module inspect_ticket
2022-12-15 13:42:30 +00:00
2783e92203
Update windows_secrets_dump and Keytab module to export kerberos keys
2022-12-14 13:40:39 +00:00
abcf4606a8
Land #17360 , document the kerberos forge_ticket DEBUG_TICKET action
2022-12-14 13:37:34 +00:00
4aaf540364
Add modules docs for TICKET_DEBUG
2022-12-12 13:39:09 +00:00
c6f8bae1ab
Fix from code review and updates the KrbUseCachedCredentials logic
2022-12-02 15:28:08 +01:00
69e08094cd
Update documentation
2022-12-01 21:23:25 +01:00
abe0549db6
Land #17226 , Module to request TGT/TGS tickets
...
Module to request TGT/TGS Kerberos tickets from the KDC
2022-11-28 11:59:17 -05:00
5280580c08
Fixes from code review
2022-11-18 11:02:32 +01:00
b2f6f0c792
Update the module docs for ESC2 and ESC3
2022-11-17 12:12:35 -05:00
f4a65a220a
Support ON_BEHALF_OF in icpr_cert
...
Add the code necessary to request certificates on behalf of other users.
This is necessary to exploit templates vulnerable to ESC2 and ESC3.
2022-11-17 12:12:35 -05:00
65f6aaca82
Land #17077 , Add support for AES keys for silver/golden ticket forging
2022-11-09 16:51:11 +00:00
23ff829e52
Add support for AES keys for silver/golden ticket forging
2022-11-09 13:01:13 +00:00
37fd441b0f
Land #17117 , Authenticate to Kerberos with PKINIT
2022-11-08 18:54:03 +01:00
946eb1e546
Add documentation
2022-11-07 20:19:43 +01:00
1307f01b76
Align with keytab instead of key_tab
2022-11-02 13:04:51 +00:00
7774b7ddcf
Merge remote-tracking branch 'upstream/master' into merge-6.2.25-master-into-kerberos-feature-branch
2022-10-31 23:15:11 +00:00
a8f81fe14c
Add RBCD module docs
2022-10-31 10:56:17 -04:00
fa7d677d45
Consolidate and improve LDAP error handling
2022-10-31 10:56:17 -04:00
09e740d48d
Changes from code review
2022-10-17 17:19:50 +11:00
80bb1867bc
Added documentation for the module
2022-10-07 14:24:37 +11:00
5d345e6689
Merge branch 'upstream-master' into feature-kerberos-authentication
2022-09-29 16:42:58 +01:00
2958a43a6a
Update to reflect fact that bug is an improper authentication logic bug and to randomize password for auth parameter since it is ignored
2022-09-23 12:19:29 -05:00
f2d357eda1
updated documentation with camera specifications
2022-09-23 09:38:37 -05:00
edc37835e5
Add more nil checks in, update some of the check code to catch an edge case, update notes to account for indicators of compromise, and fix some extra issues noticed on second round of review
2022-09-23 09:38:35 -05:00
3ca34568c2
Clean up some of the documentation and module code and descriptions
2022-09-23 09:38:12 -05:00
5ed7ff7f52
init commit module and documentation
2022-09-23 09:38:05 -05:00
50685161ef
Allow user_id to be configurable in ticket forging
2022-09-22 14:18:17 +01:00
c5c4cc0ebb
Fix a small doc typo left over from the rename
2022-09-15 08:58:16 -04:00
3891413f92
Update documentation
2022-09-14 17:20:57 +01:00
edef4022cd
Add documentation for kerberos ticket forging
2022-09-02 16:36:40 +01:00
adfoster-r7