662c8bbd87
Land #16742 , add NetScaler decrypt aux module
...
This aux module allows users to decrypt secrets
in Citrix NetScaler appliance configuration files
2022-07-13 14:00:43 -04:00
8f3a0e3856
Land #16742 , add NetScaler decrypt aux module
...
This aux module allows users to decrypt secrets
in Citrix NetScaler appliance configuration files
2022-07-13 12:11:02 -04:00
9a6013b153
citrix_netscaler_config_decrypt refinements
...
Refactor error handling when composing KEK fragments to be more
streamlined.
Various tweaks and optimizations.
Updates to documentatation.
2022-07-13 08:36:18 -04:00
3f52cc80a2
Update documentation/modules/auxiliary/admin/citrix/citrix_netscaler_config_decrypt.md
...
Co-authored-by: Spencer McIntyre <58950994+smcintyre-r7@users.noreply.github.com >
2022-07-13 07:57:06 -04:00
789397a445
citrix_netscaler_config_decrypt tweaks
...
Minor code tweaks and updates to documentation
2022-07-03 08:21:58 -04:00
0d19e47b8d
Land #16677 , Add module for adding/deleting computers via MS-SAMR
2022-06-30 12:12:26 +02:00
41ba2d263b
Address PR feedback
...
Simplify the application_key usage, update docs and catch another
exception.
2022-06-28 11:53:05 -04:00
37234985e6
citrix_netscaler_config_decrypt Aux Module
...
Added an aux module that can perform offline decryption of NetScaler
config files. The module is able to decrypt secrets using well-known
static keys as well as the new Key Encryption Key (KEK) scheme.
This is the initial commit, and some functionality is lacking: there is
currently no loot storage of secrets, and the module cannot decrypt
-passcrypt entries from legacy configuration files.
2022-06-15 11:03:28 -04:00
825604dda9
Add docs and a configurable password
2022-06-15 08:51:47 -04:00
f6bd8fd020
Land #16571 , Vcenter offline mdb extract
...
Merge branch 'land-16571' into upstream-master
2022-06-13 10:32:07 -05:00
02e7a65b93
Just move the auxiliary module into an exploit
2022-05-16 17:44:31 -04:00
8b502d074f
vcenter_offline_mdb_extract aux module
...
Add new aux module vcenter_offline_mdb_extract for extracting IdP
credentials, certificates and keys from a vCenter backup file.
Added module documentation.
2022-05-13 15:57:59 -04:00
ecec8a5993
Clean up unrelated files.
2022-05-13 15:53:40 -04:00
3e07b8c99b
Refactor MKI vcenter_forge_saml_token.rb
...
Extensive refactoring to move away from directly manipulating datastore
options and use local variables instead.
The initial template generation method has been redesigned to use an
external file via Erubi::Engine which is much cleaner vs. jamming a
multiline string into the module.
Response HTML from vCenter is now parsed with Nokogiri HTML vs. pulling
it out with regex.
Registered options have been reworked, following suggestions and
feedback. The use of VHOST in particular eliminates the need to pass
RHOSTS to the template and makes the module behave more closely to "real"
vCenter (i.e., always uses FQDN for the destination).
Added advanced datastore options to control the token lifetime
NOT_BEFORE and NOT_AFTER skew, in seconds. This also uncovered a bug with
the way I was deriving Zulu time which skewed based on the local system
time zone offset from Zulu; this has been fixed.
Corrected a stupid typo in the validate_fqdn method (don't need to check
for capital letters if the test string is always downcase...)
validate_idp_options now uses File.binread and can process certs in keys
in DER or PEM instead of just PEM.
Code optimization, particularly around error handling; other minor
tweaks based on improved understanding of the Framework's capabilities.
Many style changes and modifications based on suggestions and feedback.
Documentation was updated to reflect reality.
2022-04-23 19:42:24 -04:00
2e7ae40fcb
Revise vcenter_secrets_dump
2022-04-21 09:51:51 -04:00
925df9dc87
Update markup document
2022-04-21 09:41:09 -04:00
30aaea9350
Add vcenter_forge_saml_token aux module
2022-04-21 09:25:35 -04:00
86cad29799
wp masterstudy review
2022-03-06 08:07:20 -05:00
2195edbb8d
masterstudy privesc
2022-02-25 16:36:47 -05:00
f99438b9d1
Add target security settings info to the documentation
2022-02-07 16:48:34 +01:00
e10331b22d
Land #15656 , Allow authenticated user creation in vmware_vcenter_vmdir_auth_bypass
2022-01-13 17:04:12 +01:00
b0743e15d9
Update documentation and fix vulnarable/non-vulnerable status message
2022-01-12 16:51:40 +01:00
bb00575acb
add command for starting docker env
2022-01-11 17:07:36 -06:00
87031de384
fix doc numbering
2022-01-02 11:57:32 -05:00
8a1ac9d51d
move pihole docs
2022-01-02 11:56:04 -05:00
c3e0f455ec
some cleanup for rubocop
2021-12-30 15:35:22 -05:00
b39196fd0f
review comments
2021-11-04 15:28:05 -04:00
1e9af10a21
pr review
2021-10-21 17:25:14 -04:00
5235f69e7e
update wp_automatic docs
2021-10-17 15:38:38 -04:00
165acca028
wp_automatic_plugin
2021-10-17 13:04:38 -04:00
43d77d63ce
ghostcat meta updates
2021-10-03 16:30:12 -04:00
9deffb1848
Fix up a bug and resolve Christophe's review comments
2021-09-23 16:45:15 -05:00
061240367d
Push up changes to support saving WiFi credentials captured to the database, as well as to fix issues noticed during the review process
2021-09-23 13:31:27 -05:00
1ca075fb4f
Fix up RuboCop issues
2021-09-22 14:06:06 -05:00
d4474b0706
Add in refined XPATH searches to module, ability to automatically get a session, improved error handling, documenation for module, and general improvements
2021-09-22 14:01:49 -05:00
a518fcac98
Add in timeout to 10th and final request to prevent module from throwing errors like it isn't working when it really is
2021-07-28 11:32:47 -05:00
a53411229f
Move files over to start work on converting this into an auxiliary module
2021-07-27 13:00:17 -05:00
c593ec9e8f
Fix the markdown formatting in the module docs
2021-07-12 15:03:39 -04:00
e155bb64cd
Improved check method for PrintNightmare
2021-07-09 12:15:39 -04:00
70fd9376e3
Final documentation improvements to explain SMB setup and improvements to module to fix one minor error output
2021-07-07 17:05:22 -05:00
f42aa3742c
Automatically reconnect to the named pipe
2021-07-07 13:25:51 -04:00
d5d48949b2
Update PrintNightmare module docs
2021-07-06 16:30:51 -04:00
9c6b023b0d
Add PrintNightmare module docs
2021-07-02 16:00:39 -04:00
fe6b725d3f
Update the documentation and fix a couple of bugs
2021-06-24 11:19:26 -04:00
5ac025477a
parent e7983c3b6f
...
author Yann Castel <yann.castel@orange.com > 1622466490 +0200
committer Spencer McIntyre <Spencer_McIntyre@rapid7.com > 1624547674 -0400
Add an exploit for CVE-2019-15975 (Cisco DCNM)
add documentation
passed rubocop
edit documentation
set ssl to true by default
edit documentation
rubocop again
int return code was replaced by symbols
Update modules/auxiliary/admin/networking/cisco_dcnm_auth_bypass.rb
Co-authored-by: Spencer McIntyre <58950994+smcintyre-r7@users.noreply.github.com >
rubocop ok
various changes
Update modules/auxiliary/admin/networking/cisco_dcnm_auth_bypass.rb
Co-authored-by: Spencer McIntyre <58950994+smcintyre-r7@users.noreply.github.com >
Update modules/auxiliary/admin/networking/cisco_dcnm_auth_bypass.rb
Co-authored-by: Spencer McIntyre <58950994+smcintyre-r7@users.noreply.github.com >
various changes 2
various changes
Update modules/auxiliary/admin/networking/cisco_dcnm_auth_bypass.rb
Co-authored-by: Spencer McIntyre <58950994+smcintyre-r7@users.noreply.github.com >
adding some guards + module notes
2021-06-24 11:19:25 -04:00
c4f88e35ba
Land #14622 , add the sp_oacreate technique to the mssql_exec module
2021-04-12 15:00:15 -04:00
ef82219235
Update the mssql_exec docs and some verbiage
2021-04-12 14:52:13 -04:00
75aba6707b
modify original module, add technique option
2021-04-11 22:16:15 +02:00
7c23f7f546
Fix a minor issue where one command wasn't properly documented in a manner that allowed for easy copy and pasting
2021-04-09 16:29:24 -05:00
608ac3a0b7
Update module description to clean it up and also add documentation for uncommon options
2021-04-09 16:09:02 -05:00
Jack Heysel