Posts tagged Metasploit

3 min Metasploit

Metasploit Wrap-Up 05/17/2024

LDAP Authentication Improvements This week, in Metasploit v6.4.9、团队增加了多个改进 LDAP related attacks. 与身份验证相关的两个改进是新的 support for Signing [http://github.com/rapid7/metasploit-framework/pull/19127] and Channel Binding [http://github.com/rapid7/metasploit-framework/pull/19132]. Microsoft has been making changes [http://support.microsoft.com/en gb/topic/2020 - 2023和- 2024 - ldap通道绑定-和- ldap -签署要求

2 min Metasploit

Metasploit Wrap-Up 05/10/2024

Password Spraying support 多个暴力破解/登录扫描模块已经更新,以支持 PASSWORD_SPRAY module option. 这项工作在pull request #19079中完成 [http://github.从nrathaus [http://github.com . nrathaus]以及我们的 developers [http://github.com/rapid7/metasploit-framework/pull/19158] . When 设置密码喷洒选项,尝试用户和密码的顺序 attempts are changed

2 min Metasploit

Metasploit Weekly Wrap-Up 05/03/24

Dump secrets inline 本周,我们自己的cdelafuente-r7 [http://github].com/cdelafuente-r7] added 这是对著名的Windows Secrets Dump模块的重大改进 [http://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/gather/windows_secrets_dump.rb] 在转储SAM哈希、LSA秘密和缓存时减少内存占用 credentials. 该模块现在直接读取Windows注册表远程 无需将完整的注册表项转储到磁盘并解析

4 min Metasploit

Metasploit Weekly Wrap-Up 04/26/24

Rancher Modules 本周,Metasploit社区成员h00die [http://github].com/h00die] added 针对Rancher实例的两个模块中的第二个. These modules each leak 来自应用程序易受攻击实例的敏感信息 intended to manage Kubernetes clusters. These are a great addition to Metasploit对测试Kubernetes环境的覆盖 [http://docs.metasploit.com/docs/pentesting/metasploit-guide-kubernetes.html]. PAN-OS RCE Metasploit also released an e

2 min Events

5月21日召开指挥峰会:将违规行为从不可避免变为可预防

与AWS合作举办的为期一天的虚拟峰会Take Command现已开放注册. You’ll get new attack intelligence, insight into AI disruption, transparent MDR partnerships, and more.

2 min Metasploit

Metasploit Weekly Wrap-Up 04/19/24

Welcome Ryan and the new CrushFTP module 并不是每周我们都会在框架中添加一个很棒的新漏洞利用模块 将漏洞的原始发现者也添加到Rapid7团队中. 我们非常高兴地欢迎Ryan Emmons加入紧急威胁响应小组, 在Rapid7与Metasploit合作. Ryan discovered an Improperly 动态确定对象属性的受控修改 10之前版本中的CrushFTP漏洞(CVE-2023-43177).5.1 whic

3 min Metasploit

Metasploit Weekly Wrap-Up 04/12/24

Account Takeover using Shadow Credentials Metasploit框架的新版本包括一个Shadow Credentials模块 added by smashery [http://github.com/rapid7/metasploit-framework/pull/19051] 用于可靠地接管Active Directory用户帐户或计算机,以及 让未来的身份验证以该帐户进行. This can be chained 与Metasploit框架中的其他模块(如windows_secrets_dump)一起使用. Details 该模块针对的是一个“受害者”账户

3 min Metasploit

Metasploit Weekly Wrap-Up 04/05/2024

New ESC4 Templates for AD CS Metasploit added capabilities [http://docs.metasploit.com/docs/pentesting/active-directory/ad-certificates/attacking-ad-cs-esc-vulnerabilities.html] 利用了Metasploit 6中AD CS的ESC系列缺陷.3. The ESC4 技术的支持已经有一段时间了,这要感谢 Ad_cs_cert_templates模块,允许用户读写证书 template objects. 这有利于ESC4的开发 misconfiguration in

3 min Metasploit

Metasploit Weekly Wrap-Up 03/29/2024

Metasploit增加了三个新的漏洞利用模块,包括SharePoint的RCE.

12 min Metasploit

Metasploit Framework 6.4 Released

今天,Metasploit很高兴地宣布发布Metasploit框架 6.4. 从第6版发布到现在已经一年多了.3 [http://fzqsjw.pitchplaypro.com/blog/post/2023/01/30/metasploit-framework-6-3-released/] 从那时起,该团队增加了许多新功能和改进. 新闻记者请联系press@pitchplaypro.com. Kerberos Improvements Metasploit 6.3中包含了对Kerberos身份验证的初始支持 Metasploit和是其中一个较大的功能

2 min Metasploit

Metasploit Weekly Wrap-Up 03/22/2024

New module content (1) OpenNMS Horizon Authenticated RCE Author: Erik Wynter Type: Exploit Pull request: #18618 [http://github.com/rapid7/metasploit-framework/pull/18618] contributed by ErikWynter [http://github.com/ErikWynter] 路径:linux / http / opennms_horizon_authenticated_rce AttackerKB reference: CVE-2023-0872 [http://attackerkb.com/search?q=CVE-2023-0872?referrer=blog] 描述:该模块利用了OpenNMS Horizon中的内置功能 order to execute arbitrary commands as t

2 min Metasploit

Metasploit Wrap-Up 03/15/2024

New module content (3) GitLab Password Reset Account Takeover Authors: asterion04 and h00die Type: Auxiliary Pull request: #18716 [http://github.com/rapid7/metasploit-framework/pull/18716] contributed by h00die [http://github.com/h00die] 路径:admin / http / gitlab_password_reset_account_takeover AttackerKB reference: CVE-2023-7028 [http://attackerkb.com/search?q=CVE-2023-7028?referrer=blog] 描述:这增加了一个利用帐户接管的漏洞利用模块 vulnerability to take contr

3 min Metasploit

Metasploit Wrap-Up 03/08/2024

New module content (2) GitLab Tags RSS feed email disclosure Authors: erruquill and n00bhaxor Type: Auxiliary Pull request: #18821 [http://github.com/rapid7/metasploit-framework/pull/18821] contributed by n00bhaxor [http://github.com/n00bhaxor] 路径:收集/ gitlab_tags_rss_feed_email_disclosure AttackerKB reference: CVE-2023-5612 [http://attackerkb.com/search?q=CVE-2023-5612?referrer=blog] 说明:增加一个辅助模块,利用信息 disclosure vulnerability (CVE

2 min Metasploit

Metasploit Weekly Wrap-Up 03/01/2024

Metasploit为ConnectWise ScreenConnect添加了一个RCE漏洞,并为利用ESC13添加了新的文档.

4 min Metasploit

Metasploit Weekly Wrap-Up 02/23/2024

LDAP Capture module Metasploit现在有了一个LDAP捕获模块 JustAnda7 [http://github.com/JustAnda7]. This work was completed as part of the Google Summer of Code program. 当模块运行时,默认情况下它将需要特权来监听端口 389. 该模块实现了BindRequest的默认实现, SearchRequest、UnbindRequest,并将捕获明文凭证和 NTLM hashes which can be brute-forced offline. Upon receiving a successful Bin