Posts tagged Metasploit Weekly Wrapup

2 min Metasploit

Metasploit Wrap-Up 05/10/2024

Password Spraying support 多个暴力破解/登录扫描模块已经更新,以支持 PASSWORD_SPRAY module option. This work was completed in pull request #19079 [http://github.从nrathaus [http://github.com . nrathaus]以及我们的 developers [http://github.com/rapid7/metasploit-framework/pull/19158] . When 设置密码喷洒选项,尝试用户和密码的顺序 attempts are changed
2 min Metasploit

Metasploit Weekly Wrap-Up 05/03/24

Dump secrets inline 本周,我们自己的cdelafuente-r7 [http://github].com/cdelafuente-r7] added 这是对著名的Windows Secrets Dump模块的重大改进 [http://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/gather/windows_secrets_dump.rb] 在转储SAM哈希、LSA秘密和缓存时减少内存占用 credentials. 该模块现在直接读取Windows注册表远程 无需将完整的注册表项转储到磁盘并解析
4 min Metasploit

Metasploit Weekly Wrap-Up 04/26/24

Rancher Modules 本周,Metasploit社区成员h00die [http://github].com/h00die] added 针对Rancher实例的两个模块中的第二个. These modules each leak 来自应用程序易受攻击实例的敏感信息 intended to manage Kubernetes clusters. These are a great addition to Metasploit对测试Kubernetes环境的覆盖 [http://docs.metasploit.com/docs/pentesting/metasploit-guide-kubernetes.html]. PAN-OS RCE Metasploit also released an e
2 min Metasploit

Metasploit Weekly Wrap-Up 04/19/24

Welcome Ryan and the new CrushFTP module 并不是每周我们都会在框架中添加一个很棒的新漏洞利用模块 将漏洞的原始发现者也添加到Rapid7团队中. 我们非常高兴地欢迎Ryan Emmons加入紧急威胁响应小组, 在Rapid7与Metasploit合作. Ryan discovered an Improperly 动态确定对象属性的受控修改 10之前版本中的CrushFTP漏洞(CVE-2023-43177).5.1 whic
3 min Metasploit

Metasploit Weekly Wrap-Up 04/12/24

Account Takeover using Shadow Credentials Metasploit框架的新版本包括一个Shadow Credentials模块 added by smashery [http://github.com/rapid7/metasploit-framework/pull/19051] 用于可靠地接管Active Directory用户帐户或计算机,以及 让未来的身份验证以该帐户进行. This can be chained 与Metasploit框架中的其他模块(如windows_secrets_dump)一起使用. Details 该模块针对的是一个“受害者”账户
3 min Metasploit

Metasploit Weekly Wrap-Up 04/05/2024

New ESC4 Templates for AD CS Metasploit added capabilities [http://docs.metasploit.com/docs/pentesting/active-directory/ad-certificates/attacking-ad-cs-esc-vulnerabilities.html] 利用了Metasploit 6中AD CS的ESC系列缺陷.3. The ESC4 技术的支持已经有一段时间了,这要感谢 Ad_cs_cert_templates模块,允许用户读写证书 template objects. 这有利于ESC4的开发 misconfiguration in
3 min Metasploit

Metasploit Weekly Wrap-Up 03/29/2024

Metasploit增加了三个新的漏洞利用模块,包括SharePoint的RCE.
2 min Metasploit

Metasploit Weekly Wrap-Up 03/22/2024

New module content (1) OpenNMS Horizon Authenticated RCE Author: Erik Wynter Type: Exploit Pull request: #18618 [http://github.com/rapid7/metasploit-framework/pull/18618] contributed by ErikWynter [http://github.com/ErikWynter] 路径:linux / http / opennms_horizon_authenticated_rce AttackerKB reference: CVE-2023-0872 [http://attackerkb.com/search?q=CVE-2023-0872?referrer=blog] 描述:该模块利用了OpenNMS Horizon中的内置功能 order to execute arbitrary commands as t
2 min Metasploit

Metasploit Wrap-Up 03/15/2024

New module content (3) GitLab Password Reset Account Takeover Authors: asterion04 and h00die Type: Auxiliary Pull request: #18716 [http://github.com/rapid7/metasploit-framework/pull/18716] contributed by h00die [http://github.com/h00die] 路径:admin / http / gitlab_password_reset_account_takeover AttackerKB reference: CVE-2023-7028 [http://attackerkb.com/search?q=CVE-2023-7028?referrer=blog] 描述:这增加了一个利用帐户接管的漏洞利用模块 vulnerability to take contr
3 min Metasploit

Metasploit Wrap-Up 03/08/2024

New module content (2) GitLab Tags RSS feed email disclosure Authors: erruquill and n00bhaxor Type: Auxiliary Pull request: #18821 [http://github.com/rapid7/metasploit-framework/pull/18821] contributed by n00bhaxor [http://github.com/n00bhaxor] 路径:收集/ gitlab_tags_rss_feed_email_disclosure AttackerKB reference: CVE-2023-5612 [http://attackerkb.com/search?q=CVE-2023-5612?referrer=blog] 说明:增加一个辅助模块,利用信息 disclosure vulnerability (CVE
2 min Metasploit

Metasploit Weekly Wrap-Up 03/01/2024

Metasploit为ConnectWise ScreenConnect添加了一个RCE漏洞,并为利用ESC13添加了新的文档.
4 min Metasploit

Metasploit Weekly Wrap-Up 02/23/2024

LDAP Capture module Metasploit现在有了一个LDAP捕获模块 JustAnda7 [http://github.com/JustAnda7]. This work was completed as part of the Google Summer of Code program. 当模块运行时,默认情况下它将需要特权来监听端口 389. 该模块实现了BindRequest的默认实现, SearchRequest、UnbindRequest,并将捕获明文凭证和 NTLM hashes which can be brute-forced offline. Upon receiving a successful Bin
5 min Metasploit

Metasploit Weekly Wrap-Up 02/16/2024

New Fetch Payload Metasploit发布新的获取有效负载已经快一年了 [http://me3l2xv.0662hao.com/blog/post/2023/05/25/fetch-payloads-a-shorter-path-from-command-injection-to-metasploit-session/] 从那时起,79个漏洞利用模块中有43个支持fetch payloads. 原来的有效载荷支持第二级的转移 HTTP, HTTPS and FTP. 本周,Metasploit已将该协议支持扩展到 包括SMB,允许使用rundll3运行有效负载
2 min Metasploit

Metasploit Weekly Wrap-Up 02/09/2024

Go go gadget Fortra GoAnywhere MFT Module 这个Metasploit版本包含了2024年最热门的一个模块 vulnerabilities to date: CVE-2024-0204. The path traversal vulnerability in Fortra GoAnywhere MFT允许未经身份验证的攻击者访问 InitialAccountSetup.在产品初始化期间使用的XHTML端点 setup to create the first administrator user. After setup has completed, this endpoint is supposed to be no longer available. Attackers can use this vulnerability

2 min Metasploit

Metasploit Weekly Wrap-Up 02/02/2024

Shared RubySMB Service Improvements This week’s updates include improvements to [http://github.com/rapid7/metasploit-framework/pull/18680] Metasploit 框架的SMB服务器实现:SMB服务器现在可以跨 各种SMB模块,它们现在能够注册它们自己唯一的共享和 files. SMB模块现在也可以并发执行. Currently, there are Metasploit框架中15个使用此特性的SMB模块. New module content (2) Mirth Connect Deseria

Popular Topics

Tags