Posts tagged Metasploit

2 min Metasploit

Metasploit Weekly Wrap-Up 1/05/2024

New module content (2) Splunk __raw Server Info Disclosure Authors: KOF2002, h00die, and n00bhaxor Type: Auxiliary Pull request: #18635 [http://github.com/rapid7/metasploit-framework/pull/18635] contributed by n00bhaxor [http://github.com/n00bhaxor] Path: gather/splunk_raw_server_info 描述:此PR为已验证的Splunk信息添加一个模块 disclosure vulnerability. 该模块收集有关主机的信息 Splunk安装包括操作系统版本,构建,CP
8 min Metasploit

Metasploit 2023 Wrap-Up

随着2023年的结束,我们将再次回顾所有的变化 improvements to the Metasploit Framework. This year marked the 20th anniversary since Metasploit version 1.0 was committed [http://github.com/metasploit/framework1/commit/bdd5c00344bcdd49bf1d0df989a41f2734a497d6] 由于企业的蓬勃发展,该项目至今仍在积极维护和完善 community. Version 6.3 今年1月初,Metasploit发布了第6版.3 [http://kanz.ngskmc-eis.net/blog/post/2023/01/30/metasploit-f
2 min Metasploit

Metasploit Weekly Wrap-Up

Metasploit为glibc LPE CVE-2023-4911(又名Looney Tunables)和Confluence和Vinchin备份和恢复的RCE漏洞添加了漏洞利用内容.
3 min Metasploit

Metasploit Weekly Wrap-Up: Dec. 15, 2023

Continuing the 12th Labor of Metasploit Metasploit继续其艰巨的任务,增加我们的工具集驯服 Kerberos通过添加对AS_REP焙烧的支持,它允许检索 设置了“不需要Kerberos预认证”的用户的密码散列 on the domain controller. 该设置默认为关闭,但已启用 in some environments. 攻击者可以为启用该选项的任何用户请求散列,甚至更糟 (or better?) you can query the DC to determine

3 min Metasploit Weekly Wrapup

Metasploit Wrap-Up 12/8/2023

本周新增:一个OwnCloud收集模块和一个Docker cgroups容器escape. 另外,早期的特性允许用户搜索模块操作、目标和别名.

4 min Metasploit

Metasploit Weekly Wrap-Up

Customizable DNS resolution Contributor smashery [http://github.com/smashery] added a new dns command to Metasploit控制台,允许用户自定义DNS的行为 resolution. 与route命令类似,现在可以指定位置 应该发送DNS请求以避免任何信息泄漏. Before these changes, 框架使用默认的本地系统配置. Now, it is 可以根据匹配的规则指定应该查询哪个DNS服务器 sp
1 min Metasploit

Metasploit Wrap-up

Metasploit 6.3.发布了稳定性改进和模块修复
1 min Metasploit Weekly Wrapup

Metasploit Weekly Wrap-Up

Possible Web Service Removal Metasploit支持在本地数据库或远程web上运行 可以用MSFDB init——component webservice初始化的服务. Future Metasploit框架的版本可能会删除msfdb远程web服务. Users 利用此功能的人被邀请对当前的问题作出反应 GitHub [http://github.通知 the maintainers that the feature is used. New module content (1) ZoneMind
3 min Metasploit Weekly Wrapup

Metasploit Weekly Wrap-Up

Apache MQ和三个思科模块 本周的发布有很多新的内容和功能模块针对两个 最近受到大量关注的主要漏洞:CVE-2023-46604 targeting Apache MQ [http://kanz.ngskmc-eis.net/blog/post/2023/11/01/etr疑似-开发- - apache activemq - cve - 2023 46604/] 导致针对思科IOS XE操作系统的勒索软件部署和CVE-2023-20198 [http://kanz.ngskmc-eis.net/blog/post/2023/10/17/etr - cve - 2023 - 20198 -活动- exploitati
2 min Metasploit

Metasploit Weekly Wrap-Up

PTT for DCSync 本周,社区成员smashery [http://github].com/smashery] made an 改进了windows_secrets_dump模块,使其能够转储域 在使用Kerberos进行身份验证后,使用DCSync方法创建散列 ticket. 现在,如果用户拥有特权帐户的有效Kerberos票据, 他们可以使用DOMAIN操作运行windows_secrets_dump模块并获得 the desired information. No password required. This is particularly useful in workflows involving the exp
2 min Metasploit

Metasploit Weekly Wrap-Up

New module content (4) Atlassian Confluence数据中心和服务器身份验证绕过 Access Control Authors: Emir Polat and Unknown Type: Auxiliary Pull request: #18447 [http://github.com/rapid7/metasploit-framework/pull/18447] contributed by emirpolatt [http://github.com/emirpolatt] 路径:admin / http / atlassian_confluence_auth_bypass AttackerKB reference: CVE-2023-22515 [http://attackerkb.com/topics/Q5f0ItSzw5/cve-2023-22515?referrer=blog] Description: This adds an exploit for
4 min Metasploit

Metasploit Weekly Wrap-Up

That Privilege Escalation Escalated Quickly 此版本提供了一个利用CVE-2023-22515的模块 [http://kanz.ngskmc-eis.net/blog/post/2023/10/04/etr - cve - 2023 - 22515 - 0 -天-特权升级- -融合-服务器-和-数据- center/] , Atlassian内部部署的Confluence服务器中的一个漏洞首先被列为安全漏洞 权限升级,但很快被重新归类为“访问控制失效” with a CVSS score of 10. 该漏洞本身非常简单,易于使用 there was little surprise when
3 min Metasploit

Metasploit Weekly Wrap-Up

Pollution in Kibana This week, contributor h00die [http://github.com/h00die] added a module that 利用了Kibana在版本7之前的一个原型污染bug.6.3. 特别是,这个问题存在于升级助手中,使攻击者成为可能 to execute arbitrary code. 此漏洞可以通过发送 queries that sets a new constructor.prototype.sourceURL directly to Elastic or by using Kibana to submit the same queries. Note that Kibana needs to be restarted or wait for c
2 min Metasploit

Metasploit Weekly Wrap Up

New module content (3) LDAP Login Scanner Author: Dean Welch Type: Auxiliary Pull request: #18197 [http://github.com/rapid7/metasploit-framework/pull/18197] contributed by dwelch-r7 [http://github.com/dwelch-r7] Path: scanner/ldap/ldap_login 描述:此PR为LDAP添加了一个新的登录扫描模块. Login scanners 类是否提供了用于测试身份验证的功能 various different protocols and mechanisms. This LDAP login scanner supports multiple types of aut
3 min Metasploit

Metasploit Weekly Wrap-Up

TeamCity认证绕过和远程代码执行 本周发布的Metasploit包含了一个新模块 JetBrains TeamCity CI/CD服务器中的认证绕过. All versions of TeamCity prior to version 2023.05.4 are vulnerable to this issue. The 漏洞最初是由SonarSource和Metasploit发现的 模块是由Rapid7的首席安全研究员Stephen less开发的 另外发布了针对CVE-2023-4279攻击者知识库的技术分析

Popular Topics

Tags