2 min
Metasploit
Metasploit Weekly Wrap-Up: 6/24/22
Add Windows target support for the Confluence OGNL injection module
Improves the exploit/multi/http/atlassian_confluence_namespace_ognl_injection
module to support Windows server targets. This new target can be used to run
payloads in memory with Powershell using the new payload adapters or drop an
executable to disk. Once a Meterpreter session is obtained, getsystem can be
used to escalate to NT AUTHORITY\SYSTEM using the RPCSS technique (#5) since
Confluence service runs as NETWORK SERVICE by
3 min
Metasploit
Metasploit Wrap-Up: Jan. 7, 2022
Dump Windows secrets from Active Directory
This week, our very own Christophe De La Fuente
[https://github.com/cdelafuente-r7] added an important update
[https://github.com/rapid7/metasploit-framework/pull/15924] to the existing
Windows Secret Dump module. It is now able to dump secrets from Active
Directory, which will be very useful for Metasploit users. This new feature uses
the Directory Replication Service through RPC to retrieve data such as SIDs,
password history, Domain user NTLM hashes
3 min
Metasploit Weekly Wrapup
Metasploit Wrap-Up: 10/1/21
More post modules than we've ever put out in a single release before, courtesy of a university project to add credential gathering capabilities based on the PackRat toolset.