automatic module_metadata_base.json update

2024-04-09 09:30:32 -05:00 · 2024-04-09 09:30:32 -05:00 · 0b610e4255
parent 8f5052f2e7
commit 0b610e4255
1 changed files with 68 additions and 1 deletions
--- a/db/modules_metadata_base.json
+++ b/db/modules_metadata_base.json
@ -6129,7 +6129,7 @@

    ],
    "targets": null,
-    "mod_time": "2023-03-09 02:09:29 +0000",
+    "mod_time": "2024-04-02 15:29:47 +0000",
    "path": "/modules/auxiliary/admin/kerberos/get_ticket.rb",
    "is_install_path": true,
    "ref_name": "admin/kerberos/get_ticket",
@ -6528,6 +6528,73 @@
      }
    ]
  },
+  "auxiliary_admin/ldap/shadow_credentials": {
+    "name": "Shadow Credentials",
+    "fullname": "auxiliary/admin/ldap/shadow_credentials",
+    "aliases": [
+
+    ],
+    "rank": 300,
+    "disclosure_date": null,
+    "type": "auxiliary",
+    "author": [
+      "Elad Shamir",
+      "smashery"
+    ],
+    "description": "This module can read and write the necessary LDAP attributes to configure a particular account with a\n          Key Credential Link. This allows weaponising write access to a user account by adding a certificate\n          that can subsequently be used to authenticate. In order for this to succeed, the authenticated user\n          must have write access to the target object (the object specified in TARGET_USER).",
+    "references": [
+      "URL-https://posts.specterops.io/shadow-credentials-abusing-key-trust-account-mapping-for-takeover-8ee1a53566ab",
+      "URL-https://www.ired.team/offensive-security-experiments/active-directory-kerberos-abuse/shadow-credentials"
+    ],
+    "platform": "",
+    "arch": "",
+    "rport": 389,
+    "autofilter_ports": [
+
+    ],
+    "autofilter_services": [
+
+    ],
+    "targets": null,
+    "mod_time": "2024-04-09 07:53:26 +0000",
+    "path": "/modules/auxiliary/admin/ldap/shadow_credentials.rb",
+    "is_install_path": true,
+    "ref_name": "admin/ldap/shadow_credentials",
+    "check": false,
+    "post_auth": true,
+    "default_credential": false,
+    "notes": {
+      "Stability": [
+
+      ],
+      "SideEffects": [
+        "config-changes"
+      ],
+      "Reliability": [
+
+      ]
+    },
+    "session_types": false,
+    "needs_cleanup": false,
+    "actions": [
+      {
+        "name": "ADD",
+        "description": "Add a credential to the account"
+      },
+      {
+        "name": "FLUSH",
+        "description": "Delete all certificate entries"
+      },
+      {
+        "name": "LIST",
+        "description": "Read all credentials associated with the account"
+      },
+      {
+        "name": "REMOVE",
+        "description": "Remove matching certificate entries from the account object"
+      }
+    ]
+  },
  "auxiliary_admin/ldap/vmware_vcenter_vmdir_auth_bypass": {
    "name": "VMware vCenter Server vmdir Authentication Bypass",
    "fullname": "auxiliary/admin/ldap/vmware_vcenter_vmdir_auth_bypass",