automatic module_metadata_base.json update
This commit is contained in:
parent
8f5052f2e7
commit
0b610e4255
|
@ -6129,7 +6129,7 @@
|
|||
|
||||
],
|
||||
"targets": null,
|
||||
"mod_time": "2023-03-09 02:09:29 +0000",
|
||||
"mod_time": "2024-04-02 15:29:47 +0000",
|
||||
"path": "/modules/auxiliary/admin/kerberos/get_ticket.rb",
|
||||
"is_install_path": true,
|
||||
"ref_name": "admin/kerberos/get_ticket",
|
||||
|
@ -6528,6 +6528,73 @@
|
|||
}
|
||||
]
|
||||
},
|
||||
"auxiliary_admin/ldap/shadow_credentials": {
|
||||
"name": "Shadow Credentials",
|
||||
"fullname": "auxiliary/admin/ldap/shadow_credentials",
|
||||
"aliases": [
|
||||
|
||||
],
|
||||
"rank": 300,
|
||||
"disclosure_date": null,
|
||||
"type": "auxiliary",
|
||||
"author": [
|
||||
"Elad Shamir",
|
||||
"smashery"
|
||||
],
|
||||
"description": "This module can read and write the necessary LDAP attributes to configure a particular account with a\n Key Credential Link. This allows weaponising write access to a user account by adding a certificate\n that can subsequently be used to authenticate. In order for this to succeed, the authenticated user\n must have write access to the target object (the object specified in TARGET_USER).",
|
||||
"references": [
|
||||
"URL-https://posts.specterops.io/shadow-credentials-abusing-key-trust-account-mapping-for-takeover-8ee1a53566ab",
|
||||
"URL-https://www.ired.team/offensive-security-experiments/active-directory-kerberos-abuse/shadow-credentials"
|
||||
],
|
||||
"platform": "",
|
||||
"arch": "",
|
||||
"rport": 389,
|
||||
"autofilter_ports": [
|
||||
|
||||
],
|
||||
"autofilter_services": [
|
||||
|
||||
],
|
||||
"targets": null,
|
||||
"mod_time": "2024-04-09 07:53:26 +0000",
|
||||
"path": "/modules/auxiliary/admin/ldap/shadow_credentials.rb",
|
||||
"is_install_path": true,
|
||||
"ref_name": "admin/ldap/shadow_credentials",
|
||||
"check": false,
|
||||
"post_auth": true,
|
||||
"default_credential": false,
|
||||
"notes": {
|
||||
"Stability": [
|
||||
|
||||
],
|
||||
"SideEffects": [
|
||||
"config-changes"
|
||||
],
|
||||
"Reliability": [
|
||||
|
||||
]
|
||||
},
|
||||
"session_types": false,
|
||||
"needs_cleanup": false,
|
||||
"actions": [
|
||||
{
|
||||
"name": "ADD",
|
||||
"description": "Add a credential to the account"
|
||||
},
|
||||
{
|
||||
"name": "FLUSH",
|
||||
"description": "Delete all certificate entries"
|
||||
},
|
||||
{
|
||||
"name": "LIST",
|
||||
"description": "Read all credentials associated with the account"
|
||||
},
|
||||
{
|
||||
"name": "REMOVE",
|
||||
"description": "Remove matching certificate entries from the account object"
|
||||
}
|
||||
]
|
||||
},
|
||||
"auxiliary_admin/ldap/vmware_vcenter_vmdir_auth_bypass": {
|
||||
"name": "VMware vCenter Server vmdir Authentication Bypass",
|
||||
"fullname": "auxiliary/admin/ldap/vmware_vcenter_vmdir_auth_bypass",
|
||||
|
|
Loading…
Reference in New Issue