dnrops
/
metasploit-framework
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

automatic module_metadata_base.json update

This commit is contained in:
Metasploit 2024-02-28 10:13:56 -06:00
parent 26214cbfd2
commit 42255a27a6
No known key found for this signature in database
GPG Key ID: CDFB5FA52007B954
1 changed files with 7 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
db/modules_metadata_base.json
View File

@ -6359,7 +6359,7 @@
],
"targets": null,
"mod_time": "2023-05-04 09:17:16 +0000",
"mod_time": "2024-02-16 16:53:07 +0000",
"path": "/modules/auxiliary/admin/ldap/ad_cs_cert_template.rb",
"is_install_path": true,
"ref_name": "admin/ldap/ad_cs_cert_template",
@ -22877,11 +22877,13 @@
"disclosure_date": "2021-06-17",
"type": "auxiliary",
"author": [
"Grant Willcox"
"Grant Willcox",
"Spencer McIntyre"
],
"description": "This module allows users to query a LDAP server for vulnerable certificate\n templates and will print these certificates out in a table along with which\n attack they are vulnerable to and the SIDs that can be used to enroll in that\n certificate template.\n\n Additionally the module will also print out a list of known certificate servers\n along with info about which vulnerable certificate templates the certificate server\n allows enrollment in and which SIDs are authorized to use that certificate server to\n perform this enrollment operation.\n\n Currently the module is capable of checking for ESC1, ESC2, and ESC3 vulnerable certificates.",
"description": "This module allows users to query a LDAP server for vulnerable certificate\n templates and will print these certificates out in a table along with which\n attack they are vulnerable to and the SIDs that can be used to enroll in that\n certificate template.\n\n Additionally the module will also print out a list of known certificate servers\n along with info about which vulnerable certificate templates the certificate server\n allows enrollment in and which SIDs are authorized to use that certificate server to\n perform this enrollment operation.\n\n Currently the module is capable of checking for certificates that are vulnerable to ESC1, ESC2, ESC3, and\n ESC13. The module is limited to checking for these techniques due to them being identifiable remotely from a\n normal user account by analyzing the objects in LDAP.",
"references": [
"URL-https://posts.specterops.io/certified-pre-owned-d95910965cd2",
"URL-https://posts.specterops.io/adcs-esc13-abuse-technique-fda4272fbd53"
],
"platform": "",
"arch": "",
@ -22893,7 +22895,7 @@
],
"targets": null,
"mod_time": "2023-05-08 16:43:26 +0000",
"mod_time": "2024-02-21 17:01:41 +0000",
"path": "/modules/auxiliary/gather/ldap_esc_vulnerable_cert_finder.rb",
"is_install_path": true,
"ref_name": "gather/ldap_esc_vulnerable_cert_finder",