4 matches found
Metasploit Weekly Wrap-Up 01/31/25
ESC4 Detection This week, Metasploit’s jheysel-r7 updated the existing ldapescvulnerablecertfinder module to include detecting template objects that can be written to by the authenticated user. This means the module can now identify instances of ESC4 from the perspective of the account that the...
AD CS Certificate Template Management
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'AD CS Certificate Template Management', 'Description' = %q This module can create, read, update, and delete AD CS certificate templates from a...
Metasploit Weekly Wrap-Up
AD CS certificate templates Our very own Spencer McIntyre has developed a new module that allows for creating, reading, updating and deleting certificate template objects from Active Directory. ESC4 Exploitation These changes notably enables the exploitation of the technique identified as ESC4...
AD CS Certificate Template Management
This module can create, read, update, and delete AD CS certificate templates from a Active Directory Domain Controller. The READ, UPDATE, and DELETE actions will write a copy of the certificate template to disk that can be restored using the CREATE or UPDATE actions. The CREATE and UPDATE actions...