Lucene search
K

8 matches found

Rapid7 Blog
Rapid7 Blog
added 2024/05/03 6:29 p.m.31 views

Metasploit Weekly Wrap-Up 05/03/24

Dump secrets inline This week, our very own cdelafuente-r7 added a significant improvement to the well-known Windows Secrets Dump module to reduce the footprint when dumping SAM hashes, LSA secrets and cached credentials. The module is now directly reading the Windows Registry remotely without...

7.5CVSS9.6AI score0.95388EPSS
Exploits9
Rapid7 Blog
Rapid7 Blog
added 2024/02/02 8:14 p.m.50 views

Metasploit Weekly Wrap-Up 02/02/2024

Shared RubySMB Service Improvements This week’s updates include improvements to Metasploit Framework’s SMB server implementation: the SMB server can now be reused across various SMB modules, which are now able to register their own unique shares and files. SMB modules can also now be executed...

7.5CVSS9.6AI score0.97106EPSS
Exploits22
Metasploit
Metasploit
added 2022/07/16 5:42 p.m.329 views

DFSCoerce

Coerce an authentication attempt over SMB to other machines via MS-DFSNM methods. Module Options msf use auxiliary/scanner/dcerpc/dfscoerce msf auxiliarydfscoerce show actions ...actions... msf auxiliarydfscoerce set ACTION msf auxiliarydfscoerce show options ...show and set options... msf...

7.2AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2022/04/22 4:44 p.m.107 views

Metasploit Weekly Wrap-Up

ManageEngine ADSelfService Plus Authenticated RCE This module is pretty exciting for us because it's for a vulnerability discovered by our very own Rapid7 researchers Jake Baines, Hernan Diaz, Andrew Iwamaye, and Dan Kelly. The vulnerability allowed for attackers to leverage the "custom script"...

7.1CVSS0.5AI score0.70479EPSS
Exploits14
Rapid7 Blog
Rapid7 Blog
added 2022/04/08 5:50 p.m.599 views

Metasploit Wrap-Up

Windows Local Privilege Escalation for standard users In this week’s release, we have an exciting new module that has been added by our very own Grant Willcox which exploits CVE-2022-26904, and allows for normal users to execute code as NT AUTHORITY/SYSTEM on Windows machines from Windows 7 up to...

10CVSS0.8AI score0.68733EPSS
Exploits7
rapid7community
rapid7community
added 2017/04/03 5:4 p.m.17 views

Introducing RubySMB: The Protocol Library Nobody Else Wanted To Write

The Server Message Block SMB protocol family is arguably one of the most important network protocols to be conversant in as a security professional. It carries the capability for File and Print Sharing, remote process execution, and an entire system of Named Pipes that serve as access points to a...

7.9AI score
Exploits0
Metasploit
Metasploit
added 2016/06/08 5:16 p.m.67 views

SMB Share Enumeration

This module determines what shares are provided by the SMB service and which ones are readable/writable. It also collects additional information such as share types, directories, files, time stamps, etc. By default, a RubySMB netshareenumall request is done in order to retrieve share information,...

7AI score
Exploits0
Metasploit
Metasploit
added 2013/10/22 8:31 p.m.29 views

SMB File Delete Utility

This module deletes a file from a target share and path. The usual reason to use this module is to work around limitations in an existing SMB client that may not be able to take advantage of pass-the-hash style authentication. This module requires Metasploit: https://metasploit.com/download Curre...

7.1AI score
Exploits0
Rows per page
Query Builder