Metasploit Wrap-Up
This week's edition: Baron Samedit 'sudo' exploit module, OneDrive sync enumeration, and WP credential gathering via Abandoned Cart plugin.…
Metasploit Wrap-Up
Five new modules, and a reminder for the upcoming CTF…
Metasploit Wrap-Up
Give me your hash This week, community contributor HynekPetrak added a new module for dumping passwords and hashes stored as attributes in LDAP servers. It uses an LDAP connection to retrieve data from an LDAP server and then harvests user credentials in specific attributes. This…
Metasploit Wrap-Up
This week's release includes a local privilege escalation exploit for VMware Fusion through 11.5.3 on OS X, as well as RCE on Apache Solr and DNN cookie deserialization.…
Metasploit Wrap-Up
Powershell Express Delivery The web_delivery module is often used to deliver a payload during post exploitation by quickly firing up a local web server. Since it does not write anything on target’s disk, payloads are less likely to be caught by anti-virus protections.…