Skip to content

Commit

Permalink
automatic module_metadata_base.json update
Browse files Browse the repository at this point in the history
  • Loading branch information
msjenkins-r7 committed Feb 28, 2024
1 parent 26214cb commit 42255a2
Showing 1 changed file with 7 additions and 5 deletions.
12 changes: 7 additions & 5 deletions db/modules_metadata_base.json
Original file line number Diff line number Diff line change
Expand Up @@ -6359,7 +6359,7 @@

],
"targets": null,
"mod_time": "2023-05-04 09:17:16 +0000",
"mod_time": "2024-02-16 16:53:07 +0000",
"path": "/modules/auxiliary/admin/ldap/ad_cs_cert_template.rb",
"is_install_path": true,
"ref_name": "admin/ldap/ad_cs_cert_template",
Expand Down Expand Up @@ -22877,11 +22877,13 @@
"disclosure_date": "2021-06-17",
"type": "auxiliary",
"author": [
"Grant Willcox"
"Grant Willcox",
"Spencer McIntyre"
],
"description": "This module allows users to query a LDAP server for vulnerable certificate\n templates and will print these certificates out in a table along with which\n attack they are vulnerable to and the SIDs that can be used to enroll in that\n certificate template.\n\n Additionally the module will also print out a list of known certificate servers\n along with info about which vulnerable certificate templates the certificate server\n allows enrollment in and which SIDs are authorized to use that certificate server to\n perform this enrollment operation.\n\n Currently the module is capable of checking for ESC1, ESC2, and ESC3 vulnerable certificates.",
"description": "This module allows users to query a LDAP server for vulnerable certificate\n templates and will print these certificates out in a table along with which\n attack they are vulnerable to and the SIDs that can be used to enroll in that\n certificate template.\n\n Additionally the module will also print out a list of known certificate servers\n along with info about which vulnerable certificate templates the certificate server\n allows enrollment in and which SIDs are authorized to use that certificate server to\n perform this enrollment operation.\n\n Currently the module is capable of checking for certificates that are vulnerable to ESC1, ESC2, ESC3, and\n ESC13. The module is limited to checking for these techniques due to them being identifiable remotely from a\n normal user account by analyzing the objects in LDAP.",
"references": [

"URL-https://posts.specterops.io/certified-pre-owned-d95910965cd2",
"URL-https://posts.specterops.io/adcs-esc13-abuse-technique-fda4272fbd53"
],
"platform": "",
"arch": "",
Expand All @@ -22893,7 +22895,7 @@

],
"targets": null,
"mod_time": "2023-05-08 16:43:26 +0000",
"mod_time": "2024-02-21 17:01:41 +0000",
"path": "/modules/auxiliary/gather/ldap_esc_vulnerable_cert_finder.rb",
"is_install_path": true,
"ref_name": "gather/ldap_esc_vulnerable_cert_finder",
Expand Down

0 comments on commit 42255a2

Please sign in to comment.