Posts by Christophe De La Fuente

2 min Metasploit

Metasploit Wrap-Up

This week's edition: Baron Samedit 'sudo' exploit module, OneDrive sync enumeration, and WP credential gathering via Abandoned Cart plugin.

3 min Metasploit

Metasploit Wrap-Up

Five new modules, and a reminder for the upcoming CTF

2 min Metasploit

Metasploit Wrap-Up

Give me your hash This week, community contributor HynekPetrak [https://github.com/HynekPetrak] added a new module [https://github.com/rapid7/metasploit-framework/pull/13906] for dumping passwords and hashes stored as attributes in LDAP servers. It uses an LDAP connection to retrieve data from an LDAP server and then harvests user credentials in specific attributes. This module can be used against any kind of LDAP server with either anonymous or authenticated bind. Particularly, it can be used

3 min Metasploit Weekly Wrapup

Metasploit Wrap-Up

This week's release includes a local privilege escalation exploit for VMware Fusion through 11.5.3 on OS X, as well as RCE on Apache Solr and DNN cookie deserialization.

3 min Metasploit

Metasploit Wrap-Up

Powershell Express Delivery The web_delivery module [https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/script/web_delivery.rb] is often used to deliver a payload during post exploitation by quickly firing up a local web server. Since it does not write anything on target’s disk, payloads are less likely to be caught by anti-virus protections. However, since Microsoft added Antimalware Scan Interface (AMSI) [https://docs.microsoft.com/en-us/windows/win32/amsi/antim