Posts by Simon Janusz

3 min Metasploit

Metasploit Weekly Wrap-Up 04/12/24

Account Takeover using Shadow Credentials The new release of Metasploit Framework includes a Shadow Credentials module added by smashery [] used for reliably taking over an Active Directory user account or computer, and letting future authentication to happen as that account. This can be chained with other modules present in Metasploit Framework such as windows_secrets_dump. Details The module targets a ‘victim’ account that is part of a

2 min Metasploit

Metasploit Weekly Wrap-Up 02/02/2024

Shared RubySMB Service Improvements This week’s updates include improvements to [] Metasploit Framework’s SMB server implementation: the SMB server can now be reused across various SMB modules, which are now able to register their own unique shares and files. SMB modules can also now be executed concurrently. Currently, there are 15 SMB modules in Metasploit Framework that utilize this feature. New module content (2) Mirth Connect Deseria

3 min Metasploit Weekly Wrapup

Metasploit Wrap-Up: 4/8/22

Five new modules targeting Windows, Linux, macOS, and more. Plus, updates to the Log4Shell scanner and a new Windows Meterpreter option to enable additional logging visible in DbgView

3 min Metasploit Weekly Wrapup

Metasploit Weekly Wrap-Up: 1/14/22

Five new modules, including exploits for Log4Shell and SonicWall SMA 100 series devices, plus a new Meterpreter command that allows users to kill all channels at once.

2 min Metasploit Weekly Wrapup

Metasploit Wrap-Up: 10/8/21

New modules for vCenter Server and Linux Netfilter, plus fixes and enhancements.