module

Shadow Credentials

Try Surface Command
Back to search
Disclosed
N/A
Created
Apr 9, 2024

Description

This module can read and write the necessary LDAP attributes to configure a particular account with a
Key Credential Link. This allows weaponising write access to a user account by adding a certificate
that can subsequently be used to authenticate. In order for this to succeed, the authenticated user
must have write access to the target object (the object specified in TARGET_USER).

Authors

Elad Shamir
smashery

References

Module Options

To display the available options, load the module within the Metasploit console and run the commands 'show options' or 'show advanced':


    msf > use auxiliary/admin/ldap/shadow_credentials
    msf auxiliary(shadow_credentials) > show actions
        ...actions...
    msf auxiliary(shadow_credentials) > set ACTION < action-name >
    msf auxiliary(shadow_credentials) > show options
        ...show and set options...
    msf auxiliary(shadow_credentials) > run
Title
NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today