Pro: We added a warning to the report configuration view when a project does not contain the required data to generate a selected report.
Pro: Improved project members section of settings page.
PR 17458 - Updates the
exploit/multi/misc/weblogic_deserialize_badattrvalmodule to enable support for SSL/TLS.
PR 17724 - Updates the
modules/auxiliary/admin/kerberos/forge_ticket.rbmodule with a new
IncludeTicketChecksumoption. When set to true the forged PAC will include the PAC_TICKET_CHECKSUM required in newer Windows AD implementations.
PR 17753 - Updates the
auxiliary/admin/kerberos/get_ticketmodule to support using forged golden tickets. Users can now provide the Krb5Ccname option to supply the Kerberos TGT to use when requesting the service ticket. If unset, the database will be checked for a valid TGT as normal.
PR 17789 - This PR add enhancements to the proftpd_modcopy_exec module. Enhancements include documentation, notes, a reference URL, and a few general code improvements to the check and exploit methods.
PR 17813 - This sets the
CHECK_FALSEoption to true by default so that the
auxiliary/scanner/ssh/ssh_enumusersscanner module will bail upon detecting false positive results.
PR 17833 - Updates the Metasploit RPC module.info command response to include whether or not the module supports a check method.
Pro: We improved task chain cloning to support when the original creator's user no longer exists.
PR 17704 - Fixes a crash in
multi/http/solr_velocity_rcethat was discovered when targeting a machine running Apache Solr 8.3.0 on Linux that required authentication.
PR 17778 - Updates the Metasploit database migration code to no longer break the test suite when running locally.
PR 17808 - Updates multiple broken Secunia references in modules with equivalent links found within Wayback Machine - a digital archive of the world wide web founded by the Internet Archive.
PR 17818 - This PR fixes a crash in the RPC job info command.
PR 17823 - This fixes an issue in the
checkmethod where targets with files containing no PHP code were falsely reported as safe.
PR 17825 - Fixes broken documentation references in the
PR 17830 - Fixes a crash when parsing dates in
PR 17831 - Fixes broken documentation references in the
PR 17835 - Fixes a bug in
bypass_authmethod would break if a user supplied a
TARGETURIpath without a trailing
PR 17844 - Fixes broken documentation references in the
PR 17785 - This adds an exploit for an authenticated .NET deserialization vulnerability that affects the SolarWinds Information Service (SWIS) component within SolarWinds. The SWIS component will deserialize messages received by the AMQP message queue, resulting in command execution as NT AUTHORITY\SYSTEM.
PR 17806 - This module exploits an undocumented backdoor vulnerability in the Optergy Proton and Enterprise Building Management System (BMS) applications.
PR 17826 - This PR adds an exploit module for CVE-2023-21768 that achieves local privilege escalation on Windows 11 2H22.
PR 17827 - This adds a scanner module that extracts version information from AMQP protocol servers.
PR 17828 - This adds a login scanner module for AMQP services.