Report CA and ADCS Template along with Pkcs12 in the database #19736
+144
−51
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
…base - Update the `creds` command to add Pkcs12 private credentials with metadata. - Update `ms_icpr` module to store metadata.
cdelafuente-r7
commented
Dec 16, 2024
| @@ -414,11 +420,13 @@ def creds_search(*args) | |||
| when 'password' | |||
| Metasploit::Credential::Password | |||
| when 'hash' | |||
| Metasploit::Credential::PasswordHash | |||
| Metasploit::Credential::NonreplayableHash | |||
There was a problem hiding this comment.
Apparently hash corresponds to a Nonreplayable hash instead of a PasswordHash. This change were required otherwise the specs were failing.
| # realm: nil, | ||
| # workspace: framework.db.workspace) | ||
| # end | ||
| let!(:ntlm_core) do |
There was a problem hiding this comment.
These tests are now working properly. I've added them back even if it is not related to the changes in this PR.
cdelafuente-r7
commented
Dec 16, 2024
Comment on lines
+6
to
+7
| gem 'metasploit-credential', git: 'https://github.com/cdelafuente-r7/metasploit-credential', branch: 'enh/MS-9710/add_pkcs12_metadata' | ||
|
|
There was a problem hiding this comment.
This will need to be reverted before landing.
There was a problem hiding this comment.
This file will need to be updated to point to the new metasploit-credential gem is available instead of the this feature branch.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This adds support to the new Pkcs12 data format added in rapid7/metasploit-credential#183. Now, the CA and ADCS template can be added to the Pkcs12 as metadata in the database.
This PR needs the
metasploit-credentialscounterpart be landed first. I have updated the Gemfile to point to the feature branch to be able to test it. This will need to be reverted before landing.Verification
Testing
auxiliary/admin/dcerpc/icpr_certFollow the instructions here to set up an AD CS server for testing purposes.
msfconsoleuse auxiliary/admin/dcerpc/icpr_certrun verbose=true CA=<CA name> RHOSTS=<remote host> username=<username> password=<user password> CERT_TEMPLATE=Usercredsreturns the generated Pkcs12irbinmsfconsolethe Pkcs12 model has the expected data format"msf_pkcs12:<base64 Pkcs12>:<CA>:<ADCS Template>"Testing
credscommandmsfconsolecreds add user:testuser pkcs12:<pkcs12 filepath> ca:myca adcs-template:OtherTemplateirbinmsfconsolethe Pkcs12 model has the expected data format"msf_pkcs12:<base64 Pkcs12>:<CA>:<ADCS Template>"