Fri Sep 22 2023
Improved Ticket Forging
Metasploit’s admin/kerberos/forge_ticket module has been updated to work with Server 2022. In Windows Server 2022, Microsoft started requiring additional new PAC elements to be present - the PAC reques...
Fri Sep 15 2023
Flask Cookies
This week includes two modules related to Flask cookie signatures. One is specific to Apache Superset where session cookies can be resigned, allowing an attacker to elevate their privileges and dump the database...
Fri Sep 08 2023
New module content (4)
Roundcube TimeZone Authenticated File Disclosure
Authors: joel, stonepresto, and thomascube
Type: Auxiliary
Pull request: #18286 contributed by cudalac
Path: auxiliary/gather/roundcube_auth_file_read
At...