Skip to content

Commit f39bc72

Browse files
msjenkins-r7msjenkins-r7
committed
automatic module_metadata_base.json update
1 parent f6bd8fd commit f39bc72

File tree

1 file changed

+47
-0
lines changed

1 file changed

+47
-0
lines changed

db/modules_metadata_base.json

Lines changed: 47 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -8862,6 +8862,53 @@
88628862
"session_types": false,
88638863
"needs_cleanup": false
88648864
},
8865+
"auxiliary_admin/vmware/vcenter_offline_mdb_extract": {
8866+
"name": "VMware vCenter Extract Secrets from vmdir / vmafd DB File",
8867+
"fullname": "auxiliary/admin/vmware/vcenter_offline_mdb_extract",
8868+
"aliases": [
8869+
8870+
],
8871+
"rank": 300,
8872+
"disclosure_date": "2022-05-10",
8873+
"type": "auxiliary",
8874+
"author": [
8875+
"npm <[email protected]>"
8876+
],
8877+
"description": "Grab certificates from the vCenter server vmdird and vmafd\n database files and adds them to loot. The vmdird MDB database file\n can be found on the live appliance under the path\n /storage/db/vmware-vmdir/data.mdb, and the DB vmafd is under path\n /storage/db/vmware-vmafd/afd.db. The vmdir database contains the\n IdP signing credential, and vmafd contains the vCenter certificate\n store. This module will accept either file from a live vCenter\n appliance, or from a vCenter appliance backup archive; either or\n both files can be supplied.",
8878+
"references": [
8879+
"URL-https://www.horizon3.ai/compromising-vcenter-via-saml-certificates/"
8880+
],
8881+
"platform": "Linux",
8882+
"arch": "",
8883+
"rport": null,
8884+
"autofilter_ports": [
8885+
8886+
],
8887+
"autofilter_services": [
8888+
8889+
],
8890+
"targets": null,
8891+
"mod_time": "2022-05-26 11:52:56 +0000",
8892+
"path": "/modules/auxiliary/admin/vmware/vcenter_offline_mdb_extract.rb",
8893+
"is_install_path": true,
8894+
"ref_name": "admin/vmware/vcenter_offline_mdb_extract",
8895+
"check": false,
8896+
"post_auth": false,
8897+
"default_credential": false,
8898+
"notes": {
8899+
"Stability": [
8900+
"crash-safe"
8901+
],
8902+
"Reliability": [
8903+
"repeatable-session"
8904+
],
8905+
"SideEffects": [
8906+
"artifacts-on-disk"
8907+
]
8908+
},
8909+
"session_types": false,
8910+
"needs_cleanup": false
8911+
},
88658912
"auxiliary_admin/vnc/realvnc_41_bypass": {
88668913
"name": "RealVNC NULL Authentication Mode Bypass",
88678914
"fullname": "auxiliary/admin/vnc/realvnc_41_bypass",

0 commit comments

Comments
 (0)