METASPLOIT PROJECT
The Metasploit Project, owned by Rapid 7, is a computer security program which is the world’s most used penetration testing framework. This Free and Open Source Software (FOSS) is used by nearly all penetration testers, and is extremely common in training courses from SANS, EC-Council, and many others.
The Metasploit Project, being Open Source Software, flourishes from the contributions of the community. nDepth’s own Mike Cyr (h00die) is a frequent contributor to the project and has continued to spend their personal time conducting security research and providing enhancements to Metasploit for the benefit of the security community. This month, h00die contributed the following enhancements:
HACKTRICKS CLOUD
Hack Tricks is a computer security training company which offers courses on Azure, Google cloud, and AWS. The course content is based on freely available wiki pages which detail techniques used for exploiting vulnerabilities on these cloud platforms. While reviewing the content of the wiki, nDepth’s own Mike Cyr (h00die) found several issues and helped correct them. This month, h00die contributed the following enhancements:
SPELLING/GRAMMAR/SYNTAX/FUNCTION CORRECTIONS
Several spelling and grammar functions were corrected within the context of the wiki hacking pages. Some syntax fixes within the markdown language (which creates wiki pages) were also fixed. Lastly, one page contained a list of functions available within an AWS command, however many of them were not correct. After reviewing the AWS documentation, and command line implementation, a fix for the commands list was submitted.
PACU
Pacu, owned by Rhino Security Labs, is a computer security program which focuses on Amazon Web Services (AWS). This Free and Open Source Software (FOSS) is incredibly useful for managing credentials, performing discovery, and exploiting common weaknesses in implementation for AWS. This month, h00die contributed the following enhancements:
SECRETS_ENUM ENHANCEMENTS
The secrets_enum module within pacu is used to connect to the AWS secrets manager and extract secrets. However, the output for a user who has the permissions to list secrets but not read them (the equivalent of reading a book’s cover, but not the contents) can be confusing. In this configuration, pacu only prints error messages without any other information. This update changes pacu’s behavior so that it lists which secrets were found, and that the errors were trying to read the secret’s contents allowing for a much friendlier user experience.
To view this month’s contributions, check the following links:
- https://github.com/HackTricks-wiki/hacktricks-cloud/pull/79
- https://github.com/HackTricks-wiki/hacktricks-cloud/pull/80
- https://github.com/HackTricks-wiki/hacktricks-cloud/pull/83
- https://github.com/HackTricks-wiki/hacktricks-cloud/pull/84
- https://github.com/HackTricks-wiki/hacktricks-cloud/pull/85
- https://github.com/RhinoSecurityLabs/pacu/pull/448