JetBrains TeamCity Login Scanner
Metasploit added a login scanner for the TeamCity application to enable users to check for weak credentials. TeamCity has been the subject of multiple ETR vulnerabilities and is a valuable target for attackers.
Targeted DCSync added to Windows Secrets Dump
This week, Metasploit community member smashery improved the windows_secrets_dump module’s DOMAIN action to allow the operator to specify specific users or groups to retrieve Kerberos secrets for. By setting the KRB_TYPES option to USERS_ONLY or COMPUTERS_ONLY, the operator can target the specified account type. To be even more granular, the operator can target one or more accounts or groups by name with the KRB_USERS option. This should help operators obtain the desired information more quickly when targeting large domains.
New module content (4)
JetBrains TeamCity Login Scanner
Authors: adfoster-r7 and sjanusz-r7
Type: Auxiliary
Pull request: #19601 contributed by sjanusz-r7
Path: scanner/teamcity/teamcity_login
Description: Adds a new bruteforce scanner/teamcity/teamcity_login login scanner module that targets the JetBrains TeamCity service.
Judge0 sandbox escape
Authors: Takahiro Yokoyama and Tanto Security
Type: Exploit
Pull request: #19584 contributed by Takahiro-Yoko
Path: linux/http/judge0_sandbox_escape_cve_2024_28189
AttackerKB reference:
metasploit
weekly
