Skip to content
Permalink

Comparing changes

Choose two branches to see what’s changed or to start a new pull request. If you need to, you can also or learn more about diff comparisons.

Open a pull request

Create a new pull request by comparing changes across two branches. If you need to, you can also . Learn more about diff comparisons here.
base repository: GhostPack/Certify
Failed to load repositories. Confirm that selected base ref is valid, then try again.
Loading
base: main
Choose a base ref
...
head repository: blackarrowsec/Certify
Failed to load repositories. Confirm that selected head ref is valid, then try again.
Loading
compare: main
Choose a head ref
Checking mergeability… Don’t worry, you can still create the pull request.
  • 6 commits
  • 11 files changed
  • 1 contributor

Commits on Jan 24, 2022

  1. ESC7 

    Added the required functionality to abuse ManageCA and ManageCertificate rights.
    @Kudaes
    Kudaes committed Jan 24, 2022
    Configuration menu
    Copy the full SHA
    a90b651 View commit details
    Browse the repository at this point in the history

  2. Update README.md

    @Kudaes
    Kudaes committed Jan 24, 2022
    Configuration menu
    Copy the full SHA
    d5b9d89 View commit details
    Browse the repository at this point in the history

Commits on Feb 7, 2022

  1. New use cases to abuse ManageCA permission 

    Two new commands have been added:

- coerceauth: It will abuse the CDP extension to coerce the CA server to perform an authentication attempt to a remote server.
- writefile: It will abuse the CDP extension to write an arbitrary file to a local or remote path. The CA server must have write permission over the remote share.  The most useful use case for this functionality is to obtain a web shell, but it could also been used to perform arbitrary file overwrite/others-.
    @Kudaes
    Kudaes committed Feb 7, 2022
    Configuration menu
    Copy the full SHA
    6038980 View commit details
    Browse the repository at this point in the history

  2. Update WriteFile.cs

    @Kudaes
    Kudaes committed Feb 7, 2022
    Configuration menu
    Copy the full SHA
    7fdc2e4 View commit details
    Browse the repository at this point in the history

Commits on Feb 9, 2022

  1. Readonly mode added to writefile module 

    Now It is possible to get the current CDP list without performing any change in the CA's configuration. Useful to retrieve remote writable shares before uploading a shell.
    @Kudaes
    Kudaes committed Feb 9, 2022
    Configuration menu
    Copy the full SHA
    0dba464 View commit details
    Browse the repository at this point in the history

  2. Update Readme

    @Kudaes
    Kudaes committed Feb 9, 2022
    Configuration menu
    Copy the full SHA
    0f71716 View commit details
    Browse the repository at this point in the history
Loading