This does a few things:
1. Updates the kiwi plugin to mimikatz 2.1.1 20180502
2. Adds ability to dcsync & hashdump via Powershell
3. Adds streaming support to powershell commands (no more timeouts)
It also adds the following powershell functions to make things more
convenient:
* Invoke-DcSync
* Invoke-DcSyncAll
* Invoke-DcSyncHashDump
See https://github.com/rapid7/metasploit-payloads/pull/284 for details
The new depndency on the openssl gem creates compatibility issues
in some of the currently supported enviornments. Lock version until
this is sorted out.
Msf relies on Rex::Socket to create TLS certificates for services
hosted in the framework and used by some payloads. These certs are
flagged by NIDS - snort sid 1-34864 and such.
Now that Rex::Socket can accept a @@cert_provider from the Msf
namespace, a more robust generation routine can be used by all TLS
socket services, provided down from Msf to Rex, using dependencies
which Rex does not include.
This work adds the faker gem into runtime dependencies, creates an
Msf::Exploit::Remote::Ssl::CertProvider namespace, and provides
API compatible method invocations with the Rex version, but able
to generate higher entropy certs with more variables, options, etc.
This should reduce the hit rate against NIDS on the wire, reducing
pesky blue team interference until we slip up some other way. Also,
with the ability to generate different cert types, we may want to
look at extending this effort to probide a more comprehensive key
oracle to Framework and consumers.
Testing:
None yet, internal tests pending.
Travis should fail as this requires rex-socket #8.