Grant Willcox
Grant Willcox
Added a few commits to fix some issues I found when reviewing this and left 3 review comments I'd like some feedback on. Most of this looks good now. Also...
> @gwillcox-r7, Typically a sales guy will contact you. Products do not get assigned automatically. @h00die-gr3y Alright is there any chance then that you could send an updated PCAP capture...
Rebased to squash commits, will land once tests pass.
# Release Notes A module has been added which exploits CVE-2023-22952, a RCE vulnerability in SugarCRM 11.0 Enterprise, Professional, Sell, Serve, and Ultimate versions prior to 11.0.5 and SugarCRM 12.0...
Note this only updates the definitions for `def_advapi32.rb` using the regex `PDWORD['"].*['"]out['"]`. The following files also need review still: - [ ] `def_kernel32.rb` - [ ] `def_netapi32.rb` - [ ]...
On an unrelated side note def_wldap32.rb seems to only be used by 1-2 post modules that don't even seem to work with the LDAP server I have on Windows Server...
Welp well looks like trying to change a few of these is having unintended side effects during testing. I'm thinking it may be better to just fix what is known...
Moving this into draft state. Internal discussions on best approaches need to take place and I don't want to give the impression that this is in merge ready state cause...
> The module examples were kind of driving me crazy, thanks for getting those! Thanks there are still a few split across some lines within the documentation file I didn't...
@smcintyre-r7 I think the original idea with this PR was to do everything at once but later realized that we should likely break them down into smaller PRs. Its still...