BEGIN:VCALENDAR PRODID:-//vBulletin 6//EN VERSION:2.0 CALSCALE:GREGORIAN BEGIN:VEVENT UID:a9cc0505-9be5-4be5-b091-6906cbca74d8 DTSTAMP:20260524T123939Z SUMMARY:The Metasploit Framework v6.4 : Spencer McIntyre : Jack Heysel DESCRIPTION:Title: The Metasploit Framework v6.4\nPresenter: Spencer McInty re\nCo-Presenter: Jack Heysel\nLocation: W304\nDay\,Time: Sat Aug 10 \, 12 PM - 1:45PM\nAudience: Offense\nProject: https://github.com/rapid7/metaspl oit-framework\n\nAbstract:\nThe Metasploit Framework released version 6.4 earlier this year\, including multiple improvements to Kerberos-related at tack workflows. The latest changes added support for forging diamond and s apphire tickets\, as well as dumping tickets from compromised hosts. Metas ploit users can now exploit unconstrained delegation in Active Directory e nvironments for privilege escalation as well as use pass-the-ticket authen tication for the Windows secrets dump module. These new Kerberos improveme nts increase the ways in which tickets can be forged\, gathered\, as well as used. Additionally\, Metasploit has added support for new protocol base d sessions\, allowing users to interact with targets without uploading pay loads\, thus increasing their evasive capabilities. These new sessions can be established to database\, SMB and LDAP servers. Once opened\, they ena ble users to interact and run post modules with them\, all without running a payload on the remote host. Finally\, version 6.4 includes a complete o verhaul of how Metasploit handles its own DNS queries. These improvements ensure that users pivoting their traffic over compromised hosts are not le aking their queries and offer a high degree of control over how queries sh ould be resolved. This demonstration will cover these latest improvements and show how the changes can be combined for new\, streamlined attack work flows using the latest Metasploit release.\n\nBios:\n* Presenter:\nSpencer McIntyre is a Security Research Manager at Rapid7\, where he works on the Metasploit Framework. He has been contributing to Metasploit since 2010\, a committer since 2014\, and a core team member at Rapid7 since 2019. Pre viously\, Spencer worked at a consulting firm working with clients from va rious industries\, including healthcare\, energy\, and manufacturing. He i s an avid open-source contributor and comic book reader.\n* Co-Presenter:\ nJack Heysel is a Senior Security Researcher at Rapid7\, where he contribu tes to and helps maintain the Metasploit Framework. Jack started at Rapid7 in 2016 working on their vulnerability management solution. He transition ed to the Metasploit team in 2021 and has been happily writing and reviewi ng exploits ever since. While AFK\, Jack enjoys exploring the mountains an d outdoors that surround his home. URL:https://forum.defcon.org/node/249628 DTSTART:20240810T200000Z DTEND:20240810T214501Z LOCATION:W304 END:VEVENT END:VCALENDAR