Our favourite exploitation framework – The Metasploit Framework has been updated! We at ane time accept Metasploit Framework version 3.5.2!
“The Metasploit Framework is a penetration testing toolkit, exploit evolution platform, as well as question tool. The framework includes hundreds of working remote exploits for a diversity of platforms. Payloads, encoders, as well as nop slide generators tin last mixed as well as matched alongside exploit modules to solve closed to whatever exploit-related task.“
This is the detailed unloose log:
Statistics:
* Metasploit at ane time ships alongside 644 exploit modules as well as 330 auxiliary modules.
* 39 novel modules as well as payloads accept been added since the terminal signal release.
* 58 tickets were resolved as well as 331 commits were made since the terminal signal release.
New Modules:
New Exploits as well as Auxiliaries:
* Apache Tomcat Transfer-Encoding Information Disclosure as well as DoS
* Microsoft IIS FTP Server Encoded Response Overflow Trigger
* Apache HTTPD mod_negotiation Filename Bruter
* Apache HTTPD mod_negotiation scanner
* Http:BL lookup
* IPv6 Link Local/Node Local Ping Discovery
* IPv6 Local Neighbor Discovery Using Router Advertisment
* SMB Domain User Enumeration
* SNMP Enumeration Module
* Cisco IOS SNMP File Upload
* SNMP Windows Username Enumeration
* SNMP Windows SMB Share Enumeration
* SNMP Set Module
* Android Content Provider File Disclosure
* ProFTPD 1.2 – 1.3.0 sreplace Buffer Overflow
* Redmine SCM Repository Arbitrary Command Execution
* Mitel Audio as well as Web Conferencing Command Injection
* Internet Explorer CSS Recursive Import Use After Free
* Microsoft WMI Administration Tools ActiveX Buffer Overflow
* Microsoft Windows CreateSizedDIBSECTION Stack Buffer Overflow
* Microsoft Word RTF pFragments Stack Buffer Overflow
* VideoLAN VLC MKV Memory Corruption
* Microsoft SQL Server Payload Execution via SQL injection
* Microsoft SQL Server sp_replwritetovarbin Memory Corruption via SQL Injection
New Post Modules:
* multi/gather/env
* windows/escalate/ms10_073_kbdlayout
* windows/escalate/ms10_092_schelevator
* windows/escalate/bypassuac
* windows/capture/keylog_recorder
* windows/manage/delete_user
* windows/gather/resolve_sid
* windows/gather/checkvm
* windows/gather/enum_powershell_env
* windows/gather/enum_snmp
* windows/gather/enum_logged_on_users
* windows/gather/enum_shares
* windows/gather/hashdump
* windows/gather/enum_applications
New Payloads:
* singles/windows/speak_pwned
New Scripts:
* scripts/meterpreter/virusscan_bypass
* scripts/meterpreter/get_valid_community
Closed Bugs & New Features:
Meterpreter & Post-Exploitation:
* #1936: Meterpreter should last able to hold back upwards concern human relationship SIDs to names
* #3448: Organize meterpreter modules yesteryear platform
* #3478: information ascendency for meterpreter post service modules
* #3482: sysinfo displaying “OS: Windows vii (Build 7600, ).”
* #3486: Display module inward “show options” and/or “info” output [has patch]
* #3526: Java Meterpreter execption inward client.sys.process.execute wen spaces are use…
* #3527: run uploadexec prints meterpreter non supported
* #3528: Meterpreter script “gettelnet” produces ArgumentError [Patch Attached]
* #2258: killav script fails to kill mcafee
* #3287: search_dwld errors if directories acquaint aren’t readable
* #3530: “run enum_logged_on_users -c” displays username every bit array
* #3531: “enum_logged_on_users -c” broken on Windows 2000 Server
* #3557: reload/rerun/rexploit for meterpreter
* #3558: “info” ascendency inward meterpreter fails silently
* #3529: “NoMethodError undefined method `cmd_exec’” inward meterpreter scripts
* #3541: AutoRunScript should move alongside Post modules
* #3542: Post modules should allow a passive stance
* #3552: Add ConvertStringSidToSid to advapi32′s railgun defs [has patch]
Console & Usability:
* #664: The resources ascendency at ane time tab completes filenames
* #3426: Catch exceptions from WebConsolePipe
* #3470: ‘loadpath’ no longer loads modules despite beingness already loaded
* #3623: Resource files at ane time handles to a greater extent than whitespace
Module / Module Improvements:
* #3387: jboss_bshdeployer at ane time industrial plant on older jboss versions.
* #3429: Cisco IOS SNMP file re-create via TFTP module added.
* #3257: mod_negotation scanner & animate beingness forcer modules added.
* #3346: Project Honeypot HTTP Blocklist lookup module added.
* #3437: SNMP Set module added.
* #3442: Capture HTTP/HTTP_NTLM at ane time allows responding to all URIs.
* #3477: generic/shell_reverse_tcp at ane time industrial plant alongside exploit/linux/ftp/proftp_sreplace
* #3554: Fixed a stack line inward Citrix application discovery
* #3566: ms10_090_ie_css_clip at ane time industrial plant alongside Internet Explorer 8
* #3571: ms08_067_netapi at ane time industrial plant alongside of Windows 2003 R2 English
* #3594: Need aid on “wordpress_login_enum” module.
* #3615: Significantly enhanced smb capture as well as hash cracking
* #3567: Payload is at ane time configurable alongside browser_autopwn
* #3596: Fixed an “Incompatible grapheme encoding” fault on gzip’d http responses
* #3654: Enhancements to the auxiliary/scanner/snmp/snmp_enum module
* #3655: Resolved an number where Aux modules report:proto incorrectly
* #3643: Resolved an number where Aux modules neglect to report_vuln()
* #3438: Fix typos as well as systemDate alongside snmp_enum
Armitage & GUI:
* Integrate Armitage
* #3519: Modify armitage starting fourth dimension script to top arguments to armitage.jar
Database:
* #3369: Nessus XML import at ane time handles xml without tag
* #3540: ‘store_loot’ is at ane time handled if in that location is no database
* #3564: ‘db_import’ no longer fails alongside for sure zippo files
Installer / Platform Support:
* #3431: Metasploit at ane time industrial plant iDevices!
* #3543: Uninstaller on Windows no longer leaves a framework directory
* #3661: Metasploit Framework installer at ane time installs an update cronjob
General / Other:
* #3627: Options for lm2ntcrack are at ane time to a greater extent than obvious
* #3466: Resolved an number where an infinite loop could number inward excessive retention consumption …
* #3391: Fixed a põrnikas w/ ‘gendocs.sh’
This unloose most importantly fixes a privilege escalation vulnerability alongside the framework, where unprivileged users on Windows were able to write files inward the framework installation directory. In improver to fixing this vulnerability, this update includes a revamped WMAP, improvements to Meterpreter’s railgun extension, as well as a fledgling version of Post Exploitation modules, that tin last used every bit a powerful replacement for Meterpreter scripts. It also integrates Armitage.
Download Metasploit Framework v3.5.2
“The Metasploit Framework is a penetration testing toolkit, exploit evolution platform, as well as question tool. The framework includes hundreds of working remote exploits for a diversity of platforms. Payloads, encoders, as well as nop slide generators tin last mixed as well as matched alongside exploit modules to solve closed to whatever exploit-related task.“
This is the detailed unloose log:
Statistics:
* Metasploit at ane time ships alongside 644 exploit modules as well as 330 auxiliary modules.
* 39 novel modules as well as payloads accept been added since the terminal signal release.
* 58 tickets were resolved as well as 331 commits were made since the terminal signal release.
New Modules:
New Exploits as well as Auxiliaries:
* Apache Tomcat Transfer-Encoding Information Disclosure as well as DoS
* Microsoft IIS FTP Server Encoded Response Overflow Trigger
* Apache HTTPD mod_negotiation Filename Bruter
* Apache HTTPD mod_negotiation scanner
* Http:BL lookup
* IPv6 Link Local/Node Local Ping Discovery
* IPv6 Local Neighbor Discovery Using Router Advertisment
* SMB Domain User Enumeration
* SNMP Enumeration Module
* Cisco IOS SNMP File Upload
* SNMP Windows Username Enumeration
* SNMP Windows SMB Share Enumeration
* SNMP Set Module
* Android Content Provider File Disclosure
* ProFTPD 1.2 – 1.3.0 sreplace Buffer Overflow
* Redmine SCM Repository Arbitrary Command Execution
* Mitel Audio as well as Web Conferencing Command Injection
* Internet Explorer CSS Recursive Import Use After Free
* Microsoft WMI Administration Tools ActiveX Buffer Overflow
* Microsoft Windows CreateSizedDIBSECTION Stack Buffer Overflow
* Microsoft Word RTF pFragments Stack Buffer Overflow
* VideoLAN VLC MKV Memory Corruption
* Microsoft SQL Server Payload Execution via SQL injection
* Microsoft SQL Server sp_replwritetovarbin Memory Corruption via SQL Injection
New Post Modules:
* multi/gather/env
* windows/escalate/ms10_073_kbdlayout
* windows/escalate/ms10_092_schelevator
* windows/escalate/bypassuac
* windows/capture/keylog_recorder
* windows/manage/delete_user
* windows/gather/resolve_sid
* windows/gather/checkvm
* windows/gather/enum_powershell_env
* windows/gather/enum_snmp
* windows/gather/enum_logged_on_users
* windows/gather/enum_shares
* windows/gather/hashdump
* windows/gather/enum_applications
New Payloads:
* singles/windows/speak_pwned
New Scripts:
* scripts/meterpreter/virusscan_bypass
* scripts/meterpreter/get_valid_community
Closed Bugs & New Features:
Meterpreter & Post-Exploitation:
* #1936: Meterpreter should last able to hold back upwards concern human relationship SIDs to names
* #3448: Organize meterpreter modules yesteryear platform
* #3478: information ascendency for meterpreter post service modules
* #3482: sysinfo displaying “OS: Windows vii (Build 7600, ).”
* #3486: Display module inward “show options” and/or “info” output [has patch]
* #3526: Java Meterpreter execption inward client.sys.process.execute wen spaces are use…
* #3527: run uploadexec prints meterpreter non supported
* #3528: Meterpreter script “gettelnet” produces ArgumentError [Patch Attached]
* #2258: killav script fails to kill mcafee
* #3287: search_dwld errors if directories acquaint aren’t readable
* #3530: “run enum_logged_on_users -c” displays username every bit array
* #3531: “enum_logged_on_users -c” broken on Windows 2000 Server
* #3557: reload/rerun/rexploit for meterpreter
* #3558: “info” ascendency inward meterpreter fails silently
* #3529: “NoMethodError undefined method `cmd_exec’” inward meterpreter scripts
* #3541: AutoRunScript should move alongside Post modules
* #3542: Post modules should allow a passive stance
* #3552: Add ConvertStringSidToSid to advapi32′s railgun defs [has patch]
Console & Usability:
* #664: The resources ascendency at ane time tab completes filenames
* #3426: Catch exceptions from WebConsolePipe
* #3470: ‘loadpath’ no longer loads modules despite beingness already loaded
* #3623: Resource files at ane time handles to a greater extent than whitespace
Module / Module Improvements:
* #3387: jboss_bshdeployer at ane time industrial plant on older jboss versions.
* #3429: Cisco IOS SNMP file re-create via TFTP module added.
* #3257: mod_negotation scanner & animate beingness forcer modules added.
* #3346: Project Honeypot HTTP Blocklist lookup module added.
* #3437: SNMP Set module added.
* #3442: Capture HTTP/HTTP_NTLM at ane time allows responding to all URIs.
* #3477: generic/shell_reverse_tcp at ane time industrial plant alongside exploit/linux/ftp/proftp_sreplace
* #3554: Fixed a stack line inward Citrix application discovery
* #3566: ms10_090_ie_css_clip at ane time industrial plant alongside Internet Explorer 8
* #3571: ms08_067_netapi at ane time industrial plant alongside of Windows 2003 R2 English
* #3594: Need aid on “wordpress_login_enum” module.
* #3615: Significantly enhanced smb capture as well as hash cracking
* #3567: Payload is at ane time configurable alongside browser_autopwn
* #3596: Fixed an “Incompatible grapheme encoding” fault on gzip’d http responses
* #3654: Enhancements to the auxiliary/scanner/snmp/snmp_enum module
* #3655: Resolved an number where Aux modules report:proto incorrectly
* #3643: Resolved an number where Aux modules neglect to report_vuln()
* #3438: Fix typos as well as systemDate alongside snmp_enum
Armitage & GUI:
* Integrate Armitage
* #3519: Modify armitage starting fourth dimension script to top arguments to armitage.jar
Database:
* #3369: Nessus XML import at ane time handles xml without tag
* #3540: ‘store_loot’ is at ane time handled if in that location is no database
* #3564: ‘db_import’ no longer fails alongside for sure zippo files
Installer / Platform Support:
* #3431: Metasploit at ane time industrial plant iDevices!
* #3543: Uninstaller on Windows no longer leaves a framework directory
* #3661: Metasploit Framework installer at ane time installs an update cronjob
General / Other:
* #3627: Options for lm2ntcrack are at ane time to a greater extent than obvious
* #3466: Resolved an number where an infinite loop could number inward excessive retention consumption …
* #3391: Fixed a põrnikas w/ ‘gendocs.sh’
This unloose most importantly fixes a privilege escalation vulnerability alongside the framework, where unprivileged users on Windows were able to write files inward the framework installation directory. In improver to fixing this vulnerability, this update includes a revamped WMAP, improvements to Meterpreter’s railgun extension, as well as a fledgling version of Post Exploitation modules, that tin last used every bit a powerful replacement for Meterpreter scripts. It also integrates Armitage.
Download Metasploit Framework v3.5.2
Share This :
We will be getting a reverse TCP connection from the victim machine by using a small backdoor using metasploit on windows.
ReplyDelete