2 min
Metasploit
Metasploit Weekly Wrap-Up 11/29/2024
Four new Metasploit modules released, including CUPS IPP Attributes LAN Remote Code Execution CVE-2024-47176
2 min
Metasploit
Metasploit Weekly Wrap-Up 09/20/2024
New module content (3)
update-motd.d Persistence
Author: Julien Voisin
Type: Exploit
Pull request: #19454 [https://github.com/rapid7/metasploit-framework/pull/19454]
contributed by jvoisin [https://github.com/jvoisin]
Path: linux/local/motd_persistence
Description: This adds a post module to keep persistence on a Linux target by
writing a motd
[https://manpages.ubuntu.com/manpages/trusty/man5/update-motd.5.html] bash
script triggered with root privileges every time a user logs into the system
2 min
Metasploit
Metasploit Weekly Wrap-Up 08/16/2024
New module content (3)
Apache HugeGraph Gremlin RCE
Authors: 6right and jheysel-r7
Type: Exploit
Pull request: #19348 [https://github.com/rapid7/metasploit-framework/pull/19348]
contributed by jheysel-r7 [https://github.com/jheysel-r7]
Path: linux/http/apache_hugegraph_gremlin_rce
AttackerKB reference: CVE-2024-27348
[https://attackerkb.com/search?q=CVE-2024-27348&referrer=blog]
Description: Adds an Apache HugeGraph Server exploit for GHSA-29rc-vq7f-x335
[https://github.com/advisories/GHSA-29r
2 min
Metasploit
Metasploit Wrap-Up 05/10/2024
Password Spraying support
Multiple bruteforce/login scanner modules have been updated to support a
PASSWORD_SPRAY module option. This work was completed in pull request #19079
[https://github.com/rapid7/metasploit-framework/pull/19079] from nrathaus
[https://github.com/nrathaus] as well as an additional update from our
developers [https://github.com/rapid7/metasploit-framework/pull/19158] . When
the password spraying option is set, the order of attempted users and password
attempts are changed
2 min
Metasploit
Metasploit Weekly Wrap-Up 01/12/24
New module content (1)
Windows Gather Mikrotik Winbox "Keep Password" Credentials Extractor
Author: Pasquale 'sid' Fiorillo
Type: Post
Pull request: #18604 [https://github.com/rapid7/metasploit-framework/pull/18604]
contributed by siddolo [https://github.com/siddolo]
Path: windows/gather/credentials/winbox_settings
Description: This pull request introduces a new post module to extract the
Mikrotik Winbox credentials, which are saved in the settings.cfg.viw file when
the "Keep Password" option
1 min
Metasploit
Metasploit Wrap-Up: Nov. 23, 2023
Metasploit 6.3.44 released with stability improvements and module fixes
2 min
Metasploit
Metasploit Weekly Wrap-Up: Oct. 27, 2023
New module content (4)
Atlassian Confluence Data Center and Server Authentication Bypass via Broken
Access Control
Authors: Emir Polat and Unknown
Type: Auxiliary
Pull request: #18447 [https://github.com/rapid7/metasploit-framework/pull/18447]
contributed by emirpolatt [https://github.com/emirpolatt]
Path: admin/http/atlassian_confluence_auth_bypass
AttackerKB reference: CVE-2023-22515
[https://attackerkb.com/topics/Q5f0ItSzw5/cve-2023-22515?referrer=blog]
Description: This adds an exploit for
2 min
Metasploit
Metasploit Weekly Wrap-Up: Sep. 8, 2023
New module content (4)
Roundcube TimeZone Authenticated File Disclosure
Authors: joel, stonepresto, and thomascube
Type: Auxiliary
Pull request: #18286 [https://github.com/rapid7/metasploit-framework/pull/18286]
contributed by cudalac [https://github.com/cudalac]
Path: auxiliary/gather/roundcube_auth_file_read
AttackerKB reference: CVE-2017-16651
[https://attackerkb.com/topics/He57FR8fB4/cve-2017-16651?referrer=blog]
Description: This PR adds a module to retrieve an arbitrary file on hosts
run
2 min
Metasploit
Metasploit Weekly Wrap-Up: Aug. 11, 2023
A new Metabase RCE module, updates to the citrix_formssso_target_rce module for CVE-2023-3519 to include two new targets, Citrix ADC (NetScaler) 12.1-65.25, and 12.1-64.17, and more
2 min
Metasploit
Metasploit Weekly Wrap-Up: 6/2/23
Support added for Active Directory Certificate Services ESC4 Exploitation, and a new sudoedit extra arguments privilege escalation module
2 min
Metasploit
Metasploit Weekly Wrap-Up: 1/13/23
New module content (2)
Gather Dbeaver Passwords
Author: Kali-Team
Type: Post
Pull request: #17337 [https://github.com/rapid7/metasploit-framework/pull/17337]
contributed by cn-kali-team [https://github.com/cn-kali-team]
Description: This adds a post exploit module that retrieves Dbeaver session data
from local configuration files. It is able to extract and decrypt credentials
stored in these files for any version of Dbeaver installed on Windows or
Linux/Unix systems.
Gather MinIO Client Key
A
2 min
Metasploit
Metasploit Weekly Wrap-Up: 11/15/22
2 new modules targeting F5 devices, DuckyScript support, bug fixes, and more
4 min
Metasploit
Metasploit Weekly Wrap-Up: 9/2/22
ICPR Certificate Management
This week Metasploit has a new ICPR Certificate Management module from Oliver
Lyak [https://github.com/ly4k] and our very own Spencer McIntyre
[https://github.com/zeroSteiner], which can be utilized for issuing certificates
via Active Directory Certificate Services. It has the capability to issue
certificates which is useful in a few contexts including persistence, ESC1
[https://posts.specterops.io/certified-pre-owned-d95910965cd2] and as a
primitive necessary for exp
2 min
Metasploit
Metasploit Wrap-Up: Jul. 9, 2021
A new module for CVE-2021-34527, dubbed PrintNightmare, and a local privilege escalation module for NSClient++
5 min
Metasploit
Metasploit Wrap-Up: 3/26/21
New Exchange ProxyLogon modules, VMWare View Planner RCE, Advantech iView RCE, and more!