2 min
Metasploit Weekly Wrapup
Metasploit Wrap-Up: Sep. 11, 2020
Three new modules, including a Pwn2Own addition for OS X, plus proxy support for Python Meterpreter, new search improvements, and a reminder of how to report security issues in Metasploit.
2 min
Metasploit
Metasploit Wrap-Up: 5/15/20
Five new modules, including SaltStack Salt Master root key disclosure and unauthenticated RCE on Salt master and minion. A new Meterpreter fix also ensures correct handling of out-of-order packets in pivoted sessions.
2 min
Metasploit
Metasploit Wrap-Up: 1/17/20
Silly admin, Citrix is for script kiddies
A hot, new module [https://github.com/rapid7/metasploit-framework/pull/12816]
has landed in Metasploit Framework this week. It takes advantage of
CVE-2019-19781 which is a directory traversal vulnerability in Citrix
Application Delivery Controller (ADC) and Gateway. This exploit takes advantage
of unsanitized input within the URL structure of one of the API endpoints to
access specified directories. Conveniently there is a directory available that
house
2 min
Metasploit Weekly Wrapup
Metasploit Wrap-Up 8/9/19
Keep on Bluekeepin’ on
TomSellers [https://github.com/TomSellers] added a new option to the
increasingly useful Bluekeep Scanner module
[https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/scanner/rdp/cve_2019_0708_bluekeep.rb]
that allows execution of a DoS attack when running the module. This adds a new
level of effectiveness in proving the severity of this vulnerability.
As part of this update, TomSellers [https://github.com/TomSellers] moved and
refactored a lot of
2 min
Metasploit Weekly Wrapup
Metasploit Wrap-Up 5/3/19
Better persistence options thanks to two new modules for Yum and APT package managers. Plus, new exploits for Rails DoubleTap and Spring Cloud Config.
2 min
Metasploit Weekly Wrapup
Metasploit Wrapup 8/10/18
Check Yourself Before You Wreck Yourself
Even if you're a pro sleuth who can sniff out a vulnerability on even the most
hardened of networks, it's always nice to be have some added validation that
your attack is going to be successful. That's why it's always valuable to have a
solid "check" method available to verify that you're barking up the right tree.
This week bcoles [https://github.com/bcoles] upgraded the UAC check for Windows
[https://github.com/rapid7/metasploit-framework/pull/10419] to
2 min
Metasploit Weekly Wrapup
Metasploit Wrapup 6/1/18
Upgrade Your SOCKS
Thanks to zeroSteiner [https://github.com/zeroSteiner], we have some very nice
additions to the SOCKS5 library this week. His changes enabled BIND connections
through the SOCKS5 proxy
[https://github.com/rapid7/metasploit-framework/pull/9990], improved automated
testing around the code, and broke it up into more manageable, targeted
submodules. Now that Trevor’s dying wish
[https://twitter.com/Bandrel/status/912312568055771137] has been fulfilled, the
team can finally leave