1 min
Metasploit
Open Source Security Meetup (OSSM): Virtual Edition
The Rapid7 Metasploit team will be hosting our annual Open Source Security Meetup (OSSM) as a virtual event Thursday, August 6th!
2 min
Metasploit
Metasploit Wrap-Up: 7/3/20
Shifting (NET)GEARs
Community contributor rdomanski [https://github.com/rdomanski] added a module
for Netgear R6700v3 routers
[https://github.com/rapid7/metasploit-framework/pull/13768] that allows
unauthenticated attackers on the same network to reset the password for the
admin user back to the factory default of password. Attackers can then manually
change the admin user's password and log into it after enabling telnet via the
exploit/linux/telnet/netgear_telnetenable module, which will gran
2 min
Metasploit Weekly Wrapup
Metasploit Wrap-Up: 4/10/20
Meterpreter bug fixes and five new modules, including an LPE exploit for SMBghost (CVE-2020-0796) and a BloodHound post module that gathers information (sessions, local admin, domain trusts, etc.) and stores it as a BloodHound-consumable ZIP file in Framework loot.
3 min
Metasploit
Metasploit Wrap-Up 3/6/20
Gift exchange
If you're looking for remote code execution against Microsoft Exchange, Spencer
McIntyre [https://github.com/zeroSteiner] crafted up a cool new module
[https://github.com/rapid7/metasploit-framework/pull/13014] targeting a .NET
serialization vulnerability in the Exchange Control Panel (ECP) web page.
Vulnerable versions of Exchange don't randomize keys on a per-installation
basis, resulting in reuse of the same validationKey and decryptionKey values.
With knowledge of these, an at
2 min
Metasploit
Metasploit Wrap-Up: Dec. 27, 2019
With 2019 almost wrapped up, we’ve been left wondering where the time went! It’s
been a busy year for Metasploit, and we’re going out on a reptile-themed note
this wrap-up...
Python gets compatible
With the clock quickly ticking down on Python 2 support
[https://pythonclock.org/], contributor xmunoz [https://github.com/xmunoz] came
through with some changes
[https://github.com/rapid7/metasploit-framework/pull/12524] to help ensure most
of Framework works with Python 3. While Python 3’s adoption
2 min
Metasploit
Metasploit Wrap-Up: Nov. 8, 2019
Config R Us
Many versions of network management tool rConfig are vulnerable to
unauthenticated command injection, and contributor bcoles
[https://github.com/bcoles] added a new exploit module
[https://github.com/rapid7/metasploit-framework/pull/12507] for targeting those
versions. Present in v3.9.2 and prior, this vulnerability centers around the
install directory not being automatically cleaned up following software
installation, leaving behind a PHP file that can be utilized to execute
arbitr
3 min
Events
Metasploit Open Source Office Hours: Vegas 2019
The Metasploit crew at Rapid7 is headed out to Las Vegas for DEF CON 27,
bringing a new incarnation of the Open Source Security Meetup (OSSM) with us! We
will have a Metasploit Suite at Bally’s this year, where we’ll be hosting “Open
Source Office Hours” (OSOH). If you’ll be out in Vegas for DEF CON 27, take a
moment and ask yourself:
* Are you currently working on a Metasploit module/payload and could use some
guidance?
* Are you modifying Framework and you’d like to discuss?
* Are you w
3 min
Metasploit Weekly Wrapup
Metasploit Wrap-Up 7/5/19
Injecting the Time Machine
From contributor timwr [https://github.com/timwr] comes a new module targeting
Time Machine on macOS 10.14.3 and earlier. Specifically, the tmdiagnose binary
for these vulnerable versions suffers from a command injection vulnerability
that can be exploited via a specially crafted disk label. This new module uses
an existing session for exploitation on the target, allowing the Framework user
to run a payload as root.
What’s on TV?
If you are nearby to a vulnerable Supr
2 min
Metasploit Weekly Wrapup
Metasploit Wrap-Up 5/10/19
A new Chrome browser exploit, some WebLogic RCE, and an exploit for PostgreSQL. Also announcing the return of our annual Open-Source Security Meetup in Vegas!
3 min
Metasploit Weekly Wrapup
Metasploit Wrap-Up 2/8/19
Ubiquitous Devices
Our Rapid7 Labs team pulled the thread
[https://www.rapid7.com/blog/post/2019/02/01/ubiquiti-discovery-service-exposures/]
on some recent buzz around exploitable Ubiquiti devices, which led to a new
scanner module [https://github.com/rapid7/metasploit-framework/pull/11338] (
auxiliary/scanner/ubiquiti/ubiquiti_discover.rb) from jhart-r7
[https://github.com/jhart-r7]. This module uses a simple UDP protocol to
identify potentially exploitable Ubiquiti devices on your network, a
2 min
Metasploit Weekly Wrapup
Metasploit Wrapup 11/9/18
Now in Framework: Exploit for jQuery File Upload plugin vuln, two new post modules to exfil images and texts from compromised iOS devices. Plus, this year's community CTF.
3 min
Metasploit Weekly Wrapup
Metasploit Wrapup 3/9/18
With the Northeast U.S. getting hit with back-to-back nor’easters this week,
it’s probably a good idea to head back inside and wait it out until spring
arrives. So toss another log on the fire, grab a hot drink, raise a toast to
all
the folks making Metasploit awesome
[https://github.com/rapid7/metasploit-framework/graphs/contributors], and catch
up on the latest!
It Goes to 11
While amplification attacks are nothing new, the memcached amplification attack
vector (reffered to as “memcrashed”
3 min
Metasploit Weekly Wrapup
Metasploit Wrapup 2/16/18
Wintertime can be a drag. Folks get tired of shoveling snow, scraping ice from
windshields, dealing with busted water pipes, etc.. Thoughts of “fun in the sun”
activities start to seep in, as people begin wistfully daydreaming about
summertime. And for this coming summer, Metasploit has some hotness to daydream
about!
Google Summer of Code: We’re In!
The Metasploit team is SUPER EXCITED to have been recently selected by Google
[https://summerofcode.withgoogle.com/organizations/666336840069939
3 min
Metasploit Weekly Wrapup
Metasploit Wrapup: Feb. 2, 2018
It’s a special day here in the U.S.. This morning, media folks were hovering
over a specific rodent [https://en.wikipedia.org/wiki/Punxsutawney_Phil] living
in an eastern state to discover that we are in for six more weeks of winter
[https://www.reuters.com/article/us-usa-groundhogday/groundhog-phil-predicts-more-cold-weather-chuck-says-spring-is-coming-idUSKBN1FM14L]
, apparently. ¯\_(ツ)_/¯ Guess we’ll stay inside and work on Metasploit…
EternalSunshine of the Security Minded
If you’re still
2 min
Metasploit Weekly Wrapup
Metasploit Wrapup: Jan. 26, 2018
In last week’s wrap-up post
[https://www.rapid7.com/blog/post/2018/01/19/metasploit-wrapup-24/], we raised
awareness of the new Metasploit 5 work we’re ramping up on. This week, please
GoAhead [https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17562] and
enjoy some new Metasploit goodies!
Get Up, GoAhead
Based on research from danielhodson [https://github.com/danielhodson], hdm
[https://github.com/hdm] and h00die [https://github.com/h00die] put together a
new module [https://www.elttam.