3 min
Metasploit
Metasploit Wrap-Up: 11/08/2024
RISC-V Support
This release of Metasploit Framework has added exciting new features such as new
payloads that target the RISC-V architecture. These payloads allow for the
execution of commands on compromised hardware, allowing Metasploit Framework and
Metasploit Payloads to be used in more environments.
SMB To HTTP(S) Relay
This new exploit worked on by Rapid7 contributors targets the ESC8
vulnerability. This work is a part of the recent Kerberos and Active Directory
efforts targeting multiple
4 min
Metasploit
Metasploit Weekly Wrap-Up 08/30/2024
A New Way to Encode PHP Payloads
A new PHP encoder has been released by a community contributor, jvoisin
[https://github.com/jvoisin], allowing a PHP payload to be encoded as an
ASCII-Hex string. This can then be decoded on the receiver to prevent issues
with unescaped or bad characters.
Ray Vulnerabilities
This release of Metasploit Framework also features 3 new modules to target
ray.io, which is a framework for distributing AI-related workloads across
multiple machines, which makes it an exce
3 min
Metasploit
Metasploit Weekly Wrap-Up 06/21/2024
Argument Injection for PHP on Windows
This week includes modules that target file traversal and arbitrary file read
vulnerabilities for software such as Apache, SolarWinds and Check Point, with
the highlight being a module for the recent PHP vulnerability submitted by
sfewer-r7 [https://github.com/sfewer-r7]. This module exploits an argument
injection vulnerability, resulting in remote code execution and a Meterpreter
shell running in the context of the Administrator user.
Note, that this attac
3 min
Metasploit
Metasploit Weekly Wrap-Up 04/12/24
Account Takeover using Shadow Credentials
The new release of Metasploit Framework includes a Shadow Credentials module
added by smashery [https://github.com/rapid7/metasploit-framework/pull/19051]
used for reliably taking over an Active Directory user account or computer, and
letting future authentication to happen as that account. This can be chained
with other modules present in Metasploit Framework such as windows_secrets_dump.
Details
The module targets a ‘victim’ account that is part of a
2 min
Metasploit
Metasploit Weekly Wrap-Up 02/02/2024
Shared RubySMB Service Improvements
This week’s updates include improvements to
[https://github.com/rapid7/metasploit-framework/pull/18680] Metasploit
Framework’s SMB server implementation: the SMB server can now be reused across
various SMB modules, which are now able to register their own unique shares and
files. SMB modules can also now be executed concurrently. Currently, there are
15 SMB modules in Metasploit Framework that utilize this feature.
New module content (2)
Mirth Connect Deseria
3 min
Metasploit Weekly Wrapup
Metasploit Wrap-Up: 4/8/22
Five new modules targeting Windows, Linux, macOS, and more. Plus, updates to the Log4Shell scanner and a new Windows Meterpreter option to enable additional logging visible in DbgView
3 min
Metasploit Weekly Wrapup
Metasploit Weekly Wrap-Up: 1/14/22
Five new modules, including exploits for Log4Shell and SonicWall SMA 100 series devices, plus a new Meterpreter command that allows users to kill all channels at once.
2 min
Metasploit Weekly Wrapup
Metasploit Wrap-Up: 10/8/21
New modules for vCenter Server and Linux Netfilter, plus fixes and enhancements.