Posts by Tod Beardsley

2 min

Metasploit Now Supports Plan 9, the Evolution of Unix

Unix, Evolved Today, we are delighted to announce the next phase of Metaploit's [https://www.metasploit.com/download/] expanded support for more diverse host operating systems. On the heels of our integration work with Kali Linux, we've been heads-down on putting the finishing touches on our support for the future of Unix, Plan 9 from Bell Labs. This renewed commitment to Plan 9 will come as a welcome relief for those of you who have, until now, been stuck on hobby operating systems such as L

Read Full Post

2 min

Weekly Update: Introducing Metasploit 4.5.3

Version bump to Metasploit 4.5.3 This week, we've incremented the Metasploit version number by one trivial point to 4.5.3 -- this was mainly done to ensure that new users get the fixes for the four [https://groups.google.com/forum/?fromgroups=#!topic/rubyonrails-security/4_QHo4BqnN8] most [https://groups.google.com/forum/?fromgroups=#!topic/rubyonrails-security/KZwsQbYsOiI] recent [https://groups.google.com/forum/?fromgroups=#!topic/rubyonrails-security/zAAU7vGTPvI] vulnerabilities [https

Read Full Post

3 min Metasploit

Weekly Update: Splitting DNS Modules and a D-Link Auth Bypass

DNS Module Split up This week, we appear to have a whole bunch of new DNS-based enumeration and information gathering modules. In fact, this was actually more of a housekeeping chore, largely by longtime Metasploit contributor Carlos @darkoperator Perez. Darkoperator wrote most of the original enum_dns module as well. enum_dns became a bit of a junk drawer of DNS functionality -- it did a whole bunch of everything for DNS. So, instead of just tacking on more and more over time, it's been split

Read Full Post

2 min Metasploit

Weekly Update: Corelan, MSFTidy, and UNC Path Injection

28 Hours Later This week, much of the Metasploit Framework and Metasploit Pro teams here at Rapid7 had the opportunity to get some intense, in-person training on exploit development from long-time Metapsloit contributor, Peter corelanc0d3r [https://twitter.com/corelanc0d3r] Van Eeckhoutte and local Corelan Teammates @_sinn3r [https://twitter.com/_sinn3r] and TheLightCosine [https://twitter.com/thelightcosine]. I'm the first to admit that my memory corruption skills are pretty light (I hang arou

Read Full Post

2 min

Weekly Update: Metasploit 4.5.1, MSFUpdate, and More Wordpress Hijinks

MSFUpdate This week, we've addressed the changes introduced by Metasploit 4.5 on the command line updater, msfupdate. You can read about it over here [/2013/01/17/metasploit-updates-and-msfupdate], but the gist of it is, if you want to continue using msfupdate, you will want to take a few tens of seconds to activate your Metasploit installation, or get yourself moved over to a fully functional git clone of the Metasploit Framework. And speaking of updates... Update to 4.5.1 Lately, Metasploit u

Read Full Post

5 min Product Updates

Update to the Metasploit Updates and msfupdate

The Short Story In order to use the binary installer's msfupdate, you need to first register your Metasploit installation. In nearly all cases, this means visiting https://localhost:3790 [https://localhost:3790/] and filling out the form. No money, no dense acceptable use policy, just register and go. Want more detail and alternatives? Read on. Background A little over a year ago, Metasploit primary development switched to Git as a source control platform and GitHub as our primary source hos

Read Full Post

2 min Metasploit

Weekly Metasploit Update: Rails Scanning, ZDI, and Exploit Dev

Rails Injection Bug The big news this week turned out to be the new Rails injection bug, aka, CVE-2013-0156, which you can read about in detail over on HD Moore's blog post. Soon after the vulnerability was disclosed, @hdmoore [https://twitter.com/hdmoore] had a functional auxiliary scanner module [http://www.metasploit.com/modules/auxiliary/scanner/http/rails_xml_yaml_scanner] put together, so as of this moment, you're encouraged to scan the heck out of your environment, repeatedly, for vulner

Read Full Post

2 min Metasploit

Weekly Metasploit Update: CrystalReports and Testing Discipline

Dissecting CrystalPrintControl This week's update is, by all accounts, pretty light. This may be the first update we've shipped that has exactly one new module.  To make up for the lack of quantity, though, we've got some quality for you, oh boy. If it's snowy and blustery where you live, grab yourself a cup of hot cocoa, gather the kids, and watch their little eyes twinkle in the firelight as you regale them with the classic fable of how Metasploit Exploitation Elf Juan @_juan_vazquez [https:

Read Full Post

3 min Metasploit

Weekly Metasploit Update: Exploit Dev How-to and InfoSec Targets

Metasploit 4.5 has been out for a few days, so it's high time for an update. Let's hop to it! 1000th Exploit: Freefloat FTP WMI I often hear the question, "How do I get started on writing exploits?" Well, I'd like to point you to Metasploit's 1000th exploit (future Hacker Jeopardy contestants, take note): On December 7, 2012, Wei "sinn3r" Chen and Juan Vazquez committed FreeFloat FTP Server Arbitrary File Upload [http://www.metasploit.com/modules/exploit/windows/ftp/freefloatftp_wbem]. Now, as

Read Full Post

2 min

Metasploit Hits 1000 Exploits

Along with today's 4.5 release [/2012/12/07/go-phishing-how-to-manage-phishing-exposure-with-metasploit], Metasploit hit a thousand exploits. So, what does that mean? Well, let's take a look, historically. When Metasploit 1.0 was released on October 6, 2003, it boasted all of 11 exploits, according to this mailing list post [http://marc.info/?l=pen-test&m=106548308908767&w=2]. Now, this is 9 years ago, so an announcement on a mailing list of more than one exploit was pretty novel, and "a ton

Read Full Post

2 min Metasploit

Weekly Metasploit Update: OpenVAS, SAP, NetIQ, and More!

Now that I've consumed a significant percentage of my own weight in turkey (seriously, it was something like five percent), it's time to shake off the tryptophan and get this week's update out the door. Attacking Security Infrastructure: OpenVAS This week's update features three new module for bruteforcing three different OpenVAS authentication mechanisms, all provided by community contributor Vlatko @k0st [https://twitter.com/k0st] Kosturjak. OpenVAS is an open source security management stac

Read Full Post

2 min Metasploit

Weekly Metasploit Update: Web Libs, SAP, ZDI, and More!

Fresh Web Libs As we head into the holiday season here in the U.S., Metasploit core developers Tasos @Zap0tek [https://twitter.com/Zap0tek] Laskos and James @Egyp7 [https://twitter.com/egyp7] Lee finished up a refresh of the Metasploit fork of the Anemone libraries, which is what we use for basic web spidering. You can read up on it here [http://anemone.rubyforge.org/]. The Metasploit fork isn't too far off of Chris Kite's mainline distribution, but does account for Metasploit's Rex sockets, ad

Read Full Post

4 min Metasploit

Weekly Metasploit Update: WinRM x2, ADDP, RealPort, CI and BDD

WinRM, Part Two In the last Metasploit update blog post, we talked about the work from Metasploit core contributors @TheLightCosine [http://twitter.com/thelightcosine] , @mubix [http://twitter.com/mubix] and @_sinn3r [http://twitter.com/_sinn3r] on leveraging WinRM / WinRS. As of this update, Metasploit users can now execute WQL queries [http://www.metasploit.com/modules/auxiliary/scanner/winrm/winrm_wql], execute commands [http://www.metasploit.com/modules/auxiliary/scanner/winrm/winrm_cmd], an

Read Full Post

3 min Metasploit

Weekly Metasploit Update: WinRM Part One, Exploiting Metasploit, and More!

WinRM Exploit Library For the last couple weeks, Metasploit core contributor David @TheLightCosine [http://twitter.com/thelightcosine] Maloney has been diving into Microsoft's WinRM services with @mubix [http://twitter.com/mubix] and @_sinn3r [http://twitter.com/_sinn3r]. Until these guys started talking about it, I'd never heard WinRM. If you're also not in the Windows support world day-to-day, you can read up on it at Microsoft [http://msdn.microsoft.com/en-us/library/windows/desktop/aa384426(

Read Full Post

2 min Metasploit

Weekly Metasploit Update: Microsoft Windows and SQL, TurboFTP, and More!

AppSecUSA 2012 Last week was AppSecUSA 2012 here in Austin, which may explain the curious absence of a weekly Metasploit Update blog post. The hilights of Appsec for me, were (in no particular order): Meeting Raphael @ArmitageHacker [https://twitter.com/armitagehacker] Mudge in person for the first time, meeting Scott @_nullbind [https://twitter.com/_nullbind]Sutherland, author of a bunch of recent Microsoft SQL post modules, and both of whom happened to contribute to last week's Metasploit upda

Read Full Post

• ...
• 10
• 11
• 12
• 13
• 14
• 15