2 min
Metasploit
Metasploit Updated: Trivial Access to TFTP
The Metasploit Update is out, and it's a little smaller than you might expect.
We've recently rejiggered our development to QA to release workflow here at
Rapid7, and that means that this week, we cut the release a couple days earlier
than usual in order to ensure the work flow all makes sense and that the
releases get the post-commit QA attention that they deserve. The end result is
that we'll have a pretty light release this week (due to the shortened
development cycle), but going forward, wee
2 min
Metasploit
Metasploit Framework Updated: What's your Favorite Resource Script?
Sample Resource Scripts
About a week ago, munky9001 posted on Reddit the headline, DB_Autopwn
Deprecated! About time [http://redd.it/mzfp2]. Shortly after, HD wrote up a blog
post, Six Ways to Automate Metasploit
[/2011/12/08/six-ways-to-automate-metasploit], with the moral of the story
being, "don't cry for db_autopwn, there are already much better methods to get
your automated pwnage on." Of these, the easiest and most straightforward way to
automate things is to write a resource script.
Thi
2 min
Release Notes
Metasploit Framework Updated: FastLib and More
Metasploit development moves fast. Blindingly fast, fueled by tons of open
source contributors -- which is one of the reasons why we moved away from our
tried and true SVN repository and on to GitHub. Now that we're on a more modern,
more social development platform, we have all new ways to get overwhelmed with
the pace of change on the Framework, especially since contributor code is that
much easier to integrate now. So, in order to ensure that the more notable
week-over-week changes get their
1 min
Nmap? In my Metasploit? It's more likely than you'd think!
If you've been paying any attention to the open source security software space,
you've probably noticed that one of our favorite tools, nmap [http://nmap.org/],
ships with a pretty serious scipting engine. NSE allows users to run scripted
interactions on discovered services, and lately, the repository of those scripts
has exploded. As of the 5.50 release of nmap, there are 177 scripts and 54
supporting libraries [http://seclists.org/nmap-hackers/2011/0], covering all
sorts of protocols you're li