Last updated at Thu, 08 Feb 2024 21:42:25 GMT
Welcome to this week's Metasploit Wrapup. I'm your host Brent Cook, tagging in for egypt who just finished speaking about Metasploit at the Texas DIR Telecommunications Forum. This week was largely focused on bug fixes and refinements.
In the fixes bucket, PowerShell sessions now properly upgrade with the 'sessions -u' command. Fixing this also revealed some general problems handling PowerShell commands, which were also fixed. SRVHOST, like LHOST now supports tab completion, which is super useful rather than having to remember what your local IP addresses are. Modules using SSL can now set advanced options, including support for TLS 1.2, and a similar fix was applied to SMB and TCP login scanner modules. We also fixed a bug preventing 64-bit Linux staged command payloads from running, which unlocks loading some more interesting 64-bit Linux payloads in the future.
As modules get used in more varied scenarios and environments, deficiencies in modules are often uncovered. As a result of your reports, MS SQL, IMAP and POP3 protocol handlers now handle network failures better. The Java RMI scanner is also more resilient when handling larger protocol responses. Even the venerable msfd now has a 'quiet' option, that makes it work nicely with dumb network clients.
Of course, there were a few new modules this week as well, including:
-
ManageEngine ServiceDesk Plus Arbitrary File Upload by Pedro Ribeiro
-
Watermark Master Buffer Overflow (SEH) by Andrew Smith and metacom
-
HP SiteScope DNS Tool Command Injection by Kirk Hayes, Charles Riggs and Juan Vazquez