Last updated at Tue, 16 Jan 2024 02:10:25 GMT
Happy New Year to the Metasploit community! As we kick off 2019, we're excited to see all the modules, enhancements, and discussions the new year will bring.
Ring In 2019 With SSL
There is a new datastore option courtesy of wvu called CMDSTAGER::SSL. This exposes the ability to enable SSL/TLS command stagers with set cmdstager::ssl true.
Auld Erlang Syne
Good news if you're a fan of the multi/misc/erlang_cookie_rce module: This module now has command stager support thanks to Jacob Robles. This enhancement allows more flexibility in loading and executing payloads when targeting Linux and Windows.
HaXmas Cheer
As in holiday seasons past, Rapid7 published a series of hacker- and research-oriented blogs this year highlighting cool side projects and technical deep dives. The Metasploit team contributed four of these:
- A wrap-up of all the hotness that landed in Metasploit in 2018
- A piece from Adam on running Linux executables without execve
- An advice column for the lazy family sys admin courtesy of Brent
- An epic technical analysis by wvu of the exploit development process for three vulnerabilities leveraged by the Morris Worm.
The rest of the HaXmas spread features insight from Rapid7 Labs, holiday stories from our pen testing team, and Patch Tuesday data mining from the VM content team, too. See all of the HaXmas fun here.
New Modules
Exploit modules (2 new)
- Hashicorp Consul Remote Command Execution via Rexec by Bharadwaj Machiraju, Francis Alexander, and Quentin Kaiser
- Hashicorp Consul Remote Command Execution via Services API by Bharadwaj Machiraju, Francis Alexander, and Quentin Kaiser
Improvements
- The
linux/local/vmware_alsa_configmodule has been cleaned up and augmented with some new documentation, thanks to bcoles. This update also adds options for modifying the DISPLAY variable and improving exploit reliability. - Meterpreter now supports reading
MULTI_SZstrings from the Windows registry, thanks to Green-m!
Get it
As always, you can update to the latest Metasploit Framework with msfupdate and you can get more details on the changes since the last blog post from GitHub:
To install fresh, check out the open-source-only Nightly Installers, or the binary installers which also include the commercial editions. PLEASE NOTE that these installers, and Metasploit Framework versions included in distros such as Kali, Parrot, etc., are based off the stable Metasploit 4 branch. If you'd like to try out the newer things going into Metasploit 5, that work is available in the master branch of the Metasploit Framework repo on GitHub.
