Last updated at Wed, 17 Jan 2024 01:45:57 GMT
First!!
Congrats to Nick Tyrer for the first community contibuted evasion module to land in master. Nick's evasion/windows/applocker_evasion_install_util
module leverages the trusted InstallUtil.exe
binary to execute user supplied code and evade application whitelisting.
New modules (4)
- WP Database Backup RCE by Mikey Veenstra / Wordfence and Shelby Pace. which exploits a command injection vulnerability in wp-database-backup versions < v5.2.
- Schneider Electric Pelco Endura NET55XX Encoder by Lucas Dinucci and Vitor Esperança, which exploits CVE-2019-6814
- Ahsay Backup v7.x-v8.1.1.50 (authenticated) file upload by Wietse Boonstra, which exploits CVE-2019-10267
- Applocker Evasion - .NET Framework Installation Utility by Casey Smith and Nick Tyrer, which is designed to evade solutions such as software restriction policies and Applocker.
Enhancements and features
- Enhanced Web Delivery by bcoles. The
multi/script/web_delivery
module has been expanded to supportpubprn
for Windows delivery & directly support Linux as a target platform. - Hostname Keyed XOR by O . S . O. Linux payloads can now be XOR encoded based on target hostname, resulting in payload abort when executed on an unintended system.
- Improved msfvenom hex encoding by wvu. Payload encoding by
msfvenom
output allows character literals interleaved with escaped hex when using--bad-chars
and--encrypt-key
options.
Bugs fixed
- RHOSTS handling for non-scanner auxiliary by Green-m. When executing non-scanner auxiliary modules using
RHOSTS
all targets are now processed.
Get it
As always, you can update to the latest Metasploit Framework with msfupdate
and you can get more details on the changes since the last blog post from
GitHub:
We recently announced the release of Metasploit 5. You can get it by cloning the Metasploit Framework repo (master branch). To install fresh without using git, you can use the open-source-only Nightly Installers or the binary installers (which also include the commercial editions).