Last updated at Wed, 17 Jan 2024 02:09:18 GMT
Keep your eyes peeled for another Metasploit CTF
We hosted our third Annual(ish) Metasploit CTF back in January of this year. All 1,000 slots were booked within days of announcing the competition. Because of the resounding success, we'll be hosting the fourth Annual(ish) Metasploit CTF by year’s end. Keep an eye out for an announcement with more details in the next few weeks.
Gathering ProxyUsername and ProxyPassword
PuTTY, for those of you who live solely on a command line, is a popular SSH and Telnet GUI client built for Windows and Unix systems. Metasploit contributor HuskyHacks, working in a team with Brian Saunders and Aaron Hobdy, added an enhancement to the post/windows/gather/enum_putty_saved_sessions.rb module. This enhancement now allows the capturing of two additional registry keys:
HKCU\Software\SimonTatham\PuTTY\Sessions\[Username]\ProxyUsernameandHKCU\Software\SimonTatham\PuTTY\Sessions\[Username]\ProxyPassword
This is a great new feature because we are able to capture two additional fields for saved PuTTY sessions, the plaintext values of ProxyUsername and ProxyPassword.
Service stub encoder validation
A bug fix added by our very own adfoster-r7 improves the user experience of the m17_010_psexec and psexec modules by ensuring invalid encoders are no longer silently ignored. From now on SERVICE_STUB_ENCODER is validated before running the module.
Enhancements and features
- Added support for gathering ProxyUsername and ProxyPassword keys to the post/windows/gather/enumputtysaved_sessions module by HuskyHacks
Bugs fixed
- Applied a fix to the ms17_010_psexec and psexec modules to ensure that SERVICESTUBENCODER is validated before running the module, thereby preventing the code from silently ignoring invalid encoders by adfoster-r7
- Fixed some broken links in the CONTRIBUTORS.md file to point to the correct URL by justinsteven
- Fixed an error via the RPC interface where the compatible sessions endpoint would not handle local exploit modules by acammack-r7
- Fixed a bug in the exploit/linux/local/bpfsignextensionprivesc module with the cred uid field to make it the correct size, ensuring data will be correctly interpreted by gblomqvist
- Fixed an issue in the DNS enumeration library that was causing zone transfer (AXFR) results to be displayed with a leading and trailing bracket by gwillcox-r7
- Added a rescue for SSLError in HTTP scanner check_setup by jmartin-r7
Get it
As always, you can update to the latest Metasploit Framework with msfupdate and you can get more details on the changes since the last blog post from GitHub:
If you are a git user, you can clone the Metasploit Framework repo (master branch) for the latest. To install fresh without using git, you can use the open-source-only Nightly Installers or the binary installers (which also include the commercial edition).
