11 min
Metasploit
MS11-030: Exploitable or Not?
If you weren't already aware, Rapid7 is offering a bounty
for
exploits that target a bunch of hand-selected, patched vulnerabilities. There
are two lists to choose from, the Top 5 and the Top 25
. An exploit for an issue in the
Top 5 list will receive a $500 bounty and one from the Top 25 list will fetch a
$100 bounty. In addition to a monetary reward, a successful participant also
1 min
Metasploit
Metasploit Framework Console Output Spooling
Sometimes little things can make a huge difference in usability -- the
Metasploit Framework Console is a great interface for getting things done
quickly, but so far, has been missing the capability to save command and module
output to a file. We have a lot of small hacks that makes this possible for
certain commands, such as the "-o" parameter to db_hosts and friends, but this
didn't solve the issue of module output or general console logs.
As of revision r13028 the console now supports the sp
1 min
Introducing Cocktails with Customers
The title of my post today may lead you to think we're promoting yet another of
our famous parties. I'm sure it won't be long until that's the case
(particularly with the likes of BlackHat and B-Sides just around the corner),
but for today my focus is firmly on this blog. I wanted to take a couple of
minutes to introduce a new series of posts from Jen Benson on Rapid7's customer
engagement. Jen is titling this series Cocktails with Customers and if any of
our customers are in the LA area near he
1 min
Release Notes
Metasploit Framework 3.7.2 Released!
It's that time again! The Metasploit team is proud to announce the immediate
release of the latest version of the
Metasploit Framework, 3.7.2. Today's release includes eleven new exploit modules
and fifteen post modules for your pwning pleasure. Adding to Metasploit's
well-known hashdump capabilities, now you can easily steal password hashes from
Linux, OSX, and Solaris. As an added bonus, if any of the passwords were hashed
with crypt_blowfish (which is the d
1 min
Patch Tuesday
June Patch Tuesday
This month's Patch Tuesday was another biggie: 16 bulletins addressing 34
vulnerabilities across IE, Office and Windows...
Top of the list of things to watch out for are two “critical” bulletins:
MS11-050 and MS11-52. These are are effectively attacker's delight since they
are browser based, which are the most coveted exploits. They affect Internet
Explorer 6,7, and 8: and once these vulnerabilities are weaponized they will be
a significant problem as many organizations give their users admi
2 min
Metasploit
Emulating ZeuS DNS Traffic with Metasploit Framework
vSploit Modules will be released at DEFCON
This is a follow-up post for vSploit - Virtualizing Intrusion & Exploitation
Attributes with Metasploit Framework
about using Metasploit as a way to test network infrastructure countermeasures
and coverage. I mentioned obtaining list of suspicious domains to use for
testing organization's networking intell
2 min
Metasploit
vSploit - Virtualizing Intrusion & Exploitation Attributes with Metasploit Framework
Many organizations are making significant investments in technologies in order
to tell if they have been compromised; however, frequently they find out when it
is too late. There are several network-based attributes that, when combined,
indicate possible compromises have taken place. Many pentesters are successful
at compromising hosts; however, commonly they are restricted in what they can
and can't do. There needs to be a way that they can sucessfully mimick threats
and scenarios, even when re
4 min
Exploits
Recent Developments in Java Signed Applets
The best exploits are often not exploits at all -- they are code execution by
design. One of my favorite examples of this is a signed java applet. If an
applet is signed, the jvm allows it to run outside the normal security sandbox,
giving it full access to do anything the user can do.
Metasploit has supported using signed applets as a browser exploit for quite
awhile, but over the last week there have been a couple of improvements that
might help you get more shells. The first of these improve
2 min
Release Notes
w3af - And now, with a stable core
Since our latest w3af release in mid January
, and our new windows installer
release a couple of months ago, we've got lots of encouraging words telling us
we are going in the right direction. The objective was near and we could almost
taste it. Having a stable code-base is no joke, it requires countless hours of
writing unit-tests, running w3af scripts and most importantly: fixing bugs. Now,
finally we're here!
In this latest release, we bring y
4 min
Metasploit
Introducing msfvenom
The Metasploit Framework has included the useful tools msfpayload and msfencode
for quite sometime. These tools are extremely useful for generating payloads in
various formats and encoding these payloads using various encoder modules. Now I
would like to introduce a new tool which I have been working on for the past
week, msfvenom. This tool combines all the functionality of msfpayload and
msfencode in a single tool.
Merging these two tools into a single tool just made sense. It standardizes
2 min
Metasploit
Metasploit-ation for the Nation
In a couple of weeks, our very own @Mubix (AKA Rob Fuller to those who don't
live their life with an @ sign permanently attached to their name!) will be
offering Metasploit-ation for the Nation. Unlike that phrase – which I just
made up – Mubix will actually be talking sense as he walks penetration testers
through the delightful world of Metasploit Pro in a 4-hour in-depth training
session.
Mubix took some time to answer a few questions below to give you a flavor of the
training. If you have
1 min
Metasploit
Metasploit Framework 3.7.1 Released!
Originally posted by HD Moore:
We are happy to announce the immediate availability of version 3.7.1 of the
Metasploit Framework, Metasploit Express, and Metasploit Pro. This is a
relatively small release focused on bug fixes and performance improvements.
Notable highlights include an improved IPv6 reverse_tcp stager from Stephen
Fewer, a performance improvement for HTTP services (client-side modules), a bug
fix to channel support in the PHP Meterpreter, an update to MSFGUI, and various
small
2 min
PCI
PCI Newsletter #2 - Payment processing terminology and workflow
Hi Everyone,
This is our second PCI 30 sec newsletter.
One cannot move through the PCI ecosystem without basic understandings of the
payment processing terminology and workflow. So let's have a look behind the
scene.
The payment processing terminology
In a nutshell, the payment transaction could be depicted as follow:
We have cardholders that make payment card purchases from merchants, merchants
that send payment transaction data to their acquirers, and acquirers that send
payment transacti
1 min
Patch Tuesday
May Patch Tuesday
So yesterday was Patch Tuesday, and following a mammoth April
, it was a pretty quiet one, with only 2 vulnerabilities reported
, and only one
of those given the most severe rating of “critical”. That said, of course any
vulnerability reported should be investigated and understood, and particularly
those rated critical.
This month the critical
2 min
Metasploit
Metasploit Pro 3.7: Better, Faster, Stronger
Over the last two months the Rapid7 team has been hard at work rewiring the
database and session management components of the Metasploit Framework,
Metasploit Express, and Metasploit Pro products. These changes make the
Metasploit platform faster, more reliable, and able to scale to hundreds of
concurrent sessions and thousands of target hosts. We are excited to announce
the immediate availability of version 3.7 of Metasploit Pro and Metasploit
Express!
Existing customers can apply the latest s