3 min
Metasploit
Metasploit Wrap-Up: Dec. 17, 2021
A new Log4Shell / Log4j scanner module for Metasploit, a new WordPress module, and multiple enhancements and bug fixes
2 min
Metasploit
Metasploit Wrap-Up 12/10/21
Word and Javascript are a rare duo.
Thanks to thesunRider [https://github.com/thesunRider]. you too can experience
the wonder of this mystical duo. The sole new metasploit module this release
adds a file format attack to generate a very special document. By utilizing
Javascript embedded in a Word document to trigger a chain of events that slip
through various Windows facilities, a session as the user who opened the
document can be yours.
Do you like spiders?
It has been 3 years since SMB2 suppo
2 min
Metasploit
Metasploit Wrap-Up: 12/3/21
Metasploit CTF 2021 starts today
It’s that time of year again! Time for the 2021 Metasploit Community CTF
[https://www.rapid7.com/blog/post/2021/11/16/announcing-the-2021-metasploit-community-ctf/]
. Earlier today over 1,100 users in more than 530 teams were registered and
opened for participation to solve this year’s 18 challenges. Next week a recap
and the winners will be announced, so stay tuned for more information.
Overlayfs LPE
This week Metasploit shipped an exploit for the recent Overla
3 min
Metasploit
Metasploit Wrap-Up: Nov. 26 2021
Self-Service Remote Code Execution
This week, our own @wvu-r7 added an exploit module
[https://github.com/rapid7/metasploit-framework/pull/15874] that achieves
unauthenticated remote code execution in ManageEngine ADSelfService Plus, a
self-service password management and single sign-on solution for Active
Directory. This new module leverages a REST API authentication bypass
vulnerability identified as CVE-2021-40539
[https://attackerkb.com/topics/DMSNq5zgcW/cve-2021-40539?referrer=blog], where
3 min
Metasploit
Metasploit Wrap-Up: 11/19/21
Azure Active Directory login scanner module
Community contributor k0pak4 [https://github.com/k0pak4] added a new login
scanner module for Azure Active Directory
[https://github.com/rapid7/metasploit-framework/pull/15755]. This module
exploits a vulnerable
[https://attackerkb.com/topics/rZ1JlQhXhc/cve-2020-16152?referrer=blog]
authentication endpoint in order to enumerate usernames without generating log
events. The error code returned by the endpoint can be used to discover the
validity of user
4 min
Metasploit
Metasploit Wrap-Up: Nov. 12, 2021
Four new modules, including Microsoft OMI local privilege escalation, and a Win32k local privilege escalation module for CVE-2021-40449, impacting Windows 10 x64 build 14393 and 17763
3 min
Metasploit
Metasploit Wrap-Up: 11/5/21
GitLab RCE
New Rapid7 team member jbaines-r7 [https://github.com/jbaines-r7] wrote an
exploit targeting GitLab via the ExifTool command. Exploiting this vulnerability
results in unauthenticated remote code execution as the git user. What makes
this module extra neat is the fact that it chains two vulnerabilities together
to achieve this desired effect. The first vulnerability is in GitLab itself that
can be leveraged to pass invalid image files to the ExifTool parser which
contained the second v
3 min
Metasploit Weekly Wrapup
Metasploit Wrap-Up: Oct. 29, 2021
Modules for Apache Server, Sophos UTM, the OMIgod RCE, and more. Plus, support for reverse port forwarding via established SSH sessions.
2 min
Metasploit Weekly Wrapup
Metasploit Wrap-Up: 10/22/21
Metasploit's first modules targeting Kubernetes, plus Windows support for exploiting Confluence Server CVE-2021-26084.
2 min
Metasploit Weekly Wrapup
Metasploit Wrap-Up 10/15/21
Four new Moodle modules, plus new features to help red teamers keep track of sessions and forwarded connections.
2 min
Metasploit Weekly Wrapup
Metasploit Wrap-Up: 10/8/21
New modules for vCenter Server and Linux Netfilter, plus fixes and enhancements.
3 min
Metasploit Weekly Wrapup
Metasploit Wrap-Up: 10/1/21
More post modules than we've ever put out in a single release before, courtesy of a university project to add credential gathering capabilities based on the PackRat toolset.
3 min
Metasploit Weekly Wrapup
Metasploit Wrap-Up: 9/24/21
A new evasion module, an exploit for ManageEngine OpManager, fully functional shells over WinRM, and major RDP library improvements.
2 min
Metasploit Weekly Wrapup
Metasploit Wrap-Up: 9/17/21
New modules for Jira user enumeration, Git Remote Code execution via git-lfs, Geutebruck Camera post exploitation module, and unauthenticated RCE in elFinder PHP application
3 min
Metasploit Weekly Wrapup
Metasploit Wrap-Up: 9/10/21
Confluence Server OGNL Injection
Our own wvu along with Jang [https://twitter.com/testanull] added a module that
exploits an OGNL injection (CVE-2021-26804
[https://attackerkb.com/topics/Eu74wdMbEL/cve-2021-26084-confluence-server-ognl-injection]
)in Atlassian Confluence's WebWork component to execute commands as the Tomcat
user. CVE-2021-26804 is a critical remote code execution vulnerability in
Confluence Server and Confluence Data Center and is actively being exploited in
the wild. Initial di