Posts tagged Metasploit Weekly Wrapup

2 min Metasploit

Metasploit Wrap-Up 10/18/19

Nagios XI post module Nagios XI may store the credentials of the hosts it monitors, and with the new post module [https://github.com/rapid7/metasploit-framework/pull/12136] by Cale Smith [https://github.com/caleBot], we're now able to extract the Nagios database content along with its SSH keys and dump them into the MSF database. With the addition of this new post module, we can conveniently increase the opportunities for lateral movement. Environment-based API token authentication Our own ekel

Read Full Post

2 min Metasploit

Metasploit Wrap-Up 10/11/19

Exploiting Windows tools There are two new Windows modules this week, both brought to you by the Metasploit team. The Windows Silent Process Exit Persistence module [https://github.com/rapid7/metasploit-framework/pull/12375], from our own bwatters-r7 [https://github.com/bwatters-r7], exploits a Windows tool that allows for debugging a specified process on exit. With escalated privileges, an attacker can configure the debug process and then use the module to upload a payload which will launch e

Read Full Post

1 min Metasploit

Metasploit Wrap-Up 10/4/19

Command and Control with DOUBLEPULSAR We now have a DOUBLEPULSAR exploit module [https://github.com/rapid7/metasploit-framework/pull/12374] thanks to some amazing work by our own wvu [https://github.com/wvu-r7], Jacob Robles, and some significant contributions from the wider community. The module allows you to check for the DOUBLEPULSAR implant, disable it, or even load your own payloads as well; it really deserves its own blog post… [https://www.rapid7.com/blog/post/2019/10/02/open-source-comma

Read Full Post

2 min Metasploit Weekly Wrapup

Metasploit Wrap-Up 9/27/19

BlueKeep is Here The BlueKeep exploit module [https://github.com/rapid7/metasploit-framework/pull/12283] is now officially a part of Metasploit Framework. This module reached merged status thanks to lots of collaboration between Rapid7 and the MSF community members. The module requires some manual configuration per target, and targets include both virtualized and non-virtualized versions of Windows 7 and Windows Server 2008. For a full overview of the exploit’s development and notes on use and d

Read Full Post

1 min Metasploit Weekly Wrapup

Metasploit Wrap-Up 9/20/19

On the correct list AppLocker and Software Restriction Policies control the applications and files that users are able to run on Windows Operating Systems. These two protections have been available to the blue team for years. AppLocker is supported on Windows 7 and above, and Software Restriction Policies is supported on Windows XP and above. Encountering either during an engagement could slow you down; however, look no further than the evasion modules for assistance. Nick Tyrer [https://github.

Read Full Post

3 min Metasploit Weekly Wrapup

Metasploit Wrap-Up: Sep. 13, 2019

Fall is in the air, October is on the way, and it is Friday the 13th. We have a lot of updates and features that landed this week, though none are particularly spooky, and unfortunately, none are json-related…1 We recently updated our digital signing keys, and some users may have seen warnings that their Metasploit packages were not signed. We’ve fixed this as of this week—apologies for any confusion. If you are still experiencing signing issues, you may need to re-download Metasploit installer

Read Full Post

3 min Metasploit

Metasploit Wrap-Up 9/6/19

At our (final!) DerbyCon Town Hall today, the Metasploit team announced the release of an initial exploit module PR for CVE-2019-0708, aka BlueKeep.

Read Full Post

2 min Metasploit Weekly Wrapup

Metasploit Wrap-Up 8/30/19

Back to school blues Summer is winding down and while our for contributions haven't dropped off (thanks y'all!), we've been tied up with events and a heap of research. Don't despair, though: our own Brent Cook [https://github.com/busterb], Pearce Barry, Jeffrey Martin [https://github.com/jmartin-r7], and Matthew Kienow [https://github.com/mkienow-r7] will be at DerbyCon 9 running the Metasploit Town Hall at noon Friday. They'll be delivering a community update and answering questions, so be sur

Read Full Post

2 min Metasploit Weekly Wrapup

Metasploit Wrap-Up 8/23/19

A LibreOffice file format exploit, plus improvements to TLS and CredSSP-based fingerprinting.

Read Full Post

5 min Metasploit Weekly Wrapup

Metasploit Wrap-Up 8/16/19

Hacker Summer Camp Last week, the Metasploit team flew out to sunny, hot, and dry Las Vegas for Hacker Summer Camp (Black Hat, BSidesLV, and DEF CON). It was a full week of epic hacks, good conversation, and even a little business! If you managed to catch us at our Open Source Office Hours [https://blog.rapid7.com/2019/07/15/metasploit-open-source-office-hours-in-vegas/] (previously OSSM, the Open Source Security Meetup) in Bally's, we just wanted to say thanks for making the trek through the

Read Full Post

2 min Metasploit Weekly Wrapup

Metasploit Wrap-Up 8/9/19

Keep on Bluekeepin’ on TomSellers [https://github.com/TomSellers] added a new option to the increasingly useful Bluekeep Scanner module [https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/scanner/rdp/cve_2019_0708_bluekeep.rb] that allows execution of a DoS attack when running the module. This adds a new level of effectiveness in proving the severity of this vulnerability. As part of this update, TomSellers [https://github.com/TomSellers] moved and refactored a lot of

Read Full Post

2 min Metasploit Weekly Wrapup

Metasploit Wrap-Up 8/2/19

A new feature, better `set payload` options, and new modules. Plus, open-source office hours in Vegas during hacker summer camp.

Read Full Post

1 min Metasploit Weekly Wrapup

Metasploit Wrap-Up 7/26/19

First!! Congrats to Nick Tyrer [https://github.com/NickTyrer] for the first community contibuted evasion module to land in master. Nick's evasion/windows/applocker_evasion_install_util module [https://github.com/rapid7/metasploit-framework/pull/11795] leverages the trusted InstallUtil.exe binary to execute user supplied code and evade application whitelisting. New modules (4) * WP Database Backup RCE [https://github.com/rapid7/metasploit-framework/pull/12010] by Mikey Veenstra / Wordf

Read Full Post

2 min Metasploit Weekly Wrapup

Metasploit Wrap-Up: 7/19/19

RCE with a Key An exploit module [https://github.com/rapid7/metasploit-framework/pull/12062] for Laravel Framework was submitted by community contributor aushack [https://github.com/aushack]. The module targets an insecure unserialize call with the X-XSRF-TOKEN HTTP request header, which was discovered by Ståle Pettersen. Since the exploit requires the Laravel APP_KEY to reach the vulnerable unserialize call, aushack included information leak [https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-

Read Full Post

2 min Metasploit Weekly Wrapup

Metasploit Wrap-Up 7/12/19

We hope our American friends had a wonderful Fourth of July weekend! There are no new modules this week, so instead we're featuring two enhancements that fix some long outstanding Framework bugs. Check out last week’s holiday wrap-up for a list of the modules that landed while the U.S. was watching fireworks. GatherProof (or don't) Using ssh_login* on certain non-standard devices such as Brocade switches [https://github.com/rapid7/metasploit-framework/issues/11905] and Juniper firewalls [https:

Read Full Post

• ...
• 15
• 16
• 17
• 18
• 19
• ...