Posts tagged Metasploit Weekly Wrapup

3 min Metasploit Weekly Wrapup

Metasploit Wrap-Up 11/15/19

Pulse Secure VPN exploit modules, a notable BlueKeep exploit reliability improvement, and an overhaul of MSF's password cracking integration, including new support for hashcat.

Read Full Post

2 min Metasploit

Metasploit Wrap-Up: Nov. 8, 2019

Config R Us Many versions of network management tool rConfig are vulnerable to unauthenticated command injection, and contributor bcoles [https://github.com/bcoles] added a new exploit module [https://github.com/rapid7/metasploit-framework/pull/12507] for targeting those versions. Present in v3.9.2 and prior, this vulnerability centers around the install directory not being automatically cleaned up following software installation, leaving behind a PHP file that can be utilized to execute arbitr

Read Full Post

1 min Metasploit

Metasploit Wrap-Up 11/1/19

This week's Metasploit wrap-up ships a new exploit module against Nostromo, a directory traversal vulnerability that allows system commands to be executed remotely. Also, improvements have been made for the grub_creds module for better post exploitation experience against Unix-like machines. Plus a few bugs that have been addressed, including the -s option for NOPs generation, the meterpreter prompt, and reverse_tcp hanging due to newer Ruby versions. New modules (1) * Nostromo Directory Trave

Read Full Post

2 min Metasploit

Metasploit Wrap-Up 10/25/19

Is URGENT/11 urgent to your world? Metasploit now has a scanner module to help find the systems that need URGENT attention. Be sure to check the options on this one; RPORTS is a list to test multiple services on each target. Thanks Ben Seri [https://twitter.com/benseri87] for the PoC that lead off this work. Everyone likes creds, a new post module [https://github.com/rapid7/metasploit-framework/pull/12462] landed this week from Taeber Rapczak [https://github.com/taeber] that brings back credent

Read Full Post

2 min Metasploit

Metasploit Wrap-Up 10/18/19

Nagios XI post module Nagios XI may store the credentials of the hosts it monitors, and with the new post module [https://github.com/rapid7/metasploit-framework/pull/12136] by Cale Smith [https://github.com/caleBot], we're now able to extract the Nagios database content along with its SSH keys and dump them into the MSF database. With the addition of this new post module, we can conveniently increase the opportunities for lateral movement. Environment-based API token authentication Our own ekel

Read Full Post

2 min Metasploit

Metasploit Wrap-Up 10/11/19

Exploiting Windows tools There are two new Windows modules this week, both brought to you by the Metasploit team. The Windows Silent Process Exit Persistence module [https://github.com/rapid7/metasploit-framework/pull/12375], from our own bwatters-r7 [https://github.com/bwatters-r7], exploits a Windows tool that allows for debugging a specified process on exit. With escalated privileges, an attacker can configure the debug process and then use the module to upload a payload which will launch e

Read Full Post

1 min Metasploit

Metasploit Wrap-Up 10/4/19

Command and Control with DOUBLEPULSAR We now have a DOUBLEPULSAR exploit module [https://github.com/rapid7/metasploit-framework/pull/12374] thanks to some amazing work by our own wvu [https://github.com/wvu-r7], Jacob Robles, and some significant contributions from the wider community. The module allows you to check for the DOUBLEPULSAR implant, disable it, or even load your own payloads as well; it really deserves its own blog post… [https://www.rapid7.com/blog/post/2019/10/02/open-source-comma

Read Full Post

2 min Metasploit Weekly Wrapup

Metasploit Wrap-Up 9/27/19

BlueKeep is Here The BlueKeep exploit module [https://github.com/rapid7/metasploit-framework/pull/12283] is now officially a part of Metasploit Framework. This module reached merged status thanks to lots of collaboration between Rapid7 and the MSF community members. The module requires some manual configuration per target, and targets include both virtualized and non-virtualized versions of Windows 7 and Windows Server 2008. For a full overview of the exploit’s development and notes on use and d

Read Full Post

1 min Metasploit Weekly Wrapup

Metasploit Wrap-Up 9/20/19

On the correct list AppLocker and Software Restriction Policies control the applications and files that users are able to run on Windows Operating Systems. These two protections have been available to the blue team for years. AppLocker is supported on Windows 7 and above, and Software Restriction Policies is supported on Windows XP and above. Encountering either during an engagement could slow you down; however, look no further than the evasion modules for assistance. Nick Tyrer [https://github.

Read Full Post

3 min Metasploit Weekly Wrapup

Metasploit Wrap-Up: Sep. 13, 2019

Fall is in the air, October is on the way, and it is Friday the 13th. We have a lot of updates and features that landed this week, though none are particularly spooky, and unfortunately, none are json-related…1 We recently updated our digital signing keys, and some users may have seen warnings that their Metasploit packages were not signed. We’ve fixed this as of this week—apologies for any confusion. If you are still experiencing signing issues, you may need to re-download Metasploit installer

Read Full Post

3 min Metasploit

Metasploit Wrap-Up 9/6/19

At our (final!) DerbyCon Town Hall today, the Metasploit team announced the release of an initial exploit module PR for CVE-2019-0708, aka BlueKeep.

Read Full Post

2 min Metasploit Weekly Wrapup

Metasploit Wrap-Up 8/30/19

Back to school blues Summer is winding down and while our for contributions haven't dropped off (thanks y'all!), we've been tied up with events and a heap of research. Don't despair, though: our own Brent Cook [https://github.com/busterb], Pearce Barry, Jeffrey Martin [https://github.com/jmartin-r7], and Matthew Kienow [https://github.com/mkienow-r7] will be at DerbyCon 9 running the Metasploit Town Hall at noon Friday. They'll be delivering a community update and answering questions, so be sur

Read Full Post

2 min Metasploit Weekly Wrapup

Metasploit Wrap-Up 8/23/19

A LibreOffice file format exploit, plus improvements to TLS and CredSSP-based fingerprinting.

Read Full Post

5 min Metasploit Weekly Wrapup

Metasploit Wrap-Up 8/16/19

Hacker Summer Camp Last week, the Metasploit team flew out to sunny, hot, and dry Las Vegas for Hacker Summer Camp (Black Hat, BSidesLV, and DEF CON). It was a full week of epic hacks, good conversation, and even a little business! If you managed to catch us at our Open Source Office Hours [https://blog.rapid7.com/2019/07/15/metasploit-open-source-office-hours-in-vegas/] (previously OSSM, the Open Source Security Meetup) in Bally's, we just wanted to say thanks for making the trek through the

Read Full Post

2 min Metasploit Weekly Wrapup

Metasploit Wrap-Up 8/9/19

Keep on Bluekeepin’ on TomSellers [https://github.com/TomSellers] added a new option to the increasingly useful Bluekeep Scanner module [https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/scanner/rdp/cve_2019_0708_bluekeep.rb] that allows execution of a DoS attack when running the module. This adds a new level of effectiveness in proving the severity of this vulnerability. As part of this update, TomSellers [https://github.com/TomSellers] moved and refactored a lot of

Read Full Post

• ...
• 16
• 17
• 18
• 19
• 20
• ...