2 min
Metasploit Weekly Wrapup
Metasploit Wrapup: Dec. 15, 2017
I Read the News Today, Oh Boy
As we near the end of the year we must express appreciation for the Metasploit
community as a whole. Each contribution is valuable, be it an exploit for the
latest vulnerability, documentation, spelling corrections, or anything in
between. Together we shape the future of Metasploit. The Metasploit community
really surprised us this time around, as the latest release brings five new
exploit and two new auxiliary modules.
Hey! You! Get Off of My Cloud
Zenofex [https:
2 min
Metasploit Weekly Wrapup
Metasploit Wrapup: Dec. 8, 2017
Have you ever been on a conference call where you really wished you could take
command of the situation? With Metasploit Framework and the new Polycom HDX
exploit, you can (if given permission by the owner of the device, that is)! If
teleconferencing isn't your target's style, you can also pwn correspondence the
old-fashioned way: through a Microsoft Office exploit. Be it written or video,
we here at Rapid7 know you value other people's communication!
After another Python module and the Mac r
2 min
Metasploit Weekly Wrapup
Metasploit Wrapup: Dec. 1, 2017
Here in the U.S., we just celebrated Thanksgiving, which involves being thankful
[/2017/11/17/metasploit-wrapup-17/], seeing friends and family, and eating
entirely too much (I know that last one is not uncommon here). After a large
meal and vacation, we figured that it would be a nice, slow week for security
research in the States. Then we opened Twitter and were suddenly happy we had
procrastinated and most of us had put off upgrading to High Sierra.
Community CTF
In case you missed yesterd
2 min
Metasploit Weekly Wrapup
Metasploit Wrapup: Nov. 17, 2017
This is a time of year when many folks in the U.S. reflect on things in their
lives that they are thankful for. There’s also usually a turkey involved, but we
figured we’d pardon the bird
[https://en.wikipedia.org/wiki/National_Thanksgiving_Turkey_Presentation] this
wrapup and just focus on things we Metasploit folks here at Rapid7 are thankful
for.
Community Contributors
We are SUPER THANKFUL for our community contributors
[https://github.com/rapid7/metasploit-framework/graphs/contributors] an
2 min
Metasploit Weekly Wrapup
Metasploit Wrapup: Nov. 11, 2017
Metasploit kicked November off to a roaring start with a wholesome dose of RCE,
LPE, command injection, DoS, and more fixes/improvements.
So many file choosers…but which one to choose?
Big ups to @RootUP for the DoS module
[https://github.com/rapid7/metasploit-framework/pull/9060] targeting a
vulnerability in IBM’s Lotus Notes [https://en.wikipedia.org/wiki/IBM_Notes]
client (CVE-2017-1130). The DoS module targets the web interface via malicious
JavaScript (😱). An enterprising ‘sploiter can s
2 min
Metasploit Weekly Wrapup
Metasploit Wrapup: Nov. 3, 2017
What’s New?
This week’s release sees multiple improvements and corrections, some years in
the making! We fixed an interesting bug in the initial handshake with
meterpreter that caused some payload callbacks to fail, improved error and
information reporting in other modules, and then @h00die ran spellcheck
[https://github.com/rapid7/metasploit-framework/pull/9144/files]!
New (and Improved!) Modules (2 New):
After three years, @wvu’s tnftp aux module grew up to become a strong,
well-rounded explo
2 min
Metasploit
Metasploit Wrapup: Oct. 27, 2017
Would you like to help Metasploit Framework and get a free t-shirt?
There is still a bit of October left, which means you can totally still sign up
for Hacktoberfest [https://hacktoberfest.com/]: a fun annual project to
encourage open source software contributions! Make four pull requests on any
open source GitHub project by Oct 31, and you might find yourself some joy and
fulfilment—but at least a free t-shirt.
Check out the Contribute section on the refreshed metasploit.com
[https://metasploi
2 min
Metasploit Weekly Wrapup
Metasploit Wrapup: Oct. 20, 2017
Exploits for hours. Gather 'round with a pocket full of shells.
2 min
Metasploit
Metasploit Wrapup: Metasploit 5 or Bust
What's coming down the pipeline for Metasploit? Brent Cook brings you October's first Metasploit wrap-up.
2 min
Metasploit Weekly Wrapup
Metasploit Wrapup: Sep. 22, 2017
To celebrate this first day of Autumn[1], we've got a potpourri of "things
Metasploit" for you this week. And it might smell a bit like "pumpkin spice"...
Or it might not. Who knows?
Winter is Coming
If you're looking to finish filling your storehouse before the cold sets in,
we've got a couple of new gatherer modules to help. This new Linux post module
[https://www.rapid7.com/db/modules/post/linux/gather/tor_hiddenservices] can
locate and pull TOR hostname and private key files for TOR hidden
2 min
Metasploit Weekly Wrapup
Metasploit Wrapup: Sept. 15, 2017
It's been a hot minute since the last Metasploit Wrapup. So why not take in our
snazzy new Rapid7 blog makeover and catch up on what's been goin' down!
You can't spell 'Struts' without 'trust'
Or perhaps you can! With the all the current news coverage around an Apache
Struts vulnerability from earlier this year
[https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5638] (thanks to its
involvement in a consumer credit reporting agency data breach), there's a new
Struts vuln [https://lgtm.com/
2 min
Metasploit Weekly Wrapup
Metasploit Wrapup: August 11, 2017
Slowloris: SMB edition
Taking a page from the Slowloris HTTP DoS attack
[https://web.archive.org/web/20090822001255/http://ha.ckers.org/slowloris/], the
aptly named SMBLoris DoS attack [/2017/08/03/smbloris-what-you-need-to-know]
exploits a vuln contained in many Windows releases (back to Windows 2000) and
also affects Samba (a popular open source SMB implementation). Through creation
of many connections to a target's SMB port, an attacker can exhaust all
available memory on the target by sendi
3 min
Metasploit Weekly Wrapup
Metasploit Wrapup: June 30, 2017
Metasploit Hackathon
We were happy to host the very first Metasploit framework open source hackathon
this past week in the Rapid7 Austin. Eight Metasploit hackers from outside of
Rapid7 joined forces with the in-house team and worked on a lot of great
projects, small and large.
@bcook started the hackathon working with @sempervictus on his amazing backlog
of framework features, including REX library
[https://github.com/rapid7/rex-socket/pull/6] improvements
[https://github.com/rapid7/rex-socket
2 min
Metasploit
Metasploit Wrapup: June 16, 2017
A fresh, new UAC bypass module for Windows 10!
Leveraging the behavior of fodhelper.exe and a writable registry key as a normal
user, you too can be admin! Unpatched as of last week, this bypass module
[https://github.com/rapid7/metasploit-framework/pull/8434] works on Windows 10
only, but it works like a charm!
Reach out and allocate something
This release offers up a fresh denial/degradation of services exploit against
hosts running a vulnerable version of rpcbind. Specifically, you can repea
2 min
Metasploit
Metasploit Wrapup 6/2/17
It has only been one week since the last wrapup, so it's not like much could
have happened, right? Wrong!
Misery Loves Company
After last week's excitement with Metasploit's version of ETERNALBLUE (AKA the
Wannacry vulnerability)
[https://www.rapid7.com/db/modules/exploit/windows/smb/ms17_010_eternalblue],
this week SAMBA had its own "Hold My Beer" moment with the disclosure that an
authenticated (or anonymous) client can upload a shared library to a SAMBA
server, and that server will happily e