Posts tagged Metasploit Weekly Wrapup

3 min Metasploit

Metasploit Weekly Wrap-Up: 3/3/23

2022 Vulnerability Intelligence Report Released Rapid7’s broader vulnerability research team released our 2022 Vulnerability Intelligence Report [https://www.rapid7.com/blog/post/2023/02/28/a-shifting-attack-landscape-rapid7s-2022-vulnerability-intelligence-report/] this week. The report includes Metasploit and research team data on exploitation, exploitability, and vulnerability profiles that are intended to help security teams understand and prioritize risk more effectively. Put simply, secur

2 min Metasploit

Metasploit Wrap-Up: 2/24/23

Basic discover script improvements This week two improvements were made to the script/resource/basic_discovery.rc resource script. The first update from community member samsepi0x0 [https://github.com/samsepi0x0] allowed commas in the RHOSTS value, making it easier to target multiple hosts. Additionally, adfoster-r7 [https://github.com/adfoster-r7] improved the script by adding better handling for error output. This continues our trend of trying to provide more useful diagnostic information to

2 min Metasploit

Metasploit Wrap-Up: 2/17/23

Cisco RV Series Auth Bypass and Command Injection Thanks to community contributor neterum [https://github.com/neterum], Metasploit framework just gained an awesome new module which targets Cisco Small Business RV Series Routers. The module actually exploits two vulnerabilities, an authentication bypass CVE-2022-20705 [https://attackerkb.com/topics/1iBoR0w9Ak/cve-2022-20705?referrer=blog] and a command injection vulnerability CVE-2022-20707 [https://attackerkb.com/topics/J6696vwQVH/cve-2022-20707

4 min Metasploit

Metasploit Weekly Wrap-Up: 2/10/23

Taking a stroll down memory lane (Tomcat Init Script Privilege Escalation) Do you remember the issue with Tomcat init script that was originally discovered by Dawid Golunski [https://twitter.com/dawid_golunski?lang=en] back in 2016 that led to privilege escalation? This week's Metasploit release includes an exploit module for CVE-2016-1240 by h00die [https://github.com/h00die]. This vulnerability allows any local users who already have tomcat accounts to perform privilege escalation and gain acc

4 min Metasploit

Metasploit Weekly Wrap-Up: 2/2/23

Metasploit 6.3 is out! Earlier this week we announced the release of Metasploit 6.3 which came with a tonne of new modules and improvements. The whole team worked super hard on this and we're very excited that everyone can now get their hands on it and all of the new features it has to offer! I won't go over everything we did here because we have a whole separate blog post [https://www.rapid7.com/blog/post/2023/01/30/metasploit-framework-6-3-released/] dedicated to the 6.3 release that you shou

2 min Metasploit

Metasploit Weekly Wrap-Up: 1/27/23

Cacti Unauthenticated Command Injection Thanks to community contributor Erik Wynter [https://github.com/ErikWynter], Metasploit Framework now has an exploit module [https://github.com/rapid7/metasploit-framework/pull/17407] for an unauthenticated command injection vulnerability in the Cacti network-monitoring software. The vulnerability is due to a proc_open() call that accepts unsanitized user input in remote_agent.php. Provided that the target server has data that's tied to the POLLER_ACTION_S

2 min Metasploit

Metasploit Weekly Wrap-Up: 1/20/23

See something say something Have an idea on how to expand on Metasploit Documentation on https://docs.metasploit.com/? Did you see a typo or some other error on the docs site? Thanks to adfoster-r7 [https://github.com/adfoster-r7], submitting an update to the documentation is as easy as clicking the 'Edit this page on GitHub' link on the page you want to change. The new link will take you directly to the source in Metasploit's GitHub so you can quickly locate the Markdown [https://www.markdowng

2 min Metasploit

Metasploit Weekly Wrap-Up: 1/13/23

New module content (2) Gather Dbeaver Passwords Author: Kali-Team Type: Post Pull request: #17337 [https://github.com/rapid7/metasploit-framework/pull/17337] contributed by cn-kali-team [https://github.com/cn-kali-team] Description: This adds a post exploit module that retrieves Dbeaver session data from local configuration files. It is able to extract and decrypt credentials stored in these files for any version of Dbeaver installed on Windows or Linux/Unix systems. Gather MinIO Client Key A

3 min Metasploit Weekly Wrapup

Metasploit Weekly Wrap-Up: Jan. 1, 2023

Back from a quiet holiday season Thankfully, it was a relatively quiet holiday break for security this year, so we hope everyone had a relaxing time while they could. This wrapup covers the last three Metasploit releases, and contains three new modules, two updates, and five bug fixes. Make sure that your OpenTSDB isn’t too open Of particular note in this release is a new module from community contributors Erik Wynter [https://github.com/ErikWynter] and Shai rod [https://github.com/nightrang3r

5 min Haxmas

2022 Annual Metasploit Wrap-Up

It's been another gangbusters year for Metasploit, and the holidays are a time to give thanks to all the people that help make our load a little bit lighter. So, while this end-of-year wrap-up is a highlight reel of the headline features and extensions that landed in Metasploit-land in 2022, we also want to express our gratitude and appreciation for our stellar community of contributors, maintainers, and users. The Metasploit team merged 824 pull requests across Metasploit-related projects in 20

4 min Metasploit

Metasploit Weekly Wrap-Up: 12/16/22

A sack full of cheer from the Hacking Elves of Metasploit It is clear that the Metasploit elves have been busy this season: Five new modules, six new enhancements, nine new bug fixes, and a partridge in a pear tree are headed out this week! (Partridge nor pear tree included.) In this sack of goodies, we have a gift that keeps on giving: Shelby’s [https://github.com/space-r7] Acronis TrueImage Privilege Escalation [https://github.com/rapid7/metasploit-framework/pull/17265] works wonderfully, even

2 min Metasploit Weekly Wrapup

Metasploit Wrap-Up: 12/9/22

Login brute-force utility Jan Rude [https://github.com/whoot] added a new module that gives users the ability to brute-force login for Linux Syncovery. This expands Framework's capability to scan logins to Syncovery, a popular web GUI for backups. WordPress extension SQL injection module Cydave [https://github.com/cydave], destr4ct [https://github.com/destr4ct], and jheysel-r7 [https://github.com/jheysel-r7] contributed a new module that takes advantage of a vulnerable WordPress extension. Thi

2 min Metasploit

Metasploit Weekly Wrap-Up: 12/2/22

ProxyNotShell This week's Metasploit release includes an exploit module for CVE-2022-41082, AKA ProxyNotShell by DA-0x43-Dx4-DA-Hx2-Tx2-TP-S-Q, Orange Tsai [https://github.com/orangetw], Piotr Bazydło [https://mobile.twitter.com/chudypb], Rich Warren [https://twitter.com/buffaloverflow], Soroush Dalili [https://twitter.com/irsdl] , and our very own Spencer McIntyre [https://github.com/zeroSteiner]. The vulnerability CVE-2022-41082, AKA ProxyNotShell is a deserialization flaw in Microsoft Exchang

2 min Metasploit

Metasploit Weekly Wrap-Up: 11/15/22

2 new modules targeting F5 devices, DuckyScript support, bug fixes, and more

2 min Metasploit

Metasploit Weekly Wrap-Up: 11/18/22

Pre-authenticated Remote Code Execution in VMware NSX Manager using XStream (CVE-2021-39144) There’s nothing quite like a pre-authenticated remote code execution vulnerability in a piece of enterprise software. This week, community contributor h00die-gr3y [https://github.com/h00die-gr3y] added a module [https://github.com/rapid7/metasploit-framework/pull/17222] that targets VMware NSX Manager using XStream. Due to an unauthenticated endpoint that leverages XStream for input serialization in VMwa