Posts tagged Metasploit

5 min Metasploit

Introducing Pingback Payloads

The Metasploit team added a new feature to Framework that improves safety and offers another avenue in MSF for novel evasion techniques: pingback payloads.
1 min Metasploit Weekly Wrapup

Metasploit Wrap-Up 7/26/19

First!! Congrats to Nick Tyrer [https://github.com/NickTyrer] for the first community contibuted evasion module to land in master. Nick's evasion/windows/applocker_evasion_install_util module [https://github.com/rapid7/metasploit-framework/pull/11795] leverages the trusted InstallUtil.exe binary to execute user supplied code and evade application whitelisting. New modules (4) * WP Database Backup RCE [https://github.com/rapid7/metasploit-framework/pull/12010] by Mikey Veenstra / Wordf
2 min Metasploit Weekly Wrapup

Metasploit Wrap-Up: 7/19/19

RCE with a Key An exploit module [https://github.com/rapid7/metasploit-framework/pull/12062] for Laravel Framework was submitted by community contributor aushack [https://github.com/aushack]. The module targets an insecure unserialize call with the X-XSRF-TOKEN HTTP request header, which was discovered by Ståle Pettersen. Since the exploit requires the Laravel APP_KEY to reach the vulnerable unserialize call, aushack included information leak [https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-
1 min Metasploit

End of Sale Announced for Metasploit Community

Today we are announcing end of sale for Metasploit Community Edition, effective immediately.
3 min Events

Metasploit Open Source Office Hours: Vegas 2019

The Metasploit crew at Rapid7 is headed out to Las Vegas for DEF CON 27, bringing a new incarnation of the Open Source Security Meetup (OSSM) with us! We will have a Metasploit Suite at Bally’s this year, where we’ll be hosting “Open Source Office Hours” (OSOH). If you’ll be out in Vegas for DEF CON 27, take a moment and ask yourself: * Are you currently working on a Metasploit module/payload and could use some guidance? * Are you modifying Framework and you’d like to discuss? * Are you w
2 min Metasploit Weekly Wrapup

Metasploit Wrap-Up 7/12/19

We hope our American friends had a wonderful Fourth of July weekend! There are no new modules this week, so instead we're featuring two enhancements that fix some long outstanding Framework bugs. Check out last week’s holiday wrap-up for a list of the modules that landed while the U.S. was watching fireworks. GatherProof (or don't) Using ssh_login* on certain non-standard devices such as Brocade switches [https://github.com/rapid7/metasploit-framework/issues/11905] and Juniper firewalls [https:
3 min Metasploit Weekly Wrapup

Metasploit Wrap-Up 7/5/19

Injecting the Time Machine From contributor timwr [https://github.com/timwr] comes a new module targeting Time Machine on macOS 10.14.3 and earlier. Specifically, the tmdiagnose binary for these vulnerable versions suffers from a command injection vulnerability that can be exploited via a specially crafted disk label. This new module uses an existing session for exploitation on the target, allowing the Framework user to run a payload as root. What’s on TV? If you are nearby to a vulnerable Supr
2 min Metasploit Weekly Wrapup

Metasploit Wrap-Up 6/28/19

I am Root An exploit module [https://github.com/rapid7/metasploit-framework/pull/11987] for Nagios XI v5.5.6 was added by community contributor yaumn [https://github.com/yaumn]. This module includes two exploits chained together to achieve code execution with root privileges, and it all happens without authentication. A single unsanitized parameter in magpie_debug.php enables the ability to write arbitrary PHP code to a publicly accessible directory and get code execution. Privilege escalation

1 min Metasploit

Metasploit Development Diaries: Q2 2019

Hey folks, it's towards the end of the second quarter, which means it's high time for another Metasploit Dev Diary! If you already know what this series is about, feel free to just click on over here [https://www.rapid7.com/research/report/metasploit-development-diaries-q2-2019] and read away. If you need more convincing, here's the skinny. Once a quarter, the indomitable Metasploit [https://www.rapid7.com/products/metasploit/] engineering team is going to pull you, dear reader, behind the cur
3 min Metasploit Weekly Wrapup

Metasploit Wrap-Up 6/21/19

TLS support and expanded options for the BlueKeep scanner module, two new modules for Cisco Prime Infrastructure, and more.
5 min Metasploit

Metasploit Hackathon Wrap-Up: What We Worked On

As part of the Metasploit project's second hackathon, Metasploit contributors and committers got together to discuss ideas, write some code, and have some fun.

2 min Metasploit Weekly Wrapup

Metasploit Wrap-Up 6/14/19

It’s Summertime, and the Hackin’ is Easy It is still early in the season, but there’s a whole lot of fixes that are already shipping. Straight off a week of intellectual synergy from the world-wide hackathon, we started to fix a lot of things we noticed while we coded over street tacos and Austin-famous beverages. All told, this week we made Metasploit more inclusive, transparent, and configurable! Inclusive @wvu-r7 has been on a roll trying to make Metasploit play well with others. He teamed u
18 min Windows

Heap Overflow Exploitation on Windows 10 Explained

Heap corruption can be a scary topic. In this post, we go through a basic example of a heap overflow on Windows 10.

3 min Metasploit Weekly Wrapup

Metasploit Wrap-Up 6/7/19

Read up on how the recent community hackathon in Austin went, three new modules, and the usual long list of fixes and enhancements.

2 min Metasploit Weekly Wrapup

Metasploit Wrap-Up 5/31/19

Unauthenticated scanner for BlueKeep, community hackathon in Austin, and the usual long list of fixes and enhancements.

Popular Topics

Tags