Posts tagged Metasploit

2 min Metasploit Weekly Wrapup

Metasploit Wrapup 11/16/18

The Malicious Git HTTP Server For CVE-2018-17456 module by timwr exploits a vulnerability in Git that can cause arbitrary code execution when a user clones a malicious repository using commands such as git clone --recurse-submodules and git submodule update.

Read Full Post

2 min Metasploit Weekly Wrapup

Metasploit Wrapup 11/9/18

Now in Framework: Exploit for jQuery File Upload plugin vuln, two new post modules to exfil images and texts from compromised iOS devices. Plus, this year's community CTF.

Read Full Post

3 min Metasploit

Announcing the 2018 Metasploit Community CTF

Two targets, three days, and a thousand teams: Put your skills to the test for a chance to win prizes and bragging rights in Metasploit’s 2018 community CTF.

Read Full Post

3 min Metasploit Weekly Wrapup

Metasploit Wrapup: 11/2/18

Today marks the 30th anniversary of the Morris worm. We were hit by a wave of nostalgia, so here's a little history and a module-trip down memory lane courtesy of wvu.

Read Full Post

4 min Metasploit

Metasploit Wrapup: 10/26/18

We got to hit the build button three times this week. It's not something that we normally do, since the Metasploit release each week triggers automatically. But it's been such a week of surprise vulnerabilities and improvements that it made sense to get a few extra builds out the door. So, Metasploit this week jumps from 4.14.18 to 4.17.21. Look for it during your next Metasploit romp. Exploit wrapup While the excitement around libssl CVE-2018-10933 [https://github.com/rapid7/metasploit-framewo

Read Full Post

1 min Metasploit Weekly Wrapup

Metasploit Wrapup: 10/19/18

A brand new Solaris module, improved Struts module, and the latest improvements.

Read Full Post

3 min Metasploit Weekly Wrapup

Metasploit Wrapup: 10/12/18

New evasion modules in Metasploit Framework, highlights from our Town Hall at DerbyCon VIII, and the last week's improvements and module additions.

Read Full Post

1 min Metasploit

Introducing Metasploit’s First Evasion Modules

Rapid7's Metasploit team is proud to announce we have released the first-ever antivirus evasion module in Metasploit Framework.

Read Full Post

2 min Metasploit Weekly Wrapup

Metasploit Wrapup: 10/5/18

Metasploit’s Brent Cook, Adam Cammack, Aaron Soto, and Cody Pierce are offering themselves up to the crowds at this year’s fourth annual Metasploit Town Hall at Derbycon.

Read Full Post

2 min Metasploit Weekly Wrapup

Metasploit Wrapup: 9/28/18

Trevor Forget: Metasploit Town Hall @ Derbycon Metasploit’s Brent Cook [/author/brent-cook], Adam Cammack [/author/adam-cammack], Aaron Soto [/author/aaron], and Cody Pierce are offering themselves up to the crowds at this year’s fourth annual Metasploit Town Hall at Derbycon [https://www.derbycon.com/]. Heading to bourbon country next weekend? Block off your 5 PM hour on Saturday, October 6 to join the team as they unveil some new hotness in Metasploit Framework and take questions and requests

Read Full Post

2 min Metasploit Weekly Wrapup

Metasploit Wrapup 9/21/18

Tomorrow brings the fall equinox, and that means (as we are almost contractually obligated to say at this point) winter is coming.

Read Full Post

2 min Metasploit Weekly Wrapup

Metasploit Wrapup 9/14/18

Your weekly run-down of the modules and improvements that landed in Metasploit Framework.

Read Full Post

2 min Metasploit Weekly Wrapup

Metasploit Wrapup 9/7/18

Ghost(script) in the shell There has been a lot of buzz the last couple weeks about Google Project Zero's Tavis Ormandy's new Ghostscript -dSAFER bypass, now complete with a Metasploit module. With some valiant work by wvu [https://github.com/wvu-r7] and taviso [https://github.com/taviso] himself, the latest way to break out of a PDF is now at your fingertips. If you pulled an advanced copy from the PR [https://github.com/rapid7/metasploit-framework/pull/10564], make sure to use the refined vers

Read Full Post

6 min Metasploit

External Metasploit Modules: The Gift that Keeps on Slithering

For HaXmas last December, I wrote about the introduction of Python modules to Metasploit Framework. As our module count keeps on growing, we thought that it would be a good time to update the community on where we are at.

Read Full Post

3 min Metasploit Weekly Wrapup

Metasploit Wrapup: 8/31/18

VPN to root The Network Manager VPNC Username Privilege Escalation [https://github.com/rapid7/metasploit-framework/pull/10482] module by bcoles [https://github.com/bcoles] exploits a privilege escalation attack in the Network Manager VPNC plugin configuration data (CVE-2018-10900) to gain root privileges. Network Manager VPNC versions prior to 1.2.6 are vulnerable and the module has been successfully tested against 1.2.4-4 on Debian 9.0.0 (x64) and 1.1.93-1 on Ubuntu Linux 16.04.4 (x64). The e

Read Full Post

• ...
• 22
• 23
• 24
• 25
• 26
• ...