Posts tagged Metasploit

2 min Windows

Metasploit Framework Open Source Installers

Rapid7 has long supplied universal Metasploit installers for Linux and Windows. These installers contain both the open source Metasploit Framework as well as commercial extensions, which include a graphical user interface, metamodules, wizards, social engineering tools and integration with other Rapid7 tools. While these features are very useful, we recognized that they are not for everyone. According to our recent survey of Metasploit Community users, most only used it for the open source comp
6 min Metasploit

Flipping bits in the Windows Kernel

Recently, the MS15-061 bulletin has received some attention. This security bulletin includes patches for several Windows Kernel vulnerabilities, mainly related to win32k.sys. Details of one of them, discovered by Udi Yavo, have been very well covered. First, the same Udi Yavo published details about the Use After Free on a blog entry. Later, Dominic Wang [https://twitter.com/d0mzw] wrote a even more detailed analysis of both the vulnerability and its exploitation on this paper. Finally, Meysam

20 min Metasploit

A debugging session in the kernel

Last week, an awesome paper [https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2015/september/exploiting-cve-2015-2426-and-how-i-ported-it-to-a-recent-windows-8.1-64-bit/] about the MS15-078 vulnerability and it's exploitation was published by Cedric Halbronn [https://twitter.com/saidelike]. This vulnerability, originally found and exploited by Eugene Ching [https://twitter.com/eugeii], already has a work-in-progress module in Metasploit, which you can follow on github [https://
13 min Metasploit

Using Reflective DLL Injection to exploit IE Elevation Policies

As you are probably aware, sandbox bypasses are becoming a MUST when exploiting desktop applications such as Internet Explorer. One interesting class of sandbox bypasses abuse IE's Elevation Policies. An example of this type of sandbox bypass is CVE-2015-0016 [http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0016]. The vulnerability has already been analyzed by Henry Li, who published a complete description in this blog entry [http://blog.trendmicro.com/trendlabs-security-intelligence/
1 min Metasploit

Metasploit on Kali Linux 2.0

As you are aware, Kali 2.0 [https://www.kali.org/releases/kali-linux-20-released/] has been released this week and getting quite a bit of attention, as it should. Folks behind Kali have worked really hard to bring you the new version of Kali Linux that everyone is excited about. If you have already started to play with the new version, you probably have realized that something is different, that is; Metasploit Community / Pro is no longer installed by default. Where is Metasploit Community / Pr
3 min Metasploit

Metasploit Local Exploit Suggester: Do Less, Get More!

Meet Lester, the Exploit Suggester Hey there, my name is Mo ( Mohamed Sadek [https://github.com/MSadek-r7] ). I am currently an intern at Rapid7, working with the Metasploit team in Austin. After some research, testing, and more than a few energy drinks, sinn3r (sinn3r [https://twitter.com/_sinn3r] ) and I have authored the first version of the Metasploit Local Exploit Suggester, or Lester for short. Lester is a post module that you can use to check a system for local vulnerabilities, using the

6 min Metasploit

Interning at Rapid7: A "git push" in the Right Direction

How I Got Here Hey there! My name is Mo. I'm currently an intern here at Rapid7 working in the Austin office as part of the Metasploit team. If you came here expecting a deep understanding of Metasploit, this blog post isn't the right place. If you ARE interested in knowing what it's like to being a small town college student working at a leading firm in security engineering, then keep reading! Everyone used to tell me that every mistake and failure was a push in the right direction, but that

8 min Metasploit

Wassenaar Arrangement - Frequently Asked Questions

The purpose of this post is to help answer questions about the Wassenaar Arrangement.  You can find the US proposal for implementing the Arrangement here [https://s3.amazonaws.com/public-inspection.federalregister.gov/2015-11642.pdf], and an accompanying FAQ from the Bureau of Industry and Security (BIS) here [http://www.bis.doc.gov/index.php/policy-guidance/faqs#subcat200]. For Rapid7's take on Wassenaar, and information on the comments we intend to submit to BIS, please read this companion pie
2 min Metasploit

Metasploit Framework Rails 4.0 Upgrade

It is always a running battle to keep an application's backend up to date with various technologies. Today, we are excited to announce that Metasploit Framework [https://www.metasploit.com/download/] now ships with Rails 4.0. Upgrades like this are sometimes hard to get excited about because if everything goes well, users should see no difference. There are many reasons to upgrade to Rails 4, though. Why Upgrade Here are the important reasons to upgrade from our perspective: * Security is a b
1 min Metasploit

2015 Metasploit T-Shirt Design Contest: It's On!

Hacker-designers! We need you! Show us your graphic skills, design an epic Metasploit t-shirt, and win Eternal Fame and Glory! [https://99designs.com/t-shirt-design/contests/metasploit-t-shirt-design-contest-489841/brief] Ahem, er, rather, we're looking for someone to design this year's Metasploit t-shirt. And if you are this year's winning Metasploit t-shirt designer, you will get $230USD and the notoriety and/or immense personal satisfaction in knowing that you're the 2015 Metasploit t-shi
5 min Metasploit

Unicode Support in Meterpreter

A short, mostly-accurate history of character encodings In the beginning, when you wanted to use a computer to store text, there were not many options - you inherited something from punchcards like EBCDIC or invented something convenient and unique to your system. Computers did not need to talk to each other, so there was not much point in standardizing between vendors. Things were pretty simple. Then, there came the need for computers and vendors to interoperate and communicate. Thus, ASCII an
8 min Metasploit

Meterpreter Survey 2015: You spoke, we listened, then wrote a bunch of code.

The Survey One month ago we asked the community for feedback about how they use Metasploit and what they want to see in the Meterpreter payload suite going forward. Over the course of a week we received over 400 responses and over 200 write-in suggestions for new features. We have spent the last month parsing through your responses, identifying dependencies, and actively delivering new features based on your requests. These requests covered 20 different categories: General Feedback Metasploit F
1 min Metasploit

Nexpose and Metasploit Training and Certification Courses Filling Up Fast!

Looking to amp-up or fine-tune your security prowess? UNITED conference attendees get the chance to do just that by registering for additional small group training and certification courses (Nexpose Basic, Metasploit Basic, and Nexpose Advanced). Since we're keeping the sessions intimate, spots are filling up quickly! Save your spot now for two days of formalized, curriculum-based training with Rapid7 experts [http://www.unitedsummit.org/new-registration.jsp]. You'll get to: * Share best p
4 min Metasploit

Being Product Manager of Metasploit

Hello World My name is Eray Yilmaz, and I am the new Product Manager of Metasploit. It has been three months since I have joined Rapid7, and I wanted to share my experiences with you so far. Before we get to that, here is tiny bit about myself: I am a 28, married, and fairly new father. I went to UTSA where I majored in Information Assurance and Information Systems, and received my B.B.A. Like anyone else in our industry, I have done my fair share of IT work, from helpdesk to managing networks
4 min Metasploit

HOTFIX: Metasploit Startup Issues After Upgrading to 4.11.0 (Update 2014122301)

Overview The Update (2014122301) which was released on December, 23th 2014, failed to include necessary files for the application to update to version 4.11.0 for the first time. Issue The application will not start, therefore browser will provide generic "The page can't be displayed" message when trying to load the web UI. Additionally, various log messages may appear in respective log files. Windows: C:\metasploit\apps\pro\engine\prosvc.log Linux: /opt/metasploit/apps/pro/engine/prosvc_stder

Popular Topics

Tags