0 min
Metasploit
Metasploit and PTES
One of our Metasploit contributers, Brandon Perry
[http://twitter.com/#%21/brandonprry], has put together a document detailing the
recently released Penetration Testing Execution Standard
[http://www.pentest-standard.org/index.php/Main_Page](PTES) with the modules and
functionality in the Framework. PTES is a push from a group of testers fed up
with the lack of guidance and the disparate sources of basic penetration testing
information. Brandon's document does a great job detailing disparate par
3 min
Release Notes
Exploit for Critical Java Vulnerability Added to Metasploit
@_sinn3r [http://twitter.com/_sinn3r] and Juan Vasquez
[https://twitter.com/#!/_juan_vazquez_] recently released a module which
exploits the Java vulnerability detailed here
[http://schierlm.users.sourceforge.net/CVE-2011-3544.html] by mihi and by Brian
Krebs here
[http://krebsonsecurity.com/2011/11/new-java-attack-rolled-into-exploit-kits].
This is a big one. To quote Krebs: "A new exploit that takes advantage of a
recently-patched critical security flaw in Java is making the rounds in the
cri
2 min
Metasploit
Three Great New Metasploit Books
I've seen three great Metasploit books published lately. The one that most
people are probably already familiar with is Metasploit: The Penetration
Tester's Guide by David Kennedy, Jim O'Gorman, Devon Kearns and Mati Aharoni.
The book is very comprehensive, and packed full of great advice. David Kennedy
is Chief Information Security Officer at Diebold Incorporated and creator of the
Social-Engineer Toolkit (SET), Fast-Track, and other open source tools, so he
really knows his stuff. By the way,
0 min
Metasploit
Metasploit Framework Featured on CNN: Phishing Made Simple
While browsing security related articles at CNN, I noticed this video of Eric
Fiterman demonstrating a phishing attack and some post exploitation techniques
with Metasploit Framework.
Video courtesy of:
2 min
Metasploit
PCI DIY: How to do an internal penetration test to satisfy PCI DSS requirement 11.3
If you're accepting or processing credit cards and are therefore subject to PCI
DSS, you'll likely be familiar with requirement 11.3, which demands that you
"perform penetration testing at least once a year, and after any significant
infrastructure or application upgrade or modification". What most companies
don't know is that you don't have to hire an external penetration testing
consultant - you can carry out the penetration test internally, providing you
follow some simple rules:
* Sufficie
3 min
Nexpose
Introducing Metasploit Community Edition!
The two-year anniversary of the Metasploit acquisition is coming up this week.
Over the last two years we added a ridiculous amount of new code to the open
source project, shipped dozens of new releases, and launched two commercial
products. We could not have done this without the full support of the security
community. In return, we wanted to share some of our commercial work with the
security community at large.
As of version 4.1 [http://www.metasploit.com/], we now include the Metasploit
15 min
Metasploit
MonaSploit
Introduction
“Standalone exploits suck”.
egyp7 [https://twitter.com/egyp7] and bannedit [https://twitter.com/msfbannedit]
made this statement earlier this year at Bsides Vegas, and nullthreat
[https://twitter.com/nullthreat] & yours truly
[https://twitter.com/corelanc0d3r] elaborated on this even more during our talk
at Derbycon 2011.
There are many reasons why writing Metasploit exploit modules and submitting
them to the Metasploit framework is a good idea. You're not only going to help
the
1 min
Metasploit
Metasploit, Scanners, and DNS
One of the awesome things about the Metasploit Framework (and Ruby in general)
is that there is a strong focus on avoiding code duplication. This underlying
philosophy is why we can manage a million-plus line code base with a relatively
small team. In this post, I want to share a recent change which affects how
hostnames with multiple A records are processed by modules using the Scanner
mixin.
Quite of a few of the web's "major" properties, such as google.com, return
multiple IP addresses when
1 min
Metasploit
How to Update to Metasploit 4.0
If you're packing to go to Black Hat, Defcon or Security B-Sides in Las Vegas,
make sure you also download Metasploit 4.0 to entertain you on the plane ride.
The new version is now available for all editions, and here's how you upgrade:
* Metasploit Pro and Metasploit Express 4.0: For fresh installs, download
version 4.0 of Metasploit Pro
[https://www.rapid7.com/products/metasploit/download/] and install. If you
already have Metasploit Pro or Metasploit Express installed, simply go t
3 min
Release Notes
Metasploit Framework 4.0 Released!
It's been a long road to 4.0. The first 3.0 release was almost 5 years ago and
the first release under the Rapid7 banner was almost 2 years ago. Since then,
Metasploit has really spread its wings. When 3.0 was released, it was under a
EULA-like license with specific restrictions against using it in commercial
products. Over time, the reasons for that decision became less important and the
need for more flexibility came to the fore; in 2008, we released Metasploit 3.2
under a 3-clause BSD licen
2 min
Metasploit
Password Cracking in Metasploit with John the Ripper
HDM recently added password cracking functionality to Metasploit through the
inclusion of John-the-Ripper in the Framework
[http://dev.metasploit.com/redmine/projects/framework/repository/revisions/13135]
. The 'auxiliary/analyze/jtr_crack_fast
[http://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/auxiliary/analyze/jtr_crack_fast.rb]
' module was created to facilitate JtR's usage in Framework and directly into
Express/Pro's automated collection routine. The module works
4 min
Metasploit
Metasploit 4.0 is Coming Soon!
It'll only be days until you can download the new Metasploit version 4.0!
The new version marks the inclusion of 36 new exploits, 27 new post-exploitation
modules and 12 auxiliary modules, all added since the release of version 3.7.1
in May 2011. These additions include nine new SCADA exploits, improved 64-bit
Linux payloads, exploits for Firefox and Internet Explorer, full-HTTPS and HTTP
Meterpreter stagers, and post-exploitation modules for dumping passwords from
Outlook, WSFTP, CoreFTP, S
2 min
Exploits
Metasploit Bounty: Code, Sweat, and Tears
After more than 30 days of hardcore and intense exploit hunting, the Metasploit
Bounty program has finally come to an end. First off, we'd like to say that even
though the Metasploit Framework has made exploit development much easier, the
process is not always an easy task. We're absolutely amazed how hard our
participants tried to make magic happen.
Often, the challenge begins with finding the vulnerable software. If you're
lucky, you can find what you need from 3rd-party websites that mirror
2 min
Metasploit
Testing Snort IDS with Metasploit vSploit Modules
One of my key objectives for developing the new vSploit modules
[https://www.rapid7.com/blog/post/2011/06/02/vsploit-virtualizing-exploitation-attributes-with-metasploit-framework/]
was to test network devices such as Snort [http://www.snort.org]. Snort or Cisco
[https://www.cisco.com/site/us/en/products/security/index.html] enterprise
products are widely deployed in enterprises, so Snort can safely be considered
the de-facto standard when it comes to intrusion detection systems (IDS). So
much
1 min
Metasploit
Metasploit Exploit Bounty - Status Update
A few weeks ago the Metasploit team announced a bounty program
[/2011/06/14/metasploit-exploit-bounty-30-exploits-500000-in-5-weeks] for a list
of 30 vulnerabilities that were still missing Metasploit exploit modules. The
results so far have been extremely positive and I wanted to take a minute to
share some of the statistics.
As of last night, there have been 27 participants in the bounty program
resulting in 10 submissions, with 5 of those already comitted to the open source
repository and t