5 min
Product Updates
Update to the Metasploit Updates and msfupdate
The Short Story
In order to use the binary installer's msfupdate, you need to first register
your Metasploit installation. In nearly all cases, this means visiting
https://localhost:3790 [https://localhost:3790/] and filling out the form. No
money, no dense acceptable use policy, just register and go. Want more detail
and alternatives? Read on.
Background
A little over a year ago, Metasploit primary development switched to Git as a
source control platform and GitHub as our primary source hos
4 min
Product Updates
Weekly Metasploit Update: Two Dozen New Modules
The Vegas and vacation season is behind us, so it's time to release our first
post-4.4.0 update. Here we go!
Exploit Tsunami
A few factors conspired to make this update more module-heavy than usual. We
released Metasploit 4.4 in mid-July. Historically, a dot version release of
Metasploit means that we spend a little post-release time closing out bugs,
performing some internal housekeeping that we'd been putting off, and other
boring software engineering tasks. Right after this exercise, it was
3 min
Metasploit
Weekly Metasploit Update: Encrypted Java Meterpreter, MS98-004, and New Modules!
When it rains, it pours. We released Metasploitable Version 2
[/2012/06/13/introducing-metasploitable-2] , published a technique for scanning
vulnerable F5 gear
[/2012/06/11/scanning-for-vulnerable-f5-bigips-with-metasploit] , and put out a
module to exploit MySQL's tragically comic authentication bypass problem
[/2012/06/11/cve-2012-2122-a-tragically-comedic-security-flaw-in-mysql], all in
addition to cooking up this week's update. So, kind of a busy week around here.
You're welcome. (:
Encryp
5 min
Metasploit
Weekly Metasploit Update: Citrix Opcodes, Hash Collisions, and More!
This week's update has a nice new asymmetric DoS condition module, a bunch of
churn in Metasploit's Rails components, and some new Citrix attacks, so let's
get right into it.
Fuzzing for Citrix Opcodes
This week's update includes three new exploits for Citrix Provisioning Services,
the solution by Citrix "to stream a single desktop image to create multiple
virtual desktops on one or more servers in a data center" (vendor quote
[https://docs.citrix.com/en-us/categories/legacy-archive]). These mo
2 min
Product Updates
Weekly Metasploit Update: Post Modules!
This week, let's talk about post-modules, since we have two new fun ones to
discuss.
Windows PowerShell
Windows PowerShell is a scripting language and shell for Windows platforms, used
primarily by system administrators. While untrusted scripts are not allowed to
run by default, many users will be tempted to set their execution environments
to be pretty permissive. This, in turn, can provide a rich (and almost
completely overlooked) post-exploitation playground.
To that end, this update featur
3 min
Metasploit
Weekly Metasploit Update: DNS Payloads, Exploit-DB, and More
This week we've got a nifty new shellcode delivery scheme, we've normalized on
Exploit-DB serial numbers, and a pile of new modules, so if you don't have
Metasploit yet, you can snag it here [http://www.metasploit.com/download/].
DNS Payloads in TXT Records
To quote RFC 1464 [http://tools.ietf.org/html/rfc1464] describing DNS TXT
records, "it would be useful to take advantage of the widespread use and
scalability of the DNS to store information that has not been previously
defined." I don't kno
3 min
Metasploit
Weekly Metasploit Update: Spiceworks, AFP, RDP, and a New HTTP Downloader
After a couple of relatively light weeks (blame SXSW, I guess), this week's
update has quite a few neat new additions. As always, if you don't already have
Metasploit, what are you waiting for
[https://www.rapid7.com/products/metasploit/download/]? For the rest of us,
here's what's new.
Importapalooza
This week's update has support for importing asset lists exported from
Spiceworks, courtesy of Rapid7's Brandon Perry. Spiceworks is a free asset
management application used by tons of IT pros and
3 min
Metasploit
Weekly Metasploit Update: Session Smarts and GitHub
It's another Metasploit update, and it's headed straight for us!
Session Smarts
This week, Metasploit session management got a whole lot smarter. Here's the
scenario: As a penetration tester, you rook a bunch of people into clicking on
your browser-embedded Flash exploit [/2012/03/08/cve-2012-0754], sit back, and
watch the sessions rolling in. However, they're all behind a single NAT point,
so all your sessions appear to be terminating at a single IP address, and you
quickly lose track of who's
2 min
Metasploit
Weekly Metasploit Update: Wmap, Console Search, and More!
In addition to the nuclear-powered exploit, we've got a new slew of updates,
fixes and modules this week for Metasploit, so let's jump right into the
highlights for this update.
Updated WMAP Plugin
Longtime community contributor Efrain Torres provided a much-anticipated update
to the Wmap plugin. Wmap automates up a bunch of web-based Metasploit modules
via the Metasploit console, from HTTP version scanning to file path bruteforcing
to blind SQL injection testing. If you're not already familiar
2 min
Metasploit
Weekly Metasploit Update: POSIX Meterpreter and New Exploits
This is a pretty modest update, since it's the first after our successful 4.2
release [https://www.rapid7.com/products/metasploit/download/] last week. Now
that 4.2 is out the door, we've been picking up on core framework development,
and of course, have a few new modules shipping out.
Meterpreter Updates
James "egyp7" Lee and community contributor mm__ have been banging on the POSIX
side of Meterpreter development this week, and have a couple of significant
enhancements to Linux Meterpreter. T
3 min
Product Updates
What is this whole updating thing anyways?
Nexpose by default is programmed to reach out on startup and every six hours
afterward to the Rapid 7 update servers. At this time Nexpose checks for any new
product and vulnerability content updates. If any updates are available Nexpose
attempts to download and apply the data to the Security Console and local Scan
Engine. The Security Console also sends updates to any distributed Scan Engines
to which it is connected.
How do I disable automatic product updates?
The Security Console offers a fe