Recent
Metasploit Framework 3.2 Released
The new Metasploit Framework was released on the 19th November (yesterday). It has a massive change log with lots of tweaks and add ons. I will try and list the interesting ones here.
Version 3.2 includes exploit modules for recent Microsoft flaws, such
as MS08-041, MS08-053, MS08-059, MS08-067, MS08-068, and many more.
I think I may have to test my Windows 2000 box again and see if any of the above work.
The Windows payload stagers have been updated to support targets with
NX CPU support. These stagers now allocate a read/write/exec segment of
memory for all payload downloads and execution.
Staggered payloads are the only ones I could get working against Windows 2000.
This release includes a set of man-in-the-middle, authentication relay,
and authentication capture modules. These modules can be integrated with
a fake proxy (WPAD), a malicious access point (Karmetasploit), or basic
network traffic interception to gain access to client machines. These
modules tie together browser_autopwn, SMB relaying, and HTTP credential
and form capturing to pillage data from client systems.
Metasploit can now sniff traffic too!
Egypt’s new PHP payloads provide complete bind, reverse, and findsock
support for PHP web application exploits. If you are sick of C99 and R57
and looking to gain a “real” shell from one of the hundreds of RFI flaws
listed on milw0rm, the new PHP payloads work great against multiple
operating systems.
Will have to have play with this one!
The db_autopwn command has been revamped to support port-based limits,
regex-based module matching, and limits on the number of spawned jobs. The
end result is a way to quickly launch specific modules against a specific
set of target machines. These changes were suggested and implemented by
Marcell ‘SkyOut’ Dietl (Helith).
This is the feature used by Fast|Track, doesn’t mention an OS limitation, that would be the next logical step.
To download Metasploit Framework 3.2 click here.
To view the full change log click here.
