Wednesday, 4 May 2011

Metasploit Framework 3.7.0 Released!

The Metasploit team has spent the last two months focused on one of the least-visible, but most important pieces of the Metasploit Framework; the session backend. Metasploit 3.7 represents a complete overhaul of how sessions are tracked within the framework and associated with the backend database. This release also significantly improves the staging process for the reverse_tcp stager and Meterpreter session initialization. Shell sessions now hold their output in a ring buffer, which allows us to easily view session history -- even if you don't have a database.

  • Metasploit now ships with 685 exploit modules, 355 auxiliary modules, and 39 post modules.
  • 35 new exploits, 17 post-exploitation modules, and 15 auxiliary modules have been added since the last release.


Feature highlights

  • Support for SMB signing, enabling pass-the-hash and stolen password attacks against Windows 2008 Server environments.
  • The Microsoft SQL Server mixin (and all modules) now supports NTLM authentication.
  • Data import backend has undergone a rewrite, speeding up most import tasks by a factor of four.
  • OS information is now normalized to make fingerprinting more accurate and easier to deal with.

Highlights from the new modules include:

  • Apple iOS Backup File Extraction: Extract sensitive data from iTunes backup files (location, call history, SMS content, pictures, etc).
  • Exploits for two different Adobe Flash vulnerabilities exploited in the wild.
  • Code execution modules for MySQL and PostgreSQL when a valid login is available.
  • Exploit for the Accellion File Transfer Appliance Default Encryption Key flaw found by Rapid7.
  • Over ten new exploits for HP Network Node Manager (plus an HP OpenView exploit).
  • Post-exploitation module for privilege escalation through the .NET Optimizer Service.
  • Post-exploitation modules for stealing stored WinSCP and VNC passwords.

download page

    1 comment: