Tuesday, 2 August 2011

Metasploit Framework v4.0.0!



“The Metasploit Framework is a penetration testing toolkit, exploit development platform, and research tool . The framework includes hundreds of working remote exploits for a variety of platforms. Payloads, encoders, and nop slide generators can be mixed and matched with exploit modules to solve almost any exploit-related task.“

Official Change LOG

Statistics:
  • Metasploit now ships with 716 exploit modules, 361 auxiliary modules, and 68 post modules.
  • 20 new exploits, 3 new auxiliary modules, and 14 new post modules have been added since the last release (3.7.2)
New Modules since 3.7.2:
New Exploit Modules:
  • VSFTPD v2.3.4 Backdoor Command Execution
  • Java RMI Server Insecure Default Configuration Java Code Execution
  • HP OpenView Network Node Manager Toolbar.exe CGI Buffer Overflow
  • HP OpenView Network Node Manager Toolbar.exe CGI Cookie Handling Buffer Overflow
  • Mozilla Firefox nsTreeRange Dangling Pointer Vulnerability
  • Black Ice Cover Page ActiveX Control Arbitrary File Download
  • Microsoft Office Visio VISIODWG.DLL DXF File Handling Vulnerability
  • MicroP 0.1.1.1600 (MPPL File) Stack Buffer Overflow
  • Lotus Notes 8.0.x – 8.5.2 FP2 – Autonomy Keyview
  • RealWin SCADA Server DATAC Login Buffer Overflow
  • Siemens FactoryLink vrn.exe Opcode 9 Buffer Overflow
  • Iconics GENESIS32 Integer overflow version 9.21.201.01
  • Siemens FactoryLink 8 CSService Logging Path Param Buffer Overflow
  • Sielco Sistemi Winlog Buffer Overflow
  • Blue Coat Authentication and Authorization Agent (BCAAA) 5 Buffer Overflow
  • HP OmniInet.exe Opcode 20 Buffer Overflow
  • HP OmniInet.exe Opcode 27 Buffer Overflow
  • Citrix Provisioning Services 5.6 streamprocess.exe Buffer Overflow
  • Lotus Notes 8.0.x – 8.5.2 FP2 – Autonomy Keyview
New Post-Exploitation Modules:
  • Winlogon Lockout Credential Keylogger
  • Windows Gather Microsoft Outlook Saved Password Extraction
  • Windows Gather Process Memory Grep
  • Windows Gather Trillian Password Extractor
  • Windows PCI Hardware Enumeration
  • Windows Gather FlashFXP Saved Password Extraction
  • Windows Gather Local and Domain Controller Account Password Hashes
  • Windows Gather Nimbuzz Instant Messenger Password Extractor
  • Windows Gather CoreFTP Saved Password Extraction
  • Internet Download Manager (IDM) Password Extractor
  • Windows Gather SmartFTP Saved Password Extraction
  • Windows Gather Bitcoin wallet.dat
  • Windows Gather Service Info Enumeration
  • Windows Gather IPSwitch iMail User Data Enumeration
 New Auxiliary Modules:
  • John the Ripper Password Cracker Fast Mode
  • Microsoft Windows DNSAPI.dll LLMNR Buffer Underrun DoS
  • Kaillera 0.86 Server Denial of Service
  • 2Wire Cross-Site Request Forgery Password Reset Vulnerability
  • SIPDroid Extension Grabber
  • MSSQL Password Hashdump
Notable Features & Closed Bugs:
  • Feature #4982 – Support for custom executable with psexec
  • Feature #4856 – RegLoadKey and RegUnLoadKey functions for the Meterpreter stdapi
  • Feature #4578 – Update Nmap XML parsers to support Nokogiri parsing
  • Feature #4417 – Post exploitation module to harvest OpenSSH credentials
  • Feature #4015 – Increase test coverage for railgun
  • Bug #4963 – Rework db_* commands for consistency
  • Bug #4892 – non-windows meterpreters upload into the wrong filename
  • Bug #4296 – Meterpreter stdapi registry functions create key if one doesn’texist
  • Bug #3565 – framework installer fails on RHEL (postgres taking too long to start)
Armitage:
Armitage integrates with Metasploit 4.0 to:
  • Take advantage of the new Meterpreter payload stagers
  • Crack credentials with the click of a button
  • Run post modules against multiple hosts
  • Automatically log all post-exploitation activity
Revision Information:
  • Framework Revision 13462
Several import parsers were rewritten to use Nokogiri for much faster processing of large import files. Adding to Metasploit’s extensive payload support, Windows and Java Meterpreter now both support staging over HTTP and Windows can use HTTPS. In a similar vein, POSIX Meterpreter is seeing some new development again. It still isn’t perfect nor is it nearly as complete as the Windows version, but many features already work. Java applet signing is now done directly in Ruby, removing the need for a JDK for generating self-signed certificates. The Linux installers now ship with ruby headers, making it possible to install native gems in the Metasploit ruby environment.
Another flexibility improvement comes in the form of a consolidated pcap interface. The pcaprub extension ships with the Linux installers as of this release and support for Windows will come soon. Modules that used Racket for generating raw packets have been converted to Packetfu, which provides a smoother API for modules to capture and inject packets.

No comments:

Post a Comment