Posts by Brendan Watters

2 min Metasploit Weekly Wrapup

Metasploit Wrap-Up

Four new Moodle modules, plus new features to help red teamers keep track of sessions and forwarded connections.

3 min Metasploit Weekly Wrapup

Metasploit Wrap-Up

New modules for Jira user enumeration, Git Remote Code execution via git-lfs, Geutebruck Camera post exploitation module, and unauthenticated RCE in elFinder PHP application

2 min Metasploit

Metasploit Wrap-Up

Containers that fail to Contain Our own Christophe De La Fuente added a module for CVE-2019-5736 based on the work of Adam Iwaniuk that breaks out of a Docker container by overwriting the runc binary of an image which is run in the user context whenever someone outside the container runs docker exec to make a request of the container. Execute an Image Please, Wordpress Community contributor Alexandre Zanni sent us a PR that uses native PHP functions to upload a file as an image attachment to Wo

3 min Metasploit Weekly Wrapup

Metasploit Wrap-Up

Six new modules targeting F5, SaltStack, Exchange Server, and more, plus some significant performance improvements and fixes.

2 min Metasploit Weekly Wrapup

Metasploit Wrap-Up

It's CTF week(end)! Plus, steal files from Apache Tomcat servers thanks to a new Ghostcat exploit, and dump process memory with a new post module that leverages Avast AV's built-in AvDump utility.

3 min Metasploit Weekly Wrapup

Metasploit Wrap-up

Nine new modules, including a module for Zerologon, a new SOCKS module, some privilege escalations, and another Java deserialization exploit.

2 min Metasploit Weekly Wrapup

Metasploit Wrap-Up

Hello, World! This week’s wrapup features six new modules, including a double-dose of Synology and everyone’s favorite, Pi-Hole. Little NAS, featuring RCE Synology stations are small(ish) NAS devices, but as Steve Kaun, Nigusu Kassahun, and h00die have shown, they are not invulnerable. In the first module, a command injection exists in a scanning function that allows for an authenticated RCE, and in the second, a coding feature leaks whether a user exists on the system, allowing for brute-forc

2 min Metasploit

Metasploit Wrap-up

In the week after our CTF, we hope the players had a good time and got back to their loved ones, jobs, lives, studies, and most importantly, back to their beds (and you can find out who the winners were here [/2020/02/03/congrats-to-the-winners-of-the-2020-metasploit-community-ctf/]!). For the Metasploit team, we went back to baking up fresh, hot modules and improvements that remind us in this flu season to not just wash your hands, but also, sanitize your inputs! SOHOwabout a Shell? Several [h

2 min Metasploit

Metasploit Wrap-Up

It’s beginning to look a lot like HaXmas [/tag/haxmas/], everywhere you go! We have a great selection of gift-wrapped modules this holiday season, sure to have you entertained from one to eight nights, depending on your preference! On a personal note, we here at the Metasploit workshop would like to welcome our newest elf, Spencer McIntyre [https://github.com/smcintyre-r7]. Spencer has been a long-time contributor to the project, and we’re thrilled to have him on the team! In the spirit of givi

3 min Metasploit Weekly Wrapup

Metasploit Wrap-Up

Fall is in the air, October is on the way, and it is Friday the 13th. We have a lot of updates and features that landed this week, though none are particularly spooky, and unfortunately, none are json-related…1 We recently updated our digital signing keys, and some users may have seen warnings that their Metasploit packages were not signed. We’ve fixed this as of this week—apologies for any confusion. If you are still experiencing signing issues, you may need to re-download Metasploit installer

5 min Metasploit

Introducing Pingback Payloads

The Metasploit team added a new feature to Framework that improves safety and offers another avenue in MSF for novel evasion techniques: pingback payloads.

2 min Metasploit Weekly Wrapup

Metasploit Wrap-Up

It’s Summertime, and the Hackin’ is Easy It is still early in the season, but there’s a whole lot of fixes that are already shipping. Straight off a week of intellectual synergy from the world-wide hackathon, we started to fix a lot of things we noticed while we coded over street tacos and Austin-famous beverages. All told, this week we made Metasploit more inclusive, transparent, and configurable! Inclusive @wvu-r7 has been on a roll trying to make Metasploit play well with others. He teamed u

2 min Metasploit Weekly Wrapup

Metasploit Wrap-Up

Spring is here: Four new modules and metashell improvements.

12 min Exploits

Stack-Based Buffer Overflow Attacks: Explained and Examples

Stack-based buffer overflow exploits are likely the shiniest and most common form of exploit for remotely taking over the code execution of a process.

2 min Metasploit

Metasploit Wrapup

If you are tired of all the snake memes and images we pushed out as we stood up support for python external modules over the last year or so, I have terrific news for you!