2 min
Metasploit
Metasploit Wrapup 12/7/18
If you are tired of all the snake memes and images we pushed out as we stood up support for python external modules over the last year or so, I have terrific news for you!
2 min
Metasploit Weekly Wrapup
Metasploit Wrapup 9/21/18
Tomorrow brings the fall equinox, and that means (as we are almost contractually obligated to say at this point) winter is coming.
2 min
Metasploit Weekly Wrapup
Metasploit Wrapup: 6/22/18
Welcome to another installment of the week! This installment features a new
ETERNALBLUE module in everyone's favorite reptile-brain language, Python!
Sporting support for Windows 8 and 10, it has everything you need, including
immutable strings and enforced whitespace.
In other Windows 10 news, chervalierly [https://github.com/chervaliery] fixed an
annoying bug in rex-powershell that prevented PsExec from working on later
versions of Windows 10. Now, you can PsExec to your heart’s content. Go f
3 min
Metasploit Weekly Wrapup
Metasploit Wrapup 5/18/18
You Compile Me
Our very own wchen-r7 [https://github.com/wchen-r7] added the ability to compile
C code in metasploit, including (select) dependencies by creating a wrapper for
metasm. Right now, support for windows.h is the first salvo in custom compiling
tools within the metasploit interface!
Hack all the things!
For a long time, people have asked us to support RHOSTS in exploits just like we
do in AUX modules. We listened, and now framework exploits support RHOSTS! Set
your exploit, your
3 min
Metasploit Weekly Wrapup
Metasploit Wrapup 4/27/18
After last week's seriously serious write-up
[https://www.rapid7.com/blog/post/2018/04/20/metasploit-wrapup-36/], this week
we will return to our norml normal, lighthearted (and Metasploit-hearted)
wrap-ups, though we remain fans of terrible 80s movies.
Drupalgeddon 2: Webdev Boogaloo
After last month's Drupal exploit came to light, nearly a dozen developers have
been hard at work to add a module targeting CVE-2018-7600
[https://www.rapid7.com/db/vulnerabilities/drupal-cve-2018-7600]. You can
2 min
Metasploit Weekly Wrapup
Metasploit Wrapup 4/7/18
Mobile Moose
This week marked the beginning of our time in the new office. Everything got
packed up and moved: computers, chairs, Rudy’s cups, and odd soy sauce packets
in the back of the drawers. One consequence of moving to downtown Austin is that
the lunch debates take longer, with flame wars about both the best tacos and the
best barbecue.
Metasploit: Now With More Snakes!
@shellfail [https://twitter.com/shellfail] doubled down this wrapup; way back in
March, he wrote a guide to writing P
3 min
Metasploit Weekly Wrapup
Metasploit Wrapup 3/23/18
Adding some named pipes to everyone's favorite series of tubes
UserExistsError already added 64-bit named pipe payloads, and this week, we got
an extra-special upgrade: now Metasploit has 32-bit named pipe payloads! It may
feel wrong not setting a port, but connecting to existing network resources
feels so right!
It is the Final Countdown for GSoC!
The final deadline for Google Summer of Code applicants is March 27th, so get
your applications in now! We are honored to be a part of the progra
2 min
Metasploit Weekly Wrapup
Metasploit Wrapup: Dec. 8, 2017
Have you ever been on a conference call where you really wished you could take
command of the situation? With Metasploit Framework and the new Polycom HDX
exploit, you can (if given permission by the owner of the device, that is)! If
teleconferencing isn't your target's style, you can also pwn correspondence the
old-fashioned way: through a Microsoft Office exploit. Be it written or video,
we here at Rapid7 know you value other people's communication!
After another Python module and the Mac r
2 min
Metasploit Weekly Wrapup
Metasploit Wrapup: Dec. 1, 2017
Here in the U.S., we just celebrated Thanksgiving, which involves being thankful
[/2017/11/17/metasploit-wrapup-17/], seeing friends and family, and eating
entirely too much (I know that last one is not uncommon here). After a large
meal and vacation, we figured that it would be a nice, slow week for security
research in the States. Then we opened Twitter and were suddenly happy we had
procrastinated and most of us had put off upgrading to High Sierra.
Community CTF
In case you missed yesterd
2 min
Metasploit Weekly Wrapup
Metasploit Wrapup: Nov. 3, 2017
What’s New?
This week’s release sees multiple improvements and corrections, some years in
the making! We fixed an interesting bug in the initial handshake with
meterpreter that caused some payload callbacks to fail, improved error and
information reporting in other modules, and then @h00die ran spellcheck
[https://github.com/rapid7/metasploit-framework/pull/9144/files]!
New (and Improved!) Modules (2 New):
After three years, @wvu’s tnftp aux module grew up to become a strong,
well-rounded explo
11 min
Research
Building a Backpack Hypervisor
Researcher, engineer, and Metasploit contributor Brendan Watters shares his experience building a backpack-size hypervisor.
4 min
Python
Virtual Machine Automation (vm-automation) repository released
Rapid7 just released a new public repo called vm-automation. The vm-automation
repository is a Python library that encapsulates existing methodologies for
virtual machine and hypervisor automation and provides a platform-agnostic
Python API. Currently, only ESXi and VMWare workstation are supported, but I
have high hopes we will support other hypervisors in time, and we would love to
see contributors come forward and assist in supporting them!
That's awesome. I want to get started now!
Great! I
3 min
Metasploit Weekly Wrapup
Metasploit Wrapup: June 30, 2017
Metasploit Hackathon
We were happy to host the very first Metasploit framework open source hackathon
this past week in the Rapid7 Austin. Eight Metasploit hackers from outside of
Rapid7 joined forces with the in-house team and worked on a lot of great
projects, small and large.
@bcook started the hackathon working with @sempervictus on his amazing backlog
of framework features, including REX library
[https://github.com/rapid7/rex-socket/pull/6] improvements
[https://github.com/rapid7/rex-socket
2 min
Metasploit
Metasploit Wrapup: June 16, 2017
A fresh, new UAC bypass module for Windows 10!
Leveraging the behavior of fodhelper.exe and a writable registry key as a normal
user, you too can be admin! Unpatched as of last week, this bypass module
[https://github.com/rapid7/metasploit-framework/pull/8434] works on Windows 10
only, but it works like a charm!
Reach out and allocate something
This release offers up a fresh denial/degradation of services exploit against
hosts running a vulnerable version of rpcbind. Specifically, you can repea
2 min
Metasploit
Metasploit Wrapup 6/2/17
It has only been one week since the last wrapup, so it's not like much could
have happened, right? Wrong!
Misery Loves Company
After last week's excitement with Metasploit's version of ETERNALBLUE (AKA the
Wannacry vulnerability)
[https://www.rapid7.com/db/modules/exploit/windows/smb/ms17_010_eternalblue],
this week SAMBA had its own "Hold My Beer" moment with the disclosure that an
authenticated (or anonymous) client can upload a shared library to a SAMBA
server, and that server will happily e