Posts by Jeffrey Martin

2 min Metasploit

Metasploit Weekly Wrap-Up

See something say something Have an idea on how to expand on Metasploit Documentation on https://docs.metasploit.com/? Did you see a typo or some other error on the docs site? Thanks to adfoster-r7 [https://github.com/adfoster-r7], submitting an update to the documentation is as easy as clicking the 'Edit this page on GitHub' link on the page you want to change. The new link will take you directly to the source in Metasploit's GitHub so you can quickly locate the Markdown [https://www.markdowng

4 min Metasploit

Metasploit Weekly Wrap-Up

Have you built out that awesome media room? If your guilty pleasures include using a mobile device to make your home entertainment system WOW your guests, you might be using Unified Remote [https://www.unifiedremote.com/]. I hope you are extra cautious about what devices you let on that WiFi network. A prolific community member h00die [https://github.com/h00die] added a module this week that uses a recently published vulnerability from H4RK3NZ0 [https://github.com/H4rk3nz0] to leverage an unprot

3 min Metasploit Weekly Wrapup

Metasploit Weekly Wrap-Up

Putting in the work! This week we’re extra grateful for the fantastic contributions our community makes to Metasploit. The Metasploit team landed more than 5 PRs each from Ron Bowes [https://github.com/rbowes-r7] and bcoles [https://github.com/bcoles], adding some great new capabilities. Ron Bowes [https://github.com/rbowes-r7] contributed four new modules targeting UnRAR, Zimbra, and ManageEngine ADAudit Plus. These modules offer Metasploit users some excellent new vectors to leverage against

2 min Metasploit

Metasploit Weekly Wrap-Up

Ask and you may receive Module suggestions [https://github.com/rapid7/metasploit-framework/issues/16522] for the win, this week we see a new module written by jheysel-r7 [https://github.com/jheysel-r7] based on CVE-2022-26352 [https://attackerkb.com/topics/7i5Uf6JNl0/cve-2022-26352?referrer=blog] that happens to have been suggested by jvoisin [https://github.com/jvoisin] in the issue queue last month. This module targets an arbitrary file upload in dotCMS [https://github.com/dotCMS/core.git] ve

5 min Metasploit

Metasploit Weekly Wrap-Up

Mucking out the pipes. Thanks to some quick work by timwr [https://github.com/timwr], CVE-2022-0847 [https://attackerkb.com/topics/UwW7SVPaPv/cve-2022-0847?referrer=blog] aka "Dirty Pipe" gives Metasploit a bit of digital plumber's training. The exploit targeting modern Linux v5 kernels helps elevate user privileges by overwriting a SUID binary of your choice by plunging some payload gold through a pipe. Long live the SMB relay! SMB, that magical ubiquitous service making all that noise on netw

2 min Metasploit

Metasploit Wrap-Up

Word and Javascript are a rare duo. Thanks to thesunRider [https://github.com/thesunRider]. you too can experience the wonder of this mystical duo. The sole new metasploit module this release adds a file format attack to generate a very special document. By utilizing Javascript embedded in a Word document to trigger a chain of events that slip through various Windows facilities, a session as the user who opened the document can be yours. Do you like spiders? It has been 3 years since SMB2 suppo

2 min Metasploit Weekly Wrapup

Metasploit Wrap-Up

New modules for Lucee Administrator and ProxyShell, which targets on-premises Microsoft Exchange servers. Plus, tons of enhancements and fixes!

3 min Metasploit Weekly Wrapup

Metasploit Wrap-Up

Updates to how modules interact with cookies, plus exploits for macOS Gatekeeper and DjVu ANT and a whole lot of fixes and enhancements.

4 min Metasploit

Metasploit Wrap-Up

Flink targeting, process herpaderping, and more in this week's Metasploit wrap-up!

3 min Metasploit Weekly Wrapup

Metasploit Wrap-Up

A bug fix for EternalBlue on Metasploit 6, four new modules, and a bunch of enhancements.

2 min Metasploit

Metasploit Wrap-Up

Who watches the watchers? If you are checking up on an organization using Trend Micro Web Security, it might be you. A new module this week takes advantage of a chain of vulnerabilities to give everyone (read unauthenticated users) a chance to decide what threats the network might let slip through. Following the trend, what about watchers that are not supposed to be there? Agent Tesla Panel is a fun little trojan (not to be found zipping around on our highways and byways) which now offers, agai

2 min Metasploit

Metasploit Wrap-Up

Is URGENT/11 urgent to your world? Metasploit now has a scanner module to help find the systems that need URGENT attention. Be sure to check the options on this one; RPORTS is a list to test multiple services on each target. Thanks Ben Seri [https://twitter.com/benseri87] for the PoC that lead off this work. Everyone likes creds, a new post module [https://github.com/rapid7/metasploit-framework/pull/12462] landed this week from Taeber Rapczak [https://github.com/taeber] that brings back credent

1 min Metasploit Weekly Wrapup

Metasploit Wrap-Up

First!! Congrats to Nick Tyrer [https://github.com/NickTyrer] for the first community contibuted evasion module to land in master. Nick's evasion/windows/applocker_evasion_install_util module [https://github.com/rapid7/metasploit-framework/pull/11795] leverages the trusted InstallUtil.exe binary to execute user supplied code and evade application whitelisting. New modules (4) * WP Database Backup RCE [https://github.com/rapid7/metasploit-framework/pull/12010] by Mikey Veenstra / Wordf

2 min Metasploit Weekly Wrapup

Metasploit Wrap-Up

A more useful use command From among the many musings of longtime contributor/team member Brent Cook [https://github.com/busterb], in a combined effort with the ever-present wvu [https://github.com/wvu-r7], the use command has become so much more useful. PR 11724 [https://github.com/rapid7/metasploit-framework/pull/11724] takes new functionality [https://github.com/rapid7/metasploit-framework/pull/11652] from search -u one step further by automatically appying it when use is called with a uniq

1 min Metasploit

Metasploit Wrapup

This week, phra offers up a new potato dish to make privilege escalation in Windows just a bit tastier.