Posts by Jeffrey Martin

3 min Metasploit Weekly Wrapup

Metasploit Wrap-Up

Updates to how modules interact with cookies, plus exploits for macOS Gatekeeper and DjVu ANT and a whole lot of fixes and enhancements.

4 min Metasploit

Metasploit Wrap-Up

Flink targeting, process herpaderping, and more in this week's Metasploit wrap-up!

3 min Metasploit Weekly Wrapup

Metasploit Wrap-Up

A bug fix for EternalBlue on Metasploit 6, four new modules, and a bunch of enhancements.

2 min Metasploit

Metasploit Wrap-Up

Who watches the watchers? If you are checking up on an organization using Trend Micro Web Security, it might be you. A new module this week takes advantage of a chain of vulnerabilities to give everyone (read unauthenticated users) a chance to decide what threats the network might let slip through. Following the trend, what about watchers that are not supposed to be there? Agent Tesla Panel is a fun little trojan (not to be found zipping around on our highways and byways) which now offers, agai

2 min Metasploit

Metasploit Wrap-Up

Is URGENT/11 urgent to your world? Metasploit now has a scanner module to help find the systems that need URGENT attention. Be sure to check the options on this one; RPORTS is a list to test multiple services on each target. Thanks Ben Seri [https://twitter.com/benseri87] for the PoC that lead off this work. Everyone likes creds, a new post module [https://github.com/rapid7/metasploit-framework/pull/12462] landed this week from Taeber Rapczak [https://github.com/taeber] that brings back credent

1 min Metasploit Weekly Wrapup

Metasploit Wrap-Up

First!! Congrats to Nick Tyrer [https://github.com/NickTyrer] for the first community contibuted evasion module to land in master. Nick's evasion/windows/applocker_evasion_install_util module [https://github.com/rapid7/metasploit-framework/pull/11795] leverages the trusted InstallUtil.exe binary to execute user supplied code and evade application whitelisting. New modules (4) * WP Database Backup RCE [https://github.com/rapid7/metasploit-framework/pull/12010] by Mikey Veenstra / Wordf

2 min Metasploit Weekly Wrapup

Metasploit Wrap-Up

A more useful use command From among the many musings of longtime contributor/team member Brent Cook [https://github.com/busterb], in a combined effort with the ever-present wvu [https://github.com/wvu-r7], the use command has become so much more useful. PR 11724 [https://github.com/rapid7/metasploit-framework/pull/11724] takes new functionality [https://github.com/rapid7/metasploit-framework/pull/11652] from search -u one step further by automatically appying it when use is called with a uniq

1 min Metasploit

Metasploit Wrapup

This week, phra offers up a new potato dish to make privilege escalation in Windows just a bit tastier.

1 min Metasploit

Metasploit Wrapup

New Modules Exploit modules (3 new) * Nagios XI Chained Remote Code Execution [https://www.rapid7.com/db/modules/exploit/linux/http/nagios_xi_chained_rce_2_electric_boogaloo] by Benny Husted [https://github.com/BennyHusted], Cale Smith [https://github.com/caleBot], and Jared Arave [https://www.exploit-db.com/author/?a=9106], which exploits CVE-2018-8736. Monitor this series of unfortunate events all the way to magical shells. * Boxoft WAV to MP3 Converter v1.1 Buffer Overflow

1 min

Combining controls on servers to reduce attack surface area

Server coverage in ControlsInsight [http://www.rapid7.com/products/controls-insight/] provides organizations with a new way to surface how well Windows Servers are configured to protect against known tactics that an attacker may use to infiltrate a network. One interesting way this information can help an organization improve its security posture is by presenting visibility into what systems are executing services at high privilege levels.  By monitoring the coverage for the "Service processes r

2 min

Gleaning value from the ControlsInsight executive report

The Executive Report in ControlsInsight helps users understand the value of applying assessed security controls so that they can improve their security posture as reflected in the overall defense grade. Current Status The first section of the report starts out by highlighting the overall grade based on current coverage of each security control and then expands on that to show the grade based on the each of the well known attack vectors the controls affect. Next this section gives a summary