Secret passwords don't only get you into Aladdin's cave or the tree house, but also into corporate networks and bank accounts. Yet, they are one of the weakest ways to protect access. Sure, there are better ways to secure access, such as smart cards or one-time password tokens, but these are still far from being deployed everywhere although the technology has matured considerably over the past years. Passwords are still the easiest way into a network.
The new Metasploit version 3.5.1 adds a lot of features to audit your network's password security on many levels. Metasploit has always offered a broad range of brute forcing capabilities. Since version 3.5.1, it now also downloads the configuration files of Cisco routers and extracts their passwords. HD's team has also added brute forcing of UNIX “r” services, such as rshell, rlogin and rexec, as well as VNC and SNMP services. Metasploit can also now import pcap network traffic logs to find clear text passwords, and to discover hosts and services.
Metasploit has also become stealthier than ever: It now flies under the radar of intrusion detection (IDS) and intrusion prevention systems (IPS). An enhanced anti-virus evasion ensures that exploits are not stopped by end-point defenses.
And for those of you enjoying a good cup of coffee while well-meaning end users do your job, we've added email attachments to social engineering campaigns that enable you to send out malicious PDF and MP3 files.
Metasploit now provides additional exploits for SAP BusinessObjects, Exim mail servers, ProFTPD file transfer installations, SCADA deployments (BACnet, Citect, DATAC), Novell NetWare servers, Microsoft Internet Explorer, and browser plugins such as Adobe Flash and Oracle Java.
The new Metasploit version 3.5.1 is available for both the free, open source Metasploit Framework and the commercial editions Metasploit Express and Metasploit Pro. Here is an overview of the new features:
Overview of the features added in version 3.5.1:
ProNetwork securityComprehensive Cisco device exploitation
XXAdditional network device audit and exploitationXXXDiscoveryEnhanced performance for port scans and host discovery
XXNetwork traffic analysis using pcap packet capturesXXXBrute forcingBrute force support for Unix “r” Services (rshell, rlogin, rexec)XXXBrute force support for VNC desktop servicesXXXBrute force support for SNMP (devices)XXXStealthNew IDS/IPS evasion options for automated exploitation
XXImproved anti-virus evasion for executable templates
XSocial EngineeringFile-format exploits now available for email campaigns (attach malicious PDF, MP3, etc)
XWeb application securityImport and validate results web application scanners
XXPivotingVPN pivoting for Metasploit on Windows
XAdministrationNetwork boundaries for project members
If you haven't tried Metasploit Pro yet, get your free, fully featured Metasploit Pro trial.