Last updated at Sat, 19 Aug 2017 02:49:55 GMT
Terminal velocity
The terminal/shell interface has been around for decades and has a rich and storied history. Readline is the main library for shells like msfconsole to deal with that interface, but it's also possible for commandline tools to print ANSI escape sequences that the terminal treats specially.
When a shell like msfconsole has asynchronous output going to the terminal at unpredictable times, such as when a new session connects, that output can clobber the current prompt. That makes it hard to tell what you're typing and slows you down.
These short videos, created by @jennamagius, the contributor who submitted this patch, illustrate the issue and the new behavior:
The old behavior has annoyed me for a long time and I'm super glad to see that typing into a prompt can still be usable when you have a ton of shells flying in.
New Modules
Exploit modules (4 new)
- Dlink DIR Routers Unauthenticated HNAP Login Stack Buffer Overflow by Pedro Ribeiro exploits CVE-2016-6563
- PowerShellEmpire Arbitrary File Upload (Skywalker) by Erik Daguerre, and Spencer McIntyre
- Linux Kernel 4.6.3 Netfilter Privilege Escalation by h00die, and vnik exploits CVE-2016-4997
- Authenticated WMI Exec via Powershell by RageLtMan
Auxiliary and post modules (1 new)
- Censys Search by Nixawk
Get it
As always, you can update to the latest Metasploit Framework with msfupdate and you can get more details on the changes since the last blog post from GitHub:
To install fresh, check out the open-source-only Nightly Installers, or the binary installers which also include the commercial editions.