MSF 5 in the wild
We announced the release of Metasploit Framework 5.0 this week. It’s Metasploit’s first major version release since 2011, and it includes lots of good stuff the team has been working on for the past year-plus. It will be packaged and integrated into your favorite software distributions over the next few months; until then, you can get MSF 5 by checking out the 5.0.0 tag on Github.
The Chrome cookies post module by mangopdf uses Chrome's remote debugging to read all cookies from the default Chrome profile of the user. The module uses a
--headless, or a hidden, Chrome with remote debugging enabled and opens an HTML file to make requests to the remote debugging service. The HTML requests the cookies and logs the output to a file, which is later retrieved by the module.
mmetince submitted a module for an authenticated remote code execution vulnerability in MailCleaner Community Edition. As described in mmetince's advisory, a search request sent to MailCleaner's ManagetracingController triggers a SOAP service request that issues an operating system command. By sending a command in the
domain parameter of the search request it is possible to execute operating system commands as root on the server.
Exploit modules (3 new)
- Mailcleaner Remote Code Execution by Mehmet Ince, which exploits CVE-2018-20323
- Adobe ColdFusion CKEditor unrestricted file upload by Pete Freitag de Foundeo, Qazeer, and Vahagn vah_13 Vardanian, which exploits CVE-2018-15961
- Windows Persistent Service Installer by Green-m
Auxiliary and post modules (4 new)
- DoS Exploitation of Allen-Bradley's Legacy Protocol (PCCC) by José Diogo Monteiro, Luis Rosa, and Miguel Borges de Freitas, which exploits CVE-2017-7924
- Microsoft Windows Defender Evasive Executable by sinn3r
- Microsoft Windows Defender Evasive JS.Net and HTA by Shelby Pace and sinmygit
- Chrome Gather Cookies by mangopdf
- PR #11199 updates the components list in the Joomla wordlist
- PR #11183 adds authentication to the
- PR #11187 fixes
LoginServletto meet API standards and documented functionality
- PR #11163 adds
/api/v1/eventsendpoint for retrieving
Mdm::Eventdata from the API
As always, you can update to the latest Metasploit Framework with
msfupdate and you can get more details on the changes since the last blog post from GitHub:
We recently-announced the release of Metasploit 5. You can get it by cloning
the Metasploit Framework repo (master branch). To install fresh without using git, you can use the open-source-only Nightly Installers or the binary installers
(which also include the commercial editions). PLEASE NOTE that the binary installers, and Metasploit Framework versions included in distros such as Kali, Parrot, etc., are based off the Metasploit 4 branch for the time being. Migration is underway, so you can look forward to getting Metasploit 5 in the binary installers and in third-party software distributions soon.