Last updated at Tue, 22 Jan 2019 17:41:55 GMT
This week, phra offers up a new potato dish to make privilege escalation in Windows just a bit tastier.
Also, our very own Aaron Soto finished preparing a nice bowl of yoserial that makes dynamic java objects just a bit easier to swallow.
Exploit modules (2 new)
- blueman set_dhcp_handler D-Bus Privilege Escalation by bcoles and Sebastian Krahmer, which exploits CVE-2015-8612
- Windows Net-NTLMv2 Reflection DCOM/RPC (Juicy) by FoxGloveSec, breenmachine, decoder, lupman, ohpe, and phra, which exploits CVE-2016-3225
- PR #11125, by Aaron Soto, makes Java serialized objects more easily readable and adaptable by adding support for importing and generating dynamic objects from
- PR #11217, by Clément Notin, fixes two issues handling error conditions in the badpdf local exploit module.
- PR #11262, by Matthew Kienow, improves the interaction between the
thinwebservice and the rackup file in
msfdbso that it is not tied to a specific framework directory location.
- PR #11263, by h00die, standardizes the
KoreLogicoption in the JTR modules to be uppercase.
- PR #11267, by Clément Notin, fixes a missing
RHOSTin the authentication message for
As always, you can update to the latest Metasploit Framework with
msfupdate, and you can get more details on the changes since the last blog post from GitHub:
We recently announced the release of Metasploit 5. You can get it by cloning the Metasploit Framework repo (master branch). To install fresh without using git, you can use the open-source-only Nightly Installers or the binary installers (which also include the commercial editions). PLEASE NOTE that the binary installers, and Metasploit Framework versions included in distros such as Kali, Parrot, etc., are based off the Metasploit 4 branch for the time being. Migration is underway, so you can look forward to getting Metasploit 5 in the binary installers and in third-party software distributions soon.