Congrats to Nick Tyrer for the first community contibuted evasion module to land in master. Nick's
evasion/windows/applocker_evasion_install_util module leverages the trusted
InstallUtil.exe binary to execute user supplied code and evade application whitelisting.
New modules (4)
- WP Database Backup RCE by Mikey Veenstra / Wordfence and Shelby Pace. which exploits a command injection vulnerability in wp-database-backup versions < v5.2.
- Schneider Electric Pelco Endura NET55XX Encoder by Lucas Dinucci and Vitor Esperança, which exploits CVE-2019-6814
- Ahsay Backup v7.x-v184.108.40.206 (authenticated) file upload by Wietse Boonstra, which exploits CVE-2019-10267
- Applocker Evasion - .NET Framework Installation Utility by Casey Smith and Nick Tyrer, which is designed to evade solutions such as software restriction policies and Applocker.
Enhancements and features
- Enhanced Web Delivery by bcoles. The
multi/script/web_deliverymodule has been expanded to support
pubprnfor Windows delivery & directly support Linux as a target platform.
- Hostname Keyed XOR by O . S . O. Linux payloads can now be XOR encoded based on target hostname, resulting in payload abort when executed on an unintended system.
- Improved msfvenom hex encoding by wvu. Payload encoding by
msfvenomoutput allows character literals interleaved with escaped hex when using
- RHOSTS handling for non-scanner auxiliary by Green-m. When executing non-scanner auxiliary modules using
RHOSTSall targets are now processed.
As always, you can update to the latest Metasploit Framework with
and you can get more details on the changes since the last blog post from
We recently announced the release of Metasploit 5. You can get it by cloning the Metasploit Framework repo (master branch). To install fresh without using git, you can use the open-source-only Nightly Installers or the binary installers (which also include the commercial editions).