The Metasploit team is rolling to the end of the year featuring a week of modules, updates, and our annual CTF. I say rolling in part because here in the US, we’re coming off our week of Thanksgiving, which involves lots of pies, and we’re probably all a bit more spherical than normal! For those of you currently participating in our CTF, we’re looking forward to hosting you, and for those that are not, we do still have some slots open, so head on down to metasploitctf.com and create your own team or join someone else’s!
New modules (2)
- Ghostcat by A Security Researcher of Chaitin Tech and SunCSR Team, which exploits CVE-2020-1938. It may be a month late for Halloween or dia de muerta, but Ghostcat makes an appearance in this week’s release of Metasploit to help you sneak in and steal files from an Apache Tomcat server.
- Avast AV Memory Dumping Utility by DLL_Cool_J. AVAST antivirus was super-helpful in deploying a memory dumping module on Windows installations, and DLL_Cool_J has written a module to leverage it and provide users with a binary dump of a running application’s memory.
Enhancements and features
- Update TP-Link AC1750 Pwn2Own 2019 module by pedrib updates the TP-Link AC1750 Pwn2Own Tokyo 2019 module to slightly modify the injection technique so that it bypasses the original patch technique.
- Corrected headers check for retrieved cookie by justinopatrny fixes the get_cookies method in the sphpblog_file_upload exploit module
- Add more exempt labels by dwelch-r7 adds more label types as exemptions from the bot that auto-closes issues.
- Add requires for python payloads by dwelch-r7 re-added dependencies for certain python payloads so that they would work after a previous PR left them out while converting them to support Python3.
- Adds a fix for frozen string crash when using
reload_allby cgranleese-r7 fixed a bug where reloading a module crashed because it attempted to alter a constant string.
- Fix typo in modules/exploits/windows/local/bypassuac module by dev-jan fixed a typo in the bypassuac_comhijack exploit module.
As always, you can update to the latest Metasploit Framework with
msfupdate and you can get more details on the changes since the last blog post from GitHub:
If you are a
git user, you can clone the Metasploit Framework repo (master branch) for the latest. To install fresh without using git, you can use the open-source-only Nightly Installers or the binary installers (which also include the commercial edition).