Last updated at Fri, 23 Jun 2023 19:01:39 GMT
I like to MOVEit, MOVEit, We like to MOVEit!
Party hard just like it's Mardi Gras! bwatters-r7 delivered the dance moves this week with a masterful performance. The
windows/http/moveit_cve_2023_34362 module is available for all your party needs, taking advantage of CVE-2023-34362, this module gets into the
MOVEit database and nets shells to help you "Keep on jumpin' off the floor"!
New module content (1)
MOVEit SQL Injection vulnerability
Description: Adds a new module targeting the MOVEit Transfer web application that allows an unauthenticated attacker to gain access to MOVEit Transfer’s database.
Enhancements and features (7)
- #18078 from zeroSteiner - This adds support to the
auxiliary/admin/dcerpc/icpr_certmodule to issue certificates for an explicit SID by specifying it within the
NTDS_CA_SECURITY_EXT. This addition ensures that ESC1 will remain exploitable when issuing certificates with an SID becomes a requirement.
- #18117 from smashery - This adds Windows 10 revision number extraction to the Windows version Post API.
- #18118 from smashery - This PR updates the User Agent strings for June 2023.
- #18119 from adfoster-r7 - This adds support for only running user specified test names in modules loaded by running
- #18126 from adfoster-r7 - This PR adds additional logging to the
test/filemodule. This module is useful for developers contributing enhancements or new functionality to Meterpreter and other payloads. It is available after running
- #18127 from adfoster-r7 - This PR adds additional
test/railgun_reverse_lookuptests for macOS and Linux.
Bugs fixed (5)
- #17576 from gwillcox-r7 - This fixes a bug where adding and deleting tags to multiple hosts was not functioning correctly.
- #18049 from cgranleese-r7 - This PR updates Jenkins modules to work with newer versions. Previously they fell over with a CSRF failure and gave a false negative result.
- #18094 from zeroSteiner - Fixes an edgecase with
windows/meterpreter/reverse_tcpwhere there was a small chance of an invalid stager being created.
- #18104 from adfoster-r7 - This PR fixes an issue that falsely caused empty file reads on Meterpreter.
- #18124 from adfoster-r7 - Fixes the broken
test/extapimodule. The module was facing issues returning clipboard data that pertained to the session being tested, this issue has been resolved. This module is useful for developers contributing enhancements or new functionality to Meterpreter and other payloads. It is available after running
- #18132 from jmartin-r7 - This PR reverts the changes from #17942 which was an improvement to AMSI bypass on new versions of windows. PR #17942 broke psexec and this PR reverts that issue.
You can find the latest Metasploit documentation on our docsite at docs.metasploit.com.
As always, you can update to the latest Metasploit Framework with
and you can get more details on the changes since the last blog post from
If you are a
git user, you can clone the Metasploit Framework repo (master branch) for the latest.
To install fresh without using git, you can use the open-source-only Nightly Installers or the
binary installers (which also include the commercial edition).