Last updated at Fri, 18 Aug 2023 21:30:47 GMT
New module content (1)
Metabase Setup Token RCE
Description: This adds a module for an unauthenticated RCE against Metabase. Metabase versions before 0.46.6.1 contain a bug where an unauthenticated user can retrieve a setup-token. With this, they can query an API endpoint to setup a new database, then inject an H2 connection string RCE.
Enhanced Modules (1)
Modules which have either been enhanced, or renamed:
- #18264 from zeroSteiner - Updates the
exploits/freebsd/http/citrix_formssso_target_rcemodule for CVE-2023-3519 to include two new targets, Citrix ADC (NetScaler) 12.1-65.25, and 12.1-64.17. This module now supports automatic targeting based on the
Last-Modifiedheader of the
Enhancements and features (6)
- #18191 from jvoisin - This adds support for detecting whether a Metasploit session is running in a Podman container and improves detection for sessions running in Docker, LXC, and WLS containers.
- #18224 from rorymckinley - This adds the first iteration of specs for SSH Login scanner.
- #18231 from ErikWynter - This adds index selection for the modules returned via the favorites (or show favorites) command.
- #18244 from cgranleese-r7 - Adds tests to ensure the consistency of Metasploit payloads.
- #18274 from wvu - Updates CVE-2020-14871
Bugs fixed (2)
- #18220 from dwelch-r7 - Adds additional error handling when loading Metasploit payloads to msfconsole's startup process to ensure missing payloads do not crash msfconsole.
- #18260 from adfoster-r7 - This adds a fix to verify the
EC2_IDmodule option is validated.
You can find the latest Metasploit documentation on our docsite at docs.metasploit.com.
As always, you can update to the latest Metasploit Framework with
and you can get more details on the changes since the last blog post from
If you are a
git user, you can clone the Metasploit Framework repo (master branch) for the latest.
To install fresh without using git, you can use the open-source-only Nightly Installers or the
binary installers (which also include the commercial edition).