Let us suggest persistence…
This week's edition brings the new persistence suggester from h00die. Similar to the exploit variant, this module will list the available persistence mechanisms for your selected target. The module requires a session to target the machine, so it can run check methods from potential persistence modules. This new module represents an update to our new persistence category.
New module content (3)
Service System V Persistence
Author: h00die
Type: Exploit Pull request: #20522 contributed by h00die
Path: linux/persistence/init_sysvinit
Description: This pulls out systemvinit from the init persistence module and adds the new persistence mixin.
Remote Code Execution Vulnerability in Vvveb
Authors: Hamed Kohi and Maksim Rogov
Type: Exploit Pull request: #20630 contributed by vognik
Path: multi/http/vvveb_auth_rce_cve_2025_8518
AttackerKB reference: CVE-2025-8518
Description: This adds a new module for Vvveb, exploiting a code injection vulnerability in the code editor (CVE-2025-8518). The module requires credentials to the CMS.
Persistence Exploit Suggester
Author: h00die
Type: Post Pull request: #20564 contributed by h00die
Path: multi/recon/persistence_suggester
Description: This adds a new module for persistence category - persistence suggester. It suggests a persistence mechanism depending on the target.
Enhancements and features (1)
- #20522 from h00die - This pulls out systemvinitfrom the init persistence module and adds the new persistence mixin.
Bugs fixed (6)
- #20629 from h00die - Updates module documentation headers for consistency.
- #20636 from sjanusz-r7 - Fixes a bug in the web crawler's handling of pages that are not found.
- #20639 from adfoster-r7 - Fixes a crash when running the scanner/oracle/oracle_login module.
- #20640 from msutovsky-r7 - This fixes a bug in the ldap_esc_vulnerable_cert_finder where when RUN_REGISTRY_CHECKS was set to true and the the module was run with a low privilege user the module was crashing.
- #20654 from molecula2788 - Fixes a bug with Meterpreter's extensions handling functionality which impacted the pivot payload.
- #20655 from adfoster-r7 - Fixes a crash when performing the migration command in a Meterpreter session.
Documentation added (1)
- #20632 from h00die - Improves the documentation and impacted version details for the linqpad_deserialization_persistence module.
You can always find more documentation on our docsite at docs.metasploit.com.
Get it
As always, you can update to the latest Metasploit Framework with msfupdate and you can get more details on the changes since the last blog post from GitHub:
If you are a git user, you can clone the Metasploit Framework repo (master branch) for the latest. To install fresh without using git, you can use the open-source-only Nightly Installers or the commercial edition Metasploit Pro
