Posts tagged Metasploit Weekly Wrapup

4 min Metasploit

Metasploit Wrap-Up

Flink targeting, process herpaderping, and more in this week's Metasploit wrap-up!

4 min Metasploit Weekly Wrapup

Metasploit Wrap-Up

GSoC Rocks! In a rare double whammy, one of our 2020 Google Summer of Code (GSoC) participants has authored a PR containing both enhancements & a new module [https://github.com/rapid7/metasploit-framework/pull/14067]! Improvements to our SQL injection library now allow PostgreSQL injection, and this new functionality has been verified with both a test module AND a fully functioning module exploiting CVE-2019-13375 [https://attackerkb.com/topics/n3vokFNBje/cve-2019-13375?referrer=blog], a (Postgr

3 min Metasploit Weekly Wrapup

Metasploit Wrap-Up

This installment includes a new MicroFocus RCE module, an updated Microsoft Exchange patch bypass, and items without 'Micro' in the title, too!

2 min Metasploit

Metasploit Wrap-Up

This week's edition: Baron Samedit 'sudo' exploit module, OneDrive sync enumeration, and WP credential gathering via Abandoned Cart plugin.

3 min Metasploit

Metasploit Wrap-Up

Five new modules, including RCEs, arbitrary file write, and a Windows Registry check if the DementiaWheel/fanny.bmp malware exists on a target.

3 min Metasploit

Metasploit Wrap-Up

A new Microsoft Windows Spooler privesc module, along with some fixes and improvements!

3 min Metasploit Weekly Wrapup

Metasploit Wrap-Up

Commemorating the 2020 December Metasploit community CTF A new commemorative banner has been added to the Metasploit console to celebrate the teams that participated in the 2020 December Metasploit community CTF [/2020/12/07/congrats-to-the-winners-of-the-2020-december-metasploit-community-ctf/] and achieved 100 or more points: If you missed out on participating in this most recent event, be sure to follow the Metasploit Twitter [https://twitter.com/metasploit] and Metasploit blog posts [/ta

3 min Metasploit

Metasploit Wrap-Up

Eight new Metasploit modules for various targets (and outcomes!), with a good set of improvements and fixes!

3 min Metasploit Weekly Wrapup

Metasploit Wrap-Up

Exploits for Oracle Solaris CVE-2020-14871 and Windows 7 CVE-2020-1054, plus enhancements and bug fixes for Railgun and msfdb init. Happy HaXmas!

3 min Metasploit

Metasploit Wrap-Up

This week's wrap-up covers five new modules (including scanner, execution, and disclosure modules), some good fixes and enhancements, and more!

2 min Metasploit Weekly Wrapup

Metasploit Wrap-Up

It's CTF week(end)! Plus, steal files from Apache Tomcat servers thanks to a new Ghostcat exploit, and dump process memory with a new post module that leverages Avast AV's built-in AvDump utility.

3 min Metasploit

Metasploit Wrap-Up

Five new modules, and a reminder for the upcoming CTF

3 min Metasploit

Metasploit Wrap-Up

Two new RCE-capable modules and some good fixes and enhancements!

2 min Metasploit Weekly Wrapup

Metasploit Wrap-Up

Four new modules, including an exploit for SaltStack Salt and an exploit for a now-patched vuln in Metasploit, plus new enhancements and fixes.

2 min Metasploit

Metasploit Wrap-Up

Insert 'What Year Is It' meme h00die [https://github.com/h00die] contributed the Mikrotik unauthenticated directory traversal file read [https://github.com/rapid7/metasploit-framework/pull/14280] auxiliary gather module, largely a port of the PoC by Ali Mosajjal [https://github.com/mosajjal]. The vulnerability CVE-2018-14847 [https://attackerkb.com/topics/oOoUGd0y46/cve-2018-14847?referrer=blog] allows any file from the router to be read through the Winbox server in RouterOS due to a lack of val