Posts tagged Metasploit Weekly Wrapup

3 min Metasploit

Metasploit Wrap-Up

Dump Windows secrets from Active Directory This week, our very own Christophe De La Fuente [https://github.com/cdelafuente-r7] added an important update [https://github.com/rapid7/metasploit-framework/pull/15924] to the existing Windows Secret Dump module. It is now able to dump secrets from Active Directory, which will be very useful for Metasploit users. This new feature uses the Directory Replication Service through RPC to retrieve data such as SIDs, password history, Domain user NTLM hashes

3 min Metasploit

Metasploit Wrap-Up

A new Log4Shell / Log4j scanner module for Metasploit, a new WordPress module, and multiple enhancements and bug fixes

2 min Metasploit

Metasploit Wrap-Up

Word and Javascript are a rare duo. Thanks to thesunRider [https://github.com/thesunRider]. you too can experience the wonder of this mystical duo. The sole new metasploit module this release adds a file format attack to generate a very special document. By utilizing Javascript embedded in a Word document to trigger a chain of events that slip through various Windows facilities, a session as the user who opened the document can be yours. Do you like spiders? It has been 3 years since SMB2 suppo

2 min Metasploit

Metasploit Wrap-Up

Metasploit CTF 2021 starts today It’s that time of year again! Time for the 2021 Metasploit Community CTF [https://www.rapid7.com/blog/post/2021/11/16/announcing-the-2021-metasploit-community-ctf/] . Earlier today over 1,100 users in more than 530 teams were registered and opened for participation to solve this year’s 18 challenges. Next week a recap and the winners will be announced, so stay tuned for more information. Overlayfs LPE This week Metasploit shipped an exploit for the recent Overla

3 min Metasploit

Metasploit Wrap-Up

Self-Service Remote Code Execution This week, our own @wvu-r7 [https://github.com/wvu-r7] added an exploit module [https://github.com/rapid7/metasploit-framework/pull/15874] that achieves unauthenticated remote code execution in ManageEngine ADSelfService Plus, a self-service password management and single sign-on solution for Active Directory. This new module leverages a REST API authentication bypass vulnerability identified as CVE-2021-40539 [https://attackerkb.com/topics/DMSNq5zgcW/cve-2021-

3 min Metasploit

Metasploit Wrap-Up

Azure Active Directory login scanner module Community contributor k0pak4 [https://github.com/k0pak4] added a new login scanner module for Azure Active Directory [https://github.com/rapid7/metasploit-framework/pull/15755]. This module exploits a vulnerable [https://attackerkb.com/topics/rZ1JlQhXhc/cve-2020-16152?referrer=blog] authentication endpoint in order to enumerate usernames without generating log events. The error code returned by the endpoint can be used to discover the validity of user

4 min Metasploit

Metasploit Wrap-Up

Four new modules, including Microsoft OMI local privilege escalation, and a Win32k local privilege escalation module for CVE-2021-40449, impacting Windows 10 x64 build 14393 and 17763

3 min Metasploit

Metasploit Wrap-Up

GitLab RCE New Rapid7 team member jbaines-r7 [https://github.com/jbaines-r7] wrote an exploit targeting GitLab via the ExifTool command. Exploiting this vulnerability results in unauthenticated remote code execution as the git user. What makes this module extra neat is the fact that it chains two vulnerabilities together to achieve this desired effect. The first vulnerability is in GitLab itself that can be leveraged to pass invalid image files to the ExifTool parser which contained the second v

3 min Metasploit Weekly Wrapup

Metasploit Wrap-Up

Modules for Apache Server, Sophos UTM, the OMIgod RCE, and more. Plus, support for reverse port forwarding via established SSH sessions.

2 min Metasploit Weekly Wrapup

Metasploit Wrap-Up

Metasploit's first modules targeting Kubernetes, plus Windows support for exploiting Confluence Server CVE-2021-26084.

2 min Metasploit Weekly Wrapup

Metasploit Wrap-Up

Four new Moodle modules, plus new features to help red teamers keep track of sessions and forwarded connections.

2 min Metasploit Weekly Wrapup

Metasploit Wrap-Up

New modules for vCenter Server and Linux Netfilter, plus fixes and enhancements.

3 min Metasploit Weekly Wrapup

Metasploit Wrap-Up

More post modules than we've ever put out in a single release before, courtesy of a university project to add credential gathering capabilities based on the PackRat toolset.

3 min Metasploit Weekly Wrapup

Metasploit Wrap-Up

A new evasion module, an exploit for ManageEngine OpManager, fully functional shells over WinRM, and major RDP library improvements.

3 min Metasploit Weekly Wrapup

Metasploit Wrap-Up

New modules for Jira user enumeration, Git Remote Code execution via git-lfs, Geutebruck Camera post exploitation module, and unauthenticated RCE in elFinder PHP application