Posts tagged Metasploit

8 min Haxmas

Metasploit Tips and Tricks for HaXmas 2020

For this year's HaXmas, we're giving the gift of Metasploit knowledge!

3 min Metasploit Weekly Wrapup

Metasploit Wrap-Up

Exploits for Oracle Solaris CVE-2020-14871 and Windows 7 CVE-2020-1054, plus enhancements and bug fixes for Railgun and msfdb init. Happy HaXmas!

3 min Metasploit

Metasploit Wrap-Up

This week's wrap-up covers five new modules (including scanner, execution, and disclosure modules), some good fixes and enhancements, and more!

3 min Metasploit

Congrats to the winners of the 2020 December Metasploit community CTF

Thank you all that participated in the 2020 December Metasploit community CTF [/2020/11/19/announcing-the-2020-december-metasploit-community-ctf/]! The four day CTF was well received by the community, with 874 teams and 1903 users registered! We’ve included the high-level stats and the competition winners below. If you played the CTF and want to let the Metasploit team know which challenges you found exhilarating, interesting, or infuriating (in a good way, of course), we have a feedback survey

2 min Metasploit Weekly Wrapup

Metasploit Wrap-Up

It's CTF week(end)! Plus, steal files from Apache Tomcat servers thanks to a new Ghostcat exploit, and dump process memory with a new post module that leverages Avast AV's built-in AvDump utility.

3 min Metasploit

Metasploit Wrap-Up

Five new modules, and a reminder for the upcoming CTF

3 min Metasploit

Metasploit Wrap-Up

Two new RCE-capable modules and some good fixes and enhancements!

7 min Metasploit

Announcing the 2020 December Metasploit community CTF

It’s time for another Metasploit community CTF! This time around we’re doing a few things differently. Read on for details.

2 min Metasploit Weekly Wrapup

Metasploit Wrap-Up

Four new modules, including an exploit for SaltStack Salt and an exploit for a now-patched vuln in Metasploit, plus new enhancements and fixes.

2 min Metasploit

Metasploit Wrap-Up

Insert 'What Year Is It' meme h00die [https://github.com/h00die] contributed the Mikrotik unauthenticated directory traversal file read [https://github.com/rapid7/metasploit-framework/pull/14280] auxiliary gather module, largely a port of the PoC by Ali Mosajjal [https://github.com/mosajjal]. The vulnerability CVE-2018-14847 [https://attackerkb.com/topics/oOoUGd0y46/cve-2018-14847?referrer=blog] allows any file from the router to be read through the Winbox server in RouterOS due to a lack of val

2 min Metasploit Weekly Wrapup

Metasploit Wrap-Up

Support for gathering ProxyUsername and ProxyPassword for saved PuTTY sessions, usability improvements for PsExec modules, and another CTF coming soon.

3 min Metasploit Weekly Wrapup

Metasploit Wrap-Up

A bug fix for EternalBlue on Metasploit 6, four new modules, and a bunch of enhancements.

2 min Metasploit Weekly Wrapup

Metasploit Wrap-Up

Hacktoberfest 2020 and wisdom from around the Metasploit water cooler. Keep an eye out for more info on the next Metasploit community CTF (coming soon).

2 min Metasploit

Metasploit Wrap-Up

Enhancements, bug fixes, and a new SAP IGS module!

5 min Metasploit

Metasploit Wrap-Up

Windows secrets dump, an 'in' with Safari, and more!