Posts tagged Metasploit

2 min Metasploit Weekly Wrapup

Metasploit Wrap-Up

Hacktoberfest 2020 and wisdom from around the Metasploit water cooler. Keep an eye out for more info on the next Metasploit community CTF (coming soon).

2 min Metasploit

Metasploit Wrap-Up

Enhancements, bug fixes, and a new SAP IGS module!

5 min Metasploit

Metasploit Wrap-Up

Windows secrets dump, an 'in' with Safari, and more!

9 min Metasploit

Exploitability Analysis: Smash the Ref Bug Class

Two Metasploit researchers evaluate the "Smash the Ref" win32k bug class for exploitability and practical exploitation use cases for pen testers and red teams looking to obtain an initial foothold in the context of a standard user account.

3 min Metasploit Weekly Wrapup

Metasploit Wrap-up

Nine new modules, including a module for Zerologon, a new SOCKS module, some privilege escalations, and another Java deserialization exploit.

3 min Metasploit

Metasploit Wrap-Up

Six new modules this week, and a good group of enhancements and fixes!

2 min Metasploit Weekly Wrapup

Metasploit Wrap-Up

Three new modules, including a Pwn2Own addition for OS X, plus proxy support for Python Meterpreter, new search improvements, and a reminder of how to report security issues in Metasploit.

4 min Metasploit Weekly Wrapup

Metasploit Wrap-Up

New reflective PE file loader, a new module, new search improvements, and updates on Google Summer of Code projects.

2 min Metasploit

Metasploit Wrap-Up

Give me your hash This week, community contributor HynekPetrak [https://github.com/HynekPetrak] added a new module [https://github.com/rapid7/metasploit-framework/pull/13906] for dumping passwords and hashes stored as attributes in LDAP servers. It uses an LDAP connection to retrieve data from an LDAP server and then harvests user credentials in specific attributes. This module can be used against any kind of LDAP server with either anonymous or authenticated bind. Particularly, it can be used

2 min Metasploit

Metasploit Wrap-Up

Setting module options just got easier! Rapid7's own Dean Welch [https://github.com/dwelch-r7] added a new option [https://github.com/rapid7/metasploit-framework/pull/13961] to framework called RHOST_HTTP_URL, which allows users to set values for multiple URL components, such as RHOSTS, RPORT, and SSL, by specifying a single option value. For example, instead of typing set RHOSTS example.com, set RPORT 5678, set SSL true, you can now accomplish the same thing with the command set RHOST_HTTP_URL

2 min Metasploit

Metasploit Wrap-Up

vBulletin strikes again This week saw another vBulletin exploit released by returning community member Zenofex. This exploit module allows an unauthenticated attacker to run arbitrary PHP code or operating system commands on affected versions of the vBulletin web application. The vulnerability, which was also discovered by Zenofex, is identified as CVE-2020-7373 [https://attackerkb.com/topics/aIL9b0uOYc/cve-2020-7373?referrer=blog] and is effectively a bypass for a previously patched vulnerabili

5 min Metasploit Weekly Wrapup

Metasploit Wrap-Up

Metasploit 6 initial features and active development, the 2020 open-source security meetup (OSSM), four new modules, and the longest list of enhancements and fixes we've ever written in one sitting.

3 min Metasploit

Metasploit 6 Now Under Active Development

The Metasploit team announces active development of Metasploit Framework 6. Initial features include end-to-end encryption of Meterpreter communications, SMBv3 client support, and a new polymorphic payload generation routine for Windows shellcode.

3 min Metasploit

Metasploit Wrap-Up

SharePoint DataSet/DataTable deserialization First up we have an exploit from Spencer McIntyre (@zeroSteiner) for CVE-2020-1147 [https://attackerkb.com/topics/HgtakVczYd/cve-2020-1147?referrer=blog], a deserialization vulnerability in SharePoint instances that was patched by Microsoft on July 14th 2020 and which has been getting quite a bit of attention in the news lately. This module [https://github.com/rapid7/metasploit-framework/pull/13920] utilizes Steven Seeley (@stevenseeley)'s writeup al

1 min Metasploit

Open Source Security Meetup (OSSM): Virtual Edition

The Rapid7 Metasploit team will be hosting our annual Open Source Security Meetup (OSSM) as a virtual event Thursday, August 6th!