Posts tagged Product Updates

17 min InsightIDR

Universal Event Formats in InsightIDR: A Step-by-Step NXLog Guide

Follow this step-by-step walkthrough to use NXLog to transform an ingress authentication log into UEF.

2 min InsightIDR

Universal Event Formats Q&A: Apply User Behavior Analytics to More of Your Data

Rapid7 is proud to announce a new way to collect log data: Universal Event Formats. Here is a quick Q&A to give you the lowdown.

5 min InsightAppSec

New Features: Rapid7 Launches Public API For InsightAppSec

Rapid7 is pleased to announce the newest addition to your application security toolkit on the Rapid7 Insight platform: the public API in our DAST solution, InsightAppSec.

4 min InsightVM

Automate to Accelerate: Introducing Security Orchestration and Automation on the Rapid7 Insight Platform

Rapid7 is proud to officially announce orchestration and automation on our Insight platform, with automation taking shape in a number of existing products and our new SOAR offering, Rapid7 InsightConnect.

3 min Azure

Azure Security Center and Active Directory Now Integrate with the Rapid7 Platform

Today, we announced [https://www.rapid7.com/about/press-releases/rapid7-integrates-with-microsoft-azure/] continued, more comprehensive development of the integration between the Rapid7 Insight platform [https://www.rapid7.com/products/insight-platform/] and Microsoft Azure. A new integration with Azure Security Center makes it easy to deploy the Rapid7 unified Insight Agent across new and existing Azure Virtual Machines. This automated deployment enables InsightVM customers to maintain consta

16 min Metasploit

Don't Get Blindsided: Better Visibility Into User and Asset Risks with Metasploit 4.8

Not having visibility can be dangerous in many situations. The new Metasploit 4.8 gives you better visibility in four key areas: * View phishing exposure in the context of the overall user risk * See which vulnerabilities pose the biggest risk to your organization * Have all host information at your fingertips when doing a pentest * Discover the latest risks on your network with new exploits and other modules See Phishing Exposure as One Factor of User Risk Users are often a weak part of t

3 min Product Updates

Weekly Update

Disclosures for SuperMicro IPMI On the heels of last week's bundle of FOSS disclosures [/2013/10/30/seven-foss-disclosures-part-one], we've gone a totally different direction this week with a new round of disclosures. Today, we're concentrating on a single vendor which ships firmware for Baseboard Management Controllers (BMCs): Supermicro, and their Supermicro IPMI firmware. You can read up on the details on HD's blog post [/2013/11/06/supermicro-ipmi-firmware-vulnerabilities] which covers the

4 min Product Updates

Weekly Update: Exploiting (Kind of) Popular FOSS Apps

Disclosure for FOSS Projects Earlier today, we published seven modules for newly disclosed vulnerabilities [/2013/10/30/seven-foss-disclosures-part-one] that target seven free and open source (FOSS) projects, all discovered and written by long time Metasploit contributor Brandon Perry [https://twitter.com/brandonprry]. These vulnerabilies moved through Rapid7's usual disclosure process [https://rapid7.com/disclosure.jsp], and as you can read in the summary blog post, it was a little bit of an ad

4 min Product Updates

Weekly Update: Meterpreter Updates, VMWare, the OSX spycam, Retabbing, and more!

Meterpreter Updates This is a big week for Meterpreter. For starters, we've landed a new Meterpreter Python payload [https://github.com/rapid7/metasploit-framework/blob/master/modules/payloads/stages/python/meterpreter.rb] . Yes, yes, I know, you thought that Metasploit was all Ruby all the time, but this and the Python payloads for bind shells from Spencer McIntyre [https://github.com/zeroSteiner] should help out on advancing the state of Meterpreter by leaps and bounds. Despite Metasploit's m

3 min Product Updates

Weekly Update: Apple OSX Privilege Escalation

Sudo password bypass on OSX This week's update includes a nifty local exploit for OSX, the sudo bug described in CVE-2013-1775. We don't have nearly enough of these Apple desktop exploits, and it's always useful to disabuse the Apple-based cool-kids web app developer crowd of the notion that their computing platform of choice is bulletproof. Joe Vennix [https://github.com/jvennix-r7], the principle author of this module, is, in fact, of that very same Apple-based developer crowd, and usually bu

3 min Product Updates

Weekly Update: Cooperative Disclosure and Assessing Joomla

Cooperative Disclosure I'm in attendance this year at Rapid7's UNITED Security Summit [http://www.unitedsummit.org/], and the conversations I'm finding myself in are tending to revolve around vulnerability disclosure. While Metasploit doesn't traffic in zero-day vulnerabilities every day, it happens often enough that we have a disclosure policy [https://rapid7.com/disclosure.jsp] that we stick to when we get a hold of newly uncovered vulnerabilities. What's not talked about in that disclosure p

3 min Product Updates

Weekly Update: Metasploit Pro on Chromebook, Galaxy Tab, and a Batch of New ZDI Exploits

Vegas Time! Like the rest of the information security industry, we're buttoning down for the annual pilgramage to Vegas next week. This means collecting up all our new community-sourced swag [/2013/07/16/metasploit-design-contest-winners], finishing up training and presentation material, figuring out what the heck to do with our phones to avoid casual ownage, and test driving our new Chromebook builds of Metasploit Pro. They're pretty sweet. The latest update for ARM-arch Kali should run withou

3 min Metasploit

Metasploit Update: Those Sneaky IPMI Devices

IPMI, in my network? This week's update features a set of tools for auditing your IPMI infrastructure. "Phew, I'm glad I'm not one of those suckers," you might be thinking to yourself. Well, the thing about IPMI (aka, the Intelligent Platform Management Interface) is that it's just a skootch more esoteric than most protocols, and even experienced server administrators may not be aware of it. Do you use server hardware from IBM, Dell, or HP? Have you ever had to use IBM's Remote Supervisor adapte

2 min Metasploit

Metasploit Update: Weaponizing Local Exploits

Weaponizing Local Exploits This week's update features an exploit for Tavis @taviso [https://twitter.com/tavsio] Ormandy's vulnerability in the EPATHOBJ::pprFlattenRec [http://seclists.org/fulldisclosure/2013/May/91] function, which lives in win32k.sys on pretty much any Windows machine you're likely to run into. A whole lot of people threw in on this module to make this exploit reliable in Metasploit -- Tavis and progmboy wrote the original C exploit, new contributor @Keebie4e [https://github

2 min Product Updates

Weekly Update: Smaller is Better

In this week's episode, the role of Tod Beardsley will be played by egypt. Smaller is better Perhaps the most prominent addition to the framework this week is not an addition at all, but rather a deletion. We've been working toward a slimmer, more manageable source tree for a while now, and as part of that effort, we recently removed a pile of old-and-busted unit tests. This update goes a bit further, moving source code for some compiled payloads into seperate repositories. Metasploit's version

4 min Product Updates

Weekly Update: Adventures in Unstable, DoS'ing UPnP for Good, and Secret AWK Shells

Stable is for Suckers! Today on the Freenode IRC [https://www.freenode.net/] channel #metasploit, a user was asking about our old SVN repository for "unstable" Metasploit modules. He was lamenting its loss, since we recently shut down our SVN services (described in this blog post [/2013/05/22/weekly-update]on May 22, 2013). Fear not, danger-seekers! "Unstable" does live on in the form of a GitHub branch. You can check it out at https://github.com/rapid7/metasploit-framework/tree/unstable, and

3 min Product Updates

Weekly Update: Apache Struts Exploit, Android Meterpreter, and New Payloads

Apache Struts Exploit This week's update includes an exploit for a pretty recent vulnerability in Apache Struts, thanks to community contributor Richard @Console [https://github.com/Console] Hicks. The struts_include_param module exercises the vulnerability described at OSVDB 93645 [http://www.osvdb.org/93645], disclosed on May 23, 2013, a bare two weeks ago, and originally discovered by Eric Kobrin and Douglad Rodrigues. The reason why I bring this up is not just because it's a solid exploit f

3 min Product Updates

Weekly Update: The Nginx Exploit and Continuous Testing

Nginx Exploit for CVE-2013-2028 The most exciting element of this week's update is the new exploit for Nginx which exercises the vulnerability described by CVE-2013-2028 [http://mailman.nginx.org/pipermail/nginx-announce/2013/000112.html]. The Metasploit module was written by Metasploit community contributors hal and saelo, and exploits Greg McManus's bug across a bunch of versions on a few pre-compiled Linux targets. We don't often come across remote, server-side stack buffer overflows in popul

3 min Metasploit

Weekly Update: 4.6.1, ColdFusion Exploit, and SVN Lockdown

Metasploit 4.6.1 Released This week's update bumps the patch version of Metasploit to 4.6.1 (for installed versions of Metasploit). The major change here is the ability to install Metasploit on Windows 8 and Windows Server 2012. That meant we had to fiddle with the installer and a few of Metasploit Pro's dependencies to get that all working correctly, and that led to skipping last week's release so we could be sure all the moving parts lined up correctly. This release also fixes a few minor iss

3 min Product Updates

Weekly Update: Pull Request Wrangling

Pull Requests: Want to help? Metasploit has a first world problem: We get so much code from contributors out in the world, it gets hard to keep up. Most open source projects aren't popular enough to warrant more than three or four contributors, total. Metasploit has over two hundred, last I checked. We're no Rails (those guys have over 2,000 contributors), but for security software, that's not too bad. The problem is, our backlog of outstanding pull requests [https://github.com/rapid7/metasploi

2 min Product Updates

Weekly Update: Sport Fishing for Exploits and Improved Java Hackery

Java Payload Cleanup If you've been watching the Metasploit source repository [https://github.com/rapid7/metasploit-framework/], you will have noticed some movement in Java Payload land -- specifically, PR#1217 [https://github.com/rapid7/metasploit-framework/pull/1217], which landed this week. Thanks to the refactoring efforts of Michael @mihi42 [https://twitter.com/mihi42] Schriel, testing by @Meatballs [https://github.com/Meatballs1], and integration from James @egyp7 [https://twitter.com/egyp

12 min Metasploit

Metasploit 4.6.0 Released!

We just released Metasploit 4.6.0, so applying this week's update will get you the brand new version. While Chris has a delightful blog post [/2013/04/10/metasploit-adds-owasp-top-10-2013-and-penetration-test-wizards] of what all is new in Metasploit Pro, let's take a look at what's exciting and new between Metasploit 4.5.0 and today's update to 4.6.0. 138 new modules First off, the hacker elves have been cranking out a ton of module content since we released 4.5.0 back in December, 2012. Betw

3 min Product Updates

Weekly Update: Minecraft RAT Attacks, PHP Shell Games, and MongoDB

Minecraft-Vectored Malware Metasploit exploit developer Juan @_juan_vazquez_ [https://twitter.com/_juan_vazquez_], while trawling the Internet for the next hot exploit, came across this pastie [http://pastie.org/pastes/6581034] describing a Java exploit which takes advantage of a vulnerability in Java's Color Management classes. Turns out, this is also one of the vulns being exploited in McRat, a Trojan targeting Windows-based Minecraft players (that's what the "Mc" stands for). McRat is compe

2 min Product Updates

Weekly Update: Hollywood Hacking and More Java Exploits

Hollywood Hacking: Tapping Webcams and Mics This week's update has two new post modules for Metasploit, which enables the creative pen-tester to hit that creeper vibe so often missing on a typical engagement, both by Metasploit exploit dev Wei @_sinn3r [https://twitter.com/_sinn3r] Chen. They're both post-exploitation modules, so they presume you already have a session on the target via some other exploit. First up is a webcam control module, which can take a snapshot using the target's webcam.

5 min Product Updates

Update to the Metasploit Updates and msfupdate

The Short Story In order to use the binary installer's msfupdate, you need to first register your Metasploit installation. In nearly all cases, this means visiting https://localhost:3790 [https://localhost:3790/] and filling out the form. No money, no dense acceptable use policy, just register and go. Want more detail and alternatives? Read on. Background A little over a year ago, Metasploit primary development switched to Git [/2011/11/10/git-while-the-gitting-is-good] as a source control p

4 min Product Updates

Weekly Metasploit Update: Two Dozen New Modules

The Vegas and vacation season is behind us, so it's time to release our first post-4.4.0 update. Here we go! Exploit Tsunami A few factors conspired to make this update more module-heavy than usual. We released Metasploit 4.4 [/2012/07/17/risk-validation-and-verification-in-vulnerability-management-with-metasploit] in mid-July. Historically, a dot version release of Metasploit means that we spend a little post-release time closing out bugs, performing some internal housekeeping that we'd been

3 min Release Notes

Security Configuration assessment capabilities that meet your needs with Nexpose 5.4

A new great looking feature in our configuration assessment component has been added in Nexpose 5.4: the ability to customize policies to meet your unique contextual needs, i.e. are specific to your environment. You are now going to be able to copy a built-in policy, edit its configuration including the policy checks values to test your assets for compliance. This flexibility allows for custom, accurate and relevant configuration assessment. Configuration assessment is important to assess the r

3 min Metasploit

Weekly Metasploit Update: Zero Days, Deprecated Commands, and More!

This week's release sees a quiet vulnerability fix, an exploit against an unpatched vulnerability in Microsoft's XML Core Services, and some helpful new/old commands, as well as the usual pile of exploity goodness you've come to expect from the Metasploit kitchen. Vulnerabilities? In My Metasploit? It's more likely than you think. Like all reasonably complex software packages, Metasploit occasionally ships with security vulnerabilities. Lucky for us, our user base tends to be pretty sophisticat

3 min Metasploit

Weekly Metasploit Update: Encrypted Java Meterpreter, MS98-004, and New Modules!

When it rains, it pours. We released Metasploitable Version 2 [/2012/06/13/introducing-metasploitable-2] , published a technique for scanning vulnerable F5 gear [/2012/06/11/scanning-for-vulnerable-f5-bigips-with-metasploit] , and put out a module to exploit MySQL's tragically comic authentication bypass problem [/2012/06/11/cve-2012-2122-a-tragically-comedic-security-flaw-in-mysql], all in addition to cooking up this week's update. So, kind of a busy week around here. You're welcome. (: Encryp

5 min Metasploit

Weekly Metasploit Update: Citrix Opcodes, Hash Collisions, and More!

This week's update has a nice new asymmetric DoS condition module, a bunch of churn in Metasploit's Rails components, and some new Citrix attacks, so let's get right into it. Fuzzing for Citrix Opcodes This week's update includes three new exploits for Citrix Provisioning Services, the solution by Citrix "to stream a single desktop image to create multiple virtual desktops on one or more servers in a data center" (vendor quote [http://support.citrix.com/proddocs/topic/xendesktop-bdx/cds-msscvm-

2 min Product Updates

Weekly Metasploit Update: Post Modules!

This week, let's talk about post-modules, since we have two new fun ones to discuss. Windows PowerShell Windows PowerShell is a scripting language and shell for Windows platforms, used primarily by system administrators. While untrusted scripts are not allowed to run by default, many users will be tempted to set their execution environments to be pretty permissive. This, in turn, can provide a rich (and almost completely overlooked) post-exploitation playground. To that end, this update featur

3 min Metasploit

Weekly Metasploit Update: DNS payloads, Exploit-DB, and More

This week we've got a nifty new shellcode delivery scheme, we've normalized on Exploit-DB serial numbers, and a pile of new modules, so if you don't have Metasploit yet, you can snag it here [http://www.metasploit.com/download/]. DNS Payloads in TXT Records To quote RFC 1464 [http://tools.ietf.org/html/rfc1464] describing DNS TXT records, "it would be useful to take advantage of the widespread use and scalability of the DNS to store information that has not been previously defined." I don't kno

3 min Metasploit

Weekly Metasploit Update: Spiceworks, AFP, RDP, and a New HTTP Downloader

After a couple of relatively light weeks (blame SXSW, I guess), this week's update has quite a few neat new additions. As always, if you don't already have Metasploit, what are you waiting for [http://www.metasploit.com/download/]? For the rest of us, here's what's new. Importapalooza This week's update has support for importing asset lists exported from Spiceworks, courtesy of Rapid7's Brandon Perry. Spiceworks is a free asset management application used by tons of IT pros and IT amateurs alik

3 min Metasploit

Weekly Metasploit Update: Session Smarts and GitHub

It's another Metasploit update, and it's headed straight for us! Session Smarts This week, Metasploit session management got a whole lot smarter. Here's the scenario: As a penetration tester, you rook a bunch of people into clicking on your browser-embedded Flash exploit [/2012/03/08/cve-2012-0754], sit back, and watch the sessions rolling in. However, they're all behind a single NAT point, so all your sessions appear to be terminating at a single IP address, and you quickly lose track of who's

3 min Metasploit

Weekly Metasploit Update: Wmap, Console Search, and More!

In addition to the nuclear-powered exploit [/2012/03/08/cve-2012-0754], we've got a new slew of updates, fixes and modules this week for Metasploit, so let's jump right into the highlights for this update. Updated WMAP Plugin Longtime community contributor Efrain Torres provided a much-anticipated update to the Wmap plugin [https://raw.github.com/rapid7/metasploit-framework/master/documentation/wmap.txt] . Wmap automates up a bunch of web-based Metasploit modules via the Metasploit console, fro

2 min Metasploit

Weekly Metasploit Update: POSIX Meterpreter and New Exploits

This is a pretty modest update, since it's the first after our successful 4.2 release [http://www.rapid7.com/downloads/metasploit.jsp] last week. Now that 4.2 is out the door, we've been picking up on core framework development, and of course, have a few new modules shipping out. Meterpreter Updates James "egyp7" Lee and community contributor mm__ have been banging on the POSIX side of Meterpreter development this week, and have a couple of significant enhancements to Linux Meterpreter. The mos

3 min Metasploit

Metasploit 4.2 Released: IPv6, VMware, and Tons of Modules!

Since our last release in October, we've added 54 new exploits, 66 new auxiliary modules, 43 new post-exploitation modules, and 18 new payloads -- that clocks in at just about 1.5 new modules per day since version 4.1. Clearly, this kind of volume is way too much to detail in a single update blog post. Of course, you could just dive in and download the latest version [http://www.rapid7.com/downloads/metasploit.jsp] to get started. In the meantime, here are the highlights for this latest release

3 min Product Updates

What is this whole updating thing anyways?

Nexpose by default is programmed to reach out on startup and every six hours afterward to the Rapid 7 update servers. At this time Nexpose checks for any new product and vulnerability content updates. If any updates are available Nexpose attempts to download and apply the data to the Security Console and local Scan Engine. The Security Console also sends updates to any distributed Scan Engines to which it is connected. How do I disable automatic product updates? The Security Console offers a fe

1 min Metasploit

Help your new sweethearts call home to Metasploit

Setting listener host and ports for payloads in Metasploit Pro Life is full of disappointments: You spend a lot of time flirting with a cute new machine, convince it to accept your payload, and never get a call back – just because the big bad NAT is not letting your new sweetheart phone home. That's why many of you broken hearted pentesters have asked us to make the listener port and IP address for payloads configurable to ports that are usually accessible, such as ports 80 and 443. This week'