Last week was AppSecUSA 2012 here in Austin, which may explain the curious absence of a weekly Metasploit Update blog post. The hilights of Appsec for me, were (in no particular order): Meeting Raphael @ArmitageHacker Mudge in person for the first time, meeting Scott @_nullbind Sutherland, author of a bunch of recent Microsoft SQL post modules, and both of whom happened to contribute to last week's Metasploit update pretty significantly.
I also got to meet the guys behind Gauntlt, the modestly-described "security testing tool built on Cucumber." I'm really pretty excited about Gauntlt and am currently looking around for some time to really dig into the code base. Think of it like an automated, continuous integration-style of pen-testing for already deployed application infrastructure (and that description is probably selling it pretty short). It's pretty neat and this whole ruggedization thing is what made AppSecUSA one of the better conferences this year.
Oh yeah, the update
During AppSecUSA, we did manage to squeeze out an update to Metasploit. I know you all sit by your RSS feeds just waiting for notification, and while I did tweet the release notes, I did neglect to mention the update on the blog here. So, here you go, the micro-summary:
The update is centered around fixes for bugs reported by Raphael, some neato post modules by nullbind and mubix (the former wrote some post SQL modules, the latter, some core Windows config post modules), and we have one (count 'em, one) new exploit module for Turbo FTP Server. That exploit got some love from long-time contributors corelanc0d3r, thelightcosine, and Lincoln. Thanks guys!
Here's the breakdown of the new modules with the links to Metasploit's Exploit Database.
- Turbo FTP Server 1.30.823 PORT Overflow by Lincoln, Zhao Liang, corelanc0d3r, and thelightcosine exploits OSVDB-85887
- Microsoft SQL Server NTLM Stealer by nullbind
- Microsoft SQL Server NTLM Stealer - SQLi by Antti and nullbind
- Lantronix Telnet Password Recovery by jgor
- Windows Gather Proxy Setting by mubix
- Windows Manage Proxy Setting Cloner by mubix
- Windows Recon Resolve IP by mubix
If you're new to Metasploit, you can get started by downloading Metasploit for Linux or Windows. If you're already tracking the bleeding-edge of Metasploit development, then these modules are but an msfupdate command away. For readers who prefer the packaged updates for Metasploit Community and Metasploit Pro, you'll be able to install the new hotness today when you check for updates through the Software Updates menu under Administration.
For additional details on what's changed and what's current, please see the most excellent release notes.