Metasploit Pro 4.1.4 Update 20120117000003

Document created by jcran on Jan 19, 2012Last modified by jcran on Jan 19, 2012
Version 4Show Document
  • View in full screen mode

Summary

This week's update adds a SCADA module for General Electric D20 which allows you to obtain the entire device configuration, including usernames / passwords. Additionally, this update adds a number of database schema dumpers (MSSQL, MySQL, and Postgres), exploits for Mozilla Firefox 3.6.16 (on OSX), MS05-054, BS.Player 2.57, McAfee MyCioScan SaaS, and a post module for enumerating windows malware artifacts. SSH Pubkey bruteforcing has been added the Bruteforcer. A total of five bugs are fixed in this update.

 

Module Changes

 

Resolved Bugs & Changes

  • Issue #6250 : Typo, misleading error messages and duplicate code in auxiliary/spoof/arp/arp_poisoning.
  • Issue #6249 : Several defects with auxiliary/scanner/http/soap_xml.
  • Issue #6128 : Handle errors coming from railgun (and thus Windows) in a more consistent way.
  • Issue #6066 : mssql_ping now reports all instances.
  • Issue #6237 : Discovery scan no longer triggers harmless exception.

 

How to Upgrade

Metasploit Pro is upgraded using the Administration menu and choosing the option Software Upgrade. To see how to upgrade your Metasploit installation, view this video in the Rapid7 Community.

 

Version Information

PRO 4.1.4 20120110000001 revision eed9a1343b48c44efb4cedf292e951747409a75d updates to 20120117000001 revision e85496e417da8e6ef9fb24cf123b5a11af2090fd

MSF3 4.1.4 20120110000001 revision 753ddb27c5dc14bcc6a073e877498dbcaaabec3a updates to 20120117000001 revision 396471b81a2a62e84a3b3e44bcb188c45048fdb0

Attachments

    Outcomes