Metasploit Pro 4.2.0 Update 2012040402

Document created by jcran on Apr 5, 2012Last modified by jcran on Apr 5, 2012
Version 3Show Document
  • View in full screen mode


This weeks update features twelve new modules, six of them delivered by DigitalBond, and SCADA-focused. Targets include Schneider Modicon, Allen-Bradley/Rockwell, General Electric D20ME, and Koyo DirectLogic. Additionally, we've got modules for scanning through a Squid server, and the new (exploit/multi/browser/java_atomicreferencearray) java exploit which has been making the rounds in the Blackhole and Flashback exploit kits. Also included are Linux Xchat and OSX Colloquy gather modules.

Check out the blog post for more info!


Module Changes

Resolved Bugs & Changes

  • Issue #6567 : Session logging now handles a hostname for RHOST.
  • Issue #6580 : smart_hashdump now waits longer on a large domain.
  • Issue #6577 : Fixes a condition where exploit targeting would be influenced by open sessions from another concurrent project.
  • Issue #6570 : Downloading text file loot no longer returns empty files.


How to Upgrade

Metasploit Pro is upgraded using the Administration menu and choosing the option Software Upgrade. To see how to upgrade your Metasploit installation, view this video in the Rapid7 Community.


Version Information

PRO 4.2.0 2012032101 revision dc5e311c4e899d8c274daca07cd67574bf899ad5 updates to 2012040401 revision 71394771511d543e04dc8e0d4b8808666dbed064

MSF3 4.2.0 2012032101 revision ddacf1dde826b3b2d921e637b9571875e5558d70 updates to 2012040401 revision 662e28f0abcf3de4c177c8d1f7c1d81199cac5ac