Metasploit 4.6.0 (Update 2013041002)

Document created by Brandon Turner Employee on Apr 9, 2013Last modified by todb on Apr 11, 2013
Version 4Show Document
  • View in full screen mode

Summary

 

This updates Metasploit to 4.6.0.

 

This update includes several new features and updates, including:

 

  • Support for OWASP Top 10 2013
  • Revamped user interface
  • More effective website spider
  • Get shells using SQL injection
  • Support for web app authentication
  • Reports with remediation advice
  • Quick penetration testing wizard
  • Web application testing wizard
  • Phishing simulation wizard

 

It also includes 6 new modules, including exploits for Linksys E1500/E2500 and Netgear DGN1000B routers and new auxiliary modules for DLink routers and PostgreSQL.

 

In addition, this update fixes 2 issues.

 

This release also removes both Armitage and msfgui, the two Java-based thick clients, from the Metasploit binary installers. This should help clarify which GUI is actually supported (and supportable) by Rapid7 in an installed environment. It also frees up these projects to develop, test, and release on their own schedules instead of being beholden to Metasploit development schedules to land new features and bug fixes. Over the next couple months, expect to see more shuffling around ofMetasploit's other secondary projects. For example, Meterpreter will be exiting the Metasploit source repository soon, thanks to the valiant untangling efforts by Egypt and Meatballs. Meterpreter, PacketFu, John the Ripper -- these are all stand-alone components that effectively have their own development requirements and their own testing/QA conventions and release schedules, so there's no good reason to try to subject them to Metasploit's dictates.

 

Module Changes

Exploit modules

 

Auxiliary and post modules

 

Resolved Issues

  • 4202 - Fix issue in Railgun CDECL
  • Scheduled task chains respect start time

 

How to Upgrade

Metasploit Pro is upgraded using the Administration menu and choosing the option Software Upgrade. To see how to upgrade your Metasploit installation, view this video in the Rapid7 Community.

 

Version Information

PRO 4.5.3 updates to 4.6.0-2013041002

MSF3 4.5.3 updates to 4.6.0-2013041002

Attachments

    Outcomes