This updates Metasploit to 4.7.0.
This update introduces MetaModules, a unique new way to simplify and operationalize security testing. New MetaModules include:
- SSH Key Testing
- Single Password Testing
- Pass the Hash
- Passive Network Discovery
- Firewall Egress Testing
- Known Credentials Intrusion
It also includes 4 new modules, including exploits for Corel, MediaCoder and Windows as well as new auxiliary modules for Apache.
In addition, this update fixes 3 issues.
- Corel PDF Fusion Stack Buffer Overflow by juan vazquez and Kaveh Ghaemmaghami exploits CVE-2013-3248
- MediaCoder .M3U Buffer Overflow by metacom, modpr0be, and otoy exploits OSVDB-94522
- Microsoft Windows Authenticated Powershell Command Execution by RageLtMan and Royce @R3dy__ Davis exploits CVE-1999-0504
Auxiliary and post modules
- Apache Rave Users Information Disclosure by juan vazquez and Andreas Guth exploits CVE-2013-1814
Notable Changes and Resolved Issues
- 1223 - Upgrade smb_enumshares to show directories and files
- 7943 - Fix Pcap warning message and fix arp modules
- Allow setting a custom IP when using Java applets in social engineering campaigns
- Upgrade ruby to 1.9.3-p448
How to Upgrade
Metasploit Pro is upgraded using the Administration menu and choosing the option Software Upgrade. To see how to upgrade your Metasploit installation, view this video in the Rapid7 Community.
PRO 4.6.2 updates to 4.7.0-2013071701
MSF3 4.6.2 updates to 4.7.9-2013071701