Metasploit 4.7.2 (Update 2013101601)

Document created by Brandon Turner Employee on Oct 14, 2013
Version 1Show Document
  • View in full screen mode


This updates Metasploit to 4.7.2.


This update includes 10 new modules, including exploits for Linksys WRT110, Zabbix, VMware Hyperic, Internet Explorer, and HP Data Protector.  It also includes new auxiliary modules for vBulletin, Microsoft Windows, DLink and a new post module for resolving hostnames on the remote host.


In addition, this update fixes 10 reported issues.


Module Changes

Exploit modules


Auxiliary and post modules


Notable Changes and Resolved Issues

  • 7918 - Save Apple Safari UXSS module data to file
  • 8269 - Support constants in Railgun multicall
  • 8270 - Fix Railgun crash in Meterpreter
  • 8456 - Fix missing references to cpuinfo.ia64.bin when using system JTR
  • 8470 - Fix a stacktrace when selecting an invalid target for ms13_069_caret
  • 8482 - Fix an uninitialized constant error in Rex::Exploitation::JavascriptOSDetect
  • 8489 - Fix an undefined method error in msfcli
  • Fix a bug that caused some Windows hosts to incorrectly display as 'Cracked'
  • Fix a bug that caused closed/filtered ports to be omitted from the Firewall Egress Metamodule results
  • Fix a bug that prevented Metasploit from starting on RHEL 5.x (and similar systems with glibc 2.5)


How to Upgrade

Metasploit Pro is upgraded using the Administration menu and choosing the option Software Upgrade. To see how to upgrade your Metasploit installation, view this video in the Rapid7 Community.


Version Information

PRO 4.7.1 updates to 4.7.2-2013101601

MSF3 4.7.1 updates to 4.7.2-2013101601