Metasploit 4.9.0 (Update 2014032601)

Document created by Brandon Turner Employee on Mar 24, 2014Last modified by todb on Mar 28, 2014
Version 3Show Document
  • View in full screen mode


This updates Metasploit to 4.9.0, with new features including:

  • New dynamic payload generator for better AntiVirus evasion
  • Improved reporting for greater penetration tester productivity
  • Improved task chains, now with support for editing existing chains
  • Better testing of network segmentation
  • Over 130 new modules, including over 60 new exploits (since Metasploit 4.8.0)
  • Fix for R7-2014-05, two vulnerable modules.


For more information on new features, please see the release announcement.


It includes 8 new modules since last week's update, including exploits for Enterprise VA, Quantum DXi, Quantum vmPRO, Array Networks vAPV and vxAG, FreePBX, Horde Framework, and Internet Explorer.  It also includes a new auxiliary module for Joomla.


Exploit modules


Auxiliary and post modules


Notable Changes and Resolved Issues

  • Allow sending social engineering emails in batches
  • Better error handling for CSV imports
  • Provide support for using the Network Segmentation Testing tool with a custom server



How to Upgrade

Metasploit Pro is upgraded using the Administration menu and choosing the option Software Upgrade. To see how to upgrade your Metasploit installation, view this video in the Rapid7 Community.


Version Information

PRO 4.8.2 updates to 4.9.0-2014032601

MSF3 4.8.2 updates to 4.9.0-2014032601