Metasploit 4.11.0 (Update 2014122301)

Document created by tdoan Employee on Dec 22, 2014Last modified by tdoan Employee on Oct 7, 2016
Version 4Show Document
  • View in full screen mode

Summary

 

This week's release includes 0 exploit modules and 2 auxiliary and post-exploitation modules.


New Modules

 

Auxiliary and Post-Exploitation Modules


Notable Fixes and Changes


    • #4335: Added WAR file upload JBoss exploit

    • #4368: Bumped credential gem version

    • #4375: Fixed event handlers for Ruby 2.x (issue #4219)

    • #4371: A trio of new msftidy checks (issues #4369, #4362, #3853)

    • #4364: Modules respect bruteforce_speed again (issue #3904)
    • Pro: The Credentials Domino MetaModule can be added to a task chain.
    • Pro: Rails was upgraded to 3.2.21 to address CVE-2014-7829.
    • Pro: Exported workspace Zip files now successfully generate when loot files are included.
    • Pro: The Known Credentials Intrusion MetaModule now validates that logins exist in the project before it runs.
    • Pro: The task log no longer includes a status for mutations if mutations are not selected for the Bruteforce task.
    • Pro: When adding a Nexpose console, you can now include the protocol (e.g., https) when specifying the console address.
    • Pro: The Bruteforce options are now all aligned with one another.
    • Pro: The correct spelling of "Bruteforce" is consistently applied throughout the user interface.
    • Pro: MetaModules are correctly cloned in a task chain.

 

Upgrading after December 23. 2014


If you did not update Metasploit 4.11.0 prior to December 23, 2014, you will need to read this handy blog from erayymz to learn how to successfully update your Metasploit instance: HOTFIX: Metasploit Startup Issues After Upgrading to 4.11.0 (Update 2014122301). The standard method that you use to update Metasploit will not work if you are updating after December 23, so it is critical that you update Metasploit using the steps outlined in the blog.


How to Upgrade


To upgrade Metasploit Pro, go to the Administration menu and select the Software Updates option. To see how to upgrade your Metasploit installation, view this video.

 

Version Information


PRO 4.11.0 updates to 4.11.0-2014122301

MSF3 4.11.0 updates to 4.11.0-2014122301

Attachments

    Outcomes