Metasploit 4.11.0 (Update 2015011401)

Document created by tdoan Employee on Jan 12, 2015Last modified by tdoan Employee on Oct 7, 2016
Version 3Show Document
  • View in full screen mode



This week's release includes 9 exploit modules and 7 auxiliary and post-exploitation modules.

New Modules

Exploit Modules


Auxiliary and Post-Exploitation Modules


Notable Fixes and Changes

  • #4567: Dropped the long-defunct metcli.exe client component

  • #4564: Updated Meterpreter sniffer binaries

  • #4559: Fixed Wordpress version detection

  • #4557, Fixed typo'ed error printing

  • #4554, Updated metasploit-credential gem

  • #4553, Updated bypass UAC to work on Windows 7, 8, 8.1, and 2012

  • #4550: Added module for wp-symposium Wordpress plugin

  • #4548: Fixed loginscanners to operate without a database

  • #4544: Fixed Rails logging location

  • #4543: Updated JtR with new KoreLogic rules

  • #4540: Restored DB_ALL_* commands

  • #4539: Fixed type filtering for creds console command

  • #4537: Fixed ElasticSearch identification misses

  • #4536: Fixed some Ruby 2.2 compatability issues

  • #4535: Updated report_auth_info to do the right thing with older bruteforce modules

  • #4523: Converted inspect to to_s for Ruby 2.1 compat

  • #4521: Added module for Pandora FMS

  • #4515: Updated Linux Meterpreter binaries

  • #4509: Workaround for private and protected methods in Ruby 2.1

  • #4508: Updated .ruby-version to default to 2.1.5 for developers

  • #4502: Updated Linux Meterpreter binaries

  • #4501: Updated Wordpress version detection

  • #4493: Added module for ManageEngine Central Desktop

  • #4487: Removed animated spinner for Windows users

  • #4485: Updated Drupageddon version check

  • #4482: Fixed response_timeout on sessions command

  • #4481: Improved enum_users_history post module

  • #4476: Added module for Lexmark MarkVision Enterprise

  • #4475: Fixed timeout check for Meterpreter registry reads

  • #4473: Moved backtrace output to logs, not console

  • #4470: Added bind_hidden_ipknock_tcp payload stager

  • #4463: Improved smart_hashdump module

  • #4461: Added module for Android (cookie database theft)

  • #4460: Fixed powershell webclient certificate validation check/bypass

  • #4459: Added module for ProjectSend

  • #4457: Fixed Firefox in-memory payload execution

  • #4456: Added module for Windows Domain privilege escalation, Kerberos bug MS14-068

  • #4444: Added module for i-FTP

  • #4443: Added module for BulletProof FTP client

  • #4440: Added module for git client

  • #4437: Updated msfvenom output switch for msfpayload/msfencode deprecation

  • #4385: Fixed BRUTEFORCE_SPEED option parsing

  • #4357: Added Kerberos support for current_user_psexec

  • #4321: Fixed ms01_026_dbldecode module bug

  • #4203: Cleaned up java_rmi_server

  • #4187: Added module to collect Windows Firewall rules

  • #4101: Added module to collect credentials from Konica Multifunction printers

  • #4065: Added modules for Cisco CUCDM

  • #3700: Fixed oracle_login failed authentication bug

  • #3695: Added module to exercise Linux desktop privilege escalation

  • #3594: Added support for Linux Meterpreter migration

  • #3394: Added bind_hidden_tcp payload stager

  • #2766: Refactored ExtAPI services

  • #2156: Added module for MySQL FILE privilege abuse
  • Pro:  AuthBrute modules now respect DB_ALL_USERS and DB_ALL_PASS in addition to DB_ALL_CREDS.
  • Pro: The Zip Workspace export now includes ACCESS_LEVEL and LAST_ATTEMPTED_AT when exporting and importing credentials.
  • Pro: LoginScanners now work without a database.
  • Pro: Errant logging messages are no longer displayed when sending e-mails through social engineering campaigns.
  • Pro: During the credentials rework that was released in 4.11.0 (update 20141213), some modules were not converted to create new style credentials. The team will continue to convert the remaining modules to use the new methods; however, until this work is complete, a logging message will display and alert you if a module needs to be converted to use the new methods. In addition, the new format of credential data is created as much as possible within the old method now, so users should be able to use the unconverted modules without losing data.
  • Pro: The task log now displays the correct addresses when a Discovery Scan is performed with non-contiguous IP ranges.
  • Pro: Issues with logging and root-owned install directories have been fixed.
  • Pro: The Framework log now records stack traces when a module fails. Pro/Ultimate/Express/Community users will see these stack traces documented in the task log, which are intended to provide additional context to help identify the cause of a module failure.


Upgrading after December 23. 2014

If you did not update to Metasploit 4.11.0 prior to December 23, 2014, you will need to read this handy blog from erayymz to learn how to successfully update your Metasploit instance: HOTFIX: Metasploit Startup Issues After Upgrading to 4.11.0 (Update 2014122301). The standard method that you use to update Metasploit will not work if you are updating after December 23, so it is critical that you update Metasploit using the steps outlined in the blog.

How to Upgrade

To upgrade Metasploit Pro, go to the Administration menu and select the Software Updates option. To see how to upgrade your Metasploit installation, view this video.


Version Information

PRO 4.11.0 updates to 4.11.0-2015011401

MSF3 4.11.0 updates to 4.11.0-2015011401