Metasploit 4.10.2 (Update 2014120301)

Document created by tdoan Employee on Dec 1, 2014Last modified by tdoan Employee on Oct 7, 2016
Version 2Show Document
  • View in full screen mode


This weekly update contains two new exploit modules and six new auxiliary and post-exploitation modules.

Exploit modules


Auxiliary and post modules


Notable Fixes and Changes

#4235: New exploit for Hikvision unpatched issue

#4239: Support intermediate SSL certs (issue #4238)

#4173: Fixed SMB search ID (issue #4119)

#4247: Fixed SSL certs to match "snakeoil" defaults

#4251: Fixed RPC call error (issue #4244)

#4267: Fixed vmware mount root exploit (issue #4266)

#4265: Fixed UDP RPORT problem (issue MSP-11652)

#4264: reload_all now warns of badly formatted modules (issue #4260)

#4268: Added shellcode to format all Windows drives >:)

#4255: Added module for IE "unicorn" bug, CVE-2014-6332

#4233: Fixed PowerShell LMHash corruption bug

#4252: Various Meterpreter SSL updates and fixes

#4263: Added an OSX Mavericks local root exploit (CVE-2014-4404)

#4269: ArchAssult packaging for Metasploit remains broken (won't fix)

#4284: Typo fix for IE "unicorn" bug module

Pro: Running a Discovery Scan no longer results in the "Msf::OptionValidateError: The following options failed to validate: RPORT" error. All discovery scans now successfully perform UDP scans.

Pro: The New Service modal now closes after a service is added from the host details page.

Pro: The user interface now uses consistent naming for "Private", "Public", and "Realm" labels.

Pro: Navigating between the Exploit Attempts and the Available Modules tabs from the vulnerability details page no longer results in the DataTables warning.


How to Upgrade

To upgrade Metasploit Pro, go to the Administration menu and choose the Software Updates option. To see how to upgrade your Metasploit installation, view this video.


Version Information

PRO 4.10.1 updates to 4.10.2-2014120301

MSF3 4.10.1 updates to 4.10.2-2014120301