Metasploit 4.11.1 (Update 2015021201)

Document created by tdoan Employee on Feb 4, 2015Last modified by tdoan Employee on Oct 7, 2016
Version 3Show Document
  • View in full screen mode



This week's release updates Metasploit to version 4.11.1, which includes the following new features and modules.

Pause and Resume Credentials Reuse Tasks (PRO/ULTIMATE ONLY)

You can now pause and resume a Credentials Reuse task. This very useful enhancement enables you to stop a Credentials Reuse task while it's running and continue it at a later time. All the current stats and data is saved so that you don't have to restart the task completely. Bonkers right?


Ruby 2.1.5

Remember back in November when we announced that Ruby 1.9.3 will reach end of life by February 2015? Well, the time has arrived. Ruby 1.9.3 has been updated to 2.1.5. For more information on the Ruby upgrade and to see how it affects you, see Tod Beardsley's awesome post Metasploit Weekly Wrapup: New Rubies!

New Modules for Everyone

This week's release contains 1 new exploit module and 6 new auxiliary and post-exploitation modules.

Exploit Modules



Auxiliary and Post-Exploitation Modules



Notable Fixes and Changes

    • PR #4388: Added Kerberos Golden Ticket module

    • PR #4392: Added a post module to enumerate AD users

    • PR #4601: Added a CLI tool to look up MD5 hashes, saving cracking time

    • PR #4642: Fixed blank username direct search for creds -u command

    • PR #4643: Fixed a bug where blank usernames could cause stack traces

    • PR #4645: Added a RubyGems API key stealer

    • PR #4647: Fixed BrowserExploitServer's get_module_resource nil error

    • PR #4648: Fixed security issue with YAML parsing target (untrusted) data (vuln never shipped in binary installers)

    • PR #4652: Updated SVG exploit for CVE-2013-2551 to use BrowserExploitServer

    • PR #4655: Added a custom 404 option to BrowserExploitServer

    • PR #4658: Added module for ManageEngine arbitrary file download module, 2014-7863

    • PR #4659: Added a module for ManageEngine directory listing, CVE-2014-7863

    • PR #4660: Enabled a check() for mssql_payload

    • PR #4663: Changed msfvenom -l output to stdout, rather than stderr

    • PR #4666: Improved meterpreter file upload command

    • PR #4673: Fixed screenshot -v command

    • PR #4674: Added ability of msfconsole to read stdin as '-'

    • PR #4675: Added Wordpress XML-RPC GHOST scanner for CVE-2015-0235

    • PR #4683: Added Struts 1 support for struts_code_exec_classloader for CVE-2014-0114

    • PR #4692: Added exploit for MS15-004, TsWbPrxy.exe exploit

    • PR #4701: Fixed slow search error

    • PR #4704: Added Asterisk 1.8 support for IAX2 stack

    • Pro: Ruby 1.9.3 has been upgraded to Ruby 2.1.5.
    • Pro: The ability to pause and resume a Credentials Reuse task has been added.
    • Pro: All tables now use the Carpenter JavaScript library.
    • Pro: Due to how Rails manages tokens, it was possible for an attacker with a man in the middle stance to steal and replay a session token to log back in to the web interface.  Now, when a user logs in or logs out of the web interface, the user's previous session token will be now be invalidated, which will prevent the old token from being replayed. Thank you Abhinav Mishra for discovering and helping us resolve this issue.
    • Pro: The social engineering feature will no longer be available after the free Pro trial expires.
    • Pro: Exception pushes from the Vulnerability Validation Wizard to Nexpose now work as expected.
    • Pro: The Rapid7 EULA has been updated.


Updating from the Web Interface


If you are updating Metasploit from the web interface, the interface may appear to freeze or take a long time to complete.  If the update takes longer than 5 minutes, you must restart your web browser and log in to Metasploit again. If you are able to log in, the update was able to successfully complete.

Upgrading after December 23. 2014

If you did not update to Metasploit 4.11.0 prior to December 23, 2014, you will need to read this handy blog from erayymz to learn how to successfully update your Metasploit instance: HOTFIX: Metasploit Startup Issues After Upgrading to 4.11.0 (Update 2014122301). The standard method that you use to update Metasploit will not work if you are updating after December 23, so it is critical that you update Metasploit using the steps outlined in the blog.

How to Upgrade

To upgrade Metasploit Pro, go to the Administration menu and select the Software Updates option. To see how to upgrade your Metasploit installation, view this video.


Version Information

PRO 4.11.0 updates to 4.11.1-2015021201

MSF3 4.11.0 updates to 4.11.1-2015021201