Metasploit 4.11.1 (Update 2015022301)

Document created by tdoan Employee on Feb 24, 2015
Version 1Show Document
  • View in full screen mode

Summary

 

This week's release includes 4 exploitation modules and 3 auxiliary and post-exploitation modules.


New Modules


Exploit Modules

 

 

Auxiliary and Post-Exploitation Modules


 

Notable Fixes and Changes

 

 

  • #1396: Added http_proxy_pstore stager from @somename11111
  • #3650: Added the last Meterpreter script ever (image saving from the target)
  • #4706: Added NTLMSSP support for smb_relay
  • #4769: Added a module for Wordpress holding-pattern theme
  • #4770: Added a module for Wordpress Ultimate CSV Importer
  • #4781: Fixed the resolve_sid failure when enumerating user profiles (7 days ago)
  • #4787: Added new Zabbix and Chef LoginScanners
  • #4788: Added support for new versions for splunk_web_login
  • #4790: Added a method for injecting code into eval-based Javascript unpackers
  • #4795: Updated f5_bigip_cookie_disclosure
  • #4801: Added a module for QConvergeConsole Tomcat creds
  • #4804: Added a module for HP Client Automation Command Injection
  • #4808: Addeed a generic Wordpress plugin upload module
  • #4819: Normalized HTTP LoginScanner modules
  • #4824: Handle ICMP "protocol not available" errors as connection errors
  • #4813: Fixed a bug with print_* in LoginScanners
  • Pro: The Payload Generator now respects the "Preserve original functionality" option.
  • Pro: The Passive Network Discovery Findings now shows the correct count for the Hosts Found stat.
  • Pro: A host can no longer have two services with the same port and protocol.


Upgrading after December 23. 2014


If you did not update to Metasploit 4.11.0 prior to December 23, 2014, you will need to read this handy blog from erayymz to learn how to successfully update your Metasploit instance: HOTFIX: Metasploit Startup Issues After Upgrading to 4.11.0 (Update 2014122301). The standard method that you use to update Metasploit will not work if you are updating after December 23, so it is critical that you update Metasploit using the steps outlined in the blog.


How to Upgrade


To upgrade Metasploit Pro, go to the Administration menu and select the Software Updates option. To see how to upgrade your Metasploit installation, view this video.

 

Version Information


PRO 4.11.1 updates to 4.11.1-2015022301

MSF3 4.11.1 updates to 4.11.1-2015022301


Attachments

    Outcomes