Metasploit 4.11.1 (Update 2015041601)

Document created by tdoan Employee on Jun 5, 2015
Version 1Show Document
  • View in full screen mode

April 16 2015

 

Summary

This week's release includes 7 exploitation modules and 6 auxiliary and post-exploitation modules.


New Modules

Exploit modules

Auxiliary and Post-Exploitation Modules

Notable Fixes and Changes

  • PR #3950: Enables chaining of multple encoders in msfconsole.
  • PR #4471: Fixes recog not loading when you use ms08-067 with msfcli in Kali.
  • PR #4722: Adds additional timing options to snmp login scanner.
  • PR #4784: Adds JBoss Seam 2 upload and exceute module.
  • PR #4924: Adds multi ncc ping command injection.
  • PR #5002: Adds RMI/JMX improvements.
  • PR #5015: Adds Directory Traversal for RIPS scanner.
  • PR #5023: Adds support for IE11 for fingerprint_user_agent. Fixes #4986.
  • PR #5032: Adds support for stageless Meterpreter in x64.
  • PR #5039: Adds Webdorado gallery wd 1.2.5 unauthenticated error-based SQL injection scanner.
  • PR #5046: Overhauls Meterpreter's transport mechanism to allow host swapping.
  • PR #5050: Adds CVE-2015-2284: Solarwinds Firewall Security Manager 6.6.5 Session Handling Vulnerability
  • PR #5051: Updates the mssql_enum_domain_accounts_sqli Module.
  • PR #5054: Adds a module for R7-2015-05
  • PR #5061: Adds SSH root password 'arcsight' for HP ArcSight Logger.
  • PR #5058: Adds workspace saving to msfconsole's 'save' command.
  • PR #5065: Fixes build and missing uri_checksum.
  • PR #5067: Adds standalone tool for jsobfu.
  • PR #5072: Adds support for payload UUIDs.
  • PR #5081: Enables cert hash switching.
  • PR #5082: Adds browser_autopwn info to firefox_proxy_prototype.
  • PR #5083: Adds format options prompt to the workspace.
  • PR #5088: Fixes -i in connect command.
  • PR #5095: Adds support for stageless reverse HTTP payloads.
  • PR #5097: Fixes UUID namespace issues.
  • PR #5101: Adds a directory traversal module for GoAhead Web Server.
  • PR #5105: Adds an exploit for ARRIS/Motorola SURFBoard devices.
  • PR #5109: Adds the 'all' option for uictl.
  • PR #5112: Adds login module for updated Nessus REST API.
  • PR #5113: Fixed IPv6 issues in staged and stageles payloads.
  • PR #5115: Adds support for the -R switch for the vulns command.
  • PR #5117: Sets the default postgres version for Travis to 9.3.
  • PR #5118: Fixed a stack trace for Meterpreter 64 bit.
  • PR #5119: Adds Mac OSX "Rootpipe" privilege escalation exploit.
  • PR #5120: Adds a module for the Adobe flash casi32 integer overflow (CVE-2014-0569).
  • PR #5121: Fixes timestom arg parsing.
  • PR #5122: Ensures local variable 'upload_path' is defined.
  • PR #5126: Fixes Meterpreter's edit command when it's used on non-existent files.
  • PR #5127: Adds prepend syscall stubs for x64 OS X payloads
  • PR #5129: Added prepend syscall stubs for x64 BSD payloads
  • PR #5130: Adds the WordPress WorkTheFlow Upload module.
  • PR #5139: Avoids generating labels with '..' in them with Metasm.
  • PR #5148: Replaces bsd x86 exec payload and DRY up osx/bsd code.
  • PR #5150: Adds MS15-034 (CVE-2015-1635) https.sys Request Handling Denial-of-Service (and check).
  • PR #5153: Updates several gem versions and how they are loaded
  • PR #5161: Fixes ms12_020_check to record vulnerable hosts
  • Pro: The RPC API now works when specifying multiple exploits.
  • Pro: Objects are now being created when sessions were opened while the module cache was being populated.
  • Pro: Collecting loot from a session on a compromised system no longer results in a stack trace.
  • Pro:  Social engineering campaigns now use custom SSL certificates.
  • Pro: The "Import credentials from a file" option on the Bruteforce workflow has been renamed to "Import credential pairs".
  • Pro: Notes added via console now display properly in the web interface.
  • Pro: CSRF tokens are now respected on login pages. Users are disabled for ten minutes after five failed logins. Thank you to Mohamed Abdelbaset Elnoby, an Information Security Evangelist, for bringing this issue to our attention. We apprecite it!

Upgrading after December 23. 2014If you did not update to Metasploit 4.11.0 prior to December 23, 2014, you will need to read this handy blog from Eray Yilmaz to learn how to successfully update your Metasploit instance: HOTFIX: Metasploit Startup Issues After Upgrading to 4.11.0 (Update 2014122301). The standard method that you use to update Metasploit will not work if you are updating after December 23, so it is critical that you update Metasploit using the steps outlined in the blog.How to UpgradeTo upgrade Metasploit Pro, go to the Administration menu and select the Software Updates option. To see how to upgrade your Metasploit installation, view this video.Version Information

  • PRO 4.11.1 updates to 4.11.1-2015041601
  • MSF3 4.11.1 updates to 4.11.1-2015041601

Attachments

    Outcomes