This week's release includes 2 exploit modules and 3 auxiliary and post-exploitation modules.
Auxiliary and Post-Exploitation Modules
- MS15-034 HTTP Protocol Stack Request Handling HTTP.SYS Memory Information Disclosure by sinn3r and Rich Whitcroft exploits CVE-2015-1635
- Windows Domain Controller Hashdump by theLightCosine
Notable Fixes and Changes
- PR #5348: Added Meterpreter support for parsing NT Directory Service (NTDS) databases
PR #5466: Added exploit for CVE-2015-1701
PR #5497: Improved SNMP login scanner to be much faster and correct
PR #5529: Added Windows 2003 SP1 & SP2 French targets for MS08-067
PR #5539: Fixed Quake scanner to properly report the service
PR #5543: Added transport delete command to Meterpreter
PR #5544: Updated support for the SSL Labs API
PR #5547: Added configurable Meterpreter session timeout
PR #5554: Improved the Windows local persistence module
PR #5555: Added support for RFB Version 4 (newer VNC servers)
PR #5559: Added exploit for Adobe Flash Player ShaderJob Buffer Overflow (CVE-2015-3090)
PR #5566: Fixed os.js service pack detection
PR #5569: Corrected service name for mssql for scanner detection
PR #5570: Removed references to the deprecated iconv gem
PR #5572: Added Edward Snowden's password to unix_passwords.txt
PR #5577: Added module to dump memory via MS15-034, HTTP.SYS Information Disclosure
PR #5583: Reenabled Android-specific Meterpreter commands
PR #5598: Fixed a bug when handling nil or short machine_ids
PR #5600: Updated session information (e.g. the User) after process migration
PR #5601: Increased the default session verification timeout to 30 seconds
PR #5595: Added support for older targets with MS15-051
PR #5585: Disabled creating the payloads.json file unless payload UUID tracking is enabled
PR #5453: Update dbvis_enum to use the new cred API
PR #5479: Updates kloxo_sqli to use the new cred API
PR #5485: updates wordpress_login_enum to use the new cred API
PR #5540: changes for multiple auxiliary modules to use the new cred API
PR #5546: Use the new cred API for auxiliary/server/capture/telnet
PR #5492: update PCAnywhere login scanner
- Pro: The web crawler no longer fails when it encounters cookies.
- Pro: Bruteforce now correctly finds and targets hosts with active MSSQL services.
Upgrading after December 23, 2014
If you did not update to Metasploit 4.11.0 prior to December 23, 2014, you will need to read this handy blog from Eray Yilmaz to learn how to successfully update your Metasploit instance: HOTFIX: Metasploit Startup Issues After Upgrading to 4.11.0 (Update 2014122301). The standard method that you use to update Metasploit will not work if you are updating after December 23, so it is critical that you update Metasploit using the steps outlined in the blog.
How to Upgrade
To upgrade Metasploit Pro, go to the Administration menu and select the Software Updates option. To see how to upgrade your Metasploit installation, view this video.
PRO 4.11.3 updates to 4.11.3-2015063001
MSF3 4.11.3 updates to 4.11.3-2015063001