Metasploit 4.11.3 (Update 2015063001)

Document created by tdoan Employee on Jul 1, 2015
Version 1Show Document
  • View in full screen mode



This week's release includes 2 exploit modules and 3 auxiliary and post-exploitation modules.

New Modules

Exploit Modules


Auxiliary and Post-Exploitation Modules


Notable Fixes and Changes


    • PR #5348: Added Meterpreter support for parsing NT Directory Service (NTDS) databases
    • PR #5466: Added exploit for CVE-2015-1701

    • PR #5497: Improved SNMP login scanner to be much faster and correct

    • PR #5529: Added Windows 2003 SP1 & SP2 French targets for MS08-067

    • PR #5539: Fixed Quake scanner to properly report the service

    • PR #5543: Added transport delete command to Meterpreter

    • PR #5544: Updated support for the SSL Labs API

    • PR #5547: Added configurable Meterpreter session timeout

    • PR #5554: Improved the Windows local persistence module

    • PR #5555: Added support for RFB Version 4 (newer VNC servers)

    • PR #5559: Added exploit for Adobe Flash Player ShaderJob Buffer Overflow (CVE-2015-3090)

    • PR #5566: Fixed os.js service pack detection

    • PR #5569: Corrected service name for mssql for scanner detection

    • PR #5570: Removed references to the deprecated iconv gem

    • PR #5572: Added Edward Snowden's password to unix_passwords.txt

    • PR #5577: Added module to dump memory via MS15-034, HTTP.SYS Information Disclosure

    • PR #5583: Reenabled Android-specific Meterpreter commands

    • PR #5598: Fixed a bug when handling nil or short machine_ids

    • PR #5600: Updated session information (e.g. the User) after process migration

    • PR #5601: Increased the default session verification timeout to 30 seconds

    • PR #5595: Added support for older targets with MS15-051

    • PR #5585: Disabled creating the payloads.json file unless payload UUID tracking is enabled

    • PR #5453: Update dbvis_enum to use the new cred API

    • PR #5479: Updates kloxo_sqli to use the new cred API

    • PR #5485: updates wordpress_login_enum to use the new cred API

    • PR #5540: changes for multiple auxiliary modules to use the new cred API

    • PR #5546: Use the new cred API for auxiliary/server/capture/telnet

    • PR #5492: update PCAnywhere login scanner

    • Pro: The web crawler no longer fails when it encounters cookies.
    • Pro: Bruteforce now correctly finds and targets hosts with active MSSQL services.

Upgrading after December 23, 2014

If you did not update to Metasploit 4.11.0 prior to December 23, 2014, you will need to read this handy blog from Eray Yilmaz to learn how to successfully update your Metasploit instance: HOTFIX: Metasploit Startup Issues After Upgrading to 4.11.0 (Update 2014122301). The standard method that you use to update Metasploit will not work if you are updating after December 23, so it is critical that you update Metasploit using the steps outlined in the blog.

How to Upgrade

To upgrade Metasploit Pro, go to the Administration menu and select the Software Updates option. To see how to upgrade your Metasploit installation, view this video.


Version Information

PRO 4.11.3 updates to 4.11.3-2015063001

MSF3 4.11.3 updates to 4.11.3-2015063001