This week's release includes 3 exploit modules and 5 auxiliary and post-exploitation modules.
- D-Link Cookie Command Execution by Michael Messner and Peter Adkins
- SysAid Help Desk Administrator Portal Arbitrary File Upload by Pedro Ribeiro exploits CVE-2015-2994
- SysAid Help Desk 'rdslogs' Arbitrary File Upload by Pedro Ribeiro exploits CVE-2015-2995
Auxiliary and Post-Exploitation Modules
- SysAid Help Desk Administrator Account Creation by Pedro Ribeiro exploits CVE-2015-2993
- SysAid Help Desk Arbitrary File Download by Pedro Ribeiro exploits CVE-2015-2997
- SysAid Help Desk Database Credentials Disclosure by Pedro Ribeiro exploits CVE-2015-2998
- HTTP Client Automatic Exploiter 2 (Browser Autopwn) by sinn3r
- Windows Post Kill Antivirus and Hips by Jerome Athias, Marc-Andre Meloche (MadmanTM), Nikhil Mittal (Samratashok), and OJ Reeves
Notable Fixes and Changes
- PR #5470: Added sysaid_admin_acct module
- PR #5471: Added sysaid_auth_file_upload module
- PR #5472: Added sysaid_file_download module
- PR #5473: Added sysaid_rdslogs_file_upload module
- PR #5474: Added sysaid_sql_creds module
- PR #5533: Added dlink_dspw110_cookie_noauth_exec module
- PR #5650: Added Browser Autopwn 2
- PR #5706: Added file output for Kiwi creds_* commands
- PR #5730: Converted killav script to a post module
- PR #5732: Improved reliability of adobe_flash_hacking_team_uaf module
- PR #5742: Improved coverage of adobe_flash_opaque_background_uaf module
- Pro: Clicking on the 'Looted' or 'Cracked' badge for a host will now display the single host page.
- Pro: Credentials can now be sorted by type on the Credentials Management page.
- Pro: Discovery scans now skip hosts whose dns are unresolved. They are logged in the task log, and the scan continues.
- Pro: The titles on the MetaModules Findings page are now properly aligned and sized.
- Pro: The titles on the Vulnerability Validation Findings page are now properly aligned and sized.
- Pro: Switching between tabs on the MetaModule and Wizard configuration pages no longer results in a progress bar displaying over the tabs.
- Pro: Uploading a file via a session no longer results in a routing error.
- Pro: Social engineering campaigns no longer enforce a maximum SSL version.
Upgrading after December 23, 2014
If you did not update to Metasploit 4.11.0 prior to December 23, 2014, you will need to read this handy blog from Eray Yilmaz to learn how to successfully update your Metasploit instance: HOTFIX: Metasploit Startup Issues After Upgrading to 4.11.0 (Update 2014122301). The standard method that you use to update Metasploit will not work if you are updating after December 23, so it is critical that you update Metasploit using the steps outlined in the blog.
How to Upgrade
To upgrade Metasploit Pro, go to the Administration menu and select the Software Updates option. To see how to upgrade your Metasploit installation, view this video.
PRO 4.11.4 updates to 4.11.4-2015072001