This week's release includes 4 exploit modules and 3 auxiliary and post-exploitation modules.
- w3tw0rk / Pitbul IRC Bot Remote Code Execution by Jay Turla exploits OSVDB-120384
- Konica Minolta FTP Utility 1.00 Post Auth CWD Command SEH Overflow by Muhamad Fadzil Ramli and Shankar Damodaran
- ManageEngine OpManager Remote Code Execution by xistence
- MS15-078 Microsoft Windows Font Driver Buffer Overflow by juan vazquez, Cedric Halbronn, Eugene Ching, and Mateusz Jurczyk exploits CVE-2015-2433
Auxiliary and Post-Exploitation Modules
- Portmapper Amplification Scanner by xistence
- SMB Group Policy Preference Saved Passwords Enumeration by Joshua D. Abraham
- Android Mercury Browser Intent URI Scheme and Directory Traversal Vulnerability by sinn3r, joev, and rotlogix
Notable Fixes and Changes
- PR #5882: Added an exploit for Konica Minolta FTP Utility 1.00 CWD SEH overflow
- PR #5889: Updated metasm to the latest upstream (adds aarch64 support among other improvements)
- PR #5893: Added w3tw0rk/Pitbul RCE module
- PR #5905: Added support for importing newer OpenVAS formats
- PR #5930: Added an exploit for MS15-078
- PR #5943: Improved reliability and efficiency of the poisonivy_bof exploit module
- PR #5960: Added a tool for extracting Microsoft Update (MSU) files from patches for analysis
- PR #5972: Added a portmapper amplification scanner
- PR #5980: Added an exploit for ManageEngine OpManager (remote code execution)
- PR #5984: Added a module for exploiting unsafe directory traversal in Android Mercury Browser 2.3.2
- PR #5985: Fixed serialization of host IP addresses in db_import / export
- Pro: MSP-13305: Sessions can now be opened using payloads that use dynamic stagers.
- Pro: MSP-13295: The "Add Login" modal now displays hosts correctly.
- Pro: MSP-13261: You can now sort actions by the timestamp from the single vulnerability view.
- Pro: MSP-13200: The Audit and Credential reports now display charts as expected.
Upgrading after December 23, 2014
If you did not update to Metasploit 4.11.0 prior to December 23, 2014, you will need to read this handy blog from Eray Yilmaz to learn how to successfully update your Metasploit instance: HOTFIX: Metasploit Startup Issues After Upgrading to 4.11.0 (Update 2014122301). The standard method that you use to update Metasploit will not work if you are updating after December 23, so it is critical that you update Metasploit using the steps outlined in the blog.
How to Upgrade
To upgrade Metasploit Pro, go to the Administration menu and select the Software Updates option. To see how to upgrade your Metasploit installation, view this video.
PRO 4.11.4 updates to 4.11.4-2015092301