This week's release includes 3 exploit modules and 1 auxiliary and post-exploitation modules.
- ManageEngine ServiceDesk Plus Arbitrary File Upload by Pedro Ribeiro exploits ZDI-15-396
- Watermark Master Buffer Overflow (SEH) by Andrew Smith and metacom exploits CVE-2013-6935
- HP SiteScope DNS Tool Command Injection by Charles Riggs, Juan Vazquez, and Kirk Hayes
Auxiliary and Post-Exploitation Modules
- ManageEngine ServiceDesk Plus Path Traversal by xistence
Notable Fixes and Changes
- PR #5842: Added an exploit for Watermark Master files (CVE 2013-6935)
- PR #5948: Added support for upgrading PowerShell sessions to Meterpreter
- PR #5995: Exposed advanced SMB options for login scanners
- PR #6012: Exposed SSLVerifyMode and SSLCipher in exploit modules; expanded SSLVersion to include TLS1.1, TLS1.2, and autonegotion modes: TLS and SSL23
- PR #6014: Added support for TCP advanced options for loginscanner modules
- PR #6026: Added support for NewClass elements on Rex::Java::Serialization
- PR #6038: Added a module for ManageEngine ServiceDesk Plus arbitrary file upload
- PR #6039: Fixed error handling in mssql_idf module
- PR #6044: Added a module for ManageEngine ServiceDesk Plus arbitrary file download
- PR #6046: Fixed bugs in drupal_views_user_enum
- PR #6048: Added ability to log the URI and User-Agent fields for rejected HTTP handler staging requests PR #6051: Fixed bug in 64-bit Linux staged shells
- PR #6052: Organized the tools directory by category (https://community.rapid7.com/community/metasploit/blog/2015/10/08/metasploit-fra mework-tools-reorg)
- PR #6055: Added a 'quiet' -q option for msfd to disable the banner (#5770)
- PR #6065: Added SRVHOST tab completion
- PR #6069: Fixed issues with modules not handling EOF errors on TCP sockets
- PR #6071: Added an exploit for HP SiteScope command execution (R7-2015-17)
- PR #6072: Fixed an issue handling segmented TCP responses with Java RMI scanner (#6050)
- Pro: MSP-13302: The search field on the Nexpose scan page now supports spaces.
- Pro: MSP-13294: The "Include charts" option is enabled for all report types that display charts and graphs.
- Pro: MSP-13186: Post-exploitation tasks can be performed on projects that enforce network range restrictions.
- Pro:MSP-13290: Clicking on the "Last" button displays the last page of results for a table.
Upgrading after December 23, 2014
If you did not update to Metasploit 4.11.0 prior to December 23, 2014, you will need to read this handy blog from Eray Yilmaz to learn how to successfully update your Metasploit instance: HOTFIX: Metasploit Startup Issues After Upgrading to 4.11.0 (Update 2014122301). The standard method that you use to update Metasploit will not work if you are updating after December 23, so it is critical that you update Metasploit using the steps outlined in the blog.
How to Upgrade
To upgrade Metasploit Pro, go to the Administration menu and select the Software Updates option. To see how to upgrade your Metasploit installation, view this video.
PRO 4.11.4 updates to 4.11.4-20150101401