Metasploit 4.11.4 (Update 2015102101)

Document created by tdoan Employee on Oct 20, 2015
Version 1Show Document
  • View in full screen mode

New Modules

 

This week's release includes 2 exploit modules and 2 auxiliary and post-exploitation modules.

 

Exploit modules

 

 

Auxiliary and Post-Exploitation Modules

 

 

Notable Fixes and Changes

 

  • PR #5941: Added a module for executing payloads via a virtual X11 keyboard
  • PR #5999: Added http proxy support for PowerShell web delivery
  • PR #6054: Added a module for checking if a site is vunlerable to HTTP Host header injection
  • PR #6076: Fixed a bug using 64-bit payloads for MSSQL modules
  • PR #6082: Added a directory traversal exploit for Elasticsearch 1.0.0 to 1.6.0
  • Pro: 13280: The 'Not Exploitable' status on the Vulnerabilities Details Page is now blue instead of red.
  • Pro: 13218, 13217: Minor visual tweaks to the UI that fix some CSS issues.

 

Upgrading after December 23, 2014

 

If you did not update to Metasploit 4.11.0 prior to December 23, 2014, you will need to read this handy blog from Eray Yilmaz to learn how to successfully update your Metasploit instance: HOTFIX: Metasploit Startup Issues After Upgrading to 4.11.0 (Update 2014122301). The standard method that you use to update Metasploit will not work if you are updating after December 23, so it is critical that you update Metasploit using the steps outlined in the blog.

 

How to Upgrade

 

To upgrade Metasploit Pro, go to the Administration menu and select the Software Updates option. To see how to upgrade your Metasploit installation, view this video.

 

Version Information

 

PRO 4.11.4 updates to 4.11.4-20150102101

Attachments

    Outcomes