This week's release includes 4 exploit modules and 1 auxiliary module.
- Advantech Switch Bash Environment Variable Code Injection (Shellshock) by hdm exploits CVE-2014-6271
- Atlassian HipChat for Jira Plugin Velocity Template Injection by sinn3r and Chris Wood exploits CVE-2015-5603
- Oracle BeeHive 2 voice-servlet processEvaluation() Vulnerability by sinn3r, 1c239c43f521145fa8385d64a9c32243, and mr_me exploits ZDI-11-020
- Oracle BeeHive 2 voice-servlet prepareAudioToPlay() Arbitrary File Upload by sinn3r and mr_me exploits ZDI-15-550
- Limesurvey Unauthenticated File Download by Christian Mehlmauer and Pichaya Morimoto
Notable Fixes and Changes
- PR #6176: Fixed the 64-bit Windows Loadlibrary payload
- PR #6223: Added an exploit for Oracle Beehive prepareAudioToPlay
- PR #6238: Added path and file options to the Bourne CmdStager for better obfuscation
- PR #6255: Added an exploit for the Atlassian HipChat JIRA plugin
- PR #6280: Added an exploit for the Oracle Beehive processEvaluation Vulnerability
- PR #6286: Enhanced the 'jobs' command to show a bind port when applicable
- PR #6291: Fixed a boolean confusion with the DisablePayloadHandler parameter
- PR #6293: Enhanced reverse_http payloads to display the ReverseListenerBindPort if it is used
- PR #6298: Added a shellshock exploit for Avantech switches, updated shellshock modules
- PR #6299: Added stageless HTTP/S support for Python Meterpreter
- PR #6301: Removed the go_pro command from Kali 2.0
- PR #6302: Added an aux module for Limesurvey File Download
- Pro: MS-698: When you go to generate the Social Engineering report, you'll see a new option called "Replace e-mail addresses with target IDs." This option enables you to use the target ID to mask the e-mail addresses in the report.
- Pro: MS-849: PowerShell payloads now open sessions as expected on Linux systems when using the reverse or auto-connection type. The order in which payloads run have been modified to fix this issue.
Upgrading after December 23, 2014
If you did not update to Metasploit 4.11.0 prior to December 23, 2014, you will need to read this handy blog from Eray Yilmaz to learn how to successfully update your Metasploit instance: HOTFIX: Metasploit Startup Issues After Upgrading to 4.11.0 (Update 2014122301). The standard method that you use to update Metasploit will not work if you are updating after December 23, so it is critical that you update Metasploit using the steps outlined in the blog.
How to Upgrade
To upgrade Metasploit Pro, go to the Administration menu and select the Software Updates option. To see how to upgrade your Metasploit installation, view this video.
PRO 4.11.5 updates to 4.11.5-20150120901