Metasploit 4.11.5 (Update 2016010401)

Document created by tdoan Employee on Jan 5, 2016Last modified by tdoan Employee on Oct 7, 2016
Version 2Show Document
  • View in full screen mode

New Modules


Exploit modules



Auxiliary and Post-Exploitation Modules



Notable Fixes and Changes


  • PR #6111: Added Android geo/cell interval collection
  • PR #6408: Added JSON output for the info command
  • PR #6356: Added NTDS.DIT location finder
  • PR #6319: Added Redis file upload exploit
  • PR #6237: Added Android stock browser DoS module
  • PR #6179: Added NTP "NAK to the Future" auxiliary module
  • PR #6292: Added z/OS reverse shell payload
  • PR #6367: Added Windows Media Center MCL information disclosure
  • PR #6355: Added Joomla HTTP header exploit
  • PR #6373: Added Joomla mixin
  • Pro: MS-735: The application will no longer display an error when you attempt to import a target list that contains duplicate email addresses. Instead, the application will import the last entry in the CSV file for the duplicate email address.


Offline Update File


To download the offline file for this update, go to bin.


Upgrading after December 23, 2014


If you did not update to Metasploit 4.11.0 prior to December 23, 2014, you will need to read this handy blog from Eray Yilmaz to learn how to successfully update your Metasploit instance: HOTFIX: Metasploit Startup Issues After Upgrading to 4.11.0 (Update 2014122301). The standard method that you use to update Metasploit will not work if you are updating after December 23, so it is critical that you update Metasploit using the steps outlined in the blog.


How to Upgrade


To upgrade Metasploit Pro, go to the Administration menu and select the Software Updates option. To see how to upgrade your Metasploit installation, view this video.


Version Information


PRO 4.11.5 updates to 4.11.5-2016010401