Metasploit 4.11.7 (Update 2016041901)

Document created by tdoan Employee on Apr 19, 2016Last modified by tdoan Employee on Oct 7, 2016
Version 3Show Document
  • View in full screen mode



  • Escalate privileges on Exim versions before 4.86.2.
  • OpenVas and Burp files import into the correct workspace.
  • JCL payloads are available for z/OS.


Bugs Fixed


  • OpenVas and Burp import issues (PR-6750, MS-247) - Data imported from OpenVas and Burp was displaying in the default workspace instead of the correct workspace. This fix imports the data into the specified workspace.
  • Nexpose import issues (MS-1335) - When corresponding module information was not available for an exploit during a Nexpose import, a stack trace occurred. This fix adds a useful error message when module details are not available.
  • Autoadd feature added incorrect routes (PR-6780) - The autoadd feature that is available in the autoroute post-exploitation module was adding invalid routes. This fix removes the routing check that causes the issue, and the autoadd feature now searches for valid subnets and routes them correctly.
  • UAC check for Windows 10 (PR-6776) - An outdated regex prevented the UAC check for Windows 10 from working. This fix adds the ability to check for Windows 10.
  • Importing large sites into a project (MS-1381) - You can import sites that contain up to 2,000 assets into a project for testing and analysis.


Features and Enhancements


  • JCL payloads for z/OS (PR-6717, PR-6737) - Two new payloads are available for z/OS mainframes: a generic cmd payload and reverse shell payload.
  • Advanced and evasion options display in a table (PR-6752) - Advanced and evasion options previously displayed as a long scroll of text. Now, they display in a table, which makes it easier to view and read from the console.


Exploits Added



Offline Update File


To download the offline file for this update, go to bin.


Version Information


PRO 4.11.7 updates to 4.11.7-2016041901