The Hacker News Logo
Subscribe to Newsletter

Metasploit Framework v3.5.1 Updated Version Download !

Our favourite exploitation framework – The Metasploit Framework has been updated! We now have Metasploit version 3.5.1!


“The Metasploit Framework is a penetration testing toolkit, exploit development platform, and research tool. The framework includes hundreds of working remote exploits for a variety of platforms. Payloads, encoders, and nop slide generators can be mixed and matched with exploit modules to solve almost any exploit-related task.“

This is the release log:
Statistics:
  • Metasploit now ships with 635 exploit modules and 313 auxiliary modules.
  • 47 new modules have been added since the last point release.
  • 45 tickets were closed and 573 commits were made since the last point release
  • Metasploit is still about twice the size of the nearest Ruby application according to Ohloh.net (~500K lines of Ruby)
New Modules:
New Exploits and Auxiliaries
  • Cisco Device HTTP Device Manager Access
  • Cisco IOS HTTP Unauthorized Administrative Access
  • Cisco IOS SNMP Configuration Grabber
  • SNMP Community Scanner
  • Exim4 <= 4.69 string_format Function Heap Buffer Overflow
  • Metasploit Web Crawler
  • Microsoft IIS 6.0 ASP Stack Exhaustion Denial of Service
  • HTTP Form field fuzzer
  • Adobe XML External Entity Injection
  • SAP BusinessObjects Version Detection
  • SAP BusinessObjects User Enumeration
  • Web Site Crawler
  • SAP BusinessObjects Web User Bruteforcer
  • SAP BusinessObjects User Bruteforcer
  • VNC Authentication Scanner
  • SSDP M-SEARCH Gateway Information Discovery
  • rexec Authentication Scanner
  • rlogin Authentication Scanner
  • rsh Authentication Scanner
  • ProFTPD 1.3.2rc3 – 1.3.3b Telnet IAC Buffer Overflow
  • ProFTPD-1.3.3c Backdoor Command Execution
  • CakePHP <= 1.3.5 / 1.2.8 Cache Corruption Exploit
  • Oracle VM Server Virtual Server Agent Command Injection
  • Trixbox langChoice PHP Local File Inclusion
  • NetWare 6.5 SunRPC Portmapper CALLIT Stack Buffer Overflow
  • ProFTPD 1.3.2rc3 – 1.3.3b Telnet IAC Buffer Overflow
  • FreeNAS exec_raw.php Arbitrary Command Execution
  • Axis2/SAP BusinessObjects Authenticated Code Execution
  • Axis2 / SAP BusinessObjects dswsbobje Upload Exec
  • ColdFusion 8.0.1 Arbitrary File Upload and Execute
  • Webster HTTP Server GET Buffer Overflow
  • Network Associates PGP KeyServer 7 LDAP Buffer Overflow
  • Internet Explorer CSS SetUserClip Memory Corruption
  • Sun Java Web Start BasicServiceImpl Remote Code Execution Exploit
  • Adobe Shockwave rcsL Memory Corruption
  • EnjoySAP SAP GUI ActiveX Control Arbitrary File Download
  • Sun Java Runtime New Plugin docbase Buffer Overflow
  • MOXA MediaDBPlayback ActiveX Control Buffer Overflow
  • BACnet OPC Client Buffer Overflow
  • Foxit PDF Reader v4.1.1 Title Stack Buffer Overflow
  • Xion Audio Player 1.0.126 Unicode Stack Buffer Overflow
  • Adobe Flash Player “Button” Remote Code Execution
  • CitectSCADA/CitectFacilities ODBC Buffer Overflow
  • MOXA Device Manager Tool 2.1 Buffer Overflow
  • DATAC RealWin SCADA Server SCPC_TXTEVENT Buffer Overflow
  • CA BrightStor ARCserve for Laptops & Desktops LGServer (rxsSetDataGrowthScheduleAndFilter) Buffer Overflow
  • CA BrightStor ARCserve for Laptops & Desktops LGServer Multiple Commands Buffer Overflow
New Scripts:
  • Meterpreter Script for managing Windows Services
  • Smart Locker Meterpreter Script
  • Meterpreter Script for recording in intervals the sound capture by a target host microphone
  • Schelevator — Exploit for Windows Vista/7/2008 Task Scheduler 2.0 Privilege Escalation
  • Meterpreter Script for injecting a Reverse TCP Meterpreter Payload
  • Webcam — view webcam over session
  • Screenspy v1.0
  • Meterpreter Script for Windows Event Log Query and Clear.
Framework Changes:
Java Exploitation:
  • Make java_signed_applet work with generic java payloads, but keep the default tar… (r11172)
  • Add rjb signing back in to java_signed_applet (r11186)
  • Add ability to drop an executable from the jar. (r10973)
  • Update documentation for executable dropper, thanks mihi (r11105)
Post-Exploitation:
  • Scripts are now checking for the Meterpreter Platform (r10813, others)
  • Full re-write of packetrecorder script (r10860)
  • Merge webcam extension into stdapi. (r10997)
  • Only load priv on win32/win64 sessions (r10984)
  • Add functional in-memory webcam support. (r10954)
  • Add service option to persistence to keep escalated privileges through a reboot. (r10847)
  • Add audio (microphone) recording support to stdapi. (r11087)
Bruteforce Capabilities:
  • Super-duper rservices commit (r11106)
  • Big VNC update (r11033)
  • Allow for blank FTP usernames. (r10834)
  • Add xampp default user/pass (r10936)
Import / Export / Integration Capabilities:
  • Merge in nCircle support (r10902)
  • Added the “pwdump” format to db_export. (r10862)
  • Updates to Nessus plugin (r11017)
  • Added the ability to export hashes for John the Ripper (#3104)
Web Crawling:
  • New web crawler module (r10924, r11022)
  • Moved Wmap crawler into a module
  • Add the crawler mixin and a sample form extractor crawler (r11025)
  • Move the crawler mixin to an auxiliary (r11026)
General Updates & Changes:
  • Added PacketFu library
  • Properly show compatible payloads. Important for cross-platform exploits. (r10870)
  • Fixed problem when running cmd_exec in PHP Meterpreter on Linux (r10850)
  • MsfGui now starts a RPC daemon properly in windows (#3047)
  • MsfGui can now browse drives other than “C:” during post-exploitation (#3290)
  • Support browsers other than firefox when it is necessary to open a browser (#3059)
  • Added an Auth’d login capability in smtp_deliver.rb (#3072)
  • Added a standard ‘msfupdate’ script and add to the root of SVN tree (#613)
  • Added Adodb-based cmd stager (#1431)
  • Modified database migrations to play nice with MySQL (#2976)
  • Test modules are now moved out of the normal exploit tree (up a directory) (2981)
  • Java_signed_applet now has an up-to-date cert (#3015)
  • Resolved a hang with multi-threaded meterpreter scripts (#3036, #3111)
  • Standardized “Host Unreachable” vs “Port in Use” errors across platforms (#3206)
  • ‘search -o’ now filters properly in msfconsole (#3306)
  • Pivoted sessions now allow a report_host call without an exception (#3049)
  • db_nmap‘ now works from MSFGUI on Windows (#3297)
  • Resolved a bug in ssdp_msearch (#3146)
  • Resolved an issue with meterpreter recursive download (#3110)
  • Resolved an issue with HTTP 100 continue responses (#3109)
  • Added wow64 detection to rex (r11256)
  • Added a nexpose rpc sample & update the discover sample (r11181)
  • add a mixin for pdf gen, see (r11092 / #2841)
Known issues:
  • Bug #3020 (Resolved) msfirb.bat does not support backspace on win32
  • Bug #3225 Ctrl-C can sometimes kill Console2 (win32)
This minor version release adds 47 new modules, including exploit covereage for recent bugs in the news: Exim4, Internet Explorer, and ProFTPd. Java payloads have seen significant improvement and java_signed_applet can now use them for complete cross-platform no-exploit-required pwnage! Eight new meterpreter scripts were added, including smartlocker and schelevator, an exploit for the 0-day privilege escalation used by Stuxnet. PCAP support has been added to db_import allowing you to pull in hosts and services without sending a single packet.
Download Metasploit Framework v3.5.1 here.

Have something to say about this article? Comment below or share it with us on Facebook, Twitter or our LinkedIn Group.
SHARE
Comments
Latest Stories
Best Deals

Newsletter — Subscribe for Free

Join over 500,000 information security professionals — Get the best of our cyber security coverage delivered to your inbox every morning.