1 min
Metasploit
Metasploit Weekly Wrap-Up 08/09/2024
Black Hat & DEF CON
Hopefully folks were able to catch our Rapid7 researchers @zeroSteiner
[http://x.com/zeroSteiner] & Jack Heysel show off the Metasploit 6.4's
features, focusing on combinations that allow for new, streamlined attack
workflows at Black Hat. If not they will also be demoing at DEF CON tomorrow in
room W304!
New module content (1)
Calibre Python Code Injection (CVE-2024-6782)
Authors: Amos Ng and Michael Heinzl
Type: Exploit
Pull request: #19357 [http://github.com/rapid7/meta
2 min
Metasploit
Metasploit Weekly Wrap-Up 08/02/2024
Metasploit goes to Hacker Summer Camp
Next week, Metasploit will have demos at both Black Hat
[http://www.blackhat.com/us-24/arsenal/schedule/index.html#the-metasploit-framework-39570]
and DEF CON [http://defcon.org/html/defcon-32/dc-32-demolabs.html#54186] where
the latest functionality from this year will be presented. The Black Hat demo
will be on Thursday the 8th from 10:10 to 11:25 and the DEF CON demo will be on
Saturday the 10th from 12:00 to 13:45.
The highlights will include demonst
3 min
Metasploit
Metasploit Weekly Wrap-Up 05/23/2024
Infiltrate the Broadcast!
A new module from Chocapikk [http://github.com/Chocapikk] allows the user to
perform remote code execution on vulnerable versions of streaming platform
AVideo (12.4 - 14.2). The multi/http/avideo_wwbnindex_unauth_rce module
leverages CVE-2024-31819
[http://attackerkb.com/topics/y127ezofMQ/cve-2024-31819], a vulnerability to
PHP Filter Chaining, to gain unauthenticated and unprivileged access, earning it
an attacker value of High on AttackerKB
[http://attackerkb.com/t
2 min
Metasploit
Metasploit Wrap-Up 03/15/2024
New module content (3)
GitLab Password Reset Account Takeover
Authors: asterion04 and h00die
Type: Auxiliary
Pull request: #18716 [http://github.com/rapid7/metasploit-framework/pull/18716]
contributed by h00die [http://github.com/h00die]
Path: admin/http/gitlab_password_reset_account_takeover
AttackerKB reference: CVE-2023-7028
[http://attackerkb.com/search?q=CVE-2023-7028?referrer=blog]
Description: This adds an exploit module that leverages an account-take-over
vulnerability to take contr
2 min
Metasploit
Metasploit Weekly Wrap-Up: Dec. 22, 2023
Metasploit has added exploit content for the glibc LPE CVE-2023-4911 (AKA Looney Tunables) and RCE exploits for Confluence and Vinchin Backup and Recovery.
4 min
Metasploit
Metasploit Weekly Wrap-Up: Aug. 4, 2023
Fly High in the Sky With This New Cloud Exploit!
This week, a new module was added that takes advantage of both authentication
bypass and command injection in certain versions of Western Digital's MyCloud
hardware. Submitted by community member Erik Wynter
[http://github.com/ErikWynter], this module gains access to the target,
attempts to bypass authentication, verifies whether that was successful, then
executes the payload with root privileges. This works on versions before
2.30.196, and offer
2 min
Metasploit
Metasploit Weekly Wrap-Up: 5/19/23
Fetch Based Payloads: Making the Path from Command Injection to Metasploit
Session Shorter
This week we’re releasing Metasploit fetch payloads. Fetch payloads are
command-based payloads that leverage network-enabled applications on remote
hosts and different protocol servers to serve, download, and execute binary
payloads. Over the last year, two thirds of the exploit modules landed to
Metasploit Framework were command injection exploits. These exploits will be
much easier to write with our new
3 min
Metasploit
Metasploit Weekly Wrap-Up: 3/3/23
2022 Vulnerability Intelligence Report Released
Rapid7’s broader vulnerability research team released our 2022 Vulnerability
Intelligence Report
[http://kdft.a6358.com/blog/post/2023/02/28/a-shifting-attack-landscape-rapid7s-2022-vulnerability-intelligence-report/]
this week. The report includes Metasploit and research team data on
exploitation, exploitability, and vulnerability profiles that are intended to
help security teams understand and prioritize risk more effectively. Put simply,
secur
2 min
Metasploit Weekly Wrapup
Metasploit Wrap-Up: 12/9/22
Login brute-force utility
Jan Rude [http://github.com/whoot] added a new module that gives users the
ability to brute-force login for Linux Syncovery. This expands Framework's
capability to scan logins to Syncovery, a popular web GUI for backups.
WordPress extension SQL injection module
Cydave [http://github.com/cydave], destr4ct [http://github.com/destr4ct], and
jheysel-r7 [http://github.com/jheysel-r7] contributed a new module that takes
advantage of a vulnerable WordPress extension. Thi
5 min
Metasploit
Metasploit Weekly Wrap-Up: Sep. 16, 2022
BYOS: Bring your own stager
We try hard to make sure we have a great choice of fully-functional payloads to
choose from, but sometimes you might want to “branch” out on your own, and if
that’s the case we’ve got you covered. In an attempt to make Metasploit play
well with others, we’ve introduced a brand new payload type: “custom.” “Custom”
payloads use Metasploit stagers to build a stager that will stage whatever
shellcode you send it.
Got a third-party payload you want to run like Sliver or a