| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <6158bb410811231415h54f1e4d8jd05e7767895cfd35@mail.gmail.com> Date: Sun, 23 Nov 2008 17:15:02 -0500 From: Ureleet <ureleet@...il.com> To: "H D Moore" <fdlist@...italoffense.net> Cc: full-disclosure@...ts.grok.org.uk Subject: Re: Metasploit Framework 3.2 Released i am still waiting for the n3td3v rant on this thread about how hd is a terrorist... come on n3td3v, your predictability is waning. u threw out marc sachs's name this week, where is pauldotcom and hd moore? On Wed, Nov 19, 2008 at 4:39 AM, H D Moore <fdlist@...italoffense.net> wrote: > 888 888 d8b888 > 888 888 Y8P888 > 888 888 888 > 88888b.d88b. .d88b. 888888 8888b. .d8888b 88888b. 888 .d88b. 888888888 > 888 "888 "88bd8P Y8b888 "88b88K 888 "88b888d88""88b888888 > 888 888 88888888888888 .d888888"Y8888b.888 888888888 888888888 > 888 888 888Y8b. Y88b. 888 888 X88888 d88P888Y88..88P888Y88b. > 888 888 888 "Y8888 "Y888"Y888888 88888P'88888P" 888 "Y88P" 888 "Y888 > 888 > 888 > 888 > > > Contact: H D Moore FOR IMMEDIATE RELEASE > Email: hdm[at]metasploit.com > > > Austin, Texas, November 19th, 2008 -- The Metasploit Project > announced today the free, world-wide availability of version 3.2 of > their exploit development and attack framework. The latest version > is provided under a true open source software license (BSD) and is > backed by a community-based development team. > > Metasploit runs on all modern operating systems, including Linux, > Windows, Mac OS X, and most flavors of BSD. Metasploit has been used > on a wide range of hardware platforms, from massive Unix mainframes to > the iPhone. Users can access Metasploit using the tab-completing console > interface, the Gtk GUI, the command line scripting interface, or the > AJAX-enabled web interface. The Windows version of Metasploit includes > all software dependencies and a selection of useful networking tools. > > The latest version of the Metasploit Framework, as well as screen > shots, video demonstrations, documentation and installation > instructions for many platforms, can be found online at > > > - http://metasploit.com/framework/ > > > This release includes a significant number of new features and > capabilities, many of which are highlighted below. > > Version 3.2 includes exploit modules for recent Microsoft flaws, such > as MS08-041, MS08-053, MS08-059, MS08-067, MS08-068, and many more. > > The module format has been changed in version 3.2. The new format > removes the previous naming and location restrictions and paved the way > to an improved module loading and caching backend. For users, this means > being able to copy a module into nearly any subdirectory and be able to > immediately use it without edits. > > The Byakugan WinDBG extension developed by Pusscat has been integrated > with this release, enabling exploit developers to quickly exploit new > vulnerabilities using the best Win32 debugger available today. > > The Context-Map payload encoding system development by I)ruid is now > enabled in this release, allowing for any chunk of known process memory to > be used as an encoding key for Windows payloads. > > The Incognito token manipulation toolkit, written by Luke Jennings, has > been integrated as a Meterpreter module. This allows an attacker to gain > new privleges through token hopping. The most common use is to hijack > domain admin credentials once remote system access is obtained. > > The PcapRub, Scruby, and Packetfu libraries have all been linked into > the Metasploit source tree, allowing easy packet injection and capture. > > The METASM pure-Ruby assembler, written by Yoann Guillot and Julien > Tinnes, has gone through a series of updates. The latest version has been > integrated with Metasploit and now supports MIPS assembly and the ability > to compile C code. > > The Windows payload stagers have been updated to support targets with > NX CPU support. These stagers now allocate a read/write/exec segment of > memory for all payload downloads and execution. > > Executables which have been generated by msfpayload or msfencode now > support NX CPUs. The generated executable is now smaller and more > reliable, opening the door to a wider range of uses. The psexec and > smb_relay modules now use an executable template thats acts like a real > Windows service, improving the reliability and cleanup requirements of > these modules. > > The Reflective DLL Injection technique pioneered by Stephen Fewer of > Harmony Security has been integrated into the framework. The new payloads > use the "reflectivedllinjection" stager prefix and share the same binaries > as the older DLL injection method. > > Client-side browser exploits now benefit from a set of new javascript > obfuscation techniques developed by Egypt. This improvement leads to a > greater degree of anti-virus bypass for client-side exploits. > > Metasploit contains dozens of exploit modules for web browsers and > third-party plugins. The new browser_autopwn module ties many of these > together with advanced fingerprinting techniques to deliver more shells > than most pen-testers know what to do with. > > This release includes a set of man-in-the-middle, authentication relay, > and authentication capture modules. These modules can be integrated with > a fake proxy (WPAD), a malicious access point (Karmetasploit), or basic > network traffic interception to gain access to client machines. These > modules tie together browser_autopwn, SMB relaying, and HTTP credential > and form capturing to pillage data from client systems. > > Nearly all Metasploit modules now support IPv6 transports. IPv6 stagers > exist for the Windows and Linux platforms, opening the door for penetration > testing of pure IPv6 networks. The VNCInject and Meterpreter payloads have > been extensively tested over IPv6 sockets. > > Efrain Torres's WMAP project has been merged into Metasploit. WMAP is > general purpose web application scanning framework that can be automated > through integration with an attack proxy (ratproxy) or be accessed as > individual auxiliary modules. > > Egypt's new PHP payloads provide complete bind, reverse, and findsock > support for PHP web application exploits. If you are sick of C99 and R57 > and looking to gain a "real" shell from one of the hundreds of RFI flaws > listed on milw0rm, the new PHP payloads work great against multiple > operating systems. > > The db_autopwn command has been revamped to support port-based limits, > regex-based module matching, and limits on the number of spawned jobs. The > end result is a way to quickly launch specific modules against a specific > set of target machines. These changes were suggested and implemented by > Marcell 'SkyOut' Dietl (Helith). > > > Enjoy the release, > > hdm mc egypt > pusscat ramon patrickw > I)ruid et kkatterjohn > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ > _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists