3 min
Metasploit
Metasploit Wrap-Up: Nov. 26 2021
Self-Service Remote Code Execution
This week, our own @wvu-r7 added an exploit module
[https://github.com/rapid7/metasploit-framework/pull/15874] that achieves
unauthenticated remote code execution in ManageEngine ADSelfService Plus, a
self-service password management and single sign-on solution for Active
Directory. This new module leverages a REST API authentication bypass
vulnerability identified as CVE-2021-40539
[https://attackerkb.com/topics/DMSNq5zgcW/cve-2021-40539?referrer=blog], where
5 min
Metasploit Weekly Wrapup
Metasploit Wrap-Up: 9/3/21
A new SMB server implementation to support capturing NTLM hashes across SMBv2 and SMBv3, even with encrypted SMB traffic. Plus, exploits for eBPF, Git LFS, and Geutebruck IP cameras.
3 min
Metasploit Weekly Wrapup
Metasploit Wrap-Up: 7/30/21
Five new modules, including an exploit for "HiveNightmare" CVE-2021-36934, and new fixes and enhancements.
2 min
Metasploit
Metasploit Wrap-Up: Feb. 5, 2021
This week's edition: Baron Samedit 'sudo' exploit module, OneDrive sync enumeration, and WP credential gathering via Abandoned Cart plugin.
3 min
Metasploit
Metasploit Wrap-Up 11/27/20
Five new modules, and a reminder for the upcoming CTF
2 min
Metasploit
Metasploit Wrap-Up: Aug. 28, 2020
Give me your hash
This week, community contributor HynekPetrak [https://github.com/HynekPetrak]
added a new module [https://github.com/rapid7/metasploit-framework/pull/13906]
for dumping passwords and hashes stored as attributes in LDAP servers. It uses
an LDAP connection to retrieve data from an LDAP server and then harvests user
credentials in specific attributes. This module can be used against any kind of
LDAP server with either anonymous or authenticated bind. Particularly, it can be
used
3 min
Metasploit Weekly Wrapup
Metasploit Wrap-Up 4/3/2020
This week's release includes a local privilege escalation exploit for VMware Fusion through 11.5.3 on OS X, as well as RCE on Apache Solr and DNN cookie deserialization.
3 min
Metasploit
Metasploit Wrap-Up: Dec. 13, 2019
Powershell Express Delivery
The web_delivery module
[https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/script/web_delivery.rb]
is often used to deliver a payload during post exploitation by quickly firing up
a local web server. Since it does not write anything on target’s disk, payloads
are less likely to be caught by anti-virus protections. However, since Microsoft
added Antimalware Scan Interface (AMSI)
[https://docs.microsoft.com/en-us/windows/win32/amsi/antim