3 min
Metasploit Weekly Wrapup
Weekly Metasploit Wrapup 16
We have a new module from rastating which exploits an unauthenticated file upload vulnerability in the popular WordPress plugin, Ninja Forms.
3 min
Release Notes
Weekly Metasploit Wrapup: March 14, 2016
Scanning for the Fortinet backdoor with Metasploit
Written by wvu
Metasploit now implements a scanner for the Fortinet backdoor. Curious to see
how to use it? Check this out!
wvu@kharak:~/metasploit-framework:master$ ./msfconsole -qL
msf > use auxiliary/scanner/ssh/fortinet_backdoor
msf auxiliary(fortinet_backdoor) > set rhosts 417.216.55.0/24
rhosts => 417.216.55.0/24
msf auxiliary(fortinet_backdoor) > set threads 100
threads => 100
msf auxiliary(fortinet_backdoor) > run
[*]
1 min
Metasploit Weekly Wrapup
Metasploit Weekly Wrapup for 2015-10-15
Welcome to this week's Metasploit Wrapup. I'm your host Brent Cook, tagging in
for egypt [https://twitter.com/egyp7] who just finished speaking about
Metasploit at the Texas DIR Telecommunications Forum
[http://dir.texas.gov/View-About-DIR/Calendar-Detail.aspx?id=155&month=10&year=2015&type=list]
. This week was largely focused on bug fixes and refinements.
In the fixes bucket, PowerShell sessions now properly upgrade with the 'sessions
-u' command. Fixing this also revealed some general proble
2 min
Metasploit Weekly Wrapup
Weekly Metasploit Wrapup: Hackers of Might and Magic
Vegas: That's a Wrap
Well, another trek out to the Nevada desert is behind us. I actually love
heading out there every year, since it gives me a chance to connect with a
sizable chunk of the Metasploit contributor community in a corporeal way. That
just fills me with warm fuzzies, so thanks to all of you who made the
pilgrimage. You, the open source security research community, is what makes
Vegas feel a lot homier than it ought to.
Speaking of community, now that we're past the Vegas Singulari
3 min
Metasploit Weekly Wrapup
Weekly Metasploit Wrapup: T-Shirts, T-Shirts, & Some Modules
Black Hat T-Shirts!
Well, it's a week or so until DEF CON 23, and since you're all busy prepping all
your demos and presentations and panels and things, I figured I should remind
you that among all your gear, you should probably toss some clothes in your bag
before you head out the door. In case this slips your mind, though, don't sweat,
we have you covered.
Pictured at right is the winning design from the annual Metasploit T-Shirt
contest, submitted by LewisFX
[https://99designs.com/t-shirt-
3 min
Metasploit Weekly Wrapup
Weekly Metasploit WrapUp: A Wild Committer Appears!
Browser Autopwn Version 2
Hey all! If you haven't been following the Metasploit development over the last
few weeks, you know that we've been pretty busy getting Browser Autopwn Version
2 (BAPv2) out the door and into Metasploit Framework. This project was, and is,
driven by our own beloved Wei _sinn3r [https://twitter.com/_sinn3r] Chen, and
it's one of those projects around here that I'm really personally very excited
about.
If you want to jump into all the implementation details and history,
3 min
Metasploit Weekly Wrapup
Weekly Metasploit Wrapup: Two More Flash Exploits
While Adobe has made great progress in releasing both regular and emergency updates to Flash, it's becoming clear that Flash itself is becoming an albatross around the neck of every browser.