Tuesday, December 24, 2024
HomeCyber Security NewsMetasploit Framework Released with New Features

Metasploit Framework Released with New Features

Published on

SIEM as a Service

The Metasploit Framework, a widely used open-source penetration testing tool maintained by Rapid7, has introduced an exciting new release packed with cutting-edge features.

The latest update includes new payloads targeting the emerging RISC-V architecture, a sophisticated SMB-to-HTTP(S) relay exploit for Active Directory Certificate Services (AD CS), and several new modules addressing high-profile vulnerabilities.

These additions continue to augment the framework’s capabilities, allowing penetration testers to exploit vulnerabilities across an even broader range of environments.

- Advertisement - SIEM as a Service

New RISC-V Payloads

With this update, Metasploit has expanded its payload arsenal to include support for the RISC-V architecture, an open-source instruction set architecture (ISA) that has gained significant traction in hardware development.

Attend a Free Webinar on How to Maximize Cybersecurity Program ROI

New payloads targeting 32-bit and 64-bit RISC-V systems enable penetration testers to execute commands on compromised hardware, extending Metasploit’s reach to various IoT devices, embedded systems, and servers running on this architecture.

The payloads include Linux Execute Command and Linux Reboot options, allowing testers to control compromised systems remotely. As the adoption of RISC-V grows, these payloads ensure Metasploit remains relevant in cutting-edge environments.

SMB-to-HTTP(S) Relay Exploit Targeting ESC8 Vulnerability

Another headline feature in this release is the SMB-to-HTTP(S) relay exploit, designed to target the ESC8 vulnerability within Active Directory Certificate Services (AD CS).

Developed by Rapid7 contributors, this exploit is part of ongoing efforts to target Kerberos and Active Directory vulnerabilities.

The new module includes a modified SMB capture server, which repackages and forwards authentication data to an NTLM-authenticating HTTP server.

Once authenticated, the HTTP client interacts with the ESC8 module to request and download certificates, potentially granting attackers access to sensitive infrastructure.

A notable addition to Metasploit’s payload library is the Python Exec payload, contributed by zeroSteiner.

This payload supports Python 2.7 and Python 3.4+, enabling testers to execute arbitrary OS commands on compromised systems. Python’s versatility makes it a valuable tool for targeting various environments, from servers to IoT devices.

Several new modules have been introduced in this release, including:

  • SolarWinds Web Help Desk Backdoor (CVE-2024-28987): A module that exploits a backdoor in SolarWinds Web Help Desk to retrieve all tickets from the system.
  • WordPress TI WooCommerce Wishlist SQL Injection (CVE-2024-43917): This module targets an SQL injection vulnerability in the TI WooCommerce Wishlist plugin for WordPress, enabling attackers to dump usernames and hashed passwords.

This release includes new payloads, modules, and significant enhancements, such as the updated pipe_dcerpc_auditor module and an upgrade to Ruby 3.2.5, ensuring a smoother and more robust user experience.

With these new features, Metasploit users can target various systems and vulnerabilities, cementing the framework’s position as a must-have tool for security professionals and ethical hackers.

Run private, Real-time Malware Analysis in both Windows & Linux VMs. Get a 14-day free trial with ANY.RUN!

Divya
Divya
Divya is a Senior Journalist at GBhackers covering Cyber Attacks, Threats, Breaches, Vulnerabilities and other happenings in the cyber world.

Latest articles

Node.js systeminformation Package Vulnerability Exposes Millions of Systems to RCE Attacks

A critical command injection vulnerability in the popular systeminformation npm package has recently been disclosed, exposing...

Skuld Malware Using Weaponized Windows Utilities Packages To Deliver Malware

Researchers discovered a malware campaign targeting the npm ecosystem, distributing the Skuld info stealer...

BellaCiao, A new .NET Malware With Advanced Sophisticated Techniques

An investigation revealed an intrusion in Asia involving the BellaCiao .NET malware, as the...

Malicious Apps On Amazon Appstore Records Screen And Interecpt OTP Verifications

A seemingly benign health app, "BMI CalculationVsn," was found on the Amazon App Store,...

API Security Webinar

72 Hours to Audit-Ready API Security

APIs present a unique challenge in this landscape, as risk assessment and mitigation are often hindered by incomplete API inventories and insufficient documentation.

Join Vivek Gopalan, VP of Products at Indusface, in this insightful webinar as he unveils a practical framework for discovering, assessing, and addressing open API vulnerabilities within just 72 hours.

Discussion points

API Discovery: Techniques to identify and map your public APIs comprehensively.
Vulnerability Scanning: Best practices for API vulnerability analysis and penetration testing.
Clean Reporting: Steps to generate a clean, audit-ready vulnerability report within 72 hours.

More like this

Node.js systeminformation Package Vulnerability Exposes Millions of Systems to RCE Attacks

A critical command injection vulnerability in the popular systeminformation npm package has recently been disclosed, exposing...

Skuld Malware Using Weaponized Windows Utilities Packages To Deliver Malware

Researchers discovered a malware campaign targeting the npm ecosystem, distributing the Skuld info stealer...

BellaCiao, A new .NET Malware With Advanced Sophisticated Techniques

An investigation revealed an intrusion in Asia involving the BellaCiao .NET malware, as the...