Skip to content Skip to footer

Metasploit Weekly Wrap-Up 02/02/2024

This week's updates include improvements to  Framework's SMB server implementation: the SMB server can now be reused across various SMB modules, which are now able to register their own unique shares and files. SMB modules can also now be executed concurrently. Currently, there are 15 SMB modules in Framework that utilize this feature.

New module content (2)

Mirth Connect Deserialization RCE

Authors: Naveen Sunkavally, Spencer McIntyre, and r00tType: ExploitPull request: #18755 contributed by zeroSteinerPath: multi/http/mirth_connect_cve_2023_43208

available in AttackerKB.

Puppet Config Gather

Author: h00dieType: PostPull request: #18628 contributed by h00diePath: /gather/puppet

Description: This PR adds a post gather module to get Puppet configs and other sensitive files.

Enhancements and features (2)

#18680 from zeroSteiner – This adds a service compatible with Rex::ServiceManager for SMB that can be shared among modules.
#18742 from sjanusz-r7 – Enhances the post/multi/gather/memory_search with additional UX improvements such as outputting a list of matched processes that are being targeted, as well as improved error handling if the process architecture is not correct.

Bugs fixed (2)

#18750 from adfoster-r7 – Updates the to_handler command for payload modules to support option overrides. The to_handler command is a convenient way of using multi/handler, setting the payload, and setting datastore options.
#18760 from adfoster-r7 – Fixes an issue where fails to start when resolv.conf cannot be found.

Documentation

You can find the latest documentation on our docsite at docs.metasploit.com.

Get it

As always, you can update to the latest Framework with msfupdateand you can get more details on the changes since the last blog post fromGitHub:

Pull Requests 6.3.53…6.3.54
Full diff 6.3.53…6.3.54

If you are a git user, you can clone the Metasploit Framework repo (master branch) for the latest.To install fresh without using git, you can use the open-source-only Nightly Installers or thecommercial edition Metasploit Pro

Leave a comment

Newsletter Signup
Address

The Grid —
The Matrix Has Me
Big Bear Lake, CA 92315

01010011 01111001 01110011 01110100 01100101 01101101 00100000
01000110 01100001 01101001 01101100 01110101 01110010 01100101

Yes I'm old. Old enough to remember when the MCP was just a chess program!Dumont

Deitasoft © 2024. All Rights Reserved.