[Miễn phí] Metasploit Framework 3.7.0 Released 2/5/2011
Metasploit Framework 3.7.0 Release Notes
- Metasploit now ships with 685 exploit modules, 355 auxiliary modules, and 39 post modules.
- 35 new exploits, 17 post-exploitation modules, and 15 auxiliary modules have been added since the last release.
Highlights & New Features
- Support for SMB signing, enabling pass-the-hash and stolen password attacks against Windows 2008 Server environments.
- The Microsoft SQL Server mixin (and all modules) now supports NTLM authentication.
- Data import backend has undergone a rewrite, speeding up most import tasks by a factor of four.
- OS information is now normalized to make fingerprinting more accurate and easier to deal with.
Highlights from the new modules include:
- Apple iOS Backup File Extraction: Extract sensitive data from iTunes backup files (location, call history, SMS content, pictures, etc).
- Exploits for two different Adobe Flash vulnerabilities exploited in the wild.
- Code execution modules for MySQL and PostgreSQL when a valid login is available.
- Exploit for the Accellion File Transfer Appliance Default Encryption Key flaw found by Rapid7.
- Over ten new exploits for HP Network Node Manager (plus an HP OpenView exploit).
- Post-exploitation module for privilege escalation through the .NET Optimizer Service.
- Post-exploitation modules for stealing stored WinSCP and VNC passwords.