Silence can mean one of two things - the project is dead, or we are working on some really big things and aren't quite ready to announce them. Well, the project is not dead In the next two weeks, some major changes will be announced that cover the source code, development team, and licensing of the Metasploit Framework. Folks who have been following the development tree may not be suprised, but we are taking some giant steps forward from the 3.1 release.

In the meantime, users should stay away from Ruby 1.8.7. Over the last few months, more and more OS distributions have been upgrading their standard Ruby interpreters from 1.8.5/1.8.6 to 1.8.7. Unfortunately, this version broke the ability to use short-name constants. This type of code is scattered throughout the Metasploit Framework and is tricky to track down. Even knowing what the problem is, there is no clean workaround that doesn't throw out the benefits of using short-name constants in the first place (which are used to make code readable among other things). How can you tell if you hit this bug? The error below is just one example:

[-] Exploit failed: uninitialized constant Msf::ModuleSet::NDR

In the short-term, the framework will display a warning message if the interpreter version matches "1.8.7". Once the Ruby team pushes a new version that incorporates the patch (which is already in the stable development tree), this warning will be removed, and a more complex check will be put in place instead.

If anyone is looking for a deeper understanding of the framework and many of the new features, there are still a few seats left in my Powersploitation class at the SecTor 2008 Security Conference. You can tell the class material is fresh when the code it refers to is still being written