Setting listener host and ports for payloads in
Life is full of disappointments: You spend a lot of time flirting with a cute new machine, convince it to accept your payload, and never get a call back – just because the big bad NAT is not letting your new sweetheart phone home. That's why many of you broken hearted pentesters have asked us to make the listener port and IP address for payloads configurable to ports that are usually accessible, such as ports 80 and 443. This week's release of Metasploit Express and Metasploit Pro enables this configuration, so that your new found love can phone you back. If you're using Metasploit Pro, you can also use VPN pivoting to talk to her sisters, which I blogged about earlier this week.
Enough love – back to business! This week, you have 12 new modules to play with, including an unpatched Internet Explorer exploit, the ProFTPD buffer overflow (for Linux and FreeBSD) and yet another Adobe exploit. Metasploit Pro's social engineering campaign feature now supports SMTP authentication when sending out emails with phishing links or exploit attachments. We've also added more granular control in the discovery phase with custom nmap command lines. In the smart bruteforcing dialog, you can now upload wordlists through the interface to tweak your dictionary attacks with terms tailored for your target. For example, you can upload a medical terms wordlist when you attack a healthcare provider, or upload a non-English wordlist for assignments in other countries. You can also import PWDump format files for pass-the-hash attacks, or export hashes to a dedicated password cracker such as john.
That's all for today – have a great weekend!