This week, with RSA 2012 fast approaching and the final touches on Metasploit version 4.2 getting nailed down, we've been in a code freeze for core Metasploit functionality. However, that doesn't apply to the parade of modules, so here's what's in store for the next -- and quite likely last -- update for Metasploit 4.1.
Authentication Credential Gathering and Testing
Jon Hart (of Nexpose fame) has been on fire with new Metasploit contributions -- this week, he's come up with a trio of credential snarfing post modules.
mount_cifs_creds picks up the saved credentials from a Linux machine's /etc/fstab file (used when auto-mounting SMB/CIFS file shares to Linux workstations);
fetchmailrc_creds picks up stored e-mail credentials used by the popular Fetchmail utility; and
netrc_creds, which pulls credentials from a user's local .netrc file (usually private FTP credentials).
Once you've snagged credentials with these and other modules, open source contributor m-1-k-3 has supplied a nifty new resource script,
auto_cred_checker.rc. This script runs through all the credentials currently in the Metasploit database and validates them by loading up the appropriate service login auxiliary module and giving the creds a shot. Super cool.
New Modules and Scripts
As usual, we have a handful of other new modules and scripts this week.
adobe_flash_sps, by sinn3r, exploits CVE-2011-2140 in Adobe's Flash Player.
c6_messenger_downloaderactivexexploits CVE-2008-2551 for an ActiveX control in Icona's C6 Messenger, and was submitted by Juan Vazquez.
citrix_streamprocess_data_msg, exploits the Citrix Provision Services vulnerability described in ZDI-12-009, and was submitted by alino.
sunway_force_control_netdbsrv, exploits OSVDB-75798, a vulnerability in the SCADA human-machine interface (HMI) application Sunway Forcecontrol, and was provided by contributors Rinat Ziyayev and James Fitts.
- m-1-k-3 also provided two new resource scripts,
basic_discovery.rcused to automate port scanning), and
multi_post.rc, which automates a bunch of common post-exploitation tasks.
If you're new to Metasploit, you can get started by downloading Metasploit for Linux or Windows. If you're already tracking the bleeding-edge of Metasploit development, then these modules are but an msfupdate command away. For readers who prefer the packaged updates for Metasploit Community and Metasploit Pro, you'll be able to install the new hotness today when you check for updates through the Software Updates menu under Administration.
For additional details on what's changed and what's current, please see Jonathan Cran's most excellent release notes.