This week in the U.S. is the unofficial start of summer, so that probably explains why it's been a bit of a slow week in the Metasploit community, hacking-wise. We have a few new modules for this week's update, but in addition to those, I'd like to mention a few new resources we've put together for the Metasploit development community.
Docs and Videos
Over the last few weeks, we've been working up some more comprehensive documentation on how to get started in Metasploit development. We now have a complete set up Metasploit Development Environment guide, which will take you from a fresh Ubuntu Linux installation, through a GitHub user creation, ending up with your own clone of the Metasploit Framework. Thanks to community contributor corelanc0d3r for the initial work on nailing down these procedures.
We also have a video demonstration of the same up, thanks to our esteemed tech writer, Thao.You can watch it here, if scrolling through long wiki pages of screenshots isn't your thing. For a lot of people, seeing the steps in action is helpful, since it at least proves that someone was able to step through it once.
Exploit developer sinn3r has put together a list of common anti-patterns that he sees when sheparding community-contributed modules through to the main Metasploit distribution. This is a great resource for people just starting out writing Metasploit modules -- the Metasploit open source community has evolved a set has a set of local customs and preferences, which is mostly (but not completely) informed by common Ruby coding practices, so sinn3r's document touches on the usual style errors and faux pas that we see in new modules.
Metasploit core developer egypt took the time to refresh and reorganize Metasploit's README, COPYING, and THIRD-PARTY files. Now, it's a little easier to figure out what's up with Metasploit's usage, hacking guidelines, and distribution goals. More importantly, by splitting out the licensing language from the usage language, the README is a lot more, well, readable.
Finally, we're changing how we credit modules in this blog. We used to go through this process of making a distinction between Metasploit module authors and vulnerability discoverers. Turns out, that can give the impression that the module authors do all of the vulnerability work, which, of course, isn't true. So, going forward, we'll be crediting all parties involved here, just like we do in the Metasploit module browser and the Metasploit user interface. Hopefully, that will clear up any confusion, and incidentally, make it easier to automatically generate the "New Module" section.
Speaking of the new modules, here they are, with links to the Exploit Database.
- Symantec Web Gateway 126.96.36.199 Command Execution Vulnerability by sinn3r, Unknown, and muts exploits CVE-2012-0297
- WeBid converter.php Remote PHP Code Injection by juan vazquez and EgiX exploits OSVDB-73609
- appRain CMF Arbitrary PHP File Upload Vulnerability by sinn3r and EgiX exploits CVE-2012-1153
- Lattice Semiconductor ispVM System XCF File Handling Overflow by juan vazquez and Unknown exploits OSVDB-82000
- MPlayer SAMI Subtitle File Buffer Overflow by juan vazquez and Jacques Louw exploits OSVDB-74604
- OpenOffice OLE Importer DocumentSummaryInformation Stream Handling Overflow by juan vazquez and Marsu exploits CVE-2008-0320
- QuickShare File Share 1.2.1 Directory Traversal Vulnerability by sinn3r and modpr0be exploits OSVDB-70776
- RabidHamster R4 Log Entry sprintf() Buffer Overflow by sinn3r and Luigi Auriemma exploits OSVDB-79007
If you're new to Metasploit, you can get started by downloading Metasploit for Linux or Windows. If you're already tracking the bleeding-edge of Metasploit development, then these modules are but an msfupdate command away. For readers who prefer the packaged updates for Metasploit Community and Metasploit Pro, you'll be able to install the new hotness today when you check for updates through the Software Updates menu under Administration.
For additional details on what's changed and what's current, please see the most excellent release notes.