Here in the U.S., we just celebrated Thanksgiving, which involves being thankful, seeing friends and family, and eating entirely too much (I know that last one is not uncommon here). After a large meal and vacation, we figured that it would be a nice, slow week for security research in the States. Then we opened Twitter and were suddenly happy we had procrastinated and most of us had put off upgrading to High Sierra.
In case you missed yesterday’s announcement, the Linux Metasploitable3 CTF is here! Starting Monday, 500 players can start dropping shells and submitting flags to win one of three cool prizes. Space is limited and we’re already at about two thirds of our capacity, so register here if you haven’t yet. See yesterday’s post above for the official rules and prizes.
Exploit modules (2 new)
- Mac OSX Root Privilege Escalation by timwr: You knew it had to happen, and here it is—password-optional UID 0 on OS X High Sierra.
- pfSense Authenticated RCE by h00die and s4squatch: This new module allows you to run commands on a pfSense firewall/router as an authenticated user. (Of course this comes the week after I praised open-source firewalls in Rapid7’s Thanksgiving round-up of security stuff we’re thankful for.)
Auxiliary and post modules (1 new)
One of our newest Metasploit members, Matthew, teamed up with Daniel to add a Slowloris module to Metasploit. Normally, this would involve a pat on the back and a ‘What year is it?!’ joke from wvu, but this module is different. I’ll give you some hints: the whitespace is important in any module, but it’s far more important in this one, and you could say this module has no end.
If you guessed Python, you’re right, and you should probably get out more…like us. This marks the second Python module we’ve released, and hopefully the expansion will be exponential (or at least geometric). If you are interested in submitting more Python modules, please do!
As always, you can update to the latest Metasploit Framework with
and you can get more details on the changes since the last blog post from