In last week’s wrap-up post, we raised awareness of the new Metasploit 5 work we’re ramping up on. This week, please GoAhead and enjoy some new Metasploit goodies!

Get Up, GoAhead

Based on research from danielhodson, hdm and h00die put together a new module which targets GoAhead web server versions vulnerable to creative use of CGI and the dynamic linker. Exploiting this vulnerability results in remote code execution on the target; juicy details can be found in Daniel’s writeup here.

I Verse, U-verse

In our newest Python module addition, one can scan for vulnerable AT&T U-verse routers (spefically, Arris NVG589 and NVG599 models running vulnerable firmware) that expose an un-authenticated proxy, allowing connections from WAN to LAN by MAC address. Aptly named “SharknAT&To”, Adam’s new module also supports easy integration with single request/response scanners (like many used in Rapid7’s Project Sonar).

Author’s rendition of a scan in progress (YMMV)

Nothing to See Here

For users of the POSIX Meterpreter, Brent recently added the ability “blend into” the process list via a new payload generation option: PayloadProcessCommandLine. This allows your Meterpreter payload to appear as whatever innocuous process name you prefer on your Linux and macOS targets! You can watch a video of Brent demoing this new feature (from our Metasploit Demo meeting) here.

New Modules

Exploit modules (3 new)

Auxiliary and post modules (3 new)

Improvements

Get it

As always, you can update to the latest Metasploit Framework with msfupdate
and you can get more details on the changes since the last blog post from
GitHub:

To install fresh, check out the open-source-only Nightly Installers, or the binary installers which also include the commercial editions. PLEASE NOTE that these installers, and Metasploit Framework versions included in distros such as Kali, Parrot, etc., are based off the stable Metasploit 4 branch. If you'd like to try out the newer things going into Metasploit 5, that work is available in the master branch of the Metasploit Framework repo on GitHub.