Wintertime can be a drag. Folks get tired of shoveling snow, scraping ice from windshields, dealing with busted water pipes, etc.. Thoughts of “fun in the sun” activities start to seep in, as people begin wistfully daydreaming about summertime. And for this coming summer, Metasploit has some hotness to daydream about!
Google Summer of Code: We’re In!
The Metasploit team is SUPER EXCITED to have been recently selected by Google to participate in GSoC 2018! This will be our second year in GSoC as a mentor organization, and we’ve pulled together a great set of mentors to work with our student developers. We’ve also got a nice list of project ideas coming along, which students applying for GSoC can check out to see if there’s something there they’d like to work on (or applicants may suggest their own ideas, too!). GSoC student applications will be accepted for consideration from March 12th through March 27th. Information on registering can be found here!
It’s Been a Privilege (Escalation)...
Prolific framework contributor bcoles has been busy cranking out a number of new privilege escalation modules. With this latest MSF release, four of these new modules are now available to help get a “leg up” on exploited targets. Vulnerable versions of Juju and ABRT (again!) are covered, as well as some older versions of glibc’s ld.so shared library. May come in handy on your next engagement!
Keep in the Know
A friendly reminder that the Metasploit team has multiple ways to keep up with what’s going on. To learn about new work (and see some of it demonstrated!), check out our YouTube channel. You can also visit the Metasploit Framework GitHub account and look at pull requests (PR) and issue activity. If you have questions or want to learn more, metasploit.com and the Rapid7 Knowledge Base are good places to visit. There’s also a Slack workspace if you prefer a chat (and IRC, if that’s more your jam). And you can follow along with us on Twitter, as well!
Exploit modules (4 new)
- ABRT raceabrt Privilege Escalation by Brendan Coles and Tavis Ormandy, which exploits CVE-2015-3315
- glibc LD_AUDIT Arbitrary DSO Load Privilege Escalation by Brendan Coles, Marco Ivaldi, Tavis Ormandy, Todor Donev, and zx2c4, which exploits CVE-2010-3856
- glibc '$ORIGIN' Expansion Privilege Escalation by Brendan Coles and Tavis Ormandy, which exploits CVE-2010-3847
- Juju-run Agent Privilege Escalation by Brendan Coles, David Ames, and Ryan Beisner, which exploits CVE-2017-9232
- tomcat_mgr_login scanner module fix to ensure password creds are stored
- reference links fix for
- mysql_hashdump scanner module update to look for ‘authentication_string’ instead of ‘password’ on newer versions
- udp_probe scanner module reinstated
As always, you can update to the latest Metasploit Framework with
and you can get more details on the changes since the last blog post from
To install fresh, check out the open-source-only Nightly Installers, or the binary installers which also include the commercial editions. PLEASE NOTE that these installers, and Metasploit Framework versions included in distros such as Kali, Parrot, etc.,are based off the stable Metasploit 4 branch. If you'd like to try out the newer things going into Metasploit 5, that work is available in the master branch of the Metasploit Framework repo on GitHub.