This week marked the beginning of our time in the new office. Everything got packed up and moved: computers, chairs, Rudy’s cups, and odd soy sauce packets in the back of the drawers. One consequence of moving to downtown Austin is that the lunch debates take longer, with flame wars about both the best tacos and the best barbecue.
Metasploit: Now With More Snakes!
Improve the improvements
In a case where we are improving on improvements, the changes made to speed up msfvenom apparently sped it up too much, creating some issues where dependencies were not there when needed. Those responsible for sacking the dependencies were not sacked.
Universal Access Denied Granted
Also in msfvenom, Meatballs1 fixed a slight error when generating non-UAC prompting Windows installers, so now you can create non-UAC prompting msi files to distribute across the network.
Pop Goes the Instruction
Summus6 caught us dusting a few extra bits in some shellcode and set us straight by removing a superfluous ‘pop’ instruction on our reverse_http and reverse_winhttp shellcode. Through our robust coding practice of copy/paste until it works, the payloads still worked even with the instruction, but we figured some people might want smaller shell code.
- modules/auxiliary/gather/get_user_spns.py by Jacob Robles
- modules/exploits/multi/http/processmaker_plugin_upload.rb by Brendan Coles
- modules/post/windows/gather/ntds_grabber.rb by Koen Riepe
- modules/post/windows/manage/rid_hijack.rb by Sebastian Castro
As always, you can update to the latest Metasploit Framework with
msfupdate and you can get more details on the changes since the last blog post from GitHub:
To install fresh, check out the open-source-only Nightly Installers, or the binary installers which also include the commercial editions. PLEASE NOTE that these installers, and Metasploit Framework versions included in distros such as Kali, Parrot, etc., are based off the stable Metasploit 4 branch. If you'd like to try out the newer things going into Metasploit 5, that work is available in the master branch of the Metasploit Framework repo on GitHub.