Exploit modules (3 new)
- Nagios XI Chained Remote Code Execution by Benny Husted, Cale Smith, and Jared Arave, which exploits CVE-2018-8736. Monitor this series of unfortunate events all the way to magical shells.
- Boxoft WAV to MP3 Converter v1.1 Buffer Overflow by Robbie Corley and Shelby Pace, which exploits CVE-2015-7243. Need to convert some music, we've got shells for that!
- FTPShell client 6.70 (Enterprise edition) Stack Buffer Overflow by Daniel Teixeira and r4wd3r, which exploits CVE-2018-7573. Are you feeling a little meta today? Have some shells on FTPShell.
- Java JMX Package Name Randomization by Sergey Gorbaty. Sergey's contribution does double duty by adding support for multiple java payloads to be executing in the same JVM classpath as well as improves the evasion capabilities of the payload by generating random package names.
- Psexec SMB2 support by shellfail. Support for psexec on SMB2 has been a long time coming. Special thanks to Dev Mohanty, Christophe De La Fuente and all the great contributors over in the ruby_smb gem for getting the ground work in to make this possible.
- The ever expanding eternalromance by zerosum0x0, and the whirlwind continues as Windows 7 Embedded comes to fray. Some skillfully spotted titles expand the ever loved MS17-010 targets even more.
As always, you can update to the latest Metasploit Framework with
and you can get more details on the changes since the last blog post from
To install fresh, check out the open-source-only Nightly Installers,
or the binary installers which also include the commercial
editions. PLEASE NOTE that these installers, and Metasploit
Framework versions included in distros such as Kali, Parrot, etc.,
are based off the stable Metasploit 4 branch. If you'd like to try out
the newer things going into Metasploit 5, that work is
available in the master branch of the Metasploit Framework repo on GitHub.