Leaving Las Vegas—thanks, Defcon and BSides!

We had a great time meeting everyone at the various Metasploit events at hacker summer camp last week, including two popup capture the flag events with Metasploitable3, the Open Source Security Meetup, and selling Metasploit 0xf Anniversary Tour. If we missed you this time around, you may have a second chance this year at DerbyCon VIII as we again present the Metasploit Town Hall.

Metasploitable3 now easier to set up

One piece of feedback we have consistently received about Metasploitable3 is that it can be difficult and time-consuming to get running. This is because it installs the full OS distributions and vulnerable software from scratch, as well as downloads a lot of files from sites that may not always be available. To make things simpler and faster, we have begun publishing pre-built Vagrant boxes for VMWare and Virtualbox. The quick start guide can now get you running in minutes (with a suitable Internet connection), and you don't even have to install Packer. Thanks to Vagrant Cloud for hosting these images, which will periodically be updated as Metasploitable3 evolves.

Summer of Code coming to a close

We're in the final stages of Google Summer of Code projects with Metasploit and evaluations are underway. A lot of exciting projects will either be finished or at least be in a good state for continued development after the summer. We're looking forward to working with these students in the future as well, as they have all worked really hard to build significant new features into Metasploit.

New modules

Exploit modules (1 new)

Auxiliary and post modules (3 new)

Improvements

Get it

As always, you can update to the latest Metasploit Framework with msfupdate and you can get more details on the changes since the last blog post from GitHub:

To install fresh, check out the open-source-only Nightly Installers, or the binary installers which also include the commercial editions. PLEASE NOTE that these installers, and Metasploit Framework versions included in distros such as Kali, Parrot, etc., are based off the stable Metasploit 4 branch. If you'd like to try out the newer things going into Metasploit 5, that work is available in the master branch of the Metasploit Framework repo on GitHub.