MSF 5 in the wild

We announced the release of Metasploit Framework 5.0 this week. It’s Metasploit’s first major version release since 2011, and it includes lots of good stuff the team has been working on for the past year-plus. It will be packaged and integrated into your favorite software distributions over the next few months; until then, you can get MSF 5 by checking out the 5.0.0 tag on Github.

Chrome cookies

The Chrome cookies post module by mangopdf uses Chrome's remote debugging to read all cookies from the default Chrome profile of the user. The module uses a --headless, or a hidden, Chrome with remote debugging enabled and opens an HTML file to make requests to the remote debugging service. The HTML requests the cookies and logs the output to a file, which is later retrieved by the module.

MailCleaner

mmetince submitted a module for an authenticated remote code execution vulnerability in MailCleaner Community Edition. As described in mmetince's advisory, a search request sent to MailCleaner's ManagetracingController triggers a SOAP service request that issues an operating system command. By sending a command in the domain parameter of the search request it is possible to execute operating system commands as root on the server.

New Modules

Exploit modules (3 new)

Auxiliary and post modules (4 new)

Improvements

  • PR #11199 updates the components list in the Joomla wordlist
  • PR #11183 adds authentication to the LoginServlet
  • PR #11187 fixes LoginServlet to meet API standards and documented functionality
  • PR #11163 adds /api/v1/events endpoint for retrieving Mdm::Event data from the API

Get it

As always, you can update to the latest Metasploit Framework with msfupdate and you can get more details on the changes since the last blog post from GitHub:

We recently-announced the release of Metasploit 5. You can get it by cloning
the Metasploit Framework repo (master branch). To install fresh without using git, you can use the open-source-only Nightly Installers or the binary installers
(which also include the commercial editions). PLEASE NOTE that the binary installers, and Metasploit Framework versions included in distros such as Kali, Parrot, etc., are based off the Metasploit 4 branch for the time being. Migration is underway, so you can look forward to getting Metasploit 5 in the binary installers and in third-party software distributions soon.