Has this week left you hungry for something to sink your teeth into? We've got some cool new modules that we hope you'll find appetizing!
Browse the Menu
Slurp up some sessions with a new browser exploit module from timwr targeting Google Chrome version 72.0.3626.119 on 32-bit Win 7 targets. Due to a use-after-free vuln in Chrome's FileReader API, this exploit can get you remote code execution on a vulnerable target. There's some discussion in the PR comments around potentially chaining this with a second exploit, too!
Grab a Bowl of Serial
In true "serial" fashion, acamro is back with another Oracle WebLogic exploit module for a deserialization vuln in the AsyncResponseService web service component. Using a specially-crafted SOAP request, an unauthenticated attacker can gain remote command execution on a vulnerable target. And if you missed acamro's earlier WebLogic modules, you can catch up on them here.
Clear the Table
If databases whet your appetite, Greenwolf served up a new module targeting PostgreSQL 9.3+. If you have creds for a superuser or a user in the 'pg_execute_server_program' group, this module can get you remote command execution on a vulnerable target via the COPY FROM PROGRAM mechanism. Bon appetit!
And to Top It All Off...
DEF CON is starting to bubble-up on the horizon, and so is our annual open-source security meetup (OSSM)! We'll be switching up the "recipe" this year, and we're looking for your input via a quick Twitter poll. Really want to talk about a tool you’re developing with other open-source folks? Need some tips on Metasploit integrations or module dev? Tell us! The poll will be up for a few more days, check it out and let us know which option resonates with you!
New modules (3)
- Oracle Weblogic Server Deserialization RCE - AsyncResponseService by Andres Rodriguez - 2Secure (@acamro), which exploits CVE-2019-2725
- PostgreSQL COPY FROM PROGRAM Command Execution by Jacob Wilkin, which exploits CVE-2019-9193
- Chrome 72.0.3626.119 FileReader UaF exploit for Windows 7 x86 by Clement Lecigne, István Kurucsai, and timwr, which exploits CVE-2019-5786
As always, you can update to the latest Metasploit Framework with
and you can get more details on the changes since the last blog post from
Earlier this year, we announced the release of Metasploit 5. You can get it by cloning the Metasploit Framework repo (master branch). To install fresh without using git, you can use the open-source-only Nightly Installers or the binary installers (which also include the commercial editions).