Don't leave the sandbox

Chrome has gotten some attention this week with 2 modules coming in from timwr. The two modules target different CVEs but they both support multiple versions and any of your standard platforms (macOS, Linux or Windows). Unfortunately there is no sandbox escape...yet.

Productivity!

We have a lot of fantastic productivity enhancements this week from adfoster-r7 which we love to see:

  • First up, you no longer need to worry about fat fingering those commands and waiting for what I'm sure felt like an eternity, as we’ve cut the wait time in half!
  • Next up, for any aspiring module developers, you can now run rubocop -a on all your new modules and it will automagically fix all (most) of your formatting woes!
  • And last but certainly not least there’s a nice new addition when you start up the console, a random handy dandy tip! There were some features we realised not everyone was aware of that we found super helpful when using Framework so now we have a way to share that with everyone (Hint try the new tip command as well).

Share your attacker knowledge!

Do you have opinions on vulns? Want to learn others' opinions about vulns? Our new AttackerKB (Attacker Knowledge Base) web app has got you covered! We're currently in Beta with AttackerKB, where you can read about vulns, opinions and analysis around them, and provide your own analysis and thoughts, too! You can get the deets on AttackerKB (and request Beta access) here!

New modules (4)

Enhancements and features

PR #13029 from wvu adds filtering to the msfvenom list option to filter by platform and arch.

PR #13052 from wvu adds hex-noslashes as a valid mode for URI encoding. This takes advantage of existing functionality and exposes it to Framework users via the datastore options within the UI.

PR #13041 from adfoster-r7: The Metasploit console now responds twice as fast when an invalid or unknown command is entered (2 seconds to 1 second).

PR #13037 from adfoster-r7: The Metasploit console now shows useful productivity tips to the user when the console is opened

PR #12990 from adfoster-r7 adds new rubocop format rules to make it possible to to use its auto-fixer function (enabled with rubocop -a) to automatically format modules in a consistent fashion. Future iterations of these rules will be used to enable automatic code suggestions in PRs as well.

Bugs fixed

PR #12944 from ticofoo fixes a bug in the owa_login module to prevent it from failing when the AUTH_TIME option is set to false.

PR #13042 from t0-n1 fixes a bug in the exchange_ecp_viewstate (CVE-2020-0688) module to properly use the VHOST value. This allows Metasploit to exploit targets where IIS has a Host Name specified in the Bindings section of the web application's configuration.

Get it

As always, you can update to the latest Metasploit Framework with msfupdate and you can get more details on the changes since the last blog post from GitHub:

If you are a git user, you can clone the Metasploit Framework repo (master branch) for the latest.To install fresh without using git, you can use the open-source-only Nightly Installers or the binary installers (which also include the commercial edition).