Quick Cookie Notification

This site uses cookies, including for analytics, personalization, and advertising purposes. For more information or to change your cookie settings, click here.

If you continue to browse this site without changing your cookie settings, you agree to this use.


View Cookie Policy for full details

Sonny Gonzalez  

Sonny is a Senior Software Engineer. His job responsibilities include maintaining the Metasploit Commercial product and working on new Insight Platform services. He’s been with Rapid7 since 2014.

AUTHOR STATS:

7

Metasploit Wrap-Up

At our (final!) DerbyCon Town Hall today, the Metasploit team announced the release of an initial exploit module PR for CVE-2019-0708, aka BlueKeep.…

Metasploit Wrap-Up

TLS support and expanded options for the BlueKeep scanner module, two new modules for Cisco Prime Infrastructure, and more.…

Metasploit Wrap-Up

elFinder remote command injection elFinder is a client-side open-source file manager tool written for web applications. In a browser it has the look and feel of a native file manager application. It ships with a PHP connector, which integrates the client side with the back…

Metasploit Wrapup

Safari Proxy Object Type Confusion Metasploit committer timwr recently added a macOS Safari RCE exploit module based on a solution that saelo developed and used successfully at Pwn2Own 2018. saelo's exploit is a three-bug chain: a Safari RCE (CVE-2018-4233), a sandbox escape (CVE-2018-4404), and a…

Metasploit Wrapup

Your weekly run-down of the modules and improvements that landed in Metasploit Framework.…

Metasploit Wrapup

New Privilege Escalation Exploit The glibc 'realpath()' module was added by bcoles. It attempts to gain root privileges on Debian-based Linux systems by exploiting a vulnerability in GNU C Library (glibc) version <= 2.26. This exploit uses halfdog's RationalLove exploit to expose a…

Metasploit Wrapup

Teenage ROBOT Returns Imagine the joy robot parents must feel when their infant leaves home and returns as a teenager. ROBOT (Return of Bleichenbacher Oracle Threat) is a 19-year-old vulnerability that allows RSA decryption and signing with the private key of a TLS server. It…