Quick Cookie Notification

This site uses cookies, including for analytics, personalization, and advertising purposes. For more information or to change your cookie settings, click here.

If you continue to browse this site without changing your cookie settings, you agree to this use.


View Cookie Policy for full details

Rapid7 Blog

Linux  

Compromising Embedded Linux Routers with Metasploit

Normally we don't get a lot of contributions regarding embedded devices. Even when they are an interesting target from the pentesting point of view, and is usual to find them out of DMZ zones on corporate networks. Maybe it's because access to these devices or…

Weekly Update: Introducing Metasploit 4.5.3

Version bump to Metasploit 4.5.3This week, we've incremented the Metasploit version number by one trivial point to 4.5.3 -- this was mainly done to ensure that new users get the fixes for the four most recent vulnerabilities that were fixed by…

Metasploit Now Supports Kali Linux, the Evolution of BackTrack

Today, our friends at Offensive Security announced Kali Linux, which is based on the philosophy of an offensive approach to security. While defensive solutions are important to protect your network, it is critical to step into the shoes of an attacker to see if they're…

Update to the Metasploit Updates and msfupdate

The Short StoryIn order to use the binary installer's msfupdate, you need to first register your Metasploit installation. In nearly all cases, this means visiting https://localhost:3790 and filling out the form. No money, no dense acceptable use policy, just register and go. Want…

Using BackTrack 5 R3 with Metasploit Community or Metasploit Pro

Update: Kali Linux now superseded BackTrack as a platform. We strongly recommend using Kali Linux over BackTrack if you are going to run Metasploit. More info here. As of version 5 R3, BackTrack comes pre-installed with Metasploit 4.4, so it's now easier to use…

Using BackTrack 5 R2 with Metasploit Community or Metasploit Pro

As of version 5 R2, BackTrack comes pre-installed with Metasploit 4.1.4, so it's now easier to use Metasploit Community Edition or Metasploit Pro on BackTrack. Here is how it's done:After BackTrack boots, enter startx to get into the UI.Install BackTrack in…

Integrating Nexpose Community and Metasploit Community in Backtrack 5 R2

I recently packaged up the new Nexpose release so that Backtrack users can have an up-to-date version of Nexpose, straight from the Backtrack repos. This seemed like a great time to also go over installing Nexpose Community and integrating it with the already-installed Metasploit Community.…

Adventures in the Windows NT Registry: A step into the world of Forensics and Information Gathering

As of a few days ago, the Metasploit Framework has full read-only access to offline registry hives. Within Rex you will now find a Rex::Registry namespace that will allow you to load and parse offline NT registry hives (includes Windows 2000 and up), implemented…

More Fun with BSD-derived Telnet Daemons

In my last post, I discussed the recent BSD telnetd vulnerability and demonstrated the scanner module added to the Metasploit Framework. Since then, two new exploit modules have been released; one for FreeBSD versions 5.3 - 8.2 and another for Red Hat Enterprise…

Installing Metasploit Community Edition on BackTrack 5 R1

Update: I just published a new blog post for using Metasploit on BackTrack 5 R2.BackTrack 5 R1 comes pre-installed with Metasploit Framework 4.0. Unfortunately, Metasploit Community, which brings a great new Web UI and other functionality, was introduced in version 4.1, so…

Offensive Security = Backtrack Linux + Metasploit Pro

This week the guys over at Offensive Security officially added Metasploit Pro to their curriculum for the class Pentration Testing with Backtrack. For those not familiar with it, BackTrack is a Linux distribution that includes a lot of tools for penetration testing. Since 2006, it…