Metasploit Wrap-Up
A new Microsoft Windows Spooler privesc module, along with some fixes and improvements!…
Metasploit Wrap-Up
Commemorating the 2020 December Metasploit community CTF A new commemorative banner has been added to the Metasploit console to celebrate the teams that participated in the 2020 December Metasploit community CTF and achieved 100 or more points: If you missed out on participating in this…
Metasploit Wrap-Up
Eight new Metasploit modules for various targets (and outcomes!), with a good set of improvements and fixes!…
Metasploit 2020 Wrap-Up
2020 was certainly an interesting year - let’s take a look at what it meant for Metasploit.…
Metasploit Tips and Tricks for HaXmas 2020
For this year's HaXmas, we're giving the gift of Metasploit knowledge!…
Metasploit Wrap-Up
Exploits for Oracle Solaris CVE-2020-14871 and Windows 7 CVE-2020-1054, plus enhancements and bug fixes for Railgun and msfdb init. Happy HaXmas!…
Metasploit Wrap-Up
This week's wrap-up covers five new modules (including scanner, execution, and disclosure modules), some good fixes and enhancements, and more!…
Congrats to the winners of the 2020 December Metasploit community CTF
Thank you all that participated in the 2020 December Metasploit community CTF! The four day CTF was well received by the community, with 874 teams and 1903 users registered! We’ve included the high-level stats and the competition winners below. If you played the CTF…
Metasploit Wrap-Up
It's CTF week(end)! Plus, steal files from Apache Tomcat servers thanks to a new Ghostcat exploit, and dump process memory with a new post module that leverages Avast AV's built-in AvDump utility.…
Metasploit Wrap-Up
Five new modules, and a reminder for the upcoming CTF…
Metasploit Wrap-Up
Two new RCE-capable modules and some good fixes and enhancements!…
Announcing the 2020 December Metasploit community CTF
It’s time for another Metasploit community CTF! This time around we’re doing a few things differently. Read on for details.…
Metasploit Wrap-Up
Four new modules, including an exploit for SaltStack Salt and an exploit for a now-patched vuln in Metasploit, plus new enhancements and fixes.…
Metasploit Wrap-Up
Insert 'What Year Is It' meme h00die contributed the Mikrotik unauthenticated directory traversal file read auxiliary gather module, largely a port of the PoC by Ali Mosajjal. The vulnerability CVE-2018-14847 allows any file from the router to be read through the Winbox server in RouterOS…
Metasploit Wrap-Up
Support for gathering ProxyUsername and ProxyPassword for saved PuTTY sessions, usability improvements for PsExec modules, and another CTF coming soon.…