With BackTrack 5 coming soon, MSF had been updated to 3.7.0. Needless to say, lots of enhancements.
Here i the updated release notes:
Statistics
Metasploit now ships with 685 exploit modules, 355 auxiliary modules, and 39 post modules.
35 new exploits, 17 post-exploitation modules, and 15 auxiliary modules have been added since the last release.
Highlights & New Features
Feature highlights
Support for SMB signing, enabling pass-the-hash and stolen password attacks against Windows 2008 Server environments.
The Microsoft SQL Server mixin (and all modules) now supports NTLM authentication.
Data import backend has undergone a rewrite, speeding up most import tasks by a factor of four.
OS information is now normalized to make fingerprinting more accurate and easier to deal with.
Highlights from the new modules include:
Apple iOS Backup File Extraction: Extract sensitive data from iTunes backup files (location, call history, SMS content, pictures, etc).
Exploits for two different Adobe Flash vulnerabilities exploited in the wild.
Code execution modules for MySQL and PostgreSQL when a valid login is available.
Exploit for the Accellion File Transfer Appliance Default Encryption Key flaw found by Rapid7.
Over ten new exploits for HP Network Node Manager (plus an HP OpenView exploit).
Post-exploitation module for privilege escalation through the .NET Optimizer Service.
Post-exploitation modules for stealing stored WinSCP and VNC passwords.
Download it at http://www.metasploit.com/download/
No comments:
Post a Comment