Metasploit 3.0 ships with 177 exploits, 104 payloads
Summary: HD Moore's open-source Metasploit Framework has been rewritten from scratch and released with 177 exploits, 104 payloads and new modules to exploit Wi-Fi driver vulnerabilities in the Windows kernel. Version 3.
Version 3.0 of the point-and-click hacking tool, which is used for pen testing and to verify patch installations, is now available as a free download.
| Photo Gallery: This image gallery provides a glimpse at Metasploit 3.0 in action of the wireless hacking device. | ||
In addition to hundreds of exploits and payloads, Moore said Metasploit 3.0 also ships with 30 auxiliary modules to perform tasks like host discovery, protocol fuzzing, and denial-of-service testing.
Metasploit 3.0 also has a new license -- the Metasploit Framework License -- that stays true to the project's open-source roots but prevents commercial abuse and code theft.
Some key highlights in the latest release:
- Metasploit 3 is a from-scratch rewrite of Metasploit 2 using the Ruby scripting language. The development process took nearly two years to complete and resulted in over 100,000 lines of Ruby code.
- The Meterpreter shell provides an "irb" command thats allows interactive scripting of a compromised system. One of the features of the Metasploit client API is the the ability to read and write the memory of any accessible process on the exploited system, all from inside a Ruby shell. When combined with a Meterpreter script (started with the "run" command from inside Meterpreter), this
feature can be used to backdoor running applications or steal in-memory credentials. - The Metasploit console interface has a new "route" command that allows all network connections to a given subnet to be routed through an existing session. This can be used in conjunction with the Meterpreter payload to relay attacks through exploited systems.
- A plugin system allows developers to add their own commands to the console interface, hook framework events, and extend the framework at runtime without having to modify the base code. Examples plugins have been included in the "plugins" subdirectory of the framework. Example plugins include an "auto-tagger", a socket filter, a telnet service, and a number of database and debugging plugins.
- The web interface (msfweb) is a Ruby on Rails application that uses the Prototype JavaScript Framework to provide in-browser windowing support. Asynchronous JavaScript is used to provide as-you-type search results for any module type and provide tab completion for the web console interface.
- Subversion is now used for online updates and version control. This allows users to easily switch between the development and stable version of the framework and obtain online updates using any transport supported by Subversion.
- This release includes three exploit modules that exploit WiFi driver vulnerabilities in the Windows kernel. Combined with the kernel user-land payload stager, this allows any Metasploit payload to be used with ring-0 exploits on the Windows platform. A handful of auxiliary modules are included that trigger denial of service conditions in WiFi drivers across a variety of platforms.
Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.
Talkback
And this helps us how ??
This helps get IT and business management get their head out of the sand
Before worms came along, many businesses felt that the time to patch their operating system was when they replaced their operating system every couple of years. Corporate types also believed that six months was an acceptable patch cycle and many still use a 6 to 12 month cycle for patching their critical Oracle and ERP systems which is shocking considering the hundreds of Oracle exploits. Full disclosure has forced IT departments and management on to a timely patch cycle and more importantly it has forced software vendors to patch their software and answer to their clients why their software is so buggy.
But it also escalates
It's also rather twisted logic to portray a huge increase in criminal attacks as a good thing. Sure it may help businesses improve their security, but surely less attacks would be a good thing too.
This comes under the same heading as publishing how to make nuclear weapons in 3 easy lessons. I'm all for free speech but this is ridiculous.
You have a better idea?
If there's little/no chance for attack, why won't they ignore it? If it's hidden, only available to black hats, how does IT test?
Full disclosure is the only way, and disclosure laws sealed the deal
Disclosure laws on security breaches help to seal the deal on good security because now the company's reputation and very survival depends on them protecting consumer privacy.
The combination of these two things help IT convince management to take security seriously. I wish there was a better way to do this but this is human nature. People tend to ignore things until the profile is raised.
Not disagreeing
But then this is America. It seems more important for people to have guns, than drop the deaths and wounding from guns to the low rate seen in countries where they don't allow them.
To follow your argument to its conclusion George, it seems in would be best to have easy germ warfare labs available for criminals to make people beef up their medical security.
;-)
You're not following his argument to it's conclusion
Moving from full-disclosure, to guns, to germ warfare?
yeah, but its a valid analogy
"The logic?"
Again you and the person I originally replied to are engaging in a logical fallacy.
Linking full disclosure of vulnerabilities, gun ownership and germ warfare are all very different issues with different possible repercussions. One does not have to lead to another.
The logic is that you patch yourself and don't worry about these exploits
Yeah, that was kinda my point...
It solves a business problem
Without these "scripts" I would not have been able to show vulnerabilities. Time is money you know, and when you're trying to make a point about security because you want to get some funding for it, it typically means that you have no funding to hire outside expert advice to start with.
Catch-22. The scripts help in showing vulnerability, it helps assign some funds to fixing these problems, because they've then been taken from theoretical technical problems to concrete business problems with associated risks and costs.
NOW you have funding.
All these analogies about guns and crack don't enter into it.
(But for the record: yes, free crack would eliminate drug related crime, and no, free guns would not eliminate gun related crime. The reason is that a crack related crime is a crime based on getting crack or its value, and a gun related crime is a crime perpatrated with a gun. These are distinctly different issues.)
How many are there?
note, which versions are affected? What's the risk involved with each version?
* http://content.zdnet.com/2346-12691_22-59905-4.html
WAR GAMES?
the see-saw battle continues....
RE: Metasploit 3.0 ships with 177 exploits, 104 payloads