September 22, 2023

Metasploit is most used penetration testing framework. It helps security teams verify vulnerabilities, manage security assessments, and improve security awareness. Metasploit 6.2.0 includes 138 new modules, 148 enhancements and features, improvements, and 156 bug fixes.

Remote Exploitation

  • VMware vCenter Server Unauthenticated JNDI Injection RCE CVE-2021-44228
  • F5 BIG-IP iControl RCE via REST Authentication Bypass CVE-2022-1388
  • VMware Workspace ONE Access CVE-2022-22954
  • Zyxel Firewall ZTP Unauthenticated Command Injection CVE-2022-30525.

Local privilege escalation

  • CVE-2022-21999 SpoolFool Privesc
  • Dirty Pipe Local Privilege Escalation via CVE-2022-0847

Other updates

  1. Metasploit has facilitated capturing credentials for years with protocol-specific modules all under the auxiliary/server/ capture namespace. The capture plugin currently starts 13 different services on the same listening IP address including remote interfaces via Meterpreter.
  2. Metasploit 6.2.0 contains a new standalone tool for spawning an SMB server that allows read-only access to the current working directory. This new SMB server functionality supports SMB v1/2/3, as well as encryption support for SMB v3.The windows/smb/smb_relay has been updated so users can now relay over SMB versions 2 and 3.
  3. Metasploit new features provide listening services (like HTTP, FTP, LDAP, etc) to allow them to be bound to an explicit IP address and port combination that is independent of what is typically the SRVHOST option.

Leave a Reply

%d bloggers like this: