Home page logo

fulldisclosure logo Full Disclosure mailing list archives

Metasploit Framework v2.4
From: H D Moore <fdlist () digitaloffense net>
Date: Wed, 11 May 2005 13:07:16 -0500

The Metasploit Framework is an advanced open-source exploit
development platform. The 2.4 release includes three user interfaces,
72 exploits and 75 payloads.

The Framework will run on any modern operating system that has a working
Perl interpreter. The Windows installer includes a slimmed-down version
of the Cygwin environment.

Some highlights in this release:

 - Previously unreleased exploits (20 others added since 2.3)
    + Solaris KCMS Arbitary File Read
    + Solaris snmpXdmid AddComponent Overflow
    + Metasploit Framework Payload Handler
    + Microsoft Message Queueing Service MSO5-017
    + Minishare 1.41 Buffer Overflow

 - Addition of the new SunRPC and XDR Perl API
    + Allows for clean RPC exploit development
    + Used by two new exploit modules (KCMS and snmpXdmid)
    + Updated sadmind exploit uses the new API

 - Includes the new win32 PassiveX payload system
    + Loads an arbitary ActiveX through Internet Explorer
    + PassiveX payload loads the next stage over HTTP
    + HTTP transport emulates a standard TCP connection
    + Interact with cmd.exe, VNC, or Meterpreter over HTTP
    + Uses Internet Explorer settings for proxy access
    + Fully-functional on systems with Internet Explorer 6
    + Extensive documentation is available online:
        * http://www.uninformed.org/?v=1&a=3&t=pdf
 - Stability improvements and numerous bugs fixes
    + The msfweb interface is slightly less of a memory pig
    + Many exploits have been updated and improved
    + New external references added to the exploit modules

 - General improvements to the payload system
    + Brand new "shelldemo" binary for the impurity stager
    + Size reductions to win32_bind, win32_reverse, and others
    + Can now make standalone executables with msfpayload
    + Interact with metasploit payloads via payload_handler.pm
This release is available from the Metasploit.com web site:
  - Unix:  http://metasploit.com/tools/framework-2.4.tar.gz
  - Win32: http://metasploit.com/tools/framework-2.4.exe
A demonstration of the msfweb interface is running live from:
  - http://metasploit.com:55555/

Exploit modules designed for the 2.2 and 2.3 releases should maintain
compatibility with 2.4. If you run into any problems using older
modules with this release, please let us know.

The Opcode Database now includes Service Pack 1 for Windows 2003
Server, increasing the record count to over 10 million. We would like to
thank Catalin Patulea <cat[at]vv.carleton.ca> for helping us optimize and
improve the database -- queries are now drastically faster.

The Framework development team consists of four active members and a
handful of part-time contributors. Check out the 'Credits' exploit
module for a complete list of contributors.

You can subscribe to the Metasploit Framework mailing list by sending a
blank email to framework-subscribe[at]metasploit.com. This is the
preferred way to submit bugs, suggest new features, and discuss the
Framework with other users.

If you would like to contact us directly, please email us at:

For more information about the Framework and this release in general,
please refer to the online documentation, particularly the User Guide:
  - http://metasploit.com/projects/Framework/documentation.html


- The Metasploit Framework Development Team
     ( hdm, spoonm, skape, and vlad902 )
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

  By Date           By Thread  

Current thread:
  • Metasploit Framework v2.4 H D Moore (May 11)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]