Thursday, May 10, 2012

Weekly Metasploit Update: Armitage, Psnuffle, and More!

Just storing this read later...

This week's update features a great big pile of Java source code, a makeover for a perennial favorite feature, and a handful of new exploits. Read on, or just skip all the yadda yadda and download Metasploit here.

Armitage Source

This week's biggest change in terms of LOC (lines of code) is the inclusion of the Armitage source code, in external/source/armitage. For a while now, we've been distributing Raphael Mudge's Armitage front-end for the Metasploit Framework, but the source has been over in; that makes for a disconnected experience for developers who might want to fix up Armitage bugs or experiment with new functionality. Now that we've got the source in the Metasploit distribution proper, that should make life easier for everyone. You can read lots more about Armitage at Raphael's site,

Psnuffle refresh

James "egypt" Lee pulled in Alex Malateaux's update for Psnuffle this week as well, so now pnsuffle can eavesdrop on NTLMv2 connections and store those credentials away for later reuse. This update triggered a code cleanup on the rest of psnuffle in general, which brings a couple of heaping handfuls of small bugfixes. For some background on what all psnuffle can do in terms of credential eavesdropping, check the video demo from Max Moser.

New Modules

Only four new modules this week, but the PHP module by HD Moore and egypt is kind of a big deal. If you run a PHP-powered site, you might want to check this right away.

php_cgi_arg_injection by HD Moore and egypt exploits CVE-2012-1823 in PHP.
mozilla_nssvgvalue by Lincoln and corelanc0d3r exploits CVE-2011-3658 in Mozilla Firefox.
solarwinds_storage_manager_sql by sinn3r, exploits OSVDB-81634 in SolarWinds Storage Manager.
vlc_mms_bof  by sinn3r and juan, exploits CVE-2012-1775 in VLC prior to 2.0.0.