HD Moore made a blog post this morning about the release of Metasploit 3.3.
Here are some of the more notable feature enhancements (paraphrased from here):
- 446 exploits, 216 auxiliary modules, and hundreds of payloads.
- Windows payloads now support NX, DEP, IPv6, and the Windows 7 platform.
- More than 180 bugs were fixed since the release of version 3.2.
- Metasploit database functionality is enabled by default if a driver can be found and RubyGems is installed.
- Oracle and MS-SQL support has been integrated into the framework including working exploits and brute force dictionary password guessing has been worked into login modules.
- The payload encoding library can now embed Metasploit payloads into arbitrary executables.
- 64-bit support has been added for Windows and Linux platforms.
- Select payloads work with auxiliary modules and the database to select the right syscall numbers (making shellcode more adaptive) for each particular operating system revision.
- There is now support for JSP payloads.
- A simple fuzzer API has been integrated as a mixin including sample fuzzing modules.
- Support for the DECT COM-ON-AIR driver has been integrated into Metasploit.
- The Meterpreter can now capture network traffic from the compromised system.
The list goes on and on. I would suggest that you read the blog post if you want a more detailed description of some of the more major enhancements.
0 comments:
Post a Comment