The developers of the exploit framework Metasploit have given the new version 6.2 numerous new modules. There are also many bug fixes.
The developers of the Metasploit framework point out impressive figures for the new version 6.2 of the exploit kit: 138 new modules, 148 extensions and new functions as well as 156 bug fixes have found their way, according to them. Almost a year of development has passed since the release of the previous version.
New attack modules in Metasploit
The programmers present the top modules that administrators or pentesters use to test the most important Recent vulnerabilities can attack. This includes vulnerabilities that allow smuggled code to be executed. Metasploit comes with a module for the Log4Shell vulnerability, for example, which works on Linux and Windows targets and grants root or SYSTEM access rights. Another module promotes the simulated attacker to root on F5 BIG-IP systems with the CVE-2022-1388 vulnerability.
As an example of privilege escalation, a module for the DirtyPipe vulnerability in Linux is included, the gives the user root privileges. Another module provides administrator rights in Windows 10 and server builds before 18362.
A new capture plugin is also on board. This allows security researchers to simulate 13 services such as FTP, SMB, IMAP and others – 17 with the SSL counterparts – that listen in the network for connection attempts and tap access data. A new SMBv3 module is used, for example, to provide only a single directory via the SMB protocol in read-only mode in order to provide a payload.
Another improvement concerns NAT support. The simulated attack services can now use an IP address that they are not actually bound to. They report the external IP address behind the Internet router instead of the masked IP address in the local network – for example 126.96.36.199 instead of 192.168.178.10.
In the Announcement by the Metasploit makers, they list other changes in the new version. Among other things, details on other new modules and other improvements for using the exploit kit.
Users can access the updates either using the msfupdate command in an existing installation – the current Nightly Installer is always available for new installations -, or git users can clone the Metasploit repository. Metasploit can be used in the current Linux distribution for pentesters, Kali-Linux, without having to install it yourself.