Improved
Pro: We have adjusted the Social Engineering Campaign Details report generation page to only display finished campaigns.
Pro: We have updated Ruby to 3.0.2.
PR 15887 - The path expansion code has been improved and now supports path-based tab completion. Users should now tab-complete things such as
cat ~/some_filenam<tab>.PR 15889 - An update has been made to library code so that terminal resize events are only sent if the Meterpreter client supports it. Additionally, extra feedback is now provided to users on whether or not terminal resizing is handled automatically or if they should adjust it manually.
PR 15898 - Ruby 3.x removes support for
URI.encodeandURI.escape. This PR replaces uses of these functions in modules with calls toURI::DEFAULT_PARSER.escape. Ruby 3 can run these modules instead of raising errors about missing functions.PR 15899 - This improves the user experience when
shellis invoked from a Meterpreter session. Now, when thefully_interactive_shellsfeature is enabled, a message is displayed to inform the operator that a fully interactive TTY is supported. You can start the feature by invokingshell -it.PR 15914 - This improves upon the
exploit/windows/dcerpc/ms03_026_dcommodule by adding a check method, documentation, and cleaning up the code.PR 15915 - This renames the Windows 200 SP4 Languages targets to Windows 2000 SP4 Universal since it has been tested and determined to not be language pack dependent.
PR 15918 - This adds 13 new language pack-specific targets to the ms07_029_msdns_zonename exploit.
PR 15920 - This adds tab completion support to the powershell_import command.
PR 15928 - This updates Metasploit Framework's default Ruby version from 2.7 to 3. There should be no end-user impact.
Fixed
PR 15864 - A bug has been fixed whereby the
sessions -ucommand would not return a x64 Meterpreter session on a x64 Windows host, and would instead return a x86 session. This issue has now been addressed so thatsessions -uwill determine the architecture of the target host prior to upgrading and will generate a new Meterpreter session of the appropriate architecture.PR 15897 - This fixes modules that check the return value of
write_file()calls by returning a boolean value instead ofnil.PR 15913 - This fixes handling for shellwords parsing of malformed user-supplied input, such as unmatched quotes, when interacting with command shell sessions.
PR 15917 - This fixes a tab completion bug in Meterpreter.
PR 15937 - We have removed usage of
SortedSetto improve support for Ruby 3.
Modules
PR 15822 - This adds a module for the CVE-2021-3493 overlay fs local privilege escalation for Ubuntu versions 14.04 - 20.10 .
PR 15866 - This adds an exploit for CVE-2021-38294 which is an unauthenticated remote command execution vulnerability within the
getTopologyHistory()RPC method provided by the Nimbus service which is a component of the Apache Storm project. In order to be exploitable, at least one topology must have been submitted to the Storm cluster. It may be active or inactive but one must be present.PR 15874 - This adds an exploit for CVE-2021-40539 which is an unauthenticated RCE within the ManageEngine ADSelfService application.