Improved
Pro: We updated the backups table so users can download them only when a backup is complete to avoid partial downloads.
PR 16721 - This updates the PHP Mailer Argument Injection exploit to allow setting the names of certain fields via advanced options. These configuration options then allow the exploit to work in additional scenarios.
Fixed
PR 16722 - Fixes module metadata for stability and reliability.
PR 16729 - Fixes a crash in Metasploit's console when trying to render tables which contain unsupported characters.
Modules
- PR 16677 - This adds an auxiliary module that can be used to add, lookup, and delete computer accounts from an active directory domain. The computer account can offer a sort of foothold into the domain for lateral movements or as a common attack primitive.