New
- Pro: We have exposed additional metadata on the module configuration page to enable users to better understand context and impacts of running each module.
Improved
PR 16737 - This removes the code duplication in the MSSQL client mixins and refactor the code into a single main mixin.
PR 16754 - Adds additional offsets for various Windows 2000 Professional targets in the ms02_065_msadc module. Also adds documentation and notes.
PR 16761 - Adds additional offsets for various Windows 2000 targets, replaces raw socket TCP with HttpClient, fixes default payload, adds docs and notes.
PR 16774 - The
set
command has been updated so that if an invalid datastore option is provided, a suggestion will be made for a valid datastore option, where possible. Additionally, the behavior has been changed so that one can no longer set a datastore value that is not valid within the given content.PR 16776 - Adds a ftp-http command stager for FTP clients which support http(s) URLs via
set cmdstager::flavor ftp_http
.PR 16778 - The checkvm script at
./scripts/meterpreter/checkvm.rb
has been removed aspost/windows/gather/checkvm.rb
now replaces it. Additionally, thepost/windows/gather/checkvm.rb
script has been updated to include missing features from./scripts/meterpreter/checkvm.rb
to ensure backwards compatibility.PR 16789 - This adds OpenSSL version information to the report generated by the
debug
command.PR 16792 - This improves support for various OpenSSL 3 related errors during console start.
PR 16798 - The deprecated
scripts/meterpreter/pml_driver_config.rb
script has been removed from Metasploit since Metasploit scripts have been deprecated for over 5 years now. Please useexploit/windows/local/service_permissions
instead which contains a more modern implementation of the same principal this exploit utilized.PR 16801 - The deprecated
scripts/meterpreter/schelevator.rb
script has been removed in favor ofexploit/windows/local/ms10_092_schelevator
. Scripts were deprecated over 5 years ago and should no longer be used.PR 16823 - The deprecated
scripts/meterpreter/prefetchtool.rb
script has been removed and replaced with thepost/windows/gather/enum_prefetch.rb
post module.PR 16830 - Removed the deprecated
scripts/meterpreter/getvncpw.rb
script in favor of thepost/windows/gather/credentials/vnc
post module which is more modern and has more features.PR 16831 - Removed the deprecated
scripts/meterpreter/get_env.rb
script in favor of thepost/multi/gather/env
post module.
Fixed
Pro: We fixed an issue in update packaging that resulted in reports failing to generate.
PR 16094 - A bug has been fixed in the
pg_ctl.rb
helper whereby it was possible that initializing and starting databases usingmsfdb init
might fail due to thepg_ctl.rb
helper not properly settingunix_socket_directories
to a path that a non-root user can write to. This code has now been updated so that it will set theunix_socket_directories
setting to a path that the current user can write to or will error out if it cannot find a writeable directory to use for the socket file.PR 16668 - A bug has been fixed in the HTTP crawler module and its associated library whereby the code expected an object to be populated when it may not be. This has been fixed with additional validation.
PR 16743 - Fixes a crash when using the
scanner/mssql/mssql_login
with thetdsencryption
andUSE_WINDOWS_AUTHENT
options set totrue
.PR 16753 - This PR fixes several bugs present in the
ms03_007_ntdll_webdav
module, including shifting from Meterpreter to shell payloads, better checking, and added targets as well as adding documentation.PR 16810 - The
host
command has been updated to fix a bug whereby the-t
flag was not properly accepting the<tag>
parameter that it was supposed to accept and process. Additionally, the documentation for this option has been updated to be clearer.PR 16817 - Several modules and libraries were previously calling
Msf::Config.get_config_root
which did not properly account for changes to the configuration path that the user might make. These calls have now been replaced with calls toMsf::Config.config_directory
which will appropriately take the user's configuration settings into account.PR 16819 - A bug has been fixed whereby running the
hosts
command with the-c
flag to filter by columns would result in a stack trace. The command now correctly returns the output with only the columns specified to the-c
flag.PR 16824 - A bug has been fixed in the
is_admin?
andis_system?
post exploitation methods, which previously incorrectly reported the user as always being an administrator and a system user respectively when run on shell sessions.PR 16835 - A regression has been fixed that prevented the
set
andsetg
commands from properly recognizing and therefore setting some valid options. This affected both modules and global settings.
Modules
- PR 16598 - This adds a generic module to perform LDAP queries. Users can execute custom queries either through configuration files on disk, or through a combination of datastore options. The module also includes multiple built-in queries for common operations.