Jul 05, 20234.22.1-2023070501


  • PR 17796 - This adds reporting to the database for the AWS EC2 enumeration module.

  • PR 17901 - This adds additional Payload module metadata to Metasploit's JSON module cache to improve msfconsole's bootup time.

  • PR 17959 - The login scanner modules have been updated to catch any exceptions that may be raised when testing a credential. Additionally the SNMP scanner and PostgreSQL scanners have been updated to catch additional errors that may be thrown when testing credentials.

  • PR 18114 - This updates the post/windows/manage/execute_dotnet_assembly module to allow it to run the .NET assembly within the current process. The module can now also read the output from all injection techniques.

  • PR 18133 - This improves the execute_dotnet_assembly module's ability to correctly identify the signature of the main method. Users no longer need to know and specify it themselves.


  • PR 18065 - This updates the jenkins_gather module to work with newer version of Jenkins.

  • PR 18121 - This adds a proper ASN.1 parser using RASN1 for the x509 SubjectAltName field.

  • PR 18139 - A intermittent segfault issue when running the getuid command within a Windows Python Meterpreter has been fixed.

  • PR 18146 - This fixes an intermittent issue with Windows Meterpreter which caused 'Access Denied' errors when Meterpreter attempted to get or set the clipboard data when either the user or another application was also manipulating the clipboard.


  • PR 18134 - This PR adds a module which exploits CVE-2023-25194, an unauthenticated deserialization vulnerability which leads to RCE in Apache Druid.

Offline Update

Metasploit Framework and Pro Installers