I tried the new Metasploit Framework 2.3, it has 12 new exploits, new and improved payloads, improved performance, new msfweb interface and the best of all the Meterpreter (Meta-Interpreter) a new advanced payload, allows developers to write their own extensions in the form of shared object (DLL) files, that can be uploaded and injected into a running process on a target computer after exploitation has ocurred. So it never touch the disk!
It has 4 extensions now:
FS (cd, getcwd, ls, upload, download)
Net (Ipconfig, portfwd, route)
Process (kill, ps, execute)
Sys (sysinfo, getuid, rev2self)
It's a big step for the metasploit project, and it's really sweet ;)
Edge-security blog about Penetration testing, OSINT, security tools, and other interesting stuff.
Subscribe to:
Posts (Atom)
Wfuzz 2.2.0 released
I'm pleased to announce a new version of WFuzz! Wfuzz has been created to facilitate the task in web applications assessments and it...
-
In the last few weeks everyone has been talking about Shellshock, the vulnerability affecting bash and having security ramifications everyw...
-
I'm pleased to announce a new version of WFuzz! Wfuzz is a tool designed for bruteforcing Web Applications, it can be used for findi...
-
In one of the latest penetration tests we faced a SSH server that was based in Maverick SSHTOOLS. The funny thing is that this server was ...