Have an idea on how to expand on Metasploit Documentation on <https://docs.metasploit.com/>? Did you see a typo or some other error on the docs site? Thanks to adfoster-r7, submitting an update to the documentation is as easy as clicking the ‘Edit this page on GitHub’ link on the page you want to change. The new link will take you directly to the source in Metasploit’s GitHub so you can quickly locate the Markdown and submit a PR.
Author: Krzysztof Burghardt
Type: Auxiliary
Pull request: #17348 contributed by burghardt
AttackerKB reference: CVE-2022-46770
Description: This PR adds a module that performs a DoS attack on Mirage Firewall versions 0.8.0-0.8.3.
Authors: Joshua Martinelle and h00die
Type: Auxiliary
Pull request: #17479 contributed by h00die
AttackerKB reference: CVE-2023-23488
Description: This adds an exploit module that leverages an unauthenticated SQLi against Wordpress plugin Paid Membership Pro. This vulnerability is identified as CVE-2023-23488 and affects versions prior to 2.9.8. This module retrieves Wordpress usernames and password hashes using Time-Based Blind SQL Injection technique.
Authors: Jakub Kramarz and h00die-gr3y
Type: Exploit
Pull request: #17449 contributed by h00die-gr3y
AttackerKB reference: CVE-2021-44529
Description: A new module has been added for CVE-2021-44529, an unauthenticated code injection vulnerability in the Ivanti EPM Cloud Services Appliance (CSA) before version 4.6.0-512. Successful exploitation requires sending a crafted cookie to the client endpoint at /client/index.php
to get command execution as the nobody
user.
windows/local/unquoted_service_path
module.netntlm
and netntlmv2
hashes support to auxiliary/analyze/crack_windows
module.auxiliary/scanner/smb/smb_version
module to store additional service information in the database so it can be viewed later.exploit
which will perform the same action as to_handler
, to help users familiar with exploit modules to use the same familiar exploit
method to open handlers when using payloads.nil
.lib/msf/core/exploit/remote/ldap.rb
library that handles LDAP communications for several modules to ensure that failures use the right namespace when throwing errors to prevent crashes.You can find the latest Metasploit documentation on our docsite at docs.metasploit.com.
As always, you can update to the latest Metasploit Framework with msfupdate
and you can get more details on the changes since the last blog post from
GitHub:
If you are a git
user, you can clone the Metasploit Framework repo (master branch) for the latest.
To install fresh without using git, you can use the open-source-only Nightly Installers or the
binary installers (which also include the commercial edition).