Christopher GranleeseRAPID7BLOG:D22343FED1B889BC19F07489C1D5E68EMetasploit Weekly Wrap-Up 01/12/24
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
7.3 High
AI Score
Confidence
Low
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.971 High
EPSS
Percentile
99.7%
New module content (1)
Windows Gather Mikrotik Winbox "Keep Password" Credentials Extractor
Author: Pasquale βsidβ Fiorillo
Type: Post
Pull request: #18604 contributed by siddolo
Path: windows/gather/credentials/winbox_settings
Description: This pull request introduces a new post module to extract the Mikrotik Winbox credentials, which are saved in the settings.cfg.viw file when the "Keep Password" option is selected in Winbox.
Enhancements and features (7)
- #18515 from errorxyz - This PR adds a Java target for the ManageEngine ServiceDesk Plus exploit CVE-2022-47966 using the payload mentioned in this blogpost and deletes the log file that records the error due to the exploit to make it more stealthy.
- #18672 from h00die - Fix spelling mistakes in Metasploitβs library folder.
- #18673 from h00die - Fix spelling mistakes in Metasploitβs scripts folder.
- #18674 from h00die - Fix spelling mistakes in Metasploitβs plugins folder.
- #18675 from h00die - Fix spelling mistakes in Metasploitβs tools folder.
- #18679 from h00die - Fix spelling mistakes in Metasploitβs auxiliary modules.
- #18691 from zeroSteiner - Metasploit console now requires an installed version of apktool greater than or equal to v2.9.2.
Bugs fixed (5)
- #18656 from dwelch-r7 - Enforces all modules to be loaded as part of reload_all when the
defer_module_loadsfeature is enabled. - #18666 from zeroSteiner - Fixes a crash when running the
savecommand to save Metasploitβs configuration. - #18667 from zeroSteiner - Re-adds the
#sysinfoinstance method for sessions. - #18669 from sjanusz-r7 - Updates the favorites command to no longer output an empty message when a chosen module does not have custom datastore values available.
- #18690 from sjanusz-r7 - Ensures that a targetβs default payload is correctly chosen when selecting a module from the search command.
Documentation
You can find the latest Metasploit documentation on our docsite at docs.metasploit.com.
Get it
As always, you can update to the latest Metasploit Framework with msfupdate
and you can get more details on the changes since the last blog post from
GitHub:
If you are a git user, you can clone the Metasploit Framework repo (master branch) for the latest.
To install fresh without using git, you can use the open-source-only Nightly Installers or the
commercial edition Metasploit Pro
Related
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
7.3 High
AI Score
Confidence
Low
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.971 High
EPSS
Percentile
99.7%