This week’s release adds new payload tests to our automated test suite. This is intended to help the team and community members identify issues and behavior discrepancies before changes are made. Payloads run on a variety of different platforms including Windows, Linux, and OS X each of which has multiple Meterpreter implementations available that are now tested to help ensure consistency. This should improve payload stability and make testing easier for community members that are contributing new features to the payloads.
Authors: Nairuz Abulhul, gambler, h00die, and h4ckNinja
Type: Exploit
Pull request: #18226 contributed by h00die
Path: exploits/linux/http/h2_webinterface_rce
Description: This PR adds an exploit against the H2 database’s web console. An authenticated user can issue requests to invoke built-in functionality to execute arbitrary code. There is no CVE for this issue.
Authors: Chris Wild and Ege BALCI
Type: Exploit
Pull request: #18280 contributed by EgeBalci
Path: exploits/unix/http/maltrail_rce
Description: This PR adds a module for an unauthenticated RCE vulnerability in Maltrail, a malicious traffic detection system. The module author indicated that this vulnerability does not have a CVE associated with it as the vendor (product team in this case) declined to assign one.
Authors: Ege BALCI and Ismael0x00
Type: Exploit
Pull request: #18263 contributed by EgeBalci
Path: exploits/unix/http/raspap_rce
AttackerKB reference: CVE-2022-39986
Description: This PR adds an unauthenticated command injection module for the RaspAP webgui application.
Authors: bwatters-r7 and p4r4bellum
Type: Exploit
Pull request: #18253 contributed by bwatters-r7
Path: exploits/windows/fileformat/greenshot_deserialize_cve_2023_34634
AttackerKB reference: CVE-2023-34634
Description: This PR adds a file-format exploit affecting Greenshot versions 1.3.274 and earlier, including the last stable release, 1.2.10.6.
auxiliary/scanner/mysql/mysql_login
module against newer versions of MySQL.exploit/freebsd/http/citrix_formssso_target_rce
docs.You can find the latest Metasploit documentation on our docsite at docs.metasploit.com.
As always, you can update to the latest Metasploit Framework with msfupdate
and you can get more details on the changes since the last blog post from
GitHub:
If you are a git
user, you can clone the Metasploit Framework repo (master branch) for the latest.
To install fresh without using git, you can use the open-source-only Nightly Installers or the
binary installers (which also include the commercial edition).