Why should [REDACTED] have all the fun with spiffy codenames for their exploits? As of today, Metasploit is taking a page from [REDACTED], and equipping all Metasploit modules with equally fear-and-awe-inspiring codenames. Sure, there are catchy names for vulnerabilities โ we remember you fondly, Badblock -- but clearly, unique names for exploits is where the real action is at, especially when youโre [REDACTED][REDACTED][REDACTED][REDACTED][REDACTED].
So, instead of running boring old โexploit/windows/smb/ms08_067_netapiโ, now you can don your onyx tactleneck, and use CRISPYTRUFFLE like the international man of mystery that you are.
Need to scan for telnet banners? Sure, you could use โauxiliary/scanner/telnet/telnet_versionโ, like some kind of civilian, or you can be a shadowy puppetmaster and unleash the awesome power of HIDDENBOYFRIEND.
Or, maybe youโre looking to deploy one of Metasploitโs payloads as a standalone executable, given to your operative in the field. Once youโve lost your tail and met your contact in a darkened, rain-slicked alley, you can hand off a USB key loaded up with VENGEFULPONY, and trust heโll do what it takes to get back across the border.
In order to enable these ultra-top-secret codenames, youโll need to run a fresh checkout of the development version of the Metasploit Framework. If youโre on one of the binary versions of Metasploit, theyโll be getting these codenames as well, so you can check if theyโre available by setting the environment variable DANGERZONE, like so:
$ DANGERZONE=1 ./msfconsole -q
msf > use CRISPYTRUFFLE
msf exploit(ms08_067_netapi) >
So take a moment today, April 1st, to read yourself into [REDACTED] by visiting http://www.5z8.info/eid-howto_j0b9mh_openme.exe. Make sure youโre behind at least seven proxies when you do so, since [REDACTED] is probably watching.