The latest version of open source penetration testing tool Metasploit has been updated by its developers at Rapid7. Metasploit 3.7.2 adds more exploit and auxiliary modules, in addition to new features.
Metasploit 3.7.2 packs 11 new exploit modules, 15 post-exploit modules and a new auxiliary module. These additions take Metasploit’s tally up to 698 exploit modules, 358 auxiliary modules, and 54 post modules.
New post-exploitation modules for Linux and Solaris are part of this Metasploit release. Metasploit 3.7.2 comes pre-loaded with ‘hashdump’ capabilities, which allow users to obtain password hashes from platforms like Solaris, Mac OS X and Linux. Metasploit’s developers add that passwords hashed with ‘crypt_blowfish’ will be easier to exploit with this version. Windows’ cached password hashes can also be revealed using the new merged and improved ‘cachedump’ module.
Changes include updates of the ‘egghunter’ payload under Metasploit to circumvent data execution prevention (DEP). ‘Nokogiri’ streaming parsers are in use for quicker parsing of large XML files, in addition to updated registry commands for the ‘Meterpreter’ module. Other additions include modules to exploit the Cisco Anyconnect ActiveX bug and SCADA vulnerabilities. The full change-log is available on the developer page. The tool’s free framework can be downloaded from the official Metasploit website.