Metasploit 6: penetration testing platform

The Metasploit Project is a computer security framework that provides information on vulnerabilities in penetration testing and IDS signature development.

It is a platform that is purely about penetration testing and allows you to find, exploit and validate vulnerabilities.

The platform includes the Metasploit Framework and its paid version, which is Metasploit Pro.

What's new in Metasploit 6

Initial features of Metasploit 6.0 include encryption of Meterpreter communications in Windows, Python, Java, Mettle and PHP, SMBv3 support client for further exploitation and a new multifaceted production payloads for Windows shellcode that enhances capabilities against common antivirus and intrusion detection (IDS) products.

This initial set of features marks a transition to secure communications and pre-encryption in basics του Metasploit Framework. Οι αρχικές δυνατότητες του Metasploit 6 αυξάνουν επίσης την πολυπλοκότητα για τη δημιουργία ανιχνεύσεων με βάση την υπογραφή για ορισμένες λειτουργίες δικτύου και τα κύρια δυαδικά payload του Metasploit. Οι χρήστες και οι προγραμματιστές του Metasploit μπορούν να αναμένουν περαιτέρω προσθήκες και βελτίωση των λειτουργιών της έκδοσης 6 τους επόμενους μήνες.

Important Note: The  Metasploit 6 incorporates incompatible changes to their communication payloads, which means that the payloads created with previous versions of Metasploit will not be able to connect to Metasploit 6 and vice versa. Due to this incompatibility, the  users should not update Metasploit 6 during active operations,  unless they are willing to miss periods those that had already been opened.

 

Starting with Metasploit 6, all Meterpreters will use AES for  encryption at  their communications to Framework. Encryption offers operators two notable advantages: First, encryption obfuscates traffic, making signature-based detection of established communication channels much more difficult. Second, sensitive information (such as passwords ) that are transferred from the compromised host to the Framework, are now protected when sent.

Metasploit 6 also improves the program-client SMB of Framework  to support version 3 SMB. SMBv3 has added encryption support, which Metasploit will now use by default when available, which, like Meterpreter encryption, will increase the complexity of signature-based crawls used to detect key operations performed via SMB. They have updated a number of popular Metasploit units to use the new program-client SMB so that they can be used in environments where SMBv3 is the only version available. some older sections may be updated later (or not at all). Some notable modules that now support SMB versions 1, 2 and 3 include:

  • exploit / windows / smb / psexec
  • exploit / windows / smb / webexec
  • s / admin / smb / psexec_ntdsgrab
  • auxiliary / scanner / smb / smb_version
  • auxiliary / scanner / smb / smb_login

The Meterpreter, the main payload of Metasploit, includes some additional improvements over encrypted communication channels. The DLLs used by Windows Meterpreter now solve the necessary functions more easily. This means that the standard export set  ReflectiveLoader used by reflectively loadable DLLs  no longer exists in binaries payloads as text data. Additionally, commands that Meterpreter exposes to the Framework are now encoded as integers rather than strings. This especially benefits rigid Counters on native architectures (such as Windows and Linux), as these strings are no longer in binary .

The old extension meterpreter  has been removed and was replaced by Kiwi. Efforts to  load mimikatz loading will be done in the future.

Finally, the vast majority of payloads of Windows (such as  windows / meterpreter / reverse_tcp) use a common executable to invoke Windows API methods. This strain is known as the API block and represents almost half the size (130 bytes for x86 and 200 bytes for x64) of some of the smaller payloads

Installation

curl https://raw.githubusercontent.com/rapid7/metasploit-omnibus/master/config/templates/metasploit-framework-wrappers/msfupdate.erb> msfinstall && \ chmod 755 msfinstall && \ ./msfinstall

iGuRu.gr The Best Technology Site in Greecefgns

every publication, directly to your inbox

Join the 2.100 registrants.

Written by Anastasis Vasileiadis

Translations are like women. When they are beautiful they are not faithful and when they are faithful they are not beautiful.

Leave a reply

Your email address is not published. Required fields are mentioned with *

Your message will not be published if:
1. Contains insulting, defamatory, racist, offensive or inappropriate comments.
2. Causes harm to minors.
3. It interferes with the privacy and individual and social rights of other users.
4. Advertises products or services or websites.
5. Contains personal information (address, phone, etc.).