Metasploit 3.3 is official
by Steve Ragan - Nov 17 2009, 17:15After 12 months in development, Metasploit version 3.3 is available to the masses. The new version packs in a ton of features, fixes, exploits, and payloads, thanks to contributions from the community.
“The Metasploit community has worked hard over the last 12 months to build a penetration testing platform with unique features and unmatched flexibility,” said HD Moore in a statement. “I’m confident that Metasploit users will immediately benefit from the new capabilities of the framework and I look forward to raising the bar even further in the coming months.”
We spoke to Moore, who created the Metasploit Project over six years ago, and he gave us a run down of all the goodies you can expect with this new release.
To start, there are new Linux and Windows installers, including 32-bit and 64-bit versions of Windows, Linux. Support for Mac OS X is improved as well as the console now uses a Ruby implementation of the Readline library by default.
It is twice as fast when running on most systems, up to five times faster for others. The speed is possible thanks to performance patches by Yoann Guillot and a string processing overhaul by James Lee.
In truth, as mentioned, this is a community update. All of the features for the most part in this release are due to the hackers and code warriors who spent countless weekends and traded several hours (maybe days) worth of good sleep to make it happen.
“This release of the Metasploit Framework was driven by numerous key contributors, including James Lee, Yoann Guillot, Steve Tornio, MC, Chris Gates, Alexander Kornbrust, Ramon Carvalle, Stephen Fewer, Ryan Linn, Lurene Grenier, Mike Kershaw, Patrick Webster, Max Moser, Efrain Torres, Alexander Sotirov, Ty Bodell, Joshua Drake, JR, Carlos Perez, Kris Katterjohn and many others,” wrote HD Moore on the Metasploit blog.
So what else is new? “We now support Windows 7 as both the target and the attack platform,” commented Moore when talking about new features for Windows.
Building on that, the Windows installation includes a fully functional console interface that uses Cygwin and RXVT. Not to mention, Metasploit is now available on Windows 2000 up to Windows 7, and can be installed silently.
There is additional support for advanced payloads, including support for JSP payloads, IPv6, NX and DEP. In addition, Metasploit now supports advanced payload masking to aid penetration testers using social engineering techniques.
“One of the interesting things we’ve added in the last two or three weeks, was the way we generate executables as part of our exploit generation,” Moore added, detailing how the executable template in the previous version was being flagged as a Virus by various security vendors. “We ended up going through and rewriting the entire backend frame work.”
The way it works now is that any arbitrary executable can be used to inject Metasploit payloads directly into it. For example, an external pentesting gig where you go download the VPN software the client uses, inject a Metasploit payload into it, and mail it back to the targets on site at the client’s location. “In all regards it’s actually the exact same file, as whatever your benign executable is, except for the newly injected code,” Moore said
The SQL Server driver also got a huge jump in power in version 3.3 as well. “As a SQL Server attack platform Metasploit just went a lot further,” Moore said.
Re-written from scratch, the new driver developments for SQL includes the addition of pre-authentication, post-authentication and SQL injection modules targeting Oracle, Sybase 7, Microsoft SQL Server 2008, and more.
There are entirely too many things to mention for the 3.3 update. There are 446 exploits, 216 auxiliary modules, hundreds of payloads, and almost 200 bug fixes. Aside from the download link (here), there is a blog post here and the release notes are here for more information.
Happy hacking.
Comment on this Story