Metasploit Framework 2.0 Released!

Full Version: Metasploit Framework 2.0 Released!

GovernmentSecurity.org > The Archives > Exploit Articles

pita

Apr 8 2004, 08:50 AM

From Bugtraq:

CODE

The Metasploit Framework is an advanced open-source platform for
developing, testing, and using exploit code. After nearly six months of
development, version 2.0 is being released to the public.

This release includes 18 exploits and 27 payloads; many of these exploits
are either the only ones publicly available or just much more reliable
than anything else out there.

The Framework will run on any modern system that has a working Perl
interpreter, the Windows installer includes a slimmed-down version of the
Cygwin environment.

Some highlights in this release:
- Three UI's: CLI, Console, Web
- Solid multi-stage payload implementation
- Infinitely chainable proxies (http, socks4)
- Integrated support for InlineEgg payloads
- Integrated support for Impurity executables
- Includes the msfpescan opcode scanner
- Includes standalone payload generator
- Includes standalone payload encoder

This release is available from the Metasploit.com web site, direct links
are provided below.

Unix-like operating systems:
- http://metasploit.com/tools/framework-2.0.tar.gz

Windows-based operating systems:
- http://metasploit.com/tools/framework-2.0.exe

You can subscribe to the Metasploit Framework mailing list by sending a
blank email to framework-subscribe [at] metasploit.com. This is the
preferred way to submit bugs, suggest new features, and discuss the
Framework with other users.

The Framework was written by spoonm and H D Moore, if you would like to
contact us directly, please email us at msfdev [at] metasploit.com.

We would like to thank everyone who participated in the beta test,
especially those who provided significant feedback (Marco, Arrigo, Matt,
etc).

This release includes the following exploit modules:
- apache_chunked_win32
- blackice_pam_icq
- exchange2000_xexch50
- frontpage_fp30reg_chunked
- ia_webmail
- iis50_nsiislog_post
- iis50_printer_overflow
- iis50_webdav_ntdll
- imail_ldap
- msrpc_dcom_ms03_026
- mssql2000_resolution
- poptop_negative_read
- realserver_describe_linux
- samba_trans2open
- sambar6_search_results
- servu_mdtm_overflow
- solaris_sadmind_exec
- warftpd_165_pass

This release includes the following payload modules:
- bsdx86bind
- bsdx86bind_ie
- bsdx86findsock
- bsdx86reverse
- bsdx86reverse_ie
- cmd_generic
- cmd_sol_bind
- cmd_unix_reverse
- linx86bind
- linx86bind_ie
- linx86findsock
- linx86reverse
- linx86reverse_ie
- linx86reverse_imp
- linx86reverse_xor
- solx86bind
- solx86findsock
- solx86reverse
- winadduser
- winbind
- winbind_stg
- winbind_stg_upexec
- winexec
- winreverse
- winreverse_stg
- winreverse_stg_ie
- winreverse_stg_upexec

andydis

Apr 8 2004, 10:07 AM

already downloaded it at 4.a.m and got it working , reallly good stuff!!!

also check here
http://www.governmentsecurity.org/forum/in...st=0#entry60730

BuzzDee

Apr 8 2004, 11:10 AM

hehe i was also sitting with big eyes in front of it until 5 am

this program really roxx

predx

Apr 8 2004, 04:57 PM

hey thanks for info!! im suprised i thought there would ever be comerical apps that did this.

x1`

Apr 8 2004, 05:08 PM

thanks neverheard of this project before

seppel18

Apr 8 2004, 06:27 PM

I tested the Metasploit Framework Console and WebInterface with "Windows2000 Server SP3 German" on VMWare.

With the Webdav and RPC Exploit.

Works Wonderful with Reverse-Shell (Winreverse-Payload), but didn't work with the Winbind-Payload.

But its nevertheless Top-Stuff

Eyeless

Apr 8 2004, 06:32 PM

Been waiting for this simplifys the process.. Awesome release!

This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.