New Metasploit 3.5.1 Release Includes Cisco Exploits

Saturday, December 18, 2010



The recent Metasploit 3.5.1 release offers users a wider range of tools, with 47 new modules and 8 new scripts, and now includes options to perform exploits on Cisco products.

The latest version of Metasploit has a total of 635 exploits, 314 auxiliary modules, and 215 payloads available.

Metasploit is a leading open source tool set employed by security professionals, penetration testers, security researchers, and IDS signature developers.

According to the release notes provided by project managers Rapid7, the Metesploit 3.5.1 release includes:

Automated Cisco IOS exploitation

  • Exploit Cisco IOS vulnerabilities to bypass authentication
  • Gain access to devices via Telnet, SSH, HTTP, and SNMP
  • Capture configuration data and decode credentials
  • Replay credentials to gain deeper access to the network
  • Leverage an updated list of real-world common Cisco passwords

Passive discovery through PCAP

  • Import Pcap data directly into the product interface
  • Gather data about the target network range
  • Populate hosts, services, and other information
  • Extract clear-text passwords from the traffic

Expanded brute force protocols

  • Brute force UNIX "r" services (Shell, Exec, Login)
  • Brute force VNC Desktop passwords
  • Brute force SNMP communities
  • Allow domain names to be specified

Configurable IDS evasion settings

  • Choose a level of transport-level evasion
  • Choose a level of application-level evasion

Network discovery enhancements

  • Major speed improvements to the port scanner
  • Addition of SNMP to the discovery scan
  • Custom Nmap command line parameters

General improvements

  • Allow a range of ports to be supplied as listeners
  • Export PWDump formatted credentials
  • Export John the Ripper formatted credentials
  •  Added a credentials tab to the host view

Pro: Improved client-side exploitation

  • Send file-format exploits as email attachments
  • Improved Java-related exploit module support
  • Use digital signatures on generated executables

Pro: Enhanced team support

  • Enforce network boundary limits on projects
  • Restrict limited users to specific network ranges

Pro: Updated VPN Pivoting

  • Full support for VPN Pivoting on Microsoft Windows
  • Reliability improvements through scan parameters


Possibly Related Articles:
Cisco Open Source Tools Metasploit Exploits Headlines Network Security
Post Rating I Like this!
The views expressed in this post are the opinions of the Infosec Island member that posted this content. Infosec Island is not responsible for the content or messaging of this post.

Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of Infosec Island and the Infosec Island member that posted this content--this includes using our RSS feed for any purpose other than personal use.