Metasploit Express 3.4.1 Release Notes

Summary

Metasploit Express 3.4.1 adds 16 new exploits, an overhauled module browser, island-hopping support, brute force support for FTP and HTTPS, enhanced import and export functionality, and improvements to the online update system, including support for HTTP proxies. This release fixes over 100 bugs.

New Features

  • The Module Browser was overhauled and disclosure dates are available for all exploits
  • Island-hopping is enabled through the "Add Session Route" button in the Session view.
  • FTP has been added to the set of Brute Force protocols
  • HTTPS has been explicitly added to the Brute Force protocols
  • Support for choosing vulnerabilities and/or services as matching criteria for Exploitation
  • Import of a Metasploit Express ZIP export now includes Loot, Tasks, and Reports
  • A "Dry Run" mode has been added for Brute Force for analysis
  • Target address field supports the "1.2.3.0-1.2.3.255" format
  • Allow the HTTP Proxy to be specified for updates and remember proxy settings

Closed Bugs

  • Fingerprint modules are no longer run when the target services have been identified as closed.
  • HTTP brute force would sometimes fail against IIS 5.0
  • The Metasploit Express XML import/export code has been bumped a revision to include more data
  • The "defaults" Brute Force profile now only uses the internal list of default passwords
  • Discovery scan of the hosting system would return extraneous open ports
  • Discovery would show progress messages for skipped protocols
  • Invalid target ranges would cause a stack trace with Discovery scans
  • The Microsoft SQL Server brute force module would continue testing non-responsive hosts
  • The DB2 brute force task log is now color-coded
  • The Reports tab now notifies the user when a report is ready
  • The Brute Force and Exploit profiles are set to "Normal" by default
  • Skip known disabled and other invalid accounts within the Brute Force
  • Solve issues rendering events with binary data
  • Prevent imported hosts from always overriding existing hosts
  • Brute Force does not correct replay a stolen SSH private key
  • Finger service user enumeration is slow on Linux targets
  • AMAP import does not work with all output types
  • AIX products a false positive during telnet brute force
  • Bannerless services are never identified during Discovery
  • A stack trace is generated when an unknown format is used with Import
  • Live reports break when a host is deleted
  • NeXpose scan results are not preserved on the server
  • Exploitation fails to grab session with MS03-026 in some cases
  • Windows installation can fail due to PostgreSQL not being initialized
  • No payloads available for piranha_passwd_exec
  • HTTP exploits no key off server fingerprint
  • Exploit rankings are now printed in the Task log
  • Authentication Token report shows duplicates for SMB shares
  • Comma-separated IPs are not parsed correctly in the Target Address fields
  • NeXpose may trigger a RPC timeout while scanning
  • Update system now restarts the UI as well as the RPC service
  • Terminate Session button may not work in some situations
  • The update installation now allows only a single concurrent install task
  • Session numbers wrap when screen resolution is narrow
  • User is not notified if the project description is too long
  • Need the ability to search for modules by author
  • Need the ability to perform a full-text search on modules
  • Browsing directly to /sessions produces an error
  • Running tasks error logs not available upon expiration
  • The user navigation bar needs more spacing
  • All time stamps are now presented in the local time zone, not UTC
  • Time stamps are now correct in the File Browser