Metasploit Framework Updates

[hdm at metasploit.com (H D Moore)]

Hello everyone,

We just pushed out updates for the DCERPC API in version 2.4 of the 
Metasploit Framework. All DCERPC-enabled exploits have been modified to 
take advantage of the new BindFakeMulti() function. Theoretically, this 
will prevent a few signature-based intrusion detection systems from 
detecting these exploits. Since Cisco has decided to tag all SMB traffic 
with the word "metasploit" in it as suspicious, we went ahead and removed 
that from the SMB API as well ;-) There are still many different ways to 
signature the Metasploit exploit modules, but this was an easy (and fun) 
hack to implement. 

The Metasploit Framework documentation page now contains links to numerous 
third-party resources. If you haven't seen the Whoppix flash-based 
videos, you are definitely missing out. If you are aware of any other 
information resource that we have not listed (user guides, howto's, etc), 
please let me know off-list. 
 - http://metasploit.com/projects/Framework/documentation.html

I will be presenting at the FIRST (www.first.org) conference in Singapore 
on June 30th, if you are going to be in town and want to grab a drink, 
please drop me an email. Additionally, I will be giving a short talk at 
the SIG^2 meeting on June 1st in Suntec City.
 - http://www.security.org.sg/

BackupExec users beware, the new Metasploit module (backupexec_agent) is 
able to compromise all BackupExec 9.x/10.x Windows agents without any 
guesswork. Thanks to Pedram Amini (www.openrce.org, pedram.redhive.com), 
we will be releasing an exploit module for the registry access flaw in 
the near future.

-HD