Metasploit mailing list archives

Previous By Date Next
Previous By Thread Next

Meterpreter + SSL

From: hdm at metasploit.com (HD Moore)
Date: Fri, 26 Jun 2009 18:24:26 -0500
The meterpreter payload in the SVN trunk (3.3-dev) now uses SSL by  
default. Any staging activities (including the upload of metsrv.dll) will  
still be in cleartext, but all meterpreter communications are now  
protected by SSL automatically. This SSL mode does NO verification, so its  
still possible for someone to MITM the session, but this buys some  
privacy-by-default.

-HD
Previous By Date Next
Previous By Thread Next

Current thread: