Metasploit Framework v2.1

To: BUGTRAQ <bugtraq@xxxxxxxxxxxxxxxxx>
Subject: Metasploit Framework v2.1
From: H D Moore <sflist@xxxxxxxxxxxxxxxxxx>
Date: Wed, 9 Jun 2004 16:27:56 -0500
List-help: <mailto:bugtraq-help@securityfocus.com>
List-id: <bugtraq.list-id.securityfocus.com>
List-post: <mailto:bugtraq@securityfocus.com>
List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm
User-agent: KMail/1.6.1

The Metasploit Framework is an advanced open-source exploit development 
and testing environment. Version 2.1 fixes many issues that users have 
reported since the release of 2.0 and adds several new features.

The bug fixes alone are more than worth the time to upgrade. If you 
currently use the Framework under Windows, we strongly urge that you 
update to the 2.1 release; quite a few features and payloads simply don't 
work right with version 2.0 and Cygwin.

This release includes 21 exploits and 27 payloads; many of these exploits 
are either the only ones publicly available or just much more reliable 
than anything else out there.

The Framework will run on any modern system that has a working Perl 
interpreter, the Windows installer includes a slimmed-down version of the 
Cygwin environment. We have tested the Framework on Linux, BSD, Mac OS X, 
Solaris, AIX, and Windows (NT, 2000, XP, 2003).

Some highlights in this release:
  - Many Cygwin induced bugs fixed
  - Improved msfconsole tab completion
  - Fixed problems with logging functionality
  - Improvements on msfpescan to scan memory dumps from memdump.exe
  - socketNinja tool for doing all sorts of connection foo

This release is available from the Metasploit.com web site:
  - http://metasploit.com/projects/Framework/

Direct download links are provided below.

Unix-like operating systems:
  - http://metasploit.com/tools/framework-2.1.tar.gz

Windows-based operating systems:
  - http://metasploit.com/tools/framework-2.1.exe

You can subscribe to the Metasploit Framework mailing list by sending a 
blank email to framework-subscribe [at] metasploit.com. This is the 
preferred way to submit bugs, suggest new features, and discuss the 
Framework with other users. This is also where we send out updates and 
new modules. This mailing list is low traffic and archived online at:
  - http://metasploit.com/archive/framework/threads.html

The Framework was written by spoonm and H D Moore, if you would like to 
contact us directly, please email us at msfdev [at] metasploit.com. Don't 
be shy, your feedback is very important. Drop us a line even if it is 
just tell us that you use it!

We would like to thank everyone contributing to the metasploit project, 
with special thanks to skape, optyx, and the anonymous user who made the 
first donation to the metabeverage fund :)

This release added the following new exploit modules:
 - windows_ssl_pct
 - svnserve_date
 - samba_nttrans

... and some nice improvements to many existing modules.

Check out the new "exploits" section at the Framework project page; you 
can now download the latest versions of the exploit modules directly from 
the web site. All new exploits developed before the final 2.2 release 
will be made available via this page. Once we get some free time, we plan 
on adding exploitation and usage notes to this page. A new module has 
already been uploaded for the Squid NTLM buffer overflow bug...

Enjoy!

- spoonm and HD

Prev by Date: [FULL DISCLOSURE] ASPDOTNETSTOREFRONT Cross-Site Scripting Vulnerability
Next by Date: Multiple Vulnerabilities in Invision Power Board v1.3.1 Final.
Previous by thread: [FULL DISCLOSURE] ASPDOTNETSTOREFRONT Cross-Site Scripting Vulnerability
Next by thread: Multiple Vulnerabilities in Invision Power Board v1.3.1 Final.
Index(es):
- Date
- Thread