The company Rapid7 has released a brand-new version of Metasploit, Metasploit 6.2.0, which has a lot of improvements and enhanced features.
In addition to the existing features, this new version offers the following things:-
- 138 New modules
- 148 Enhancements and features
- 156 Bug fixes
With 864 payloads and 2,227 exploits, Metasploit is one of the most-used penetration testing frameworks. In order to assess the vulnerability of a network and to test its defenses, these elements can all be used.
Penetration testing and breaching networks can be accomplished with this framework. And not only that but this framework is also used by the threat actors as well.
Among the best-known cybersecurity tools today, Metasploit has become one of the most popular tools due to its ease of use and the many payloads that it contains.
New Features of Metasploit 6.2
Among the several many features of this software, six of them are highlighted by the developers of Rapid7 and here they are mentioned below:-
- Capture plugin: Insecurity testers, particularly offensive security testers, consider capturing credentials to be the most crucial and early phase of their playbooks. Since Metasploit has been providing protocol-specific modules for years, you can easily achieve this goal.
- SMB v3 server support: This remote share can be used by penetration testers to host their payloads or DLLs and then to copy them to targets or remotely execute them.
- Enhanced SMB relay support: This module can be used for targeting multiple devices at a time in one session, the module invoking different configurations for each device to ensure accurate and efficient targeting.
- Improved pivoting & NATed services support: A NAT or port-forward configuration is necessary for the target to connect to Metasploit using this module.
- Debugging Meterpreter sessions: The logging of network queries and responses between MSFconsole and Meterpreter during a session can now be used to debug Meterpreter sessions.
- Local exploit suggests improvements: An improved user interface and bug fixes have been incorporated into this module in order to improve its functionality.
Here below we have mentioned all the top and most used modules:-
- VMware vCenter Server Unauthenticated JNDI Injection RCE (via Log4Shell)
- F5 BIG-IP iControl RCE via REST Authentication Bypass
- VMware Workspace ONE Access CVE-2022-22954
- Zyxel Firewall ZTP Unauthenticated Command Injection
- Windows CVE-2022-21999 SpoolFool Privesc
- Dirty Pipe Local Privilege Escalation via CVE-2022-0847