The update to syscalls in the loader provides Meterpreter a much-needed foundation for their use throughout the project in the future. Exciting stuff from @n00tmeg
Rapid7 has released a full exploit chain for #MOVEit Transfer CVE-2023-34362. The write-up we've published in AttackerKB contains more than 30 pages of analysis and code — huge shout-out to @iagox86, @stephenfewer, and @_CField for their work on this. https://t.co/ceIrEkVeUw
This is the third new getsystem technique to be added in the past ~18 months that works in-memory on a wide set of Windows versions by abusing some kind of privilege and named pipe impersonation. Awesome work by @n00tmeg .
We're hiring! I'm looking for a senior+ level vulnerability researcher to join @rapid7's emergent threat response team. Produce stuff like this while working with @Junior_Baines (and collaborating with @metasploit on exploits!) https://t.co/iBvtZ9Y9wH
Some super dope additions in Metasploit's first 2022 wrap-up. @n00tmeg has been working on adding support for new techniques to the Windows secrets dump module for months now, and it's finally about finished!
I'm super excited to announce that we are hiring a Technical Product Manager for @metasploit (remote US, Belfast, Dublin, Austin, Toronto or Boston). Let me know if you're interested!
https://t.co/yUtEYRtk4a
Weekly wrap-up via @n00tmeg: Metasploit now captures NTLM hashes from any recent Windows release using SMBv2 and SMBv3, even with encrypted SMB traffic. Plus, @chompie1337's eBPF exploit lands, along with modules for Git LFS and Geutebruck IP cameras 👯https://t.co/YFgkoILswk
In today's edition of Dope-As-Hell Things™, it looks like Microsoft implemented a detection for @jxy__s's process herpaderping evasion technique, which @n00tmeg made into a Metasploit module earlier this year. Research high fives! https://t.co/bh4ZURgMui
The Qualys Research Team has discovered a critical vulnerability in #Sudo, which allows an unprivileged user to gain root privileges in its default configuration. #linux#unix#vulnerability https://t.co/JUAo8ULMu7
Just released a new blog post in my exploitation tricks series about research I did to implement a virtual memory access trap on Windows to make exploitation of certainly classes of vulnerabilities deterministic https://t.co/UWE7OCjkaf
Awesome article on Herpaderping by @pentestlabltd using a metasploit playload to get a remote shell!
"Executing the generated payload via the ProcessHerpaderping binary will establish a connection on a system with Windows Defender enabled."
https://t.co/HsqhrTqIcZ
We've got a new #Metasploit wrap-up posted, thanks to Louis! It covers a new way to dump Windows secrets, a new Safari exploit module, and a lot of other good stuff. Perfect Friday+weekend reading! 🐚
https://t.co/73K8509m7N
I have published my PoCs and my technical analysis on my GitHub: https://t.co/6JKEJMr5gn
I've also created a Pull Request for CVE-2020-3433 metasploit module: https://t.co/6loB5ezI33