Metasploit mailing list archives

Previous By Date Next
Previous By Thread Next

Metasploit Framework v2.6 Released!

From: hdm at metasploit.com (H D Moore)
Date: Tue, 23 May 2006 12:47:34 -0500
The Metasploit Framework is an advanced open-source exploit
development platform. The 2.6 release includes three user interfaces,
143 exploits and 75 payloads.

The Framework will run on any modern operating system that has a working
Perl interpreter. The Windows installer includes a slimmed-down version
of the Cygwin environment.

This is a maintenance release - all updates to 2.5 have been rolled into
2.6, along with some new exploits and minor features. 

The changes since the 2.5 release include:

msfconsole:
        * Tab completion improvements
        * Remember last used exploit after save
        * Improved reload/rexploit/rcheck commands
        * Security fixes for handling terminal escapes

msfcli:
        * Security fixes for handling terminal escapes
        
msfweb:
        * Security fixes when using defanged mode
        
meterpreter:
        * Addition of the SAM password dump extension
        * Improvements to the VNC injection
        
msfpescan:
        * PE fingerprinting via the -S option
        * Additional information via the -D option
        * Major bug fixes to PE format parser
        
exploits:
        * Major rewrites of many exploit modules
        * Reliability improvements across the entire set
        * 42 new exploits added since 2.5 was released
        * Improved IPS evasion for SMB/DCERPC/HTTP modules

libraries:
        * Human-friendly SMB and DCERPC error codes
        * Reworking of the entire DCERPC API
        * Incremental improvements to the SMB stack
        * Integration of commonly-duplicated routines
        * Major improvements to PEInfo module

This release is available from the Metasploit.com web site:
  - Unix:  http://metasploit.com/tools/framework-2.6.tar.gz
  - Win32: http://metasploit.com/tools/framework-2.6.exe

A demonstration of the msfweb interface is running live from:
  - http://metasploit.com:55555/
 
Information about version 3.0 has been posted online:
  - http://metasploit.com/projects/Framework/msf3/
  
Exploit modules designed for the 2.2 through 2.5 releases should maintain
compatibility with 2.6. If you run into any problems using older
modules with this release, please let us know.

The Framework development team consists of a few active members and
over a dozen contributors. Check out the donations web page for a complete
list of contributors:
 - http://metasploit.com/donate.html

You can subscribe to the Metasploit Framework mailing list by sending a
blank email to framework-subscribe[at]metasploit.com. This is the
preferred way to submit bugs, suggest new features, and discuss the
Framework with other users.

If you would like to contact us directly, please email us at:
msfdev[at]metasploit.com.

For more information about the Framework and this release in general,
please refer to the online documentation, particularly the User Guide:
  - http://metasploit.com/projects/Framework/documentation.html

We would like to thank the community in general and the metasploit
contributors in particular for their support of the project.

Enjoy!

- The Metasploit Staff
Previous By Date Next
Previous By Thread Next

Current thread: