释放双眼,带上耳机,听听看~!
Metasploit 4.0 发布了,这是一个编写,测试和使用exploit代码的完善环境。这个环境为渗透测试,shellcode编写和漏洞研究 提供了一个可靠的平台,这个框架主要是由面向对象的Perl编程语言编写的,并带有由C语言,汇编程序和Python编写的可选组件。
Metasploit Framework 作为一个缓冲区溢出测试使用的辅助工具,也可以说是一个漏洞利用和测试平台。它集成了各平台上常见的溢出漏洞和流行的shellcode,并且不断更新,使得缓冲区溢出测试变得方便和简单。
Metasploit 4.0 主要改进:
- Feature #4982 – Support for custom executable with psexec
- Feature #4856 – RegLoadKey and RegUnLoadKey functions for the Meterpreter stdapi
- Feature #4578 – Update Nmap XML parsers to support Nokogiri parsing
- Feature #4417 – Post exploitation module to harvest OpenSSH credentials
- Feature #4015 – Increase test coverage for railgun
- Bug #4963 – Rework db_* commands for consistency
- Bug #4892 – non-windows meterpreters upload into the wrong filename
- Bug #4296 – Meterpreter stdapi registry functions create key if one doesn’t exist
- Bug #3565 – framework installer fails on RHEL (postgres taking too long to start)
详细内容请看官方发行说明:
https://dev.metasploit.com/redmine/projects/framework/wiki/Release_Notes_400
