Metasploit 4.3 Released: Task Chains, Email Reports, Upgrades, and More Modules!
The Metasploit® Framework is a free, open source penetration testing solution developed by the open source community and Rapid7. It is the de-facto standard for penetration testing with more than one million unique downloads per year and the world’s largest, public database of quality assured exploits.
This new release covers the following:
A feature that makes it super easy to automate tasks in Metasploit Pro? Yes please. Task chains let you configure a series of tasks and run them according to a schedule. In previous releases of Metasploit Pro, you have to manually run tasks one at a time, such as scan, attack, and generate a report. Now, you don’t have to wait for each task to complete before you execute the next task. Task chains automate this entire process for you, making it possible for you to quickly discover threats on a more frequent and consistent basis. To forgo the days of hand testing, go to the Tasks area in the Metasploit Web UI and create your very first task chain.
The new email option for reports makes it super easy to share test results with your team and organization. This feature enables you to automatically e-mail a report as soon as Metasploit Pro generates it. You just need to enable the e-mail option and provide a recipient list for the report task, and then set up a mail server for Metasploit Pro to use. We’ve added new SMTP settings to the global settings to support the configuration of a mail server. To e-mail your first report, check out the Reports area in the Metasploit Web UI.
Metasploit 4.3 ships with a number of dependency updates, including:
- Ruby 1.9.3-p125
- Java SE 7u3
- Rails 3.2.2
- PostgreSQL 9.1
New Stuff to Read
Since our last release, we’ve posted a few new guides to the Community site. To recap, here they are: Metasploit AMI Set Up Guide, Metasploitable Set Up Guide, andMetasploit OVF Deployment Guide. If you have suggestions for how-to guides that you would like to see, please let us know.
Road to 4.3
Metasploit 4.3 includes all updates that we’ve integrated from the open source development community since the release of Metasploit 4.2 in February. These updates include new SCADA modules, DNS payloads, Spiceworks asset list support, smarter sessions, improved searching in msfconsole, a Java exploit for CVE-2012-0754, POSIX Meterpreter, and much more.