nDepth Employee Contributions to Open Source Security Software, October 2023 EditionnDepth Employee Contributions to Open Source Security Software, October 2023 Edition

nDepth Employee Contributions to Open Source Security Software, October 2023 Edition


METASPLOIT PROJECT

The Metasploit Project, owned by Rapid 7, is a computer security program which is the world’s most used penetration testing framework. This Free and Open Source Software (FOSS) is used by nearly all penetration testers, and is extremely common in training courses from SANS, EC-Council, and many others.

The Metasploit Project, being Open Source Software, flourishes from the contributions of the community. nDepth’s own Mike Cyr (h00die) is a frequent contributor to the project and has continued to spend their personal time conducting security research and providing enhancements to Metasploit for the benefit of the security community. This month, h00die contributed the following enhancements:

SPELLING AND REFERENCE FIXES

Spelling can be difficult, especially when writing code, as there is a mix of code and natural language. Writing a document in an editor such as Microsoft Word lets you easily spellcheck everything, however; code editors such as VS Code don’t have the same capability. The Codespell project was developed specifically to help with this problem. h00die used codespell against the Metasploit Project source code to correct many of the spelling errors, making the code and output of the project easier to read and understand.

Metasploit provides a mechanism to group modules called “Related Modules”.  This mechanism is part of the “Notes” field, however several modules had incorrectly put it elsewhere making it not work correctly. h00die identified these modules and moved the fields to the appropriate locations.

DB STATS COMMAND

Back in March of 2020, a request was made to add a new command to Metasploit which would print out stats about the database in use.  This command would be useful for users as they would quickly be able to identify how many hosts, services, vulnerabilities, etc are in their database.  h00die added this command and included some additional stats.

APACHE SUPERSET REMOTE CODE EXECUTION

Last month, h00die helped write an exploit against Apache Superset to gain administrative privileges and pull credentials from the product. Additional details were released about CVE-2023-37941, allowing for an administrator to execute remote code and gain access to the operating system.  This new vulnerability has now been added to Metasploit Framework.

FLIPPER ZERO FIRMWARE

Flipper Zero is a portable multi-tool for penetration testers. It contains several input and output interfaces such as Infrared, Bluetooth LE, NFC, RFID, iButton, and RF (radio frequencies). The device is commercially produced by Flipper Devices Inc, however the software is Free and Open Source Software (FOSS). Example uses for this device include controlling devices (TVs, Lights), cloning access control badges, acting as a USB keyboard to type commands and many more. This month, h00die contributed the following enhancements:

SPELLING FIXES ACROSS PROJECT

Spelling can be difficult, especially when writing code, as there is a mix of code and natural language. Writing a document in an editor such as Microsoft Word lets you easily spell check everything, however code editors such as VS Code don’t have the same capability.  The Codespell project was developed specifically to help with this problem. H00die used codespell against the Flipper Zero source code to correct many of the spelling errors, making the code and output of the project easier to read and understand.

HAVOC FRAMEWORK

Havoc is a modern-day command and control (C2) post-exploitation framework. This tool is useful for penetration testers to manage computers which they have compromised. The software is Free and Open Source Software (FOSS). This month, h00die contributed the following enhancements:

SPELLING FIXES ACROSS PROJECT

Spelling can be difficult, especially when writing code as there is a mix of code and natural language.  Writing a document in an editor such as Microsoft Word lets you easily spell check everything, however code editors such as VS Code don’t have the same capability.  However, the Codespell project was developed specifically to help with this problem.  H00die used codespell against the Havoc Framework source code to correct many of the spelling errors, making the code and output of the project easier to read and understand.

To view this month’s contributions, check the following links: