METASPLOIT PROJECT
The Metasploit Project, owned by Rapid 7, is a computer security program which is the world’s most used penetration testing framework. This Free and Open Source Software (FOSS) is used by nearly all penetration testers, and is extremely common in training courses from SANS, EC-Council, and many others.
The Metasploit Project, being Open Source Software, flourishes from the contributions of the community. nDepth’s own Mike Cyr (h00die) is a frequent contributor to the project and has continued to spend their personal time conducting security research and providing enhancements to Metasploit for the benefit of the security community. This month, h00die contributed the following enhancements:
APACHE NIFI ALGORITHM FIX
An Apache NiFi module was created back in November which can be used to find and decrypt credentials and secrets within its configuration. While the module was able to detect modern encryption algorithms, it failed to detect older algorithms. A fix was submitted to detect these older algorithms and prevent crashing.
ANDROID MODERNIZATION SUMMARY
The Android exploitation platform from Metasploit is problematic. Unfortunately, Android has changed its permissions model for apps which has caused the current payloads to lose functionality. On top of that, almost no effort has been put forth to keep up to date with new exploits and techniques. A new summary issue was created to document all of the issues, linking to the reports with original technical information, and suggesting changes which are required to fix the issues. A new issue template was also created so when users have Android issues in the future, they can easily refer to the summary issue.
To view this month’s contributions, check the following links: