METASPLOIT PROJECT

The Metasploit Project, owned by Rapid 7, is a computer security program which is the world’s most used penetration testing framework. This Free and Open Source Software (FOSS) is used by nearly all penetration testers, and is extremely common in training courses from SANS, EC-Council, and many others.

The Metasploit Project, being Open Source Software, flourishes from the contributions of the community. nDepth’s own Mike Cyr (h00die) is a frequent contributor to the project and has continued to spend their personal time conducting security research and providing enhancements to Metasploit for the benefit of the security community. This month, h00die contributed the following enhancements:

HASH CRACKER VALIDATION SCRIPT

Metasploit uses an automated build platform (CI/CD) which runs tests against the code base to ensure various aspects are working correctly. However, long running or resource intensive tests may not be the place for the automated build as it can slow down typically trivial tasks.  Metaspoit includes the ability to crack hashes from various systems (Windows, Linux, databases, etc), and test hashes have been documented to ensure users and developers can validate the components are working correctly. However, this proved to be a rather time consuming task involving a user finding different outputs on their screen. A new script was created which automates this task, running each password cracking module in both John the Ripper and Hashcat modes against example hashes for each supported hash type. Creating this validation script also found a few bugs in one module which hadn’t been updated to support newer hashes.

To view this month’s contributions, check the following links:

• https://github.com/rapid7/metasploit-framework/pull/19913