Eight years later of the formation of the last significant branch, the launch of the vulnerability analysis platform, Metasploit Framework in its latest version 5.0.
Currently, The Metasploit Framework package includes 3795 modules with the implementation of various exploits and attack methods.
The project also maintains an information base containing about 136710 vulnerabilities. The Metasploit code is written in Ruby and distributed under the BSD license. The modules can be developed in Ruby, Python and Go.
Metasploit is an open source project for computer security, which provides information about security vulnerabilities and aid in penetration testing "Pentesting" and the development of signatures for intrusion detection systems.
Its best known subproject is the Metasploit Framework, a tool to develop and run exploits against a remote machine. Other important subprojects are opcode (opcode) databases, a shellcode file, and security research.
The Metasploit Framework provides IT security specialists with a set of tools for rapid development and debugging of vulnerabilities, as well as to verify the vulnerabilities and the systems that the systems carry out in case an attack is successful.
A basic command line interface is proposed to scan the network and test systems for vulnerabilities, including testing the applicability of actual exploits. As part of the Community and Pro editions, an intuitive web interface is also provided.
Metasploit 5.0 major enhancements
With this new release The "evasion" module was added, which allows the user to create executable payload files, bypassing antivirus activations.
The makes it possible to reproduce more realistic conditions when checking the system, giving an account of the typical antivirus malware techniques.
For example, Techniques such as shell code encryption, code randomization, and under-emulator lock execution are used to evade antivirus.
In addition to the Ruby language, Python and Go can now be used to develop external modules for the Framework.
As well a basic web services framework has been added that implements a REST API to automate tasks and work with databases, supports multiple authentication schemes and offers opportunities for parallel execution of operations;
Metasploit 5.0 has an implemented API based on JSON-RPC, that simplifies integration by Metasploit with various tools and programming languages.
Users can now run their own PostgreSQL RESTful service to connect multiple Metasploit consoles and external toolkits.
On the other hand, the possibility of parallel processing of operations with the database and the console (msfconsole) is provided, which makes it possible to carry out the execution of some package operations on the shoulders of the service that serves the database.
For payload, the meta-shell concept and the meta-command "background" are implemented, which allows you to run background sessions in the background and downloads after the operation on the remote side, and manage them without using a Meterpreter-based session .
Finally the last point that can be highlighted is that the ability to verify multiple hosts with one module at once was added by configuring the range of IP addresses in the RHOSTS option or by specifying a link to the file with the addresses in the / etc / hosts format through the URL "file: //";
The search engine has been redesigned, which shortened the startup time and removed the database from dependencies.
How to get Metasploit 5.0?
For those interested in being able to install this new version of Metasploit 5.0, can go to the official website of the project where you can download the version you need to use.
Since Metasploit has two versions, one community (free) and the Pro version with direct support from the creators.
For Those of us who are Linux users can obtain this new version by opening a terminal and executing:
curl https://raw.githubusercontent.com/rapid7/metasploit-omnibus/master/config/templates/metasploit-framework-wrappers/msfupdate.erb > msfinstall && \
chmod 755 msfinstall && \
./msfinstall