top space  top space  top space  top space  top space       Visualizza il sito in italiano Visualizza il sito in inglese

@Mediaservice contribuisce alla release 3.7.2 di Metasploit


community.rapid7.com - 21 giugno 2011


It's that time again! The Metasploit team is proud to announce the immediate release of the latest version of the Metasploit Framework, 3.7.2. Today's release includes eleven new exploit modules and fifteen post modules for your pwning pleasure. Adding to Metasploit's well-known hashdump capabilities, now you can easily steal password hashes from Linux, OSX, and Solaris. As an added bonus, if any of the passwords were hashed with crypt_blowfish (which is the default on some Linux distributions) any time since 1998, they may be considerably easier to crack. For more cracking fun, Maurizio Agazzini and Mubix's hard work has paid off in a new cachedump module. As the name implies, cachedump allows you to steal Windows cached password hashes. They can't be used directly like those obtained with hashdump, but JtR can crack them. If cracking sounds hard regardless of 13 year old bugs and proprietary hash algorithms, you might be interested in the latest post modules from TheLightCosine: they steal passwords from several applications which conveniently store them for lazy users in what is equivalent to plaintext. Metasploit gets better every day.

https://community.rapid7.com/community/metasploit/blog/2011/06/21/