The Metasploit Framework is a development platform for creating security tools and exploits. The framework is used by network security professionals to perform penetration tests, system administrators to verify patch installations, product vendors to perform regression testing, and security researchers world-wide. The framework is written in the Ruby programming language and includes components written in C and assembler.
New in version 3.3.2:
- Metasploit now has 463 exploit modules and 219 auxiliary modules (from 453 and 218 respectively in v3.3.1).
- The Meterpreter payload is now multi-threaded, providing the ability have multiple outstanding requests at once.
- The Meterpreter pivoting is much more robust and stable for the common use cases.
- The database subsystem now uses ActiveRecord migrations to create and update databases.
- The database API is now much more efficient due to improved query filters and delayed saves.
- The Oracle mixin and many of the modules have been updated and improved. The dbi module is no longer required.
- The VNCInjection stage has been successfully tested on Windows 7 (running under WOW64).
- The NeXpose Plugin can now launch scans against hosts already in the database (such as those found via Nmap).
- The NeXpose Plugin now supports an alternate syntax to nexpose_connect that allows ‘@’ and ‘:’ in passwords.
- The XMLRPC plugin now supports a RFC-compliant mode for integration with other products
- The scanner modules support Nmap-style syntax for RHOSTS. This deprecates the 126.96.36.199-188.8.131.52 syntax.
- The jobs command can now show detailed information about a background job (-i and -v).
- This release fixes 42 bus.