Past, present and future of Metasploit
by Mirko Zorz - Friday, 22 October 2010.
On October 20th, we launched Metasploit Pro, which builds on Metasploit Express to provide multi-user team support, social engineering campaigns, web application exploitation, advanced evasion techniques, and my personal favorite, VPN Pivoting. Where Metasploit Express is a great product for accelerating the penetration testing process, Metasploit Pro goes even further by enabling security teams to coordinate penetration tests through a central interface and conduct security tests at every level against the target network, from the human aspect (social engineering) down to the nitty gritty server-side exploits.

The VPN Pivot functionality in Metasploit Pro turns any compromised machine into a remote ethernet interface into the target network. This enables users to compromise an internal machine (say, through a browser exploit), and then use the VPN Pivot to continue to scan and exploit other internal machines behind the firewall.

Unlike other pivoting technologies, VPN Pivot can be used any network tool, as it creates a real interface on the Metasploit Pro system. This allows standard penetration testing and vulnerability assessments tools to be used over the interface created by Metasploit Pro. To cap things off, we added the ability do create custom reports, using the JasperSoft reporting engine and the iReport graphical report editor.

All three products share the same exploits, payloads, and libraries. The difference is the additional functionality, scalability, team support, and general scope of each tool. The Metasploit Framework is still a first class tool for exploit development and penetration testing, but the commercial products make it significantly easier to leverage these capabilities at a larger scale.

What are your plans for the near future? What features can Metasploit users look forward to?

With the Metasploit 3.5.0 release (all products share the same version number), we are going head-first into web application security. This required a huge overhaul of the backend database and we still have additional work to do in updating our web modules and filling in the gaps where coverage is missing.

Most of my personal development work is focused on the web application testing capabilities of Metasploit and making sure that we can interoperate with the other products that our users leverage today.

On the payload side, we are slowly but surely expanding Meterpreter support to platforms beyond Windows. Philip Sanderson, one of our community developers, has done an amazing job of completing the POSIX Meterpreter payload, and we are in the process of integrating his work into the framework.

Over the last few months we have also added native PHP and Java payloads, making it easier than ever to obtain advanced functionality through web application and Java server vulnerabilities. We are still investing resources into exploit coverage; both through dedicated exploit engineer, and by working with the community to port more exploits to the Metasploit platform.


Critical bug found in Cisco ASA products, attackers are scanning for affected devices

Several Cisco ASA products - appliances, firewalls, switches, routers, and security modules - have been found sporting a flaw that can ultimately lead to remote code execution by attackers.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.

Fri, Feb 12th