Metasploit 3.0 Makes Splash at Black Hat

Upgrades to popular flaw-finding tool unveiled at Vegas conference

2 Min Read

LAS VEGAS -- If the applause and whoops at this week's Black Hat conference were any indication, Metasploit has a hit on its hands with the new beta release of its bug-finding tool.

Security researcher HD Moore officially unveiled the first beta of Metasploit 3.0 late yesterday afternoon in a crowded ballroom at the conference here.

Moving away from its Perl roots, Metasploit 3.0 was written in Ruby, since its object orientation was a better fit for the demands placed on the flaw-finding framework, including new multi-tasking features, Moore said.

The new version enables concurrent exploits and sessions, as well as passive exploits and recon modules. It also permits developers to suspend, restore, and share sessions, and open multiple shells per exploit attempt.

"This will all turn Metasploit into Nessus," Moore laughed, referring to the open-source vulnerability scanner.

New "mixins" in the beta allow writing advanced exploits in only three lines, and include mixins for SMB, DCERPC, HTTP and FTP, Moore said. Multi-language support has been expanded in the Opcode database, a handy feature as more exploits turn up in Russian or other languages with non-English characters. Moore said 3.0 also takes evasion more seriously as malware writers have begun to use strong evasion techniques more widely.

Moore said that all modules are now organized in a directory hierarchy, with Common Meterpreter modules merged into an "stdapi" interface. New Meterpreter features are also supposed to help with improved penetration testing. The beta also includes new "passive" exploits like the attacks on browsers, sniffers, and intrusion detection systems; there are also denial-of-service modules and support for recent browser bugs.

The ballroom's crummy sound system and Moore's own fast-paced patter didn't seem to put anyone off. Normally more staid and tough to impress, Black Hat attendees interrupted Moore's demo of the new beta at least a half dozen times with applause.

The new beta can be downloaded from the Metasploit Website, with versions for Linux, BSD, Mac OS X, Unix, and Windows (with and without Cygwin).

— Terry Sweeney, Editor in Chief, Dark Reading

About the Author(s)

Terry Sweeney, Contributing Editor

Terry Sweeney is a Los Angeles-based writer and editor who has covered technology, networking, and security for more than 20 years. He was part of the team that started Dark Reading and has been a contributor to The Washington Post, Crain's New York Business, Red Herring, Network World, InformationWeek and Mobile Sports Report.

In addition to information security, Sweeney has written extensively about cloud computing, wireless technologies, storage networking, and analytics. After watching successive waves of technological advancement, he still prefers to chronicle the actual application of these breakthroughs by businesses and public sector organizations.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like

More Insights