Earlier this week we announced the release of Metasploit 6.3 which came with a tonne of new modules and improvements.
The whole team worked super hard on this and we're very excited that everyone can now get their hands on it and all of the new features it has to offer!
I won't go over everything we did here because we have a whole separate blog post dedicated to the 6.3 release that you should check out if you missed it.
We have a new module provided by timwr to exploit Dirty Cow on macOS. This module exploits a race condition in the kernel that gives the opportunity for a user to get code execution as root.
Description: Adds an exploit for CVE-2022-44877 which is an unauthenticated command injection in CentOS Control Web Panel <0.9.8.1147. Successful exploitation results in code execution as the root user.
Description: This module exploits Linux LPE CVE-2022-1043, a bug in io_uring leading to an additional put_cred() that can be exploited to hijack credentials of other processes.
Description: This PR adds a linux privilege escalation against VMWare virtual machines with kernel 4.14-rc1 - 5.17-rc1 due to a VMWare driver bug.
Description: This module is the macOS equivalent of the Dirty Cow vulnerability and allows for an unprivileged user to execute code as root.
Description: Post credential capture module Veeam Backup & Recovery and Veeam ONE Monitor versions 9.x - 11.x.
show actionscommand to display a visual indicator beside the currently selected value.
modules/auxiliary/scanner/http/options.rbmodule to modernize a few of its options, tidy up the code, and to handle an edge case when a target server might respond with a Tomcat error page.
show favoriteshave been added, namely
favorites, to allow for easier listing of modules that users have marked as their favorites.
CIPCTlvdefinition for the
ENUM_MACHINE_ACCOUNT_QUOTAqueries and to make some small updates to existing queries.
service_a/host.domain.localto be used and updated to
service_b/host.domain.localdynamically as part of service authentication.
modules/exploits/qnxto run the
checkcommand before attempting to exploit the target.
ForceExploitto true before checking the permissions required for exploitation on the remote target, which is more efficient and quieter over the network.
analyzecommand crashing when a WinRM session was opened.
You can always find more documentation on our docsite at docs.metasploit.com.
As always, you can update to the latest Metasploit Framework with
and you can get more details on the changes since the last blog post from
If you are a
git user, you can clone the Metasploit Framework repo (master branch) for the latest.
To install fresh without using git, you can use the open-source-only Nightly Installers or the
binary installers (which also include the commercial edition).