Metasploit 3.0: Cop Tested, Robber Approved
The newest version of Metasploit gives penetration testers an invaluable tool. They're going to need it to deal with the crackers using it to compromise their systems.
It's now faster than ever to take advantage of security vulnerabilities thanks to a revamped open source Metasploit 3.0 framework that includes new features and boasts 177 included exploits.
Metasploit is a framework for developing, testing, and using exploit code.
Though it is intended for use by the security researcher community, it has been used with malicious intent to exploit Windows zero-day vulnerabilities.
Version 3.0 is a complete rewrite of the Metasploit code base, using the Ruby scripting language. The process took almost two years and yielded over 100,000 lines of Ruby code. Previous versions of Metasploit were all written in Perl.
The new release is loaded with nearly everything a security researcher could want, including 177 different exploits that can deploy 104 different payloads. There are also modules that provide additional functionality for denial-of-service (DoS) testing, fuzzing and host discovery.
Intrusion Detection System (IDS) and Intrusion Prevention System (IPS) evasion is significantly enhanced in this release.
According to the Metasploit 3.0 release notes, the evasion options allow the user to bypass IDS and IPS systems by specifying how exploit data is generated and delivered. Evasion options are available for most exploits, including those involving HTTP and SMB protocols.
In a session at Black Hat Las Vegas in 2006, Metasploit creator H.D. Moore said the goal of evasion in Metasploit 3 was going to be to 'scare the IDS guys'.
One thing that is likely to scare a lot more than just the IDS guys is the ability in Metasploit 3.0 to run exploits against multiple hosts concurrently.
By taking advantage of the in-process threading support that the Ruby language offers, Metasploit can run multiple attacks while only consuming a single process' worth of system resources.
It's also easier to control Metasploit, which previously was best controlled using a terminal window. With the new msfweb Web interface, security researchers can get much of the Metasploit Framework functionality from within the convenience of a point-and-click browser interface.
Though there is a lot packed into Metasploit 3, extensibility is a key feature, enabling developers to use and develop additional plug-in modules that can extend functionality without the need to rewrite the base Metasploit code.
The new release is also being licensed under different terms than previous versions of Metasploit, which were made available under the GPL.
With version 3.0, the release is now offered under the Metasploit Framework License, which is not yet an officially sanctioned open source license listed or certified by the Open Source Initiative (OSI).
A key definition of what is generally considered to be bona fide open source is that the license is listed as being open source on the OSI's Web site.
The general idea behind the new license is to make it friendly for developers by providing them with full source code, while not being quite as friendly to commercial enterprises.
Such a goal, according to the Metasploit release notes, "prevents commercial abuse and outright code theft."Article courtesy of internetnews.com