The newest version of Metasploit is out. The full release notes can be found HERE via Rapid7. I didn’t see anything ground breaking but here is a summary of the release.
- Release Details:
- Metasploit Framework 6.4 is now available.
- It follows the release of version 6.3, which occurred just over a year ago.
- The team has introduced several new features and improvements since version 6.3.
- Kerberos Improvements:
- Metasploit 6.3 initially supported Kerberos authentication.
- Subsequent updates have enhanced Kerberos-related capabilities:
- The auxiliary/admin/kerberos/forge_ticket module now supports diamond and sapphire techniques, in addition to golden and silver techniques.
- Compatibility with Windows Server 2022 has been achieved by incorporating additional fields.
- The new post/windows/manage/kerberos_tickets post module allows users to dump Kerberos tickets from compromised hosts. This functionality operates entirely in memory and facilitates exploiting instances of Unconstrained Delegation.
- The auxiliary/gather/windows_secrets_dump module now supports pass-the-ticket authentication using the DCSync technique (DOMAIN action). Users can dump secrets from the target using a valid Kerberos ticket, eliminating the need for username/password authentication.