The Metasploit Framework is an advanced open-source exploit development
platform. The 2.7 release includes three user interfaces, 157 exploits
and 76 payloads.The Framework will run on any modern operating system
that has a working Perl interpreter. The Windows installer includes a
slimmed-down version of the Cygwin environment.
Windows users are encouraged to update as soon as possible. A number of
improvements were made that should make the Windows experience a little
less painful and a lot more reliable. All updates to 2.6 have been rolled
into 2.7, along with some new exploits and minor features.
This release is available from the Metasploit.com web site:
- Unix: http://metasploit.com/tools/framework-2.7.tar.gz
- Win32: http://metasploit.com/tools/framework-2.7.exe
The latest version can be pulled directly from Subversion:
$ svn co http://metasploit.com/svn/framework2/trunk/
A demonstration of the msfweb interface is running live from:
- http://metasploit.com:55555/
This may be the LAST 2.x version of the Metasploit Framework. All
development resources are now being applied to version 3.0. More
information about version 3.0 can be found online at:
- http://metasploit.com/projects/Framework/msf3/
Exploit modules designed for the 2.2 through 2.6 releases should maintain
compatibility with 2.7. If you run into any problems using older
modules with this release, please let us know.
Donations to the Metasploit Project are now tax deductible for US
entities. Please see the donations web page for more information.
- http://metasploit.com/donate.html
You can subscribe to the Metasploit Framework mailing list by sending a
blank email to framework-subscribe[at]metasploit.com. This is the
preferred way to submit bugs, suggest new features, and discuss the
Framework with other users.
If you would like to contact us directly, please email us at:
msfdev[at]metasploit.com.
For more information about the Framework and this release in general,
please refer to the online documentation, particularly the User Guide:
- http://metasploit.com/projects/Framework/documentation.html
We would like to thank the community in general and the Metasploit
contributors in particular for their support of the project.
Changes since the 2.6 release:
windows:
* The Windows installer and Cygwin environment have been updated
* The console size has been greatly improved under Windows
* Large payloads (meterpreter/vncinject) are much more reliable
msfupdate:
* The msfupdate tool has been replaced with Subversion
* All Subversion features (branching, diffs, etc) are supported
meterpreter:
* The SAM extension now works against NX/DEP systems.
exploits:
* Minor cosmetic improvements to many modules
* 14 new exploits added since 2.6 was released
payloads:
* The payload staging system is more reliable for large payloads
* Size reductions and reliability improvements
Enjoy!
- The Metasploit Staff
