Metasploit 6 Now Under Active Development

blog.rapid7.com
4 min read
difficult
The Metasploit team announces active development of Metasploit Framework 6. Initial features include end-to-end encryption of Meterpreter communications, SMBv3 client support, and a new polymorphic payload generation routine for Windows shellcode.
Today the Metasploit team is pleased to announce active development of Metasploit Framework 6.0, available now for testing and community feedback. Initial Metasploit 6 features include end-to-end encryption of Meterpreter communications across all five implementations (Windows, Python, Java, Mettle, and PHP), SMBv3 client support to further enable modern exploitation workflows, and a new polymorphic payload generation routine for Windows shellcode that improves evasive capabilities against common antivirus and intrusion detection system (IDS) products.

This initial feature set marks a transition toward secure communications and encryption by default across key components of Metasploit Framework. Initial Metasploit 6 features also increase complexity for creation of signature-based detections for certain network operations and Metasploit's main payload binaries. Metasploit users and developers can expect further additions to and refinement of version 6 features over the coming months.

Important note: Metasploit 6 incorporates backwards-incompatible changes for payload communication, meaning payloads generated with previous Metasploit versions will be unable to connect to Metasploit 6 and vice versa. Because of this incompatibility, users should not update to Metasploit 6 during active operations unless they are prepared to lose their sessions.

Rapid7 and the Metasploit team would like to extend our deepest thanks to longtime contributor OJ Reeves for his tireless efforts implementing and refining many of the improvements in the latest version of Metasploit.

Expanded Encryption

Starting in Metasploit 6, all Meterpreters will use AES to encrypt their communications with the Framework. End-to-end encryption offers operators two noteworthy advantages: First, the encryption obfuscates the traffic, making signature-based detections of established communication…
Spencer McIntyre
Read full article