Hey Hey,

For those of you interested, metasploit 2.6 has been released. (www.metasploit.org)

Attached below is the email that was sent out. Although it lists both the linux and cygwin versions... the cygwin version is not yet available for download. If you run msfupdate twice however, you will update your running version to 2.6...


The Metasploit Framework is an advanced open-source exploit development platform. The 2.6 release includes three user interfaces,
143 exploits and 75 payloads.

The Framework will run on any modern operating system that has a working Perl interpreter. The Windows installer includes a slimmed-down version of the Cygwin environment.

This is a maintenance release - all updates to 2.5 have been rolled into 2.6, along with some new exploits and minor features.

The changes since the 2.5 release include:

* Tab completion improvements
* Remember last used exploit after save
* Improved reload/rexploit/rcheck commands
* Security fixes for handling terminal escapes

* Security fixes for handling terminal escapes

* Security fixes when using defanged mode

* Addition of the SAM password dump extension
* Improvements to the VNC injection

* PE fingerprinting via the -S option
* Additional information via the -D option
* Major bug fixes to PE format parser

* Major rewrites of many exploit modules
* Reliability improvements across the entire set
* 42 new exploits added since 2.5 was released
* Improved IPS evasion for SMB/DCERPC/HTTP modules

* Human-friendly SMB and DCERPC error codes
* Reworking of the entire DCERPC API
* Incremental improvements to the SMB stack
* Integration of commonly-duplicated routines
* Major improvements to PEInfo module

This release is available from the Metasploit.com web site:
- Unix: http://metasploit.com/tools/framework-2.6.tar.gz
- Win32: http://metasploit.com/tools/framework-2.6.exe

A demonstration of the msfweb interface is running live from:
- http://metasploit.com:55555/

Information about version 3.0 has been posted online:
- http://metasploit.com/projects/Framework/msf3/

Exploit modules designed for the 2.2 through 2.5 releases should maintain compatibility with 2.6. If you run into any problems using older modules with this release, please let us know.

The Framework development team consists of a few active members and over a dozen contributors. Check out the donations web page for a complete list of contributors:
- http://metasploit.com/donate.html

You can subscribe to the Metasploit Framework mailing list by sending a blank email to framework-subscribe[at]metasploit.com. This is the preferred way to submit bugs, suggest new features, and discuss the Framework with other users.

If you would like to contact us directly, please email us at:

For more information about the Framework and this release in general, please refer to the online documentation, particularly the User Guide:
- http://metasploit.com/projects/Frame...mentation.html

We would like to thank the community in general and the metasploit contributors in particular for their support of the project.


- The Metasploit Staff