This version offers new tools, new kernel and tons of bug fixes. And, BackTrack Linux is no longer a part of remote-exploit.org, it got a new home at backtrack-linux.org.

I used the new version for the last couple of days and find it to be very useful and cool, recommended!
Download BackTrack Linux 4.

You can read the announcement on Nmap web site and grab a copy in the download page.

The announcement:

WarVOX is a suite of tools for exploring, classifying, and auditing
telephone systems. Unlike normal wardialing tools, WarVOX works with the
actual audio from each call and does not use a modem directly. This
model allows WarVOX to find and classify a wide range of interesting
lines, including modems, faxes, voice mail boxes, PBXs, loops, dial
tones, IVRs, and forwarders. WarVOX provides the unique ability to
classify all telephone lines in a given range, not just those connected
to modems, allowing for a comprehensive audit of a telephone system.

WarVOX requires no telephony hardware and is massively scalable by
leveraging Internet-based VoIP providers. A single instance of WarVOX on
a residential broadband connection, with a typical VoIP account, can
scan over 1,000 numbers per hour. The speed of WarVOX is limited only by
downstream bandwidth and the limitations of the VoIP service. Using two
providers with over 40 concurrent lines we have been able to scan entire
10,000 number prefixes within 3 hours.

The resulting call audio can be used to extract a list of modems that
can be fed into a standard modem-based wardialing application for
fingerprinting and banner collection. One of the great things about the
WarVOX model is that once the data has been gathered, it is archived and
available for re-analysis as new signatures, plugins, and tools are
developed. The current release of WarVOX (1.0.0) is able to
automatically detect modems, faxes, silence, voice mail boxes, dial
tones, and voices.

Presentation: http://warvox.org/media/warvox-1.0.0.pdf
Gallery: http://warvox.org/gallery.html
Code: http://warvox.org/install.html

WarVOX
Have a fun time wardialing!

From PortSwigger blog:

Burp Suite v1.2 is now available to download. This is a major upgrade with a host of new features, including:

• Site map showing information accumulated about target applications in tree and table form
• Suite-level target scope configuration, driving numerous individual tool actions
• Display filters on site map and Proxy request history
• Suite-wide search function
• Support for invisible proxying
• Fully fledged web vulnerability scanner [Pro version only]
• Ability to save and restore state [Pro version only]

The series of posts below this one describe the new features in more detail.

Many thanks to everyone who helped with the beta testing and gave me their feedback – this was much appreciated.

Have fun!

In case you missed it, PortSwigger dedicated a month of blog posts reviewing most of the new Burp Suite features – The Month of Burp Pr0n.

Get Burp Suite.

From the news:

the Metasploit Project announced today the free, world-wide availability of version 3.2 of their exploit development and attack framework. The latest version is provided under a true open source software license (BSD) and is backed by a community-based development team. Metasploit runs on all modern operating systems, including Linux, Windows, Mac OS X, and most flavors of BSD. Metasploit has been used on a wide range of hardware platforms, from massive Unix mainframes to the iPhone. Users can access Metasploit using the tab-completing console interface, the Gtk GUI, the command line scripting interface, or the AJAX-enabled web interface. The Windows version of Metasploit includes all software dependencies and a selection of useful networking tools.

Version 3.2 includes exploit modules for recent Microsoft flaws, such as MS08-041, MS08-053, MS08-059, MS08-067, MS08-068, and many more.

The module format has been changed in version 3.2. The new format removes the previous naming and location restrictions and paved the way to an improved module loading and caching backend. For users, this means being able to copy a module into nearly any subdirectory and be able to immediately use it without edits.

The Byakugan WinDBG extension developed by Pusscat has been integrated with this release, enabling exploit developers to quickly exploit new vulnerabilities using the best Win32 debugger available today.

The Context-Map payload encoding system development by I)ruid is now enabled in this release, allowing for any chunk of known process memory to be used as an encoding key for Windows payloads.

The Incognito token manipulation toolkit, written by Luke Jennings, has been integrated as a Meterpreter module. This allows an attacker to gain new privleges through token hopping. The most common use is to hijack domain admin credentials once remote system access is obtained.

The PcapRub, Scruby, and Packetfu libraries have all been linked into the Metasploit source tree, allowing easy packet injection and capture.

The METASM pure-Ruby assembler, written by Yoann Guillot and Julien Tinnes, has gone through a series of updates. The latest version has been integrated with Metasploit and now supports MIPS assembly and the ability to compile C code.

The Windows payload stagers have been updated to support targets with NX CPU support. These stagers now allocate a read/write/exec segment of memory for all payload downloads and execution.

Executables which have been generated by msfpayload or msfencode now support NX CPUs. The generated executable is now smaller and more reliable, opening the door to a wider range of uses. The psexec and smb_relay modules now use an executable template thats acts like a real Windows service, improving the reliability and cleanup requirements of these modules.

The Reflective DLL Injection technique pioneered by Stephen Fewer of Harmony Security has been integrated into the framework. The new payloads use the “reflectivedllinjection” stager prefix and share the same binaries as the older DLL injection method.

Client-side browser exploits now benefit from a set of new javascript obfuscation techniques developed by Egypt. This improvement leads to a greater degree of anti-virus bypass for client-side exploits.

Metasploit contains dozens of exploit modules for web browsers and third-party plugins. The new browser_autopwn module ties many of these together with advanced fingerprinting techniques to deliver more shells than most pen-testers know what to do with.

This release includes a set of man-in-the-middle, authentication relay, and authentication capture modules. These modules can be integrated with a fake proxy (WPAD), a malicious access point (Karmetasploit), or basic network traffic interception to gain access to client machines. These modules tie together browser_autopwn, SMB relaying, and HTTP credential and form capturing to pillage data from client systems.

Nearly all Metasploit modules now support IPv6 transports. IPv6 stagers exist for the Windows and Linux platforms, opening the door for penetration testing of pure IPv6 networks. The VNCInject and Meterpreter payloads have been extensively tested over IPv6 sockets.

Efrain Torres’s WMAP project has been merged into Metasploit. WMAP is general purpose web application scanning framework that can be automated through integration with an attack proxy (ratproxy) or be accessed as individual auxiliary modules.

Egypt’s new PHP payloads provide complete bind, reverse, and findsock support for PHP web application exploits. If you are sick of C99 and R57 and looking to gain a “real” shell from one of the hundreds of RFI flaws listed on milw0rm, the new PHP payloads work great against multiple operating systems.

The db_autopwn command has been revamped to support port-based limits, regex-based module matching, and limits on the number of spawned jobs. The end result is a way to quickly launch specific modules against a specific set of target machines. These changes were suggested and implemented by Marcell “SkyOut” Dietl (Helith).

Announcement.
Some of the new features are presented in Metasploit Prime.
Grab a copy from the Metasploit web site.

Some of the new version cool features was presented by Fyodor at the latest DefCon.

Or watch it on his site – insecure.org.

Austin, Texas, January 28th, 2008 — The Metasploit Project announced today the free, world-wide availability of version 3.1 of their exploit development and attack framework. The latest version features a graphical user interface, full support for the Windows platform, and over 450 modules, including 265 remote exploits. “Metasploit 3.1 consolidates a year of research and development, integrating ideas and code from some of the sharpest and most innovative folks in the security research community” said H D Moore, project manager. Moore is referring the numerous research projects that have lent code to the framework.

These projects include the METASM pure-ruby assembler developed by Yoann Guillot and Julien Tinnes, the “Hacking the iPhone” effort outlined in the Metasploit Blog, the Windows kernel-land payload staging system developed by Matt Miller, the heapLib browser exploitation library written by Alexander Sotirov, the Lorcon 802.11 raw transmit library created by Joshua Wright and Mike Kershaw, Scruby, the Ruby port of Philippe Biondi’s Scapy project, developed by Sylvain Sarmejeanne, and a contextual encoding system for Metasploit payloads. “Contextual encoding breaks most forms of shellcode analysis by encoding a payload with a target-specific key” said I)ruid, author of the Uninformed Journal (volume 9) article and developer of the contextual encoding system included with Metasploit 3.1.

The graphical user interface is a major step forward for Metasploit users on the Windows platform. Development of this interface was driven by Fabrice Mourron and provides a wizard-based exploitation system, a graphical file and process browser for the Meterpreter payloads, and a multi-tab console interface. “The Metasploit GUI puts Windows users on the same footing as those running Unix by giving them access to a console interface to the framework” said H D Moore, who worked with Fabrice on the GUI project.

The latest incarnation of the framework includes a bristling arsenal of exploit modules that are sure to put a smile on the face of every information warrior. Notable exploits in the 3.1 release include a remote, unpatched kernel-land exploit for Novell Netware, written by toto, a series of 802.11 fuzzing modules that can spray the local airspace with malformed frames, taking out a wide swath of wireless-enabled devices, and a battery of exploits targeted at Borland’s InterBase product line. “I found so many holes that I just gave up releasing all of them”, said Ramon de Carvalho, founder of RISE Security, and Metasploit contributor.

“Metasploit continues to be an indispensable and reliable penetration testing framework for our modern era”, says C. Wilson, a security engineer who uses Metasploit in his daily work. Metasploit is used by network security professionals to perform penetration tests, system administrators to verify patch installations, product vendors to perform regression testing, and security researchers world-wide. The framework is written in the Ruby programming language and includes components written in C and assembler.

Metasploit runs on all modern operating systems, including Linux, Windows, Mac OS X, and most flavors of BSD. Metasploit has been used on a wide range of hardware platforms, from massive Unix mainframes to the tiny Nokia n800 handheld. Users can access Metasploit using the tab-completing console interface, the Gtk GUI, the command line scripting interface, or the AJAX-enabled web interface. The Windows version of Metasploit includes all software dependencies and a selection of useful networking tools.

The latest version of the Metasploit Framework, as well as screen shots, video demonstrations, documentation and installation instructions for many platforms, can be found online at http://metasploit3.com/

Announcement.
Grab a copy from the Metasplot web site.

The Metasploit Framework (“Metasploit”) is a development platform for creating security tools and exploits. Version 3.0 contains 177 exploits 104 payloads 17 encoders and 3 nop modules. Additionally 30 auxiliary modules are included that perform a wide range of tasks including host discovery protocol fuzzing and denial of service testing.

Metasploit Framework
Release announcement on MSF blog

Happy exploiting ;-)