19 January 2011
Version: 6.66 ("BEAST")
This release introduces brand new DCERPC and SMB libraries and updates
to exploits using them. Some of the new features supported include NTLMv2
authentication, seal/sign with packet privacy option, full unicode support
and configurable fragmentation on both DCERPC and SMB layers for improved
covertness against sniffers and intrusion detection systems.
Moreover, Immunity has included improved SMB client and faster SMB brute forcing
modules, a new SMB server, 80+ updated modules that take advantage
of the new DCERPC/SMB features and, finally, two new exploits for
the Linux RDS and MS10-068 vulnerabilities.
- libs/newsmb: Improved dcerpc/smb libraries
(NTLMv1/v2, packet privacy/SEAL/SIGN, fragmentation,
- Modules that use msrpc/smb functionality (too many
to list) now gain aforementioned features and improved
IDS evasion through expanded covertness feature.
- Linux_RDS (Linux Kernel <= 2.6.36-rc8 privilege escalation exploit)
- MS10_068 (Microsoft Active Directory DoS)
New DCERPC covertness functionality: Covertness = 2 will enable crypto at the DCERPC layer. 5 will also enable moderate fragmentation at the DCERPC and SMB (if making use of that transport) layers. Finally, for those times that one has to go all out, 11 will deploy crypto and maximum fragmentation at both layers. Proceed with care!
Download URL: https://canvas.immunityinc.com/cgi-bin/getcanvas.py