Log in
Show password
Forgot password ?
Become a member for free
Sign up
Sign up
New member
Sign up for FREE
New customer
Discover our services
Dynamic quotes 
  1. Homepage
  2. Equities
  3. United States
  4. Nasdaq
  5. Rapid7, Inc.
  6. News
  7. Summary
    RPD   US7534221046


SummaryMost relevantAll NewsAnalyst Reco.Other languagesPress ReleasesOfficial PublicationsSector news

Rapid7 : Metasploit Wrap-up

07/09/2021 | 02:36pm EDT


Rapid7 security researchers Christophe De La Fuente, and Spencer McIntyre, have added a new module for CVE-2021-34527, dubbed PrintNightmare. This module builds upon the research of Xuefeng Li, Zhang Yunhai, Zhiniang Peng, Zhipeng Huo, and cube0x0. The module triggers a remote DLL load by abusing a vulnerability in the Print Spooler service. The print spooler service can be abused by an authenticated remote attacker to load a DLL through a crafted DCERPC request using the MS-RPRN vector, resulting in remote code execution as .

Because Metasploit's SMB server doesn't support SMB3 (yet), it's highly recommended to use an external SMB server like Samba that supports SMB3. The Metasploit module documentation details the process of generating a payload DLL and using this module to load it.

CVE-2021-34527 is being actively exploited in the wild. For more information and a full timeline, see Rapid7's blog on PrintNightmare!


Great work by community contributor Yann Castel on their new NSClient++ module. This module allows an attacker with an unprivileged windows account to gain admin access on a windows system and start a shell.

For this module to work, both the web interface of NSClient++ and the feature should be enabled. You must also know where the NSClient config file is as it is used to read the admin password which is stored in clear text.

New module content (2)

  • Print Spooler Remote DLL Injection by Christophe De La Fuente, Piotr Madej, Spencer McIntyre, Xuefeng Li, Zhang Yunhai, Zhiniang Peng, Zhipeng Huo, and cube0x0, which exploits CVE-2021-34527 - A new module has been added to Metasploit to exploit PrintNightmare, aka CVE-2021-1675/CVE-2021-34527, a Remote Code Execution vulnerability in the Print Spooler service of Windows. Successful exploitation results in the ability to load and execute an attacker controlled DLL as the user.

  • NSClient++ - Privilege escalation by BZYO, Yann Castel and kindredsec - This post module allows an attacker to perform a privilege escalation on a machine running a vulnerable version of NSClient++. The module retrieves the admin password from a config file at a customizable path, and so long as NSClient++ has both the web interface and ExternalScriptsfeature enabled, gains a SYSTEM shell.

Enhancements and features

  • #15366 from pingport80 - This updates how the msfconsole's history file is handled. It adds a size limitation so the number of commands does not grow indefinitely and fixes a locking condition that would occur when the history file had grown exceptionally large (~400,000 lines or more).

Bugs fixed

  • #15320 from agalway-r7 - A bug has been fixed in the method of that prevented PowerShell sessions from being able to use the method. PowerShell sessions should now be able to use this method to read files from the target system.
  • #15371 from bcoles - This fixes an issue in the module where if the binary was not in the PATH the check method would fail.

Get it

As always, you can update to the latest Metasploit Framework with and you can get more details on the changes since the last blog post from


If you are a user, you can clone the Metasploit Framework repo (master branch) for the latest.

To install fresh without using git, you can use the open-source-only Nightly Installers or the

binary installers (which also include the commercial edition).


Rapid7 Inc. published this content on 09 July 2021 and is solely responsible for the information contained therein. Distributed by Public, unedited and unaltered, on 09 July 2021 18:35:02 UTC.

ę Publicnow 2021
All news about RAPID7, INC.
04:12pRAPID7 : Critical vCenter Server File Upload Vulnerability (CVE-2021-22005)
09:12aRAPID7 : Statement on the New Standard Contractual Clauses for International Transfers of ..
09/20RAPID7 : Login Authentication Goes Automated With New InsightAppSec Improvements
09/17SANS 2021 THREAT HUNTING SURVEY : How Organizations' Security Postures Have Evolved in the..
09/16RAPID7, INC. : Other Events (form 8-K)
09/16RAPID7 : to Redeem $45.4 Million of Convertible Notes Due 2023
09/16Rapid7 Announces Redemption of All of ItsáOutstanding Convertible Senior Notes due 2023
09/16THE RANSOMWARE KILLCHAIN : How It Works, and How to Protect Your Systems
09/15RAPID7 : Craig Williams of Cisco Talos on Proxyware
09/15OMIGOD : How to Automatically Detect and Fix Microsoft Azure's New OMI Vulnerability
More news
Analyst Recommendations on RAPID7, INC.
More recommendations
Financials (USD)
Sales 2021 522 M - -
Net income 2021 -136 M - -
Net Debt 2021 430 M - -
P/E ratio 2021 -52,2x
Yield 2021 -
Capitalization 6 616 M 6 616 M -
EV / Sales 2021 13,5x
EV / Sales 2022 11,0x
Nbr of Employees 1 847
Free-Float 96,7%
Chart RAPID7, INC.
Duration : Period :
Rapid7, Inc. Technical Analysis Chart | MarketScreener
Full-screen chart
Technical analysis trends RAPID7, INC.
Short TermMid-TermLong Term
Income Statement Evolution
Mean consensus BUY
Number of Analysts 14
Last Close Price 118,60 $
Average target price 130,50 $
Spread / Average Target 10,0%
EPS Revisions
Managers and Directors
Corey Eugene Thomas Chairman & Chief Executive Officer
Andrew Frank Burton President & Chief Operating Officer
Jeffrey Alan Kalowski Chief Financial Officer
Tas Giakouminakis Chief Technology Officer
J. Benjamin H. Nye Lead Independent Director
Sector and Competitors
1st jan.Capi. (M$)
RAPID7, INC.31.54%6 616
SEA LIMITED65.60%182 001