Dailydave mailing list archives
Re: Metasploit Framework 2.0 Released!
From: <ninjatools () hush com>
Date: Wed, 7 Apr 2004 21:18:35 -0700
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 For some reason we get confused with a fuzzer/debugger, etc. Metasploit has a lot of code that could be used for a lot of different things, but it currently definitely is a tool focused around exploit bugs, and not finding them. I agree with dave that we should cover some of the uniqueness of our exploits. We tried not to clutter up the announcement email too much, and we are both pretty busy right now, so the documentation side of things are lagging behind. I'm obviously interested in the security dev side of things, and I think there is a lot of possibly interesting things for other security guys to check out. A lot of our exploits aren't neccesarily revolutionary, but they are a big step up from the exploits that are out there now, for example on two recent bugs... My serv-u exploit is (atleast it seems to be) universal across all version of serv-u from 3 - 5 (except 5.0.0.4 where the bug was fixed.), and on nt4/2k/xp/2k3. The current public exploits (there are several) are all target specific based on language, os, sp, etc. And the bug is a one shot, so you get it wrong, you kill the service. Also, since I wrote my real/blackice exploit, a public version has also been released. While I was unfortunately unable to make it universal, it is bruteforceable, so I took time in setting up a fairly extensive list of targets and bruteforcing modes. The public version uses a hardcoded return that I have not found to be valid in any of my versions, and ISS claims its only valid for 2% of their vulnerable products. This sort of stuff is the trend for most of our exploits. You will see many exploit specific advanced options that you wouldn't see in public code. Another example is HD's dcom exploit. 0 Windows NT SP6/2K/XP ALL One target hits NTSP6 -> XP, which is obviously an improvement on previous public versions. We also have a very nice encoder collection, including the default 23 byte dword xor encoder (they live in lib/Pex/Encoder.pm). My personal opinion on metasploit is that its a much more under the hood environment that a polished product like CANVAS. That doesn't make it better or worse, it just means that (atleast I) am based around the idea of having source code in one window, and msf in the other. That is something that isn't typical for most of the CANVAS users I know. We also have a much (imo) quicker interface for development, with an environment with readline support (tab completition, etc). Anyway, I definitely think its worth checking out, not only for its usability, but I think the tech under the hood is possible good enough for even Dave to steal ;) - -spoon -----BEGIN PGP SIGNATURE----- Note: This signature can be verified at https://www.hushtools.com/verify Version: Hush 2.3 wkYEARECAAYFAkB0080ACgkQtCeTLzI39eNQFwCfeydhLlI/8WZyVVAp6X2Y8tqd8IkA n2HOwPRGMIwkseiyLUjz5UUuoxPi =wBxX -----END PGP SIGNATURE----- Concerned about your privacy? Follow this link to get FREE encrypted email: https://www.hushmail.com/?l=2 Free, ultra-private instant messaging with Hush Messenger https://www.hushmail.com/services.php?subloc=messenger&l=434 Promote security and make money with the Hushmail Affiliate Program: https://www.hushmail.com/about.php?subloc=affiliate&l=427 _______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com http://www.immunitysec.com/mailman/listinfo/dailydave
Current thread:
- Metasploit Framework 2.0 Released! H D Moore (Apr 07)
- Re: Metasploit Framework 2.0 Released! Dave Aitel (Apr 07)
- Re: Metasploit Framework 2.0 Released! Rodney Thayer (Apr 07)
- Re: Metasploit Framework 2.0 Released! Dave Aitel (Apr 07)
- Re: Metasploit Framework 2.0 Released! H D Moore (Apr 08)
- Re: Metasploit Framework 2.0 Released! Dave Aitel (Apr 08)
- Re: Metasploit Framework 2.0 Released! Rodney Thayer (Apr 07)
- <Possible follow-ups>
- Re: Metasploit Framework 2.0 Released! ninjatools (Apr 07)
- Re: Metasploit Framework 2.0 Released! Dave Aitel (Apr 07)