Metasploit mailing list archives
Re: usefulness of this tool
From: lists at syn-recon.net (lists at syn-recon.net)
Date: Fri, 17 Sep 2004 12:16:24 -0500
You might wanna check out The Art Of Exploitation from nostarch press (http://nostarch.com/). It does a good job of explaining (with code examples) the basics and concepts of the different exploit types (stack based overflows, how to inject your shell code, returning into glibc etc). You might wanna skim through it first though, its abit dissapointing if your looking for more advanced stuff. Florian Neil wrote:
Great! I will. Also, I don't want to become like a script kiddie. I have read some people's post in this mailing list that talks about reading registers, stacks. I also want to be like them. I know this requires knowledge in assembly. But I would like to know how you guys find what area in the stack to put the exploit? Is gdb the tool for this? And I had been asking myself how one is able to create an exploit. Do you have to know how the target application works? Just some generals questions. :) Awesome tool by the way. Keep it up HD. ;) H D Moore writes:On Friday 17 September 2004 01:52, Neil wrote:Another one. We have an MSSQL 2000 that is not patched too. I want to test it. Which mSsql 2000 exploit should I use there? Oh btw, the reason I am saying is because, I saw the new exploit codes after executing msfupdate.Both of the MSSQL exploits apply to SQL Server 2000 or MSDE prior to SP3. The resolution overflow uses the UDP protocol, whereas the "hello" bug uses TCP. I prefer to use the resolution bug, because of the broadcast and spoofability features of UDP. Regarding your question about the output; if the exploit works, you should see a command shell, if it doesn't, the handler will simply exit and return back to the prompt. If the exploit you selected is not working and you are 100% sure that the system is vulnerable, try the 'check' command. If this command does not produce anything useful, send an email to this mailing list with the details of the target system and the output of "show options" from the msfconsole shell (immediately after the exploit failed). -HD
Current thread:
- usefulness of this tool Neil (Sep 16)
- <Possible follow-ups>
- usefulness of this tool jerome.athias at caramail.com (Sep 16)
- Re: usefulness of this tool Neil (Sep 16)
- Re: usefulness of this tool H D Moore (Sep 17)
- Re: usefulness of this tool Neil (Sep 17)
- Re: usefulness of this tool netmask (Sep 17)
- Re: usefulness of this tool Neil (Sep 17)
- Re: usefulness of this tool lists at syn-recon.net (Sep 17)
- Re: usefulness of this tool Neil (Sep 16)
- Re: usefulness of this tool Neil (Sep 17)
- Re: usefulness of this tool Neil (Sep 17)