Metasploit mailing list archives
Questions about plugin design
From: ngregoire at exaprobe.com (Nicolas Gregoire)
Date: Thu, 08 Sep 2005 15:59:45 +0200
Hello, I'm actually writing a plugin exploiting a vulnerable Perl open(), and I've some design questions : - should the Check() function test that the HTTP return code is 200, that the right headers are present or try to read a file ? - as the vuln is a Perl open(), there's no way to directly use shell tricks (like "telnet|sh|telnet"). How to tell the plugin that 'cmd_generic' is the only usuable payload ? Regards, -- Nicolas Gregoire ----- Consultant en S?curit? des Syst?mes d'Information ngregoire at exaprobe.com ------[ ExaProbe ]------ http://www.exaprobe.com/ PGP KeyID:CA61B44F FingerPrint:1CC647FF1A55664BA2D2AFDACA6A21DACA61B44F
Current thread:
- Questions about plugin design Nicolas Gregoire (Sep 08)
- Questions about plugin design milw0rm Inc. (Sep 08)
- Questions about plugin design H D Moore (Sep 08)
- <Possible follow-ups>
- Questions about plugin design val smith (Sep 08)