Metasploit mailing list archives
db_ret_add plugin Targets your neighbours
From: jerome.athias at free.fr (Jerome Athias)
Date: Fri, 24 Jul 2009 17:15:00 +0200
db_ret_add is a plugin to update the Microsoft Windows's return addresses used by the Metasploit Framework exploits modules. It uses a MySQL database of opcodes supporting all the locales/service packs available for Microsoft Windows. Important note: This module is in alpha stage, i repeat, this module is in alpha stage, so please don't flame! http://www.ja-psi.com/researches/db_ret_add.rb Demo video: http://www.ja-psi.com/researches/Retadd2.html More information and stuff (like the tool to automaticaly build the database) will be released at FRHACK 2009 http://www.frhack.org Known bugs: - After launching the module, you must use rexploit or restart the Metasploit Framework to refresh the exploits modules (any help on this point is welcome ;-)) To do: - Identify and add more exploits' opcodes in the MySQL database - Use nmap/smbrelay to scan targets and launch exploits with the good target (PoC working) - Add the Securinfos' security advisories database (https://www.securinfos.info) and generate automatic reports - More Have a nice week-end fellow Black Hats! Greets to Ghislain Aine (JA-PSI, French IT Security Company http://www.ja-psi.com) Jerome Athias /JA
Current thread:
- db_ret_add plugin Targets your neighbours Jerome Athias (Jul 24)
- db_ret_add plugin Targets your neighbours Patrick Webster (Jul 27)
- <Possible follow-ups>
- db_ret_add plugin Targets your neighbours Konrads Smelkovs (Jul 24)