Metasploit mailing list archives
db_ret_add plugin Targets your neighbours
From: konrads at smelkovs.com (Konrads Smelkovs)
Date: Fri, 24 Jul 2009 22:29:07 +0300
Nice Jerome! Localized versions of doze are becoming more popular! -- Konrads Smelkovs Applied IT sorcery. On Fri, Jul 24, 2009 at 10:00 PM, <framework-request at spool.metasploit.com>wrote:
Send Framework mailing list submissions to framework at spool.metasploit.com To subscribe or unsubscribe via the World Wide Web, visit https://mail.metasploit.com/mailman/listinfo/framework or, via email, send a message with subject or body 'help' to framework-request at spool.metasploit.com You can reach the person managing the list at framework-owner at spool.metasploit.com When replying, please edit your Subject line so it is more specific than "Re: Contents of Framework digest..." Today's Topics: 1. db_ret_add plugin Targets your neighbours (Jerome Athias) ---------- Forwarded message ---------- From: Jerome Athias <jerome.athias at free.fr> To: "framework at spool.metasploit.com" <framework at spool.metasploit.com> Date: Fri, 24 Jul 2009 17:15:00 +0200 Subject: [framework] db_ret_add plugin Targets your neighbours db_ret_add is a plugin to update the Microsoft Windows's return addresses used by the Metasploit Framework exploits modules. It uses a MySQL database of opcodes supporting all the locales/service packs available for Microsoft Windows. Important note: This module is in alpha stage, i repeat, this module is in alpha stage, so please don't flame! http://www.ja-psi.com/researches/db_ret_add.rb Demo video: http://www.ja-psi.com/researches/Retadd2.html More information and stuff (like the tool to automaticaly build the database) will be released at FRHACK 2009 http://www.frhack.org Known bugs: - After launching the module, you must use rexploit or restart the Metasploit Framework to refresh the exploits modules (any help on this point is welcome ;-)) To do: - Identify and add more exploits' opcodes in the MySQL database - Use nmap/smbrelay to scan targets and launch exploits with the good target (PoC working) - Add the Securinfos' security advisories database (https://www.securinfos.info) and generate automatic reports - More Have a nice week-end fellow Black Hats! Greets to Ghislain Aine (JA-PSI, French IT Security Company http://www.ja-psi.com) Jerome Athias /JA _______________________________________________ Framework mailing list Framework at spool.metasploit.com https://mail.metasploit.com/mailman/listinfo/framework
-------------- next part -------------- An HTML attachment was scrubbed... URL: <http://mail.metasploit.com/pipermail/framework/attachments/20090724/880b49f4/attachment.htm>
Current thread:
- db_ret_add plugin Targets your neighbours Jerome Athias (Jul 24)
- db_ret_add plugin Targets your neighbours Patrick Webster (Jul 27)
- <Possible follow-ups>
- db_ret_add plugin Targets your neighbours Konrads Smelkovs (Jul 24)