Metasploit mailing list archives
Re: DEP, HardWare Virtualization VM , 64 bit O/S
From: HD Moore <hdm () metasploit com>
Date: Tue, 08 Jun 2010 11:51:12 -0500
On 6/8/2010 7:31 AM, levene10 wrote:
Hi All I cant help but ran through some of the standard security features of new standard cpus and modern windows operating systems...( vista & 7 ) Which exploits and payloads of metasploit framework try to circumvents these.. I believe none , since all your buffer overflows, heap / stack corruptions have to choose the NoNx platform (a joke) to exploit, the framework has no rootkits explits which 64bit windows and VM have effective containment.. I am starting to get confused.. Kindly point out briefly metasploit framework's abilities to exploit new systems..
If you can point out public exploit code for these systems we would be happy to port them to Metasploit. Most of the time, the work required to make these exploits work on DEP/ASLR/64-bit (when possible) is time consuming and results in an exploit that is not reliable even in the best case scenario. You can see some examples for MS08-067 and some of the client-side exploits, but the fact is these types exploits are slowly dying. That is why you see an increase in coverage for logic flaws, command injection, and authentication bypass vulnerabilities. -HD _______________________________________________ https://mail.metasploit.com/mailman/listinfo/framework
Current thread:
- DEP, HardWare Virtualization VM , 64 bit O/S levene10 (Jun 08)
- Re: DEP, HardWare Virtualization VM , 64 bit O/S Jacky Jack (Jun 08)
- Re: DEP, HardWare Virtualization VM , 64 bit O/S HD Moore (Jun 08)