Metasploit @ Cansecwest

[hdm at metasploit.com (H D Moore)]

Hello everyone,

Spoon and I will be at Cansecwest this year, if anyone wants to grab a 
beer or otherwise hang out, drop us a line, we will both get in sometime 
tomorrow afternoon (the 20th). 

The Cansecwest talk is entitled "Exploiting the Metasploit Framework"; it 
will cover all the features of the Framework, show off some of the 
upcoming stuff in 2.1, and include an interactive demo.

Some of the highlights may include:

* Snort attack masking; how to avoid 90% of the Snort signatures :)
* Installing a remote command interpeter via shellcode (Perl)
* Demo of a remote shell via MS03-039 and a Win32 fork wrapper
* Spoon's syscall dispatcher and socket multiplexer

... and a ton of other cool features, new exploits, and nifty payloads. We 
had to yank the Snort masking stuff from the 2.0 release to give Marty 
and Team time to rewrite the alert engine...

Version 2.1 of the Framework should be released pretty soon (tm) after the 
conference ends; it will include some crash-fixes for Findsock payloads, 
a fixed msfdldebug application, and hopefully a handful of new exploits.

If there is a specific feature, exploit, or payload that you would like to 
see included in the 2.1 release, now is the time to ask for it. Although 
nearly 20,000 people have downloaded the Framework, we haven't been 
overloaded with feature requests yet (there *has* been some great 
feedback from people on this list, thanks!).

The email address to use to contact both of us is:

msfdev at metasploit.com

-HD

PS.  Apparently someone did a talk on the Metasploit Framework at 
Interz0ne last week, the reports are that it was wildy inaccurate and 
failed to convey the point of the Framework. Luckily enough, Spoon was in 
the audience and had a chance to clear up some misconceptions in a 
follow-up talk. If you are interested in writing an article or doing a 
presentation on the Framework, drop us a line and we would more than 
happy to help out.