Metasploit mailing list archives
Weekend Updates
From: hdm at metasploit.com (H D Moore)
Date: Mon, 4 Oct 2004 06:09:44 -0500
Hello everyone, A few significant updates were made to the Metasploit Framework over the weekend. These updates are available via msfupdate (see the note about updates *to* msfupdate below). - A Windows 2003 target was added to the DCOM exploit by spoonm, it uses David Litchfield's nifty technique for exploiting SEH overwrites on Windows 2003. This exploit module can now exploit four different operating systems with the same request ;-) http://www.nextgenss.com/papers/defeating-w2k3-stack-protection.pdf - A long-standing bug has been identified and resolved in msfupdate. Anyone who had problems before with the "VNC" update should be happy to hear that it was not Fedora's fault after all, just an oversight in the code. The fact that people using FC2 were the only ones reporting it led us on a wild goose chase through locale land. You *should* be able to use msfupdate to grab the latest copy, however the following URL will work as well if you have any problems with msfupdate. https://metasploit.com/projects/Framework/updates/current.html/msfupdate - The PEInfo class in the Pex directory has been updated and overhauled. You can see the improvements with the new -D flag to msfpescan. This option will cause the script to dump tons of information about the PE image, including the exports, imports, IAT addresses, resources, and version information. It still isn't perfect, but it is definitely a time saver when you need to find an IAT to call/overwrite or want to know the version of an EXE when running on a non-windows system. The underlying API is still pretty ugly (your eyes may actually run away from your skull if you look at the code for parsing the VERSION_INFO structure). This should get cleaned up a bit before the final 2.3 release. $ ./msfpescan -D -f /some/exe/or/some.dll - Three different Framework users submitted exploit modules over the weekend. You should see new modules for the following vulnerabilities sometime in the next week or so: * Icecast 2.0.1 Win32 Header Overflow (one version already available) * IIS 4.0 HTR ISAPI Buffer Overflow * IPSwitch WhatsUp Gold iname Buffer Overflow We definitely appreciate the support from the community, between the donations (almost $300 now, woot), the code contributions, translation efforts, and the daily feedback, the project is really starting to gain momentum. We would like to thank the community as whole and the contributors in particular for kicking some life into the project when both spoonm and I have been too busy to start finalizing version 2.3. The new hardware in the metasploit.com server is going to make a huge difference with some of the new projects... -HD
Current thread:
- Weekend Updates H D Moore (Oct 04)
- <Possible follow-ups>
- Weekend Updates Israel Torres (Oct 04)
- Weekend Updates jerome.athias at caramail.com (Oct 04)