Metasploit mailing list archives
Metasploit Framework Updates
From: hdm at metasploit.com (H D Moore)
Date: Sun, 26 Jun 2005 02:27:04 -0500
Hello everyone, We just pushed out updates for the DCERPC API in version 2.4 of the Metasploit Framework. All DCERPC-enabled exploits have been modified to take advantage of the new BindFakeMulti() function. Theoretically, this will prevent a few signature-based intrusion detection systems from detecting these exploits. Since Cisco has decided to tag all SMB traffic with the word "metasploit" in it as suspicious, we went ahead and removed that from the SMB API as well ;-) There are still many different ways to signature the Metasploit exploit modules, but this was an easy (and fun) hack to implement. The Metasploit Framework documentation page now contains links to numerous third-party resources. If you haven't seen the Whoppix flash-based videos, you are definitely missing out. If you are aware of any other information resource that we have not listed (user guides, howto's, etc), please let me know off-list. - http://metasploit.com/projects/Framework/documentation.html I will be presenting at the FIRST (www.first.org) conference in Singapore on June 30th, if you are going to be in town and want to grab a drink, please drop me an email. Additionally, I will be giving a short talk at the SIG^2 meeting on June 1st in Suntec City. - http://www.security.org.sg/ BackupExec users beware, the new Metasploit module (backupexec_agent) is able to compromise all BackupExec 9.x/10.x Windows agents without any guesswork. Thanks to Pedram Amini (www.openrce.org, pedram.redhive.com), we will be releasing an exploit module for the registry access flaw in the near future. -HD
Current thread:
- Metasploit Framework Updates H D Moore (Jun 26)
- Metasploit Framework Updates billy am (Jun 26)