Metasploit mailing list archives
Suggestion : Providing the DATE for exploits
From: mmiller at hick.org (mmiller at hick.org)
Date: Sun, 2 Oct 2005 13:55:43 -0500
On Sun, Oct 02, 2005 at 10:44:42PM +0530, Nagareshwar Talekar wrote:
Hi all,. First off all , my thanks to all the developers of MSF for making such a wonderful product. Here is the suggestion to include DATE field for exploits. The DATE field will indicate when the vulnerability was actually found or may be when the exploit was developed. This is very useful feature that will greatly help pen testing guys to attempt latest exploits without wasting time on trying on old exploits. The date need not be exact as there will be multiple phases in vulnerablilty disclosure.
You can get the date when the vulnerability was disclosed by looking at the references that almost all of the exploits have. Including the date when the exploit was developed is kind of meaningless. A lot of the times we will go and write an exploit for a vulnerability that was found years ago (ie_objecttype). In this case, including the date when the exploit was written would be useless in general.
Current thread:
- Rebase...., (continued)
- Rebase.... myx (Oct 01)
- Rebase.... H D Moore (Oct 02)
- Rebase.... H D Moore (Oct 02)
- Rebase.... Sean Clark (Oct 03)
- Rebase.... myx (Oct 01)
- Suggestion : Providing the DATE for exploits Frank DiRocco (Oct 02)
- Suggestion : Providing the DATE for exploits H D Moore (Oct 02)
- Suggestion : Providing the DATE for exploits Nagareshwar Talekar (Oct 03)
- Suggestion : Providing the DATE for exploits Nagareshwar Talekar (Oct 03)
- Suggestion : Providing the DATE for exploits Michael James Reilly (Oct 17)
- Suggestion : Providing the DATE for exploits H D Moore (Oct 18)