Metasploit mailing list archives
Winamp Playlist UNC Path Computer Name Overflow
From: grutz at jingojango.net (Kurt Grutzmacher)
Date: Tue, 31 Jan 2006 08:22:18 -0800
On Jan 31, 2006, at 6:44 AM, H D Moore wrote:
On the subject of "beta" exploit modules - at any given time I have a half-dozen exploits sitting around that are not pushed to the web site. The biggest reason is reliability, we try not to include any module that doesn't consistently pass our own testing. I have been thinking about ways to address this and wondered if a new option to 'msfupdate' to pull download 'beta' modules would be useful to anyone?
Anything that assists others in researching is a good thing to have. Sure we could all write our own modules for each and every fault that comes out but some of us just don't have the time to devote to it, nor the system resources available to test. A flagged 'beta' or 'untrusted' module that wouldn't run unless you set an UNTRUST variable would certainly be nice to have. It will most likely open up more testing on a module that you wouldn't be able to do yourself and that means also getting messages like "OMG YOUR SPLOIT JUST WIPED OUT MY SERVER" when in reality it was some kid trying it on their high school campus network and getting caught crashing the backup server. You'd still want your USB drives of VMware images but if you're 80-90% comfortable with a module let the rest of us work that last 10-20% out.
Current thread:
- Winamp Playlist UNC Path Computer Name Overflow H D Moore (Jan 31)
- Winamp Playlist UNC Path Computer Name Overflow Nicob (Jan 31)
- Winamp Playlist UNC Path Computer Name Overflow Kurt Grutzmacher (Jan 31)
- Winamp Playlist UNC Path Computer Name Overflow Simple Nomad (Jan 31)
- Winamp Playlist UNC Path Computer Name Overflow Simple Nomad (Jan 31)
- Winamp Playlist UNC Path Computer Name Overflow val smith (Jan 31)
- Winamp Playlist UNC Path Computer Name Overflow val smith (Jan 31)
- Winamp Playlist UNC Path Computer Name Overflow val smith (Jan 31)