Metasploit mailing list archives

MSF Exploit writing little tutorial

From: tyronmiller at gmail.com (Ty Miller)
Date: Thu, 21 Dec 2006 10:07:12 +1100

Thanks to all for your help - keep the recommended resources coming!

I have read through this presentation that Tom suggested, which can be found
at;

http://conference.hitb.org/hitbsecconf2006kl/materials/DAY%201%20-%20Saumil%
20Shah%20-%20Writing%20Metasploit%20Plugins.pdf

A good start to get the concepts in the ol' noggin! ... along with JA's more
hands-on tutorial. ;o)

I look forward to getting stuck into the others.

Cheers,
Ty



-----Original Message-----
From: Tom Van de Wiele [mailto:tom at uniskill.com] 
Sent: Wednesday, 20 December 2006 8:51 PM
To: framework at metasploit.com
Subject: RE: [framework] MSF Exploit writing little tutorial

Hi list

You might want to look at all the presentation material Saumil Shah uses
in his metasploit (2.x) workshops arround the globe.  They don't go that
deep, but they offer a nice visual presentation of the whole concept
with some simple examples.  Enough to get you going to roll your own.  

My 2 cents

Tom






-----Original Message-----
From: Ty Miller [mailto:tyronmiller at gmail.com] 
Sent: woensdag 20 december 2006 5:18
To: framework at metasploit.com
Subject: RE: [framework] MSF Exploit writing little tutorial

Hi Jerome,

Nice work. The article is really good.

I have been a pen tester for a while and have been meaning to get into
exploit development over the past few months, but haven't managed to
find a
descent exploit tutorial - especially using Metasploit.

If anyone has any suggestions as to what I should do or read to get
myself
up to speed in exploit development, it would be appreciated if you could
pass on your handy hints.

Thanks,
Ty

-----Original Message-----
From: Jerome Athias [mailto:jerome.athias at free.fr] 
Sent: Tuesday, 19 December 2006 9:21 PM
To: framework at metasploit.com
Subject: [framework] MSF Exploit writing little tutorial

by: Cyberheb

| --- Intro

Hi there, 

I made this article in order to show you about using metasploit
framework
for creating exploit.

Through this article, i'll show you how to make simple exploit which is
part
of metasploit framework and use it's 
feature to make exploit development more efficient. First of all, we
need to
create simple vulnerable server which can 
be exploited, this vulnerable server has stack buffer overflow hole and
easy
to be exploited. I'll take this simple 
vulnerable server from preddy's article which was posted for milw0rm few
months ago (see under reference for preddy's 
article), you can look at preddy's article for the detail on exploiting
this
server application. I'll only show you 
some important detail related to this article.


http://www.milw0rm.com/papers/125

...




    MERRY CHRISTMAS!              __ _ __ ___
          &                  _ __'.:;.:;.:;.:`
    HAPPY NEW YEAR!        _'.:;.:;.:;.:;.:;.:`
                          '.:. , :`,.,`;'/`__ _` _
                         '..:;.;'.:,.;.:;\      (_)
                       -__ --_-_-_-__---_-)
                      (                    )
   ____               (_- -__-_-__-____-__-)
  /####\ /\            |  ,~~~'  `~~~.   %@
  |#####\#|             )  ><@>  <@><    %@%
  |#######|            /      /          %@p
   \######|            ( *   (_c)   * )  % %      .0day0day.
    |#####|             \ '%@%@%@%@`, %@%@       .0day0day\x.
    /#####\         _ _ d%@ `----' @%@%@ \ _ _ _.0day0day0dayz.
    ~~~~~~~       ':;.;%@@%@%@%@%@%@@%p  /.:;.:;0day0day0daymsf.
     `.:;.'     ':;.;%@@%@%@@%@%@%@%@ :: ____xxx0day0day0day0day.
     :.:;.:`   ':;.:d%@%@%@%@%@%@@%@%.:;/####\/\.:;\x0day0day0day
     :.:;.:;` ';.;;.%@%@@%@%@@%@%@%@p.:;|#####\#|.:;\x0day0day0day.
     :.:;.:;./;.;;.;%@%@%@%@%@%@%@%@ ::.'\######|.:;\\x0day0day0day
     :.:;.:;.|:.;.;.% %@%@%@%@%@% % :  ..\\#####|.:;.\\x0day0daymsf
     :.:;.:;/:;.;.:;.q%@%@@%@%@ %p.:;.%hdm|#####\.:;.\\x0day0day\x
     :.:;.:;|:;.:;.;;;%@%@@% %.:;.:;.r00t. ~~~~~~ .:;.|x0day0day\x.
     :.:;.:/.:;.:;.:;.: o  .:;.:;.:;....:;/.:;.:;\.:;.|\x0day0dayz.
      `.:;.|:;.:;;;.:;.    .:;;;;;;;;;;;;;|.:;.:;.\.:;\\x0day0day.
       `::/:;;;.:;;.:; o  .:;.;;.:;;;.:;.:|.:;.:;.:\.:;\\x0dayvnm
          ;.:;;.:;;.:     :;;;.:;.:;.:;.:;\.:;.:;.:;.:;|xxmsfxx.
          :::;.:;.:;. o  ..:;.:;.:;;;;.;;;;\.:;.:;.:;.:|msfmsf.
          :::;.:;;.:     .:;;;;;;;;.:;.:;;;|.:;.:;.:;./mm\xm.
          ;.:;.:;.;. o   .:;.;.:;;.:;.:;.:;.\________/mmmsf.
          :.:;;;.;;;     .:;;.:;.:;;.:;.:;.:;.;.:;;;;`mmsf
           `#######xMSFxx###########################
            #######xMSFxx###########################
           '::;;;.;; o  :;;;.:;.:;;.;;;;;;;;;;;.:;.:`  (H.Classen)

/JA

Current thread:

MSF Exploit writing little tutorial Jerome Athias (Dec 19)
- <Possible follow-ups>
- MSF Exploit writing little tutorial Ty Miller (Dec 19)
  - MSF Exploit writing little tutorial Jerome Athias (Dec 20)
    - MSF Exploit writing little tutorial zhangyudong (Dec 20)
  - MSF Exploit writing little tutorial Jerome Athias (Dec 20)
  - MSF Exploit writing little tutorial markee (Dec 20)
- MSF Exploit writing little tutorial Tom Van de Wiele (Dec 20)
- MSF Exploit writing little tutorial Ty Miller (Dec 20)
  - MSF Exploit writing little tutorial M Bealby (Dec 21)
    - MSF Exploit writing little tutorial Nathan Keltner (Dec 21)
- MSF Exploit writing little tutorial Ty Miller (Dec 21)