Writing Exploits for MSF3

[aushack at gmail.com (Patrick Webster)]

Hi guys,

First of all congrats on the release and port of Metasploit 3! Excellent
work (and you picked an awesome language to work with).

I've been using msf for a few years now and would be interested in
contributing where possible (though I'm no shellcode hax ninja like the rest
of you). For example, if doing a pen-test and I discover a known vulnerable
service where no msf module exists... is it worth writing a module?

Also, I was wondering what the requirements of the modules are? E.g;

stable vs unstable (100% vs 80% vs 5%)
old exploits vs the new (2 years? 5 years old? windows 95 or redhat
5 attacks etc?)
mainstream software vs uncommon vs rare (m$ windows / extremely expensive
commercial / specialist software development company - hard to find)
memory overflow vs traversal execute vs remote file read (strcpy vs
../../../bin/ls -la vs ../../etc/shadow)

etc.

Thanks,

-Patrick
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.metasploit.com/pipermail/framework/attachments/20070501/3ff34482/attachment.htm>