Metasploit mailing list archives

How do you get your exploits?

From: angelisonline at gmail.com (Mr Gabriel)
Date: Fri, 14 Sep 2007 13:51:44 +0000

Please forgive me, if I sound very naive.... I'm new to this game, and
information isn't exactly flowing all over Google, for obvious reasons.

SP2 for windows XP, obviously, has been around for a long time, but I'm very
surprised that there are few exploits for it in MS3, but still many worms in
the wild that rape XP systems Vlad the Impaler style. Now, please forgive me
if I'm going about this the wrong way, but I think I may have got this pen
testing philosophy slightly wrong. To me, the concept, and idea of pen
testing, is to find holes *before* some crack fueled script kiddie does -
but how can I do this if I don't have the latest exploits to hand?

Which brings me to my second point, the exploits that are included with MS3
- where they created just for MS3, or have they been adapted from exploits
found in the wild?
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.metasploit.com/pipermail/framework/attachments/20070914/0a0d8020/attachment.htm>

Current thread:

How do you get your exploits? Mr Gabriel (Sep 14)
- How do you get your exploits? H D Moore (Sep 14)
  - How do you get your exploits? Wayne Ho (Sep 14)
    - How do you get your exploits? Patrick Webster (Sep 14)
  - How do you get your exploits? Mr Gabriel (Sep 15)
- How do you get your exploits? Leo Jackson (Sep 14)