Metasploit mailing list archives
SOS on unsetg
From: hdm at metasploit.com (H D Moore)
Date: Tue, 2 Dec 2008 16:44:04 -0600
Currently, we implement file format exploits as web services or email clients. Going forward, we have four options as I see it: 1) All file format exploits will be implemented as both web server and email client modules. This means adding two modules for every exploit and potentially adding more modules for each new transport (p2p, etc). 2) All file format exploits will generate a file and the user has to configure exploit/multi/handler and deliver the file to the target. 3) All file format exploits will generate a file, but we add two generic modules, one for HTTP delivery, another for SMTP, and these modules will essentially be fancy versions of exploit/multi/handler. In other words, you would use exploit/multi/webhandler or exploit/multi/smtphandler, specify the generated output file and what payload it uses internally, and then run it. The module would start the payload handler and deliver the file to the target. 4) Every file format exploit will include a mixin which provides a standard API for generating the file (payload, target, any other generation options, etc). After this is implemented, we create exploit/multi/webhandelr and exploit/multi/smtphandler, which can enumerate all of the supported file format exploit modules, allow the user to choose one, and handle the generation/payload side at once. I like this option the best, since it keeps things clean and allows the file format modules to be used either standalone or in conjunction with a generic handler. -HD On Tuesday 02 December 2008, egypt at metasploit.com wrote:
I think that's a fabulous idea.
On Mon, Dec 1, 2008 at 4:33 PM, Patrick Webster wrote:Any plans on committing the file format based exploits to the framework? I'd like to write a few :) I was thinking we could offer two methods: 1) Writing the output directly to a file 2) Starting a HTTP server and responding to a GET request with the correct MIME type e.g. application/octet-stream for browser download.
Current thread:
- SOS on unsetg jeffs (Nov 30)
- SOS on unsetg MC (Dec 01)
- SOS on unsetg Patrick Webster (Dec 01)
- SOS on unsetg egypt at metasploit.com (Dec 02)
- SOS on unsetg H D Moore (Dec 02)
- SOS on unsetg egypt at metasploit.com (Dec 02)
- SOS on unsetg H D Moore (Dec 02)
- MSFGUI - Audio Alerts? + bugs? Donnie Werner (Dec 02)
- SOS on unsetg Patrick Webster (Dec 01)
- SOS on unsetg MC (Dec 01)