Metasploit mailing list archives

Previous By Date Next
Previous By Thread Next

Exploit docs

From: masgad at gmail.com (M. GAD)
Date: Wed, 29 Oct 2008 11:13:35 +0100
In fact consulting references one by one to find out more information
about the exploit is sufficiently tedious. MSF-XB quite facilitate it
but we still need to visit several sites.
There is a closely related issue: selecting appropriate exploits. As
the number of exploits and auxiliary tools increases it will be more
difficult to select an appropriate exploit. Although the current GUI
or the web interface are supporting module selection either by
platform or arch, we need sometimes to make selection based on other
criteria a combination of them. For example, selecting an exploit
based on the privilege that it provides, according to its launching
source, according to the directly involved program (the vulnerable
program) , etc.

The current implementation of modules has useful information about
modules that represent a good basis for this.
However, we need to:
(1) add more information such as the corresponding CPE entry (Common
Platform Enumeration of MITRE) or the attributes of reasonable attack
classification (I suggest the one attached with this email)
(2) think about importing such information into a backend DB. This
will facilitate the selection process as well as allows establishing a
link with CVE, OSVDB or CPE detailed data easily.

Best regards,
M GAD



On Wed, Oct 29, 2008 at 12:17 AM, Jerome Athias <jerome.athias at free.fr> wrote:

An other ad for my MSF-XB :p (if you're a Windows user); when using the
XB Editor you will show the list of references (CVE, BID, OVSDB,
Milw0rm...) and one click will open your browser on the needed web page
;) just a tip.

H D Moore a ?crit :

Yes, look at the References section of each exploit and look up the CVE,
BID, OSVDB, and other references listed there. Some exploits will go into
more detail inside the exploit comments, but many of them are simple
enough that just referring to the CVE is enough.

On Tuesday 28 October 2008, metamaillist wrote:


Are there docs on what each exploit is actually exploiting?


_______________________________________________
http://spool.metasploit.com/mailman/listinfo/framework


-------------- next part --------------
A non-text attachment was scrubbed...
Name: attack-classification.pdf
Type: application/pdf
Size: 208908 bytes
Desc: not available
URL: <http://mail.metasploit.com/pipermail/framework/attachments/20081029/77204d0c/attachment.pdf>
Previous By Date Next
Previous By Thread Next

Current thread: