what about someone ports all exploits from Milw0rm over to metasploit?

[hdm at metasploit.com (H D Moore)]

On Sat, 2009-03-07 at 13:48 +1000, Professor 0110 wrote:
> I just had an idea that maybe Metasploit could have a dedicated team
> that ports all the exploits from Milw0rm over to the Metasploit
> Platform. That way, Metasploit can become a "fully functional" exploit
> platform and the ULTIMATE Penetration Testing/Hacking tool. I say this
> because a lot of the C/Perl exploits from Milw0rm don't compile in
> their default state.

Many of these exploits and proof of concepts require quite a bit of work
to port. For example, Every metasploit module contains information about
the maximum payload size, the restricted characters, and often
target-specific information for a wide range of versions. To port a
proof of concept, you essentially have to rewrite the code from scratch
and do the work that the PoC author didn't bother with. Without knowing
the payload size, the restricted characters, and the return time, these
become time intensive to convert. This doesn't take into account the
difficulty in finding copies of the original, vulnerable software.

I would love to port as many as possible, but its usually only worth the
effort for important/wide-spread vulnerabilities.

-HD