Metasploit mailing list archives
what about someone ports all exploits from Milw0rm over to metasploit?
From: hdm at metasploit.com (H D Moore)
Date: Fri, 06 Mar 2009 23:08:11 -0600
On Sat, 2009-03-07 at 13:48 +1000, Professor 0110 wrote:
I just had an idea that maybe Metasploit could have a dedicated team that ports all the exploits from Milw0rm over to the Metasploit Platform. That way, Metasploit can become a "fully functional" exploit platform and the ULTIMATE Penetration Testing/Hacking tool. I say this because a lot of the C/Perl exploits from Milw0rm don't compile in their default state.
Many of these exploits and proof of concepts require quite a bit of work to port. For example, Every metasploit module contains information about the maximum payload size, the restricted characters, and often target-specific information for a wide range of versions. To port a proof of concept, you essentially have to rewrite the code from scratch and do the work that the PoC author didn't bother with. Without knowing the payload size, the restricted characters, and the return time, these become time intensive to convert. This doesn't take into account the difficulty in finding copies of the original, vulnerable software. I would love to port as many as possible, but its usually only worth the effort for important/wide-spread vulnerabilities. -HD
Current thread:
- what about someone ports all exploits from Milw0rm over to metasploit? Professor 0110 (Mar 06)
- what about someone ports all exploits from Milw0rm over to metasploit? H D Moore (Mar 06)
- what about someone ports all exploits from Milw0rm over to metasploit? Nicholas Harvey (Mar 06)
- what about someone ports all exploits from Milw0rm over to metasploit? H D Moore (Mar 06)
- what about someone ports all exploits from Milw0rm over to metasploit? Natron (Mar 06)
- what about someone ports all exploits from Milw0rm over to metasploit? Nicholas Harvey (Mar 06)
- what about someone ports all exploits from Milw0rm over to metasploit? H D Moore (Mar 06)
- what about someone ports all exploits from Milw0rm over to metasploit? A K (Mar 07)
- what about someone ports all exploits from Milw0rm over to metasploit? val smith (Mar 07)