Metasploit mailing list archives
MS09-001
From: abhisek.datta at gmail.com (Abhisek Datta)
Date: Fri, 15 May 2009 11:12:30 +0530
My replies inline. On Fri, May 15, 2009 at 9:00 AM, Patrick Webster <patrick at aushack.com> wrote:
Hi Abhisek, Thanks for the module... however I just noticed there is already a ms09_001 module under \auxiliary\dos\windows\smb. Does this module do anything different?
A quick look shows modules/auxiliary/dos/windows/smb/ms09_001_write.rb exploits the invalid data offset bug fixed in MS09-001. The exploit I pointed before triggers another bug among the 3 bugs fixed in MS09-001.
Just FYI, I see you've written an 'exploit' module in this instance and forced a target & payload to make it work. Keep in mind Auxiliary modules are essentially exploit modules, without a payload requirement.
Well, initially I was hoping to write an "exploit" and not a "PoC" so started by copy pasting some other SMB related exploit, but oh well there wasn't much luck :)
Cheers, -Patrick
Thanks, -abhisek