BackTrack 4 and MS09-xxx not found

[uss.thebug at gmail.com (Ulisses Castro)]

Hello Ammad,

Download milw0rm archive list, and then:

$ for i in $(sed -e 's/\-/-/g' /tmp/bugs.txt | cut -f1 -d' '); do grep
-ir $i ./milw0rm; done
./milw0rm/platforms/windows/dos/8479.html:MS09-014: MSIE EMBED element
race condition memory corruption
./milw0rm/platforms/windows/dos/8479.html:http://skypher.com/index.php/2009/04/19/ms09-014-embed-element-memory-corruption
./milw0rm/sploitlist.txt:./platforms/windows/dos/8479.html MS Internet
Explorer EMBED Memory Corruption PoC (MS09-014)

Voil?!!!

my 2 cents... to mine infos use your imagination! good luck...

Tears!

Ulisses Castro

On Mon, Sep 21, 2009 at 4:14 AM, Ammad Shah <ammadsh at yahoo.com> wrote:
> Thanks MaXe,
>
> can you help me to learn. i am tired off. i also visited to milw0rm. but it seems very hard to mine information i 
> want. are any other tools are available for trial.
>
> thanks
>
> --- On Mon, 9/21/09, metafan at intern0t.net <metafan at intern0t.net> wrote:
>
> From: metafan at intern0t.net <metafan at intern0t.net>
> Subject: RE: [framework] BackTrack 4 and MS09-xxx not found
> To: ammadsh at yahoo.com, framework at spool.metasploit.com
> Date: Monday, September 21, 2009, 11:49 AM
>
> Hi again,
>
>
> It's pretty simple, you buy Core Impact (newest version) and most of these exploits should be there.
> Or you can get Immunity Canvas too and perhaps another commercial feed where they provide
> a lot of exploits, I can't remember the name of it right now though..
>
> What I'm trying to say is: Metasploit is F R E E and that is why you cannot expect every single
> exploit to be in there. Of course you can go to Milw0rm and check out the exploits and perhaps
> port (as in import) the exploits to Metasploit yourself and perhaps create a few modules too that
> you could share with the community as well. (unpublic exploits..)
>
> That's how it works with Metasploit! :-) I don't expect everything to work 100% in Linux either with some specific 
> hardware units or if I have to emulate something due to closed source.
>
> Of course if I wrote everything myself for whatever problem I had, I would have no problems but I'm not that a good 
> programmer, in fact I am horrible!!!11(eleventyone!!? =P)
>
>
> Best regards,
> MaXe
>
>
> HI again,
>
> To touch with you, i installed Windows 2003 SP2 (English), and scanned it "WinVlunerScanner" this listed a lot of 
> vulnerabilities none of them is listed in BT 4. how do i exploit these. even i have updated BT4 (metasploit using 
> svn). :(
>
> MS09-038??? Vulnerabilities in Windows Media File processing (Allow Remote Code execution)
> MS09-037??? Vulnerabilities in Microsoft Template Library (Allow Remote Code execution)
> MS09-032??? Cumulative Security Update of ActiveX kill Bits
> MS09-029??? Vulnerabilities in the Embedded Open Type Font Engine (Allow Remote Code execution)
> MS09-028??? Vulnerabilities in Microsoft Directshow could allow remote code exectuion
> MS09-010??? Vulnerabilities in WordPad and Office Text Converter Could Allow Remote code execution
> MS09-011??? Vulnerabilities in DirectShow
> MS09-014??? cumulative Secuirty Update
> MS09-006??? Vulnerabiliy in Windows Kernel Could Allow remote doe execution
> MS09-001??? Vulnerability in SMB could allow remote code execution
> MS09-071??? vulnerability in GDI Could allow remote code execution
> MS09-073??? Cumulative Security update for IE
>
>
> thanks for Experts.
>
>
>
>
> _______________________________________________
> https://mail.metasploit.com/mailman/listinfo/framework



--
Ulisses Castro (thebug)
http://ulissescastro.wordpress.com
uss.thebug at gmail.com