Metasploit mailing list archives
Re: CVE to Exploit Mapping
From: Mario Ceballos <mc () metasploit com>
Date: Thu, 30 Sep 2010 09:52:22 -0500 (CDT)
tools/module_reference.rb can also help. ~mc On Thu, 30 Sep 2010, Zate Berg wrote:
I started work on something like this that did lookups on the metasploit.com website, and then looked at using osvdb.org's API. Neither of which I think is a good solution. I was hoping to produce a regularly updated list of CVE's that were good candidates for an exploit of which none existed. I'm messing about with using CVE and some parts of the CVSS2 vector to determine what is a good candidate for exploit via msf from nessus results. Also looking at searching on BID/CVE from within msf. I agree that CVE to Exploit is a little spotty right now. Being able to take results from a vuln scan and tie with a high confidence into msf exploits would be nice. Zate On Thu, Sep 30, 2010 at 10:17 AM, Lukas Kuzmiak <metasploit () backstep net> wrote:Not sure about the msfconsole/cli/gui/whatever method, however a dirty quick one could be just: [lukash@node2 trunk]$ grep -r 2008-4250 modules/exploits/ modules/exploits/windows/smb/.svn/text-base/ms08_067_netapi.rb.svn-base: [ 'CVE', '2008-4250'], modules/exploits/windows/smb/ms08_067_netapi.rb: [ 'CVE', '2008-4250'], [lukash@node2 trunk]$ :-) Lukas Only wimps use tape backup: _real_ men just upload their important stuff on ftp, and let the rest of the world mirror it ;). Torvalds, Linus (1996-07-20). On Thu, Sep 30, 2010 at 4:10 PM, Matthew Presson <matthew.presson () gmail com> wrote:Given a CVE number, is there any way to determine of metasploit contains an exploit for it? Example CVE-2005-3116. -- Matt _______________________________________________ https://mail.metasploit.com/mailman/listinfo/framework_______________________________________________ https://mail.metasploit.com/mailman/listinfo/framework_______________________________________________ https://mail.metasploit.com/mailman/listinfo/framework
_______________________________________________ https://mail.metasploit.com/mailman/listinfo/framework
Current thread:
- CVE to Exploit Mapping Matthew Presson (Sep 30)
- Re: CVE to Exploit Mapping Lukas Kuzmiak (Sep 30)
- Re: CVE to Exploit Mapping Zate Berg (Sep 30)
- Re: CVE to Exploit Mapping Matthew Presson (Sep 30)
- Re: CVE to Exploit Mapping Mario Ceballos (Sep 30)
- Re: CVE to Exploit Mapping egypt (Sep 30)
- Re: CVE to Exploit Mapping Zate Berg (Sep 30)
- Re: CVE to Exploit Mapping Lukas Kuzmiak (Sep 30)