Re: Autopwn

[Zate Berg <zate75 () gmail com>]

Been informed off list that db_autopwn allows for regex.

db_autopwn accepts a regex

 -m  [regex] Only run modules whose name matches the regex

only issue with that I see is that the naming of modules isn't
consistent with arch/os at times, but the regex is good info to know.

Zate



On Mon, Oct 4, 2010 at 12:45 PM, Zate Berg <zate75 () gmail com> wrote:
> I don't believe it currently does this.
>
> Perhaps the command needs to be able to accept an arch or os type to
> restrict the vulnerabilities that it returns, or perhaps it needs the
> ability to specify a specific exploit on the db_autopwn switches to
> run only that exploit across all hosts in the workspace?
>
> i am doing some digging in regards to how db_autopwn works to be used
> with the nessus plugin to get more accurate results on matching nessus
> plugins to exploits and that might help with this.
>
> Zate
>
>
>
> On Mon, Oct 4, 2010 at 12:15 PM, John Nash <rootsecurityfreak () gmail com> wrote:
> > Hello All,
> > I have used db_nmap to get all the ports on a remote system.
> > I also know the remote system is windows.
> > I now need to run db_autopwn -p -e -t  but I want to ensure that it only
> > uses windows exploits and not linux ones for the matching port.
> > Is there some way I can do this?
> > Regards,
> > JN
> > _______________________________________________
> > https://mail.metasploit.com/mailman/listinfo/framework
_______________________________________________
https://mail.metasploit.com/mailman/listinfo/framework