Metasploit mailing list archives
Re: Noob questions
From: "HD Moore" <x () hdm io>
Date: Thu, 12 Jun 2014 10:42:07 -0500
Privileged in an exploit indicates that you get root or SYSTEM equivalent access. Privileged in a payload indicates that it needs root or SYSTEM. An example is the windows/adduser payload. We automatically compare the exploits to the modules when you type "show payloads" to match these up. Payload size is generally fixed. Most of the time that devs try to avoid this is when they forget to include a BadChar or the exploit method isn't solid yet. We recommend working with a fixed size and using the exploit module code to change any padding/framing needed to make the size you chose reliable. Setting a size too low will reduce the number of compatible payloads. Rename - yes. Move the old module to the new name, git add the new module, and exploit why in the commit message. We try not to move things around too much as people may depend on them, but if the previous module name is really generic (product_bof.rb), then it makes sense to clarify what specifically it overflows. Keep in mind that module names should be lower case, words split by underscore, and you generally don’t need the word "vulnerability" in the name or the title field of the module's metadata. -HD From: framework [mailto:framework-bounces () spool metasploit com] On Behalf Of Pedro Ribeiro Sent: Thursday, June 12, 2014 3:21 AM To: framework () spool metasploit com Subject: [framework] Noob questions Hi, I have a few questions for which I couldn't find the answer online... What is the privileged flag? The documentation says it should be used when privileges are required to run the exploit. Is this on the local metasploit side, or on the server side? And if on the local, how do I know if an exploit requires privileges? With regards to the payload size, is it possible to specify it as one of the options? The reason being that the exploit I'm preparing is reliable with smaller payloads, but one shot when using a larger payload. Finally, regarding the commit "etiquette", can I rename modules in pull requests? The reason being that there is another module which is named productName_vulnerability, and the module I want to contribute exploits the same flaw in the same product but for later versions and using a different method. I was thinking about naming both productName_method_vulnerability. I've also made a few changes to the existing module to make it work in more versions, so my pull request would not be only the rename and the new module. Thanks for your help! Regards Pedro _______________________________________________ https://dev.metasploit.com/mailman/listinfo/framework
Current thread:
- Noob questions Pedro Ribeiro (Jun 12)
- Re: Noob questions HD Moore (Jun 12)
- Re: Noob questions Robin Wood (Jun 12)
- Re: Noob questions Tod Beardsley (Jun 12)
- Re: Noob questions Pedro Ribeiro (Jun 17)
- Re: Noob questions Pedro Ribeiro (Jun 18)
- Re: Noob questions Ben Campbell (Jun 20)
- Re: Noob questions Pedro Ribeiro (Jun 17)
- Re: Noob questions HD Moore (Jun 12)