Nmap Development mailing list archives
Re: [NSE] Check for MS06-025 vulnerability in Microsoft RRAS service
From: Ron <ron () skullsecurity net>
Date: Mon, 31 May 2010 07:48:28 -0500
On Sat, 29 May 2010 04:24:22 +0200 Dražen Popović <drazen.popovic () fer hr> wrote:
Yes, two actually. One is more complicated than the other but they both target the same vulnerability. modules/exploit/windows/smb/ms06_025_rras.rb Regards, Dražen.
Does Metasploit require authentication? If not, can the Metasploit module be adapted, with the correct shellcode, to serving as a scanner? My understanding is that Nessus, when it is unable to check for a patch stably, will run an actual exploit that sets a certain variable that it can access to a key value, then checks that value. If that's something that's do-able, and you just need the proper shellcode, let me know -- I like writing shellcode. :) We should maybe consider something like that for MS08-067, too -- our current check sucks because it still breaks stuff. -- Ron Bowes http://www.skullsecurity.org http://www.twitter.com/iagox86
Attachment:
_bin
Description:
_______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Re: [NSE] Check for MS06-025 vulnerability in Microsoft RRAS service, (continued)
- Re: [NSE] Check for MS06-025 vulnerability in Microsoft RRAS service Richard Miles (May 28)
- Re: [NSE] Check for MS06-025 vulnerability in Microsoft RRAS service Dražen Popović (May 30)
- Re: [NSE] Check for MS06-025 vulnerability in Microsoft RRAS service Richard Miles (May 30)
- Re: [NSE] Check for MS06-025 vulnerability in Microsoft RRAS service Dražen Popović (May 31)
- Re: [NSE] Check for MS06-025 vulnerability in Microsoft RRAS service Richard Miles (May 31)
- Re: [NSE] Check for MS06-025 vulnerability in Microsoft RRAS service Dražen Popović (May 31)
- Re: [NSE] Check for MS06-025 vulnerability in Microsoft RRAS service Ron (May 31)
- Re: [NSE] Check for MS06-025 vulnerability in Microsoft RRAS service Richard Miles (Jun 01)
- Re: [NSE] Check for MS06-025 vulnerability in Microsoft RRAS service Dražen Popović (Jun 02)
- Re: [NSE] Check for MS06-025 vulnerability in Microsoft RRAS service David Fifield (Jun 02)
- Re: [NSE] Check for MS06-025 vulnerability in Microsoft RRAS service Dražen Popović (May 30)
- Re: [NSE] Check for MS06-025 vulnerability in Microsoft RRAS service Richard Miles (May 28)
- Re: [NSE] Check for MS06-025 vulnerability in Microsoft RRAS service Ron (May 31)