Slashdot Mirror

← Back to Domains

Domain: metasploit.com

Stories and comments across the archive that link to metasploit.com.

Comments · 58

  1. Re:You'd think this would be obvious by zbuffered · · Score: 1 · on Microsoft Genuine Advantage Cracked

    many updates to Windows are security fixes and zombie machines adversely affect other users, not just the owner.

    True! Genuine Advantage is great news to the folks who create and use the Metasploit framework.

  2. Re:Snort by gclef · · Score: 3, Informative · on Free Open-Source vs. Commercial Security Tools?

    Snort's not really a pen-test tool, though.

    For pen-testing, check out the Metasploit framework. It's truly cool.

    Also, have a look for scanrand, part of paketto keiretsu (doxpara.com appears to be having trouble right now, so don't go looking right now).

    There's always the old standbys, as well, like dsniff.

  3. Re:Linux is more secure. Once more. by Theatetus · · Score: 5, Informative · on Windows vs. Linux Security, Once More
    Crackers are an ingenious lot, and security holes are security holes are security holes. They WILL be exploited in linux sooner or later.

    Will be exploited? Download the metasploit framework sometime; there are more exploits for Linux than for Solaris or Windows. But this is where the guy's point becomes important: because of how Windows deals with security tokens (here is a good place to start if you're curious), any exploit that gains access can probably execute code in the SYSTEM context.

    So, of the Linux exploits that are trivially available to exploit, none can reliably execute arbitrary system code, while all of the Windows exploits can. That's not this one guy's opinion, that's just how the operating systems work.

  4. It's the KEYBRD and LINUX that mks it so flexible! by kcurrie · · Score: 3, Informative · on Sharp Plans To Pull Zaurus From U.S. Market

    [ tons of tips and ideas what's possible with a Z follow ]

    The 5500 and others are more like little Linux laptops then PDAs. While I am far from a typical PDA user, the absolutely INCREDIBLE stuff I can do with just a 5500 and a wireless card continues to astound me today. To be fair, I never bought a Zaurus with the intention of ever doing typical PDA like stuff, but just wanted an easy familiar environment to hack in.

    Years ago I had a USR P1000 (The Palm 1000, before Palm bought it from US Robotics), and while it was a great PDA (for the day), it was underpowered for what I wanted and most importantly LACKED A KEYBOARD, which makes all the difference in the world. One day I worked an ENTIRE day with only my P1000, a ssh client and a (9600 baud) serial link to my cell phone to see just how doable it was. As a unix admin doing security work the P1000 did have SOME uses (serial console to Sun boxes, ssh client for accessing mail via Mutt, etc) but the end result was a less than productive day overall. Trying to edit files on unix boxes with vi using Graffiti was quite painful and I vowed I'd never buy another PDA until it had at least a minimal keyboard to work with.

    Fast forward to my (now several years old) 5500. Shortly after getting it I wiped the original Sharp rom and replace it with the actively developed OpenZaurus distribution, and was very happy with the results.

    I have a very portable linux box with wireless, nearly all the software I was using on Solaris and Linux, as well as the pretty Qtopia apps and a half-way decent environment. I've been able to get nice tools like nmap, p0f (Passive OS Fingerprinter), Kismet, and other excellent unix based tools working with minimal effort on the Z under OpenZaurus (and the a lesser extent the Sharp ROM). Under OZ I can compile and run MANY common exploit tools like the awesome Metasploit framework, which require perl, and to a less extent Python. Both are no big deal to get going on the Z, especially since the Z is binary compatible with the IPAQ based Familiar distribution, and usually just needs the odd library to get an app working. That's all fine for text based apps, but since OZ (using Opie, at least) is QT and not X based, a variety of GUI based apps don't easily run. There ARE solutions to getting X based apps to run with minimal fuss, including the original x11zaurus package, and more recently the excellent X/QT package, as well as simply running one of the versions of the vncserver for Zaurus which of course allows you to display X not only on your Z, but also on any other VNC compatible device (such such as you cell phone, Linux, Windows, etc).

    More recently the GPE environment and projects has become available, and is offers an attractive alternative to Opie, but with X11 compatibility built in.

    For me, I joined the Debian religion ~5-6 years ago after experimenting to see what all the fuss on /. was all about. It didn't take long before I was the typical Debian crack addict apt-getting any application I wanted to check out on a whim. After living in Ottawa for years I was very well aware of the Corel (and later Rebel.com (who themselves were called Hardware Canada previously, and were a unix reseller) Netwinder , which was a cool little ARM based PC, which unfortunately suffered under the idiocy of Corel's managem

  5. Security through diversity ... by Gopal.V · · Score: 2, Insightful · on GdkPixbuf Suffers Image Decoding Vulnerabilities
    I compile a LOT of my libraries on my box (it's an FC1 hybrid) and my other box is a gentoo.

    Most of the exploits (ie actual "exploits") depend on the EIP or some other register being clobbered or the stack being smashed to execute a data block. Metasploit has a nice database of such clobberable locations for Windows

    So if you compile your own stuff with your own "-O3 -fomit-frame-pointer -fstack-protector", you may be breaking the binary compatibility of exploit :). Most ordinary exploits will fail for such custom compiled stuff , unless the guy at the other end takes a memory dump (hard to do undetected over the network) and reads the .stab entries first to figure out your box's weak spot (to use "-g" or not ... hmm..). If you're dealing with guys like that , then you'd better invest a bit better in security than I do . I call it "Security through Diversity" .

    Too bad windows users don't have that option.

  6. Re:Similar move from Oracle/IBM will follow very s by Gopal.V · · Score: 2, Insightful · on Sybase Releases Free Enterprise Database on Linux
    > With Linux, you may have to buy some software, but most of the stuff you need can be found around the net, just couple of clicks away from being ready for you to use.

    I would say that's a very common mistake. I've spent a LOT more time downloading and building stuff and man it's hard.

    1) you download the tar ball,
    2) Oh it needs gtk2 gtkhtml3 and mysql4
    3) download and compile
    4) ./configure CFLAGS="-03 -Larry -Wall -fwith-everything-except-your-...." --with-fries-and-coke
    5) install everything , argh !
    6) broken totally !
    Bleh, nothing is a couple of clicks away except total destruction of your box :(.

    The fixed ABI has its own problems - see Opcode DB. (of course the problem's all due COM with the a.pVT->xhx() calls).

    Don't delude yourself about anything in Linux being a click away. Shareware you pay with cash, Free Software with your time - I've had to hack proxy support into at least half-dozen things that has crossed my path.

  7. Re:Works when the machine is locked too by Ytsejam-03 · · Score: 1 · on Point, Click, Root.
    I just used this my own box with the VNC Inject and I was given a very nice screen shot of the target box's desktop...
    Ok, so I have not actually tried this tool, I'm just speculating based on what I know about Windows. I recently finished writing a Windows app that includes a service which does IPC with another process running on the user's desktop, and a third component that displays a window on the Winlogon desktop when the workstation is locked. All of this had to work in remote Citrix/Terminal services sessions, too. By the time I had finished with the design, I had come to understand this functionality in Windows better than I ever cared to.

    Your comments piqued my curiosity, so I went back and looked at the webpage. The "VNC Server DLL Injection" section on this page sheds some light on things. Here is an excerpt:

    If there is no interactive user logged into the system or the screen has been locked, the command shell can be used to launch explorer.exe anyways. This can result in some very confused users when the logon screen also has a start menu. If the interactive desktop is changed, either through someone logging into the system or locking the screen, the VNC server will disconnect the client.

    This supports my earlier statements. Perhaps I did not make it perfectly clear, but I was referring specifically to cases where the system was in a locked state, or a not logged-in state.

    Now, whether or not VNC can interact with a desktop that is not active (IE: the user's desktop when the workstation is locked) is another question. I would have thought this was possible if the VNC server was one of the processes on this desktop, hence my comments about exploiting something in the user's "session" (desktop would have been a more correct term). Perhaps VNC won't do this. If it won't, then it seems to me that this should be possible with some tweaks to VNC. In my experience, process running on the user's desktop will still process messages, display windows, etc. even when the workstation is locked.
  8. Re:I'd love to but... by pair-a-noyd · · Score: 2, Informative · on Ethereal Packet Sniffing

    Get this, http://www.haking.pl/en/index.php?page=hakin9_live

    then get this,

    http://www.distrowatch.com/table.php?distribution= std

    and get this too,

    ftp://ibiblio.org/pub/linux/distributions/phlak

    then get one of these,
    http://www.systemrecycler.com/shomiti/

    and lastly get this just for shits, grins and giggles,

    http://www.metasploit.com/projects/Framework/docum entation.html