Slashdot Mirror

← Back to Stories (view on slashdot.org)

Point, Click, Root.

Posted by CmdrTaco on from the thats-just-plain-scary dept.

An anonymous reader writes "The Metasploit Project just released version 2.2 of the Metasploit Framework. This release includes a VNC server payload that can be used with almost any of the Windows exploits. The scary thing about this payload is that the VNC server executes as a new thread in the exploited process; without writing any files to the disk drive. Is this the end as we know it for simple remote command shell exploits? A couple articles have already mentioned this project."

29 of 216 comments (clear)

  1. Nothing that... by BJZQ8 · · Score: 5, Funny

    What a sad day when even taking over someone's machine can be done point-and-click style. Seemed so much more personal when you just had a remote shell.

    1. Re:Nothing that... by halivar · · Score: 3, Funny

      Well, it's just another result of how the GUI has dumbed down tech culture. Now not even the *crackers* can be bothered with CLI.

      What n00bs.

    2. Re:Nothing that... by lukewarmfusion · · Score: 3, Funny

      Yeah, nothing like the friendly, warm command line to help guide you through tough times.

      Don't look at me - I post to Slashdot through a command line.

  2. It's time to give up by 192939495969798999 · · Score: 4, Funny

    Microsoft should just post a big list of hacked machines, and turn everything wide open. After the script kiddie deluge is done, then we all go "phew! Wasn't that fun!" and go buy something else.

    --
    stuff |
    1. Re:It's time to give up by SpaceLifeForm · · Score: 4, Funny

      This list would be shorter to post the non-hacked machines.

      --
      You are being MICROattacked, from various angles, in a SOFT manner.
    2. Re:It's time to give up by eufreka · · Score: 5, Funny
      Microsoft should just post a big list of hacked machines...

      ...It's called Network Neighborhood...

  3. And here, ladies and gents by Rosco+P.+Coltrane · · Score: 4, Funny

    ... is a preview of the site's front page in a few days, courtesy of your friends at dhs.gov.

    --
    "A door is what a dog is perpetually on the wrong side of" - Ogden Nash
  4. It's about time by mr_z_beeblebrox · · Score: 3, Funny

    I was seriously getting bummed by the low quality of todays script kiddie exploits. With the metasploits project finally real security minded people, tinkerers (hackers) and just plain good programmers can have a common place to post their hard won knowledge for "1337" kids online to use.

  5. Hey, Australians... by wanerious · · Score: 3, Funny

    ...now this is a subject line you can get on board with.

  6. Re:Umm... by Trolling4Dollars · · Score: 4, Funny

    That's like saying, "This started off as a Jello brand recipe for jello jigglers and has developed into a handy way to make the ultimate death ray"!

    --
    Un-news
  7. Whoah by scooviduvoctagon · · Score: 3, Funny

    Imagine a DMCA cluster of these!

  8. Attention MetaSploit by grakwell · · Score: 5, Funny

    I have recently obtained a patent on One-Click Cracking.

    Our lawyers will be getting in touch with the MetaSploit group to discuss licensing options.

    Thank you,
    Jeff Bezos
    Founder and CEO
    amazon.com

  9. More like... by GillBates0 · · Score: 3, Funny

    P01NT CL1CK W00T!

    --
    An Indian-American Hindu committed to non-violent thought/speech/action alarmed by the global explosion of radical Islam
  10. Rapid 'sploit development? by Anonymous Coward · · Score: 3, Funny

    Has Microsoft released a timeline of when this toolkit will be integrated into VS.NET 2003?

  11. NetHack version 4? by TommydCat · · Score: 5, Funny

    Congratulations adventurer!
    Your quest is at an end for you have reached the root of NetHack.
    Within, the Wizard of MS RAS has no power, the Oracle 8i speaks with utmost clarity, and the stack overflow bugs do not bite.

    --
    This comment does not necessarily represent the views and opinions of the author.
  12. As a self-appointed representative of ... by burgburgburg · · Score: 3, Funny

    visually impaired black hat hackers, we resent that this program is not designed for wider access. It's just another example of the systematic discrimination that we face as we try to gain root and own you all. We will eventually succeed. And when we do, we'll make all web pages look like bad!

  13. Re:Umm... by crisco · · Score: 3, Funny

    It was going to be a pretty cool game.

    --

    Bleh!

  14. Re:Obligatory non-ugly URL for this article by theantipode · · Score: 1, Funny

    This one also works. I find it easier to remember, since that's the word that always comes to mind when I see that color scheme.

    --
    When I am king, you will be first against the wall
    With your opinion which is of no consequence at all
  15. 5w33t!!!!!!!1111 by liquidsin · · Score: 4, Funny

    cuz, like, lurning all thoze command line thingz wuz totally hard, this wil maek me s0 much m0re 1337!!!!!!!one I totale r0x0rz n0w!!!!LOLOL

    --
    do not read this line twice.
  16. Stop slashdoting the site! by BRSloth · · Score: 4, Funny

    Can you guys stop slashdoting the site? I want to download it just to show some co-workers a little "surprise"...

  17. Re:Just like in the movies by Anonymous Coward · · Score: 1, Funny

    Funny you should say that...the name of Spoonm and HD Moore's talk at blackhat was "Metasploit: Hacking Like in the Movies"

  18. Re:Why? by foidulus · · Score: 4, Funny

    Well, you can still fuck around with the user without actually having to manually do anything. If you can execute arbitrary code, then you can create a bot to do random things with the mouse or look for a running copy of Word and randomly type, "Help! I'm trapped in the word processor!" into the document the user is typing.
    However, script kiddies probably won't know how to code something up like that without someone holding their hands.

  19. More importantly by maximilln · · Score: 3, Funny

    Will the -devel branch of metasploit become the central hub for 0-day exploits?

    Metasploit stable : This branch has only been tested to work on unpatched machines.

    Metasploit -dev ($49.95 membership and password required): This branch has been tested to work against fully up to date and patched machines.

    That'd be | |_|63r-|337

    --
    +++ATHZ 99:5:80
  20. Nice spamfilter option. by Fuzzums · · Score: 2, Funny

    I think I'll incorporate this project in my spam-filter to execute a remote shut-down after receiving the first spam. After a 2nd spam I'll think of a more permanent way to opt-out. ;)

    --
    Privacy is terrorism.
  21. Re:Why? by Sepper · · Score: 2, Funny

    Yes, that is what the legit people would use this tool for. But for every 1 person who is honestly using it for its "intended" purpose, there are 100 script kiddies using it to cause problems.

    ...And 1000 one who, like will use it to play joke on unsuspecting Buiness students from the across the campus :)

    --
    I live in Soviet Canuckistan you insensitive clod!
  22. Re:Obligatory non-ugly URL for this article by Kristoffer+Lunden · · Score: 5, Funny

    crap, where are my mod points!

    You have to log in to see/use them. ;-)

    --
    Spine World
  23. My Brother's Sad Day. by uberdave · · Score: 4, Funny

    Back in the days of yore, my brother and his friends used to take pride in knowing a wide variety of tools and techniques for opening beer bottles. Then along came the twist off beer bottle cap, and my brother was heard to say: "Crap, now any idiot can open a beer.".

    It happens to all of us, our hard won skills, honed to perfection over years of use, the knowledge and techniques that make us special and separate us from the common man, get packaged into a user friendly, idiot proof tool. It's called progress.

    --
    "I'm not impatient. I just hate waiting." - My Dad
  24. Re:Because it's there by SEWilco · · Score: 2, Funny

    Why?

  25. Re:Works when the machine is locked too by randomblast · · Score: 2, Funny

    So how well does windows run on a 486?

    --
    ...these aren't my real teeth.