On May 8th the Kentucky ISSA held a training in Louisville, KY. I was asked to teach the section on Fuzzing and Exploit Development. Having only an hour to cover this VERY complex topic I demonstrated a basic buffer overflow. We start with fuzzing and go through the basic steps of development. This is an old, well known exploit but it demonstrates the important principles. Feel free to follow along with the videos and post any questions in the comments section.

Videos,Slides,Files here : http://www.nullthreat.net/blog/2010/5/4/fuzzing-and-exploit-development-with-metasploit-louisville-m.html

Automating the metasploit

Posted March 23rd, 2010. Filed under Security Stuff

Da , suna foarte frumos , asa am zis si eu cand am citit titlul postului si chiar este.

The Metasploit Console (msfconsole) has supported the concept of resource files for quite some time. A resource file is essentially a batch script for Metasploit; using these files you can automate common tasks. If you create a resource script called ~/.msf3/msfconsole.rc, it will automatically load each time you start the msfconsole interface. This is a great way to automatically connect to a database and set common parameters (setg PAYLOAD, etc). Until this morning, however, resource scripts were limited to simple console commands.

Cititi totul aici : Automating the metasploit

Powered by HaxTor | CopyWrong © 2011