I wrote about the Metasploit Framework in April 2004. The Metasploit Framework is an advanced open-source platform for developing, testing, and using exploit code. This week they released version 2.3, which offers 3 user interfaces, 46 exploits, and 68 payloads. One of the more interesting additions is the Meterpreter (.pdf). This is a replacement for calling cmd.exe on Windows after an exploit succeeds. Windows support is currently offered and UNIX (to replace calling /bin/sh) is planned. The Meterpreter is extensible, so you can add features once you gain control of the target. You can browse the exploits and payloads using their Web-based interface.
Jumat, 14 Januari 2005
Langganan:
Posting Komentar (Atom)
0 komentar:
Posting Komentar