| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri Apr 1 19:45:38 2005 From: seclists at stratitec.com (defiance) Subject: Metasploit Framework v3.0 Alpha Now this one actually made me laugh good job guys :) On Friday 01 April 2005 09:57, Humberto Duodenum Moore wrote: > After years of beating our heads into the proverbial wall of the Perl > scripting language, we would like to announce the Alpha release of > version 3.0 of the Metasploit Framework. The new Framework is written > entirely in Python -- the OFFICIAL hacker scripting language. We feel > that by moving to a Python code-base, we can easily integrate the > Framework with the many well-written Python security libraries and take > advantage of the enormous Python developer community. Perl is dead guys, > just give it up before its too late. > > The 3.0 Alpha release includes the following features: > + Native Windows GUI, nobody uses unix so we do not support it > + Automatic vulnerability scanning modules and exploitation (autor00t) > + Dynamic payload generation via the "AIGHT" C compiler (Python) > + New nop generator modules use artificial intelligence techniques > + Skylined's ASCII art shellcode encoding system has been ported > + Support for third-party binary exploit modules (thanks SecurityForest!) > + Includes the "Stubble" Python fuzzing engine, based on Peach > + Integrated "syscall breakdancing" system for exploit pivoting > + Support for local non-setuid buffer overflows (thanks morning_wood!) > + Added the "AVOIDPAX" and "AVOIDGRSEC" global exploit options > + Advanced "Instant-Worm" shell script for converting exploit modules > + Meterpreter now supports face-recognition via attached web-cams > > As usual, we have included a massive set of zero-day exploits in our > public release. These exploits affect everything from Plan9 to Windows > 2003. > > Examples exploits include: > + IIS 6.0 HTTP.SYS kernel-mode stack overflow (thank you eEye!) > + TCP/IP fragmentation overlap exploit for the Linux kernel > + Two remotes for the OpenBSD LIBC memcpy(0x31337) backdoor > + Universal remote stack overflow for ISS RealSecure and friends > + Apache SIGALRM+SIGURG+SIGALRM function re-entrance exploit > + Checkpoint FW-1 remote exploit (any plug service or management port) > + New version of the AntiAntiAntiAntiAntiAntiSniff stealth recon module > + Integrated UCE relay agent and associated exploits > > Metasploit would like to announce our new paid-subscription service: > "BlingBling's Exploit Clique". For the price of a cup of coffee each > day*, you can have access to the latest and greatest remote 0day > exploits. BBEC members will also receive a complimentary t-shirt, yo-yo, > and piece of official BBEC chewing gum. > > *Notice: The Standard Coffee Cup Price (SCCP) is based on the daily rate > for a cup of Starb*cks coffee . The monthly subscription rate is based on > the average SCCP price, as reported by the JavaJava Stock Exchange. > > The latest version of the Framework can be obtained from the new website: > - http://dtsn.darpa.mil/ixo/ > > Enjoy! > > - The Metasploit Staff > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists