Metasploit mailing list archives
ms06-040 ETA?
From: rhyskidd at gmail.com (Rhys Kidd)
Date: Thu, 10 Aug 2006 09:27:08 +0800
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Give HD and the other devs the time they need to get it working reliably :) Although I haven't played with this bug, I'd assume the exploit will be a bit different to the usual win32 ones, as it almost certainly overflows in kernel space, and will require a new payload once EIP is controlled. Although there has been a few papers on kernel shellcode, notably from eEye's Barnaby Jack, there hasn't been much further public demonstration of kernel space exploitation techniques. Should be interesting! - -----Original Message----- From: dajackman [mailto:robby.lists at gmail.com] Sent: Thursday, 10 August 2006 2:58 AM To: framework at metasploit.com Subject: Re: [framework] ms06-040 ETA? We are more than willing to test what you have :) On 8/9/06, H D Moore <hdm at metasploit.com> wrote:
Late tonight or tomorrow, depending on free time. The current code is only reliable on Windows 2000, XP/2003 will need a bit more work. -HD On Wednesday 09 August 2006 13:43, Exibar wrote:Any speculation when ms06-040 will be part of the framework? It's just too juicy not to wanna play with :-) thanks! Exibar
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (MingW32) iD8DBQFE2ots7oK/a/NHBvIRArxlAJ9t1C2I2FzGpb4k3F5dQj8bpXlcxgCg0qfO hJ8SqoRuq6EM2KA06N5Kqlc= =A637 -----END PGP SIGNATURE-----
Current thread:
- ms06-040 ETA? Exibar (Aug 09)
- ms06-040 ETA? H D Moore (Aug 09)
- ms06-040 ETA? dajackman (Aug 09)
- ms06-040 ETA? Rhys Kidd (Aug 09)
- ms06-040 ETA? H D Moore (Aug 09)
- ms06-040 ETA? Tomas L. Byrnes (Aug 09)
- ms06-040 ETA? Rhys Kidd (Aug 09)
- ms06-040 ETA? dajackman (Aug 09)
- ms06-040 ETA? H D Moore (Aug 09)