Metasploit mailing list archives
Metasploit 3.0 for Windows Test Installer
From: asotirov at determina.com (Alexander Sotirov)
Date: Sat, 24 Mar 2007 14:22:38 -0700
H D Moore wrote:
Second version of the installer is now available, keep the feedback coming - https://metasploit.com/metasploit3-test2.exe
The installer worked for me. I got this warning, but everything worked fine. ./script/../config/boot.rb:28:Warning: require_gem is obsolete. Use gem instead I have one comment about the installer: The msfweb UI opens before the installer is done. You should put a checkbox "Launch Metasploit" on the last screen of the installer, and open the UI only after the user click the Finish button. Here are some comments about the UI (which I've never seen before today, so my experience should be similar to that of a new user): The About button in the top right corner does not highlight when I move the mouse over it. All other buttons do. Most windows always has a horizontal scrollbar (on IE6 SP0). It seems like the content is always about 10 pixels wider than the window. A taskbar (or window list) for switching between windows would be nice. It's very easy to open a lot of windows and get lost. To raise a window you have to click on its border. It would be better if you could raise it by clicking anywhere inside it. When you select an exploit, it's not clear how to actually run it. You have to read all the text in the window to figure out that there is a "Please select a target" list under the exploit description. Visually it looks too similar to the "External references" list above it. It would be better if you had a big "Run" button. After you select the target, the window shows a list of payloads. There is no way to go back and change the target, you have to close the window and start from scratch. There's also no visual indication of what target you have selected. The interface for running exploits should either be a wizard style interface (with Next and Prev buttons), or even better a window that shows you all currently selected options (including the target and payload) and you can set them in any order you want. There is no reason to force the user to select a target and a payload before everything else. In the options window there is no need to show "Optional" next to the optional options. Just mark the required ones with "Required" - use red color to highlight it. This will be more consistent with how forms are done on most websites. Why is there a "Launch Exploit" button under each section with options? It's not clear if the buttons do the same thing or if they are different. Which one should I press? In the options window there is a "Change" link that should allow you to change the exploit, payload and target. At least that's what it looks like from the interface. However, it allows you to change only the payload. When you click on the "Change" link and select a new payload, all options that you previously entered are gone and you have to enter them again. When I launch an IE exploit, it runs it in the background and drops me in a console. What am I supposed to do in this console? Instead, it should show me a status page that gives me the URL I need to give to the victim. The console should open only after I get a shell. It would be nice if I could close my browser, then open another one and get back all the windows I had open in the previous session. Alex
Current thread:
- Metasploit 3.0 for Windows Test Installer H D Moore (Mar 24)
- Metasploit 3.0 for Windows Test Installer H D Moore (Mar 24)
- Metasploit 3.0 for Windows Test Installer Kim Guldberg (Mar 24)
- Metasploit 3.0 for Windows Test Installer H D Moore (Mar 24)
- Metasploit 3.0 for Windows Test Installer Kim Guldberg (Mar 24)
- Metasploit 3.0 for Windows Test Installer Kim Guldberg (Mar 24)
- Metasploit 3.0 for Windows Test Installer Alexander Sotirov (Mar 24)
- Metasploit 3.0 for Windows Test Installer H D Moore (Mar 24)
- Metasploit 3.0 for Windows Test Installer H D Moore (Mar 25)
- Metasploit 3.0 for Windows Test Installer H D Moore (Mar 24)
- <Possible follow-ups>
- Metasploit 3.0 for Windows Test Installer Mike Whitehead (Mar 24)
- Metasploit 3.0 for Windows Test Installer Mike Whitehead (Mar 24)
- Metasploit 3.0 for Windows Test Installer H D Moore (Mar 24)