Metasploit mailing list archives
How do you get your exploits?
From: lajjr at yahoo.com (Leo Jackson)
Date: Fri, 14 Sep 2007 07:47:29 -0700 (PDT)
Gabriel, I don't know if I'm allowed to answer, but exploits are made by 100's of people the exploits that are in private data base are not intro-;ed into the MS3 cause under most situations the people tell the programs's company about it then hope they patch it. I have about 300 in my database;some for XP SP2 and SP2+, Vista pre SP1, Longhorn MSserver 2008, MSserver 2003 told microsoft, and been triing them and they still work. But back to MS3 they're sure to have alot not out in MS3. HD and the whole team have some that they are not sending out yet... lajjr CSO Thank You, --- Mr Gabriel <angelisonline at gmail.com> wrote:
Please forgive me, if I sound very naive.... I'm new to this game, and information isn't exactly flowing all over Google, for obvious reasons. SP2 for windows XP, obviously, has been around for a long time, but I'm very surprised that there are few exploits for it in MS3, but still many worms in the wild that rape XP systems Vlad the Impaler style. Now, please forgive me if I'm going about this the wrong way, but I think I may have got this pen testing philosophy slightly wrong. To me, the concept, and idea of pen testing, is to find holes *before* some crack fueled script kiddie does - but how can I do this if I don't have the latest exploits to hand? Which brings me to my second point, the exploits that are included with MS3 - where they created just for MS3, or have they been adapted from exploits found in the wild?
Leo Albert Jackson Jr Owner Head Programmer LJ's Electronics and Software
Current thread:
- How do you get your exploits? Mr Gabriel (Sep 14)
- How do you get your exploits? H D Moore (Sep 14)
- How do you get your exploits? Wayne Ho (Sep 14)
- How do you get your exploits? Patrick Webster (Sep 14)
- How do you get your exploits? Mr Gabriel (Sep 15)
- How do you get your exploits? Wayne Ho (Sep 14)
- How do you get your exploits? Leo Jackson (Sep 14)
- How do you get your exploits? H D Moore (Sep 14)