mailing list archives
From: mmiller at hick.org (mmiller at hick.org)
Date: Tue, 27 Feb 2007 22:08:57 -0800
Jerome / Alex,
On Wed, Feb 28, 2007 at 06:44:02AM +0100, Jerome Athias wrote:
btw, i don't really understand your main goal in all your recent mails...
Do you actually want to completely test all modules of the actual
version of the msf? (if so, -good luck-, and remember that a new version
is coming... remember also that a specific application is now open to
report bugs http://metasploit.com/dev/trac/newticket )
Do you test exploits with the msf for learning purposes? (if so, i would
recommend to spend more time with quite recent sploits than with
"jurassic" ones. furthermore, you should try to use your ruby skills to
edit the modules and use the documentation to have a better
understanding of things)
Alex has made contributions to the project in one form or another off
and on for the past few years. He's actually been catching quite a few
bugs recently in 3.0, many of which he's provided patches for, and we
definitely appreciate that :) I don't think it's worth worrying about
what his purposes are in testing/flushing out exploits. One of the main
goals of the project is to provide reliable exploits, so any report we
get of one failing is worth some degree of investigation.
Sorry to, actually, don't help you much with your specific problem.
Did you trace the things with wireshark or so?...
I'm not familiar with this bug either, but I can say that we recently
moved SMBUSER and SMBPASS to advanced options in 3.0 since they are
rarely used. This is why they don't show up in the exploit's options.
HD may be able to comment more on the specific issues regarding access