mailing list archives
Re: msfbinscan & db_loot questions
From: HD Moore <hdm () metasploit com>
Date: Wed, 08 Jun 2011 15:43:20 -0500
On 6/8/2011 3:04 PM, Scott McClellan wrote:
After running msfupdate today, I noticed a couple things. First, it
seems there's an msfbinscan. This appears to be like msfvenom, in that
it rolls together other tools into one...can someone confirm that?
Yup, the goal is to replace msfpayload/msfencode with msfvenom and
msfelfscan/msfmachscan/msfpescan with msfbinscan.
Second, whilst going through the help in msfconsole, I noticed db_loot.
It says it displays all loot in the database. What does that mean?
Loot is stuff taken from a compromised host and tracked via the
store_loot() API. This was a Metasploit Pro feature we backported into
the framework and only a dozen or so modules use it today. Its called by
the Cisco IOS configuration stealing modules and many Post modules.