mailing list archives
Re: framework Digest, Vol 63, Issue 12
From: Michael Schierl <schierlm () gmx de>
Date: Thu, 25 Apr 2013 21:21:13 +0200
Am 25.04.2013 19:59, schrieb Tod Beardsley:
please don't run random blobs of shellcode you find on the internet.
It's not healthy.
That's kind of why we do Metasploit.
If you would like to start using Metasploit, please see
http://metasploit.pro and pick the right version for your needs.
Also, please note that a piece of shellcode is not an exploit (just like
a pinch of gunpowder is not a firearm, or like a satellite is not a
space rocket). In fact the shellcode is usually the easiest part for a
new exploit as Metasploit ships lots of them to easily integrate into
When you have installed Metasploit, have a look at the unix/local/ and
linux/local/ category if you want to have an exploit that elevates
privileges of a local user to root. But I doubt you'll find one that
works on a fully patched Ubuntu without any vulnerable third party tools
Hope this helps,