Re: framework Digest, Vol 63, Issue 12

[Michael Schierl <schierlm () gmx de>]

Am 25.04.2013 19:59, schrieb Tod Beardsley:
> please don't run random blobs of shellcode you find on the internet.
> It's not healthy.
>
> That's kind of why we do Metasploit.
>
> If you would like to start using Metasploit, please see
> http://metasploit.pro and pick the right version for your needs.

Seconded.

Also, please note that a piece of shellcode is not an exploit (just like
a pinch of gunpowder is not a firearm, or like a satellite is not a
space rocket). In fact the shellcode is usually the easiest part for a
new exploit as Metasploit ships lots of them to easily integrate into
any exploit.

When you have installed Metasploit, have a look at the unix/local/ and
linux/local/ category if you want to have an exploit that elevates
privileges of a local user to root. But I doubt you'll find one that
works on a fully patched Ubuntu without any vulnerable third party tools
installed.


Hope this helps,


Michael
_______________________________________________
https://mail.metasploit.com/mailman/listinfo/framework