Sf Exploit Framework

GovernmentSecurity.org > General GSO > In The News

jahanzu

Mar 23 2005, 09:55 AM

QUOTE

SecurityForest's Exploitation Framework is similar in concept to the open-source Metasploit Framework (http://www.metasploit.com) and the commercial offerings such as Immunity's CANVAS (http://www.immunitysec.com) and Core Security Technology's Impact (http://www.corest.com).

The major difference between the above mentioned frameworks and the SecurityForest Exploitation Framework is that it leverages the massive amount of exploits available in the ExploitTree. These exploits are publically available and do not have to be re-written to be used in the framework (no matter what language and sometimes no matter what OS).
It basically acts as a Graphical User Interface to the ExploitTree which is dynamically updated at the same time as the ExploitTree.

The above mentioned frameworks are great and the Exploitataion Framework doesn't even compare to them on a technical level, it just fills the gap.

The Exploitation Framework is provided for legal penetration testing and research purposes only.

Ch3ck this out at SF_Exploitation_Framework

Tyrano

Mar 28 2005, 05:34 AM

Looks neat, I'll have to check it out.

Nice find!

shirkdog

Mar 30 2005, 06:48 PM

One problem, its PERL but it only has an INSTALL for WINDOWS

????

Alittle troubling, but the project is great because it will only get better if people help out. If there is a problem with an exploit, CHANGE IT.

isaiah

Mar 30 2005, 08:23 PM

I tried this out but i think the metasploit one is way better then this one but this has bearlly start but who knows maybe it can become better soon but i like how the metasploit is easy to work and provides many more shell codes.

eftex

Apr 14 2005, 10:21 PM

I also tested it and i think it is not as good as the metasploit-framework.
maybe if all exploits from the exploit-tree can be used with the framework it will be better... so long it is "only" a nice exploit-collection.

Terminal

Apr 15 2005, 06:34 AM

Thats what they want u to do

COMPILE !!

LittleHacker

Apr 19 2005, 05:54 AM

It's a Good ida.
I've alreay compiled and collected many exploits (some need libraries) for myself.
I can share them with u now.

Compiled Exploits

but these are regid exploits

there are some ponits:
1- It shouldn't be that hard to take apart expliot code from payload and do sometning like metasploit. we can use a data-base for each exploit and give some info (RHOST,RPORT,TARGET,LPORT,LHOST,CompatiblePAYLOADS,HowToCompile,...).

CODE

[NAME]
Some Exploit

[DESCIPTION]
Descriptions about ..

[PATH]
path of exploit.c

[PARAMS]
NUM=012345
0:RHOST=
1:RPORT=
2:LHOST=
3:LPORT=21
4:USER=anonymous
5:PASS=password

[TARGETS]
NUM=01
0=win2kspP2en
1=winxpsp2

[PAYLOADS]
NUM=01
0:win_bind_shell
1:win_revese_shell

[COMPILE]
gcc= -o exploit.exe exploit.c
cl=
c++ =

[EXEC]
exploit.exe -h RHOST ...

use XML format and describe each one so we have just one file for each exploit:

CODE

<NAME>Some Exploit</NAME><DES> Descriptions</DES> <PARAMS>RHOST,RPORT:,LHOST,LPORT,USER:anonymous,PASS=password</PARAMS><TARGETS>0=win2kspP2en,1=winxpsp2</TARGETS>
<PAYLOADS>win_bind_shell,win_revese_shell</PAYLOADS>
<COMPILE>gcc -o exploit.exe exploit.c</COMPILE>
<EXEC>exploit.exe -h RHOST ...</EXEC>
<CODE>
#include <winsock2.h>
....
</CODE>

even we can inject this info to the code as comments for C++

CODE

// NAME = Some Exploit
// DES = Descriptions
// PARAMS=RHOST,RPORT:,LHOST,LPORT,USER:anonymous,PASS=password
// TARGETS= 0:win2kspP2en,1:winxpsp2
// PAYLOADS=win_bind_shell,win_revese_shell
// COMPILE = gcc -o exploit.exe exploit.c
// EXEC = exploit.exe -h RHOST ...
// CODE
#include <winsock2.h>
....

so we need just a little word processing to get the code and save it as .\tmp\exploit.c and append the desire payload.

CODE

//Exploit.c
....
....
//PayLoad.c
....
....

sets the parameters and compile the result exploit as specified. then we have flexible exploits.

all we have to do is to
1-stablish a standard to describe these info.
2-take apart payloads from exploit codes

ComSec

Apr 19 2005, 08:21 AM

LittleHacker... your Compiled Exploits link is password protected mate ? sounds interesting.. would like to see what you been up to

cheers

LittleHacker

Apr 19 2005, 03:52 PM

Hey man you all are Hackers !
you should guess, I'd told about "9453" and you know me as "LittleHacker" or maybe "Dr.Null",... Well needs less than 10 tries.

anyway sorry about forgoting user/pass

user : LittleHacker
pass : 9453

ComSec

Apr 19 2005, 06:29 PM

QUOTE(LittleHacker @ Apr 19 2005, 03:52 PM)

Hey man you all are Hackers !
you should guess, I'd told about "9453" and you know me as "LittleHacker" or maybe "Dr.Null",... Well needs less than 10 tries.

anyway sorry about forgoting user/pass

user : LittleHacker
pass : 9453

yes ..you could be right about there being hackers here LH.... but rule of etiquette apply.... you dont hack one of your own

even if its offered to you on a plate

cheers mate...

it is polite to ask ..before you ?

Red Section

Apr 20 2005, 01:54 PM

Hi LH some nice stuff, I have pulled some down and will take a look. Oh as a side note any chance of a english versions of the pdf's?

Oh and some nice hiden

stuff

toe

Apr 26 2005, 07:13 AM

Whatt html code did u use for the user/pass just out of intrest.

-toe

d4s!d

Apr 26 2005, 04:19 PM

thx LH for ur n1 tool, but:

This site has reached its bandwidth limit.
Please try again later.

I will check it out when i can connect

alibaba

May 1 2005, 06:46 AM

the site is working again. thanks LittleHacker for sharing.

LittleHacker

May 1 2005, 09:08 AM

thanks for your appreciations.
But lets begin with flexible exploits ...

This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.