Network Security & Hardware - eWeek


Is the Smart Grid a Dumb Idea?
Surgical Adhesive Offers Smarter Way to Mend Bones
Get Smarter Technology on Your Mobile!
  Network Security & Hardware


Open-Source Tool Roots Out More Exploits



 By: Dennis Fisher
2005-01-12
Article Rating:starstarstarstarstar / 0


There are 0 user comments on this Network Security & Hardware story.


Rate This Article:
Poor Best
Metasploit Framework 2.3 contains a host of updated capabilities and an expanded library of custom-made exploits and payloads, usable against vulnerabilities in Windows, Linux and some Unix variants.

A group of security volunteers on Tuesday released a new version of an advanced open-source framework for developing, testing and using exploits.

The Metasploit Framework 2.3 is the latest evolution of a project that began as a lark and has turned into a serious tool for penetration testing and exploit development.

The framework, which is written in Perl and runs on most Unix systems and Windows, is a somewhat less formal version of pen-testing tools such as Core Security Technologies Inc.s Core Impact or Immunity Inc.s Canvas, but it is designed to be every bit as powerful and easy to use.

The new version contains a host of updated capabilities and an expanded library of custom-made exploits and payloads, usable against vulnerabilities in Windows, Linux and some Unix variants.

Resource Library:
The framework is fronted by a clean user interface and it takes just a few clicks to get to the point where users can enter an IP address and port number and run an exploit against a target system.

Users can scroll through a Web interface that can be sorted by either exploits or payloads. Clicking on a specific exploit brings up a description of the vulnerability, including a link to the original advisory if there is one, and a list of vulnerable versions.

Users then can click on a version, such as Windows XP, and see a list of available payloads capable of exploiting the flaw.

After choosing a payload, the user is presented with a page asking for the name of the remote host and perhaps one or two other pieces of data, depending on the payload. One more click and the payload is on its way to the unsuspecting host.

Click here to read more about the Metasploit Framework.

In the past couple of years, user-friendly exploitation tools have become quite common and any aspiring cracker need only visit one of hundreds of security or underground sites to find not just the tools, but detailed instructions on how to find vulnerable targets and what to do once theyve gained access to a machine. The Metasploit Framework certainly could be used for those purposes as well, but it was designed for the use of administrators and security researchers interested in running exploits against their own systems.

And, it still requires a bit of knowledge and skill to find vulnerable target hosts and to know which payload is the right one to exploit a particular vulnerability. The systems main developer, HD Moore, who is well-known within the security community as a researcher, author and frequent speaker at security conferences, acknowledged that some people in the industry are nervous about the release of tools as powerful as the framework, but he said that the capabilities it provides to users are necessary.

"The framework is quickly becoming a standard tool for both penetration testing and security product validation. I believe that giving end users the power to test their own security measures restores a much-needed balance to the information security industry. The best-selling security products are all defensive in nature; the only way you can gauge their effectiveness is to actively test them," Moore said.

"There is a common argument that the framework allows less-skilled attackers to break into systems that they would not be able to access otherwise. Most of the exploit modules included with the framework are actually based on publicly available exploit code. Only rarely does the framework provide an attack vector that is not already available to the script kiddies at large.

"There have been a handful of cases where we released the first public exploit module for a vulnerability, only to discover that the underground cracking groups have had an exploit of their own for quite some time. The Framework gives the network administrator with the same capabilities as the people who are attacking their networks."

The Metasploit Framework also comes with a unique license that allows commercial vendors to integrate it into their own products and then resell it. Researchers also can write their own modules for the framework and sell them as commercial products.

Check out eWEEK.coms for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at eWEEK.com Security Center Editor Larry Seltzers Weblog.



  Reader Comments: Open-Source Tool Roots Out More Exploits
>>> Be the FIRST to comment on this article!
 

 
 
>>> More Network Security & Hardware Articles          >>> More By Dennis Fisher
 


xr8 VﴫEwْ˚-*w"!mԐm9/= 7]hɗjϞrE&D"H|GgoD]ݴ1p͹M5>5-3s%GgRSrĠt Egiu;AzpDwd>J`OS{S  Ɠ5>X1=/[S}L}F7\3Ѣeb^P$ȁ_M¦%yHCDRɏm@|׶#ַ(>r@?VANé-}!*{>$E%k4ًʏшqGOП}{/ !X]ꄽ4-fC2]hj:TN`Uƞfnڭaㅰ A=c9p= ^- G&lwsDƞ4HCKd"˝LJ^`:tm3G@]õ]\./RF͌eCwtSz3]gԏPL0H6=~0[ QM%$7 V.lq_-%0/6`=Ķ|h :]uh?AuoczV[ucϝ;!{IV%X䄍ERwS'>dRr-2訞þʲnMw3a[mޡlطGZ*մ*rM)֎+{1{߶S;[޾޹RV5MQjUu7ںs nm)kCq9}r>? 7;A:7@o&1W`JLTRBhd" Pc@GNj,{/B oVqZVH+(.##-byOa`%pfQUri[򳹥}o__]wzmo_wڧ>ߘekfy3?b Jw3B~ W7ke{#kj{ _ܹGtHM Wh:w N[_lxmuH0|kh2`cRZIjgdZݓ6է I|S8VE~=_Cj ݖeB_ȻX_KŗG)H73ǚ -mdʩ$zNSjVm&T7o`2 4 .̭zh-Aho*KLru&@Sk~$M ]sb.L2o<|)}R—U/(AK/- 5|*(If(;΀/3A.r)i  6=aL+^,4lj\כUsNVVt];3eя0-*<7Nv.~hz͏mxX18,]evr`\Է7JϏRQ^Tjr{h2ud8԰)5>'4}t>჎$>hƋCriYnL,rӇtu4A.{ݣn]?&tnYXŞ+LRVi50CGE 6]LR}>t9qHhQ0<sz0Y[S衟#j{7t( u,/{@`\@8HpyY?9>o  ߃5#z[-[Z6x G͹A }QP sZ( 7^by""D% T h4AǰEENA7;.VKŤ\*y"Jm':ݱ;PKRx&,S,BV-KᗄPf%i2mhƺń(VFNl(0Vf)jWuϙܑm˹ȇRoBoڅRT眺_dA_fMjlȌu>IVB17O wf@nmhIJ:#w4)dz~#Jݼ^`;h{q#%IAw =U檳@tlX+nMo?JՍ݋pz1(+úZjp Hoh m_eƠumLGi+-m" IPצ(X kezdxE6*&C 7 Py\{8`O>7l{`(`T5J?Ȕm0UKU9,Wfn ()r?-j(6 SXSĝu<\| fl.n /*'l|0ː l1 ZJkX"L M=t%fhx#e\6XbO`3FC^Lg,/+ i{u]ؕ.R\|znN >0|p4'Z>pd`/Rݷ&٤ RXO%}T5&"I1D ȸla,riL*wڶ{M>QȺ a(Js6CZ"3G΁4MD8[/OAE-4$qzS??uPVƮ< [J?}uVN0\}єa˘;|q6m*I՗bAQ OkMf٧gL䱯3ۉi0Aq_8R" @ 4~x} *O$B\--UŨN=I) =`q0$zHL!2Bsݧ==1g匬 G dVBS{ZYUKZTp~W`sϏxO?"5Ϩ8x_/8g7Xfi^8Ak>s.}G>pZEL[vO`cQ av 1;?UkJ?B2By^ihw\rR" Q#8~Ɋ0 ClW͵,ߘ@+Z &h }ɺIPɑ1[D`{ nUESUGK[+]W< OQ: A\=!< &`QtEa&NiE[ P{I-~O1"_pkx豸f@p@F]S؇Qgm/RU *~e;:{/J.4F@2<"C8\bS>p@l#RaCݜ5m"uy@VIJXhQ;_6MONVШ6>YL޼?~WBo';7~ɴ:(1<6|o D >rWo鸙 y@<sUJ XLbT~\yRglg]a+&>e>e'}VApaqgX7n3Ǥ|m*,n1}a%[ŴQx` fzliJMP*jIIz, :*h7xџ6YD+(++i-^2ǽam.E9[ 4˷ʨKV-,sK"hʊg _|r[rn)tyĆ5(4C-Bwyr`3W4$NcVpDMb?ҁh)03?0RlʪVuZU ՂVE'sٞEA(šd:)dnQ==׍!Y,;L)~39Ȕ:C\Դ"hw ĶRsG%D.,qC` H\}PK( ,~W9ـo |\V*Z슣d9#T`| @-a'd1s<œo =$Ԅ_8 +~w?l)ɡXXD>DiF\{e">QP(㘘ۿ~Ъ[( L $q)YUihj/nL0ƙ0֒\zF_ɾj,<9Aϐa(F4Ͻ5/Q Bf/3?|CCJNx,(G@RPOh5[#ZyKtb;3Ğw}hh !:Ua2"(BShDOg4>^79S%j67 EGW%'[;{--':}mFџW` e܃Ţ.׌Vrh':I ׉ NAN9os_<#92 7?xKP -Mu?So2MDYkNEm{-~=prvPR)&B~(I;ɨˢ ݖ2p9GK:)!O\+02H P6,O&e=lI1 iKBih%bbVHGZowռܞ6<1ޥ]ƙBǝƗHΖ&"̗4.נy8V#["|)-&GX!*VZRZzl*$'?vӒ tH1xGM{uS棏G 95gy ZwN{},da3n/?~c_ ?-m-8tǠCR3K1&$Z^VP**sᔤ˞ɔX^ OXd1 0d&q+=#tz=إֻ<A?gLw.z@z@pSx6{Zg%QJ=,qM@kjiIr\<~^YZ䑽DHڃ}AuU6m>==3'Km<^tw9wBf#AVާA3qĨ`bx?sgfdQ%̺V|X`ˤ~[bOO^'z83k$+̣q0ЧJ (]FMrR\xNƋ_j<5MX(V_+vV:VEA}:m뎓Ðuӗ:1$@?ܢR#$kSl& KSL$䐐3 _QcOl@9v_DyhEUM1Ss ,j s=3۵-klMSYxA`H^v_m r%-l5 h}F焅Lt|1LDx`cgɑsA H˂3!IE|<Q27O(XyjEG!vD['Um[*ʚN`=غ2'C%6f@,߲M !`آNRf_e[N) :h@_c7kB:k/x6-S{<;]xo/9uԁH7`IVqH5 $ {ADN'񄗶dWbu_<ꃥ3~ckKa{FWxajl9/*Lno<]VUN0"H&u1!@"fkMX;"7%wT^;~҂~WhStn&o ؛hE943ly66;]=ÆGGGGGwje-GJjIpus̰G pW">y<+k9><"5Tll9>a-c3c$_K$zOd'.wFFLt8Kt!'OqX#!Brߌ?Y-ol[s0Le:4H:X|I;v+W k {%h,?[ޖץ=r!Z5jSX`?DR_|=rO|k ND1G@B( 5;6۬w鳐\֌f*IRs ZߦLm_ma}1^偫/{lȪhֲFwt%R2ײWbp,L˺؆_ ƗY'6$f [IHgc;Wp8e[[AwYs í 'D/]/c>&ܹN?_ӗK{~i[ {T_߷8;O̫A$yQq1n9],C"&Hm90CǬ’oOusٶ*]N[^)Fʼn߳yxH_(Z@lnVg+hEV9T4 | =:JHCMwM!n1J\y0k꽰)PAgXt~GD)e;@k==>=ng|'BNbaw9Ƕ=VGv0!R,oR7@, aeA)ȁ;[ƆEac#kx|EyFפi.fEie9L⧌cWF%5z J 0KɾCX^qKX3&4#uT]SS[wZį[+W#rd! `,%7vya7`8(ĒI @8^P_Z6`RT{0Ig2ΩTh,ZNx[ȥc. ZE%>%KZk^YR+Ȉz~btτƌwMGSj9 GgTG6RMn)ݏ|^3Hsr3#mz^C GJk&p]Vy k+Lx^8Ow| 􄼥޼vwO%YՉH mݹ]碏ܸ5&<7ڢR|gcqWb dZM)RӰp-,|ri?NRuzFdIfۘjR#rz4 Psʷ.ؕժTjQܣF +1G>FTɵF~ KcgBK.kXGl7̋1#JZP-0o랽 MӝRa)z,`ǜbD{wi/1~J+ɱFK>Ν0 }юMUbtm-R^@~j 4Zu,u{ cD̋:Z s F0ʒ2?+ 6Ƕl[vi|Duv7H tٵtc2h過DқQq?~mXs\1oiB1 Le]?-'|͈Vs%.Τ.=OcB~{*c  Ą[)bUfwܠ~z*ڟOe^nnZUFGȚXht J ݲY>DЊϯ?co»I XPp]A9(WTD~Nd>hTHґu a<$wzS4mԓFG)׀gxRW7}D['鍀I䏖+62sjDl ]"haf\oz~}C@G5x@XT܂țk@S_qfwjLxr`(L1! x7t'le1q18{χ\oX|J7[>B8!i5_/{JM)`bK$u2C:΁ ZghIED#ThbGF#Ws^I79m[ 45uw;WLQXj*!b3wȣ4ϓ  ~feCX rtQ:.( oIYPXP؟?pk%HbxW$0SL\fF" N-g8tv'+ӬNCjb`` \u l9 :W@ g>򽉡0us[OsSRC´vxҢX->>& .ycI 8^yN4X+lL 7,2|eY{xbRU+J)|U3ʰLXUKo'Ͳg2Vqϥ&JZ! `xzNrdhz?;X~@|LBz،\ݹk4ο5iv>N;WNϻ7x Zӷptԝsm}9^}9\;\`&hT湾,g6OFYyfvʜPN:cͅfU,xy^/J>Mƺx#UzUzu7M&6ٰBfuljŵN#g5^L7kFN\3C|𩍷q>r:JtLPU8iz67a\nq4ħyO\#4[E9yF/PKFoP[F5_o.?i63ʻP(GNo.o Z(?\~ 9͠Gnj6urN+2ʡsQd^K/ \~3l׸ " {A E}. /?/2"?QF/3 3Ϡ,oP ((K ..n~f+ 2޿23+ק 埳}}Π dd  M%:Iʘ!g+\8=Rgr ~)A_d_y*%iFy 3YY ~veX^eй\<@^~_} [J+ťW*7YKxM}%k{[F1nvd}WG{1:,y&e^>&c˼$=)>w懤Ix]"&JR7[O'ikr(%s<2g)h{U26#{"tfc % /ܻ Gz‰nQ$L2~08I0tAۓ{go\pm⦠ϻH^-AkOWHiMnڧ.|\Fpyk;ُϋGkwյƚ ~3b 5I?'OxVf2x*8" 2H 2s{B|%؄Z{JfBZ}M(9ao5RFXk;MAc>)۹"=מ X?(xcläd |A«U/=ׇnx}#*t(,MaMă n='IDπnuMf@gYl)VxRDZ szn%()%y+L9(م7xX*'Oe;BI<M\4Xl=$~5|t,C巧cS% %^Π&b_,-YoˊL3t#G3RVVХI񿄗zH, 7AQ^+yJ>? T|- 5G\6LDR }J0~N:]v0N@9DePީ!/;v2R*4%NSxsEzV?ĵ 3& MMaz:SAW (9|x@NlMëlj_ԕu`g#~"3V[œA6p8_@s`ܐ}olI COyݟ >@/7A{~ r@c]Tng`wDl .3ͲO]% hWa)*e71KLP`Ol3&gw6G}dȱ(l}j͜GԋO0xmѵhOɬql>-/#]^&c`H؂{ꐏXiWe1JpC)etą˰ANt3Ck׀5V`=H] qS`hwq#1uB\ (cto L?Q1?c=Vqٮ7G,cӰ QaW:67n MywDu=v{B76* <Ǥ9mo@U  =[?܋;}#\m:1V`gY?W- ɤ{-̅2 !δ^xyu~ҕ^)If`cQd+8*)ؐrkO`4bOP1, Qv7}MaN*)Asa#Dl ;ApN7Wm S<"Y4.'lL xje .^3Ơ{e75wSF f#y= `5>gvC%=\s.&tĵa=]x O!0gWP Y-~3*d'kI''R"la,r3 ۍEj z.t3R04xqBa0SSQ2$Y?":xqeaVt*Nz/핋V?' <^E!$g~V;~v?;u~k a% ѨT\ߴ;kO, mݸ͓_>^w?]hI:V; AHcVc"^ֳ/ .A|>ǐy6xL ꟭eUUA$摝7yM1uc*.aL셳Qbm٦dUi29Z{) q=֫4>!V07Nw6̈́ В^&ŮvbecQ ,