[jahanzu]

Quote

SecurityForest's Exploitation Framework is similar in concept to the open-source Metasploit Framework (http://www.metasploit.com) and the commercial offerings such as Immunity's CANVAS (http://www.immunitysec.com) and Core Security Technology's Impact (http://www.corest.com).

The major difference between the above mentioned frameworks and the SecurityForest Exploitation Framework is that it leverages the massive amount of exploits available in the ExploitTree. These exploits are publically available and do not have to be re-written to be used in the framework (no matter what language and sometimes no matter what OS).
It basically acts as a Graphical User Interface to the ExploitTree which is dynamically updated at the same time as the ExploitTree.

The above mentioned frameworks are great and the Exploitataion Framework doesn't even compare to them on a technical level, it just fills the gap.

The Exploitation Framework is provided for legal penetration testing and research purposes only.

Ch3ck this out at SF_Exploitation_Framework

[Tyrano]

Looks neat, I'll have to check it out. ;)

Nice find! B)

[shirkdog]

One problem, its PERL but it only has an INSTALL for WINDOWS

????

Alittle troubling, but the project is great because it will only get better if people help out. If there is a problem with an exploit, CHANGE IT.

[isaiah]

I tried this out but i think the metasploit one is way better then this one but this has bearlly start but who knows maybe it can become better soon but i like how the metasploit is easy to work and provides many more shell codes.

[antikila]

I also tested it and i think it is not as good as the metasploit-framework.
maybe if all exploits from the exploit-tree can be used with the framework it will be better... so long it is "only" a nice exploit-collection. :blink:

[Terminal]

Thats what they want u to do :P COMPILE !!

[LittleHacker]

It's a Good ida.
I've alreay compiled and collected many exploits (some need libraries) for myself.
I can share them with u now.

Compiled Exploits

but these are regid exploits

there are some ponits:
1- It shouldn't be that hard to take apart expliot code from payload and do sometning like metasploit. we can use a data-base for each exploit and give some info (RHOST,RPORT,TARGET,LPORT,LHOST,CompatiblePAYLOADS,HowToCompile,...).

[NAME]
Some Exploit

[DESCIPTION]
Descriptions about ..

[PATH]
path of exploit.c 

[PARAMS]
NUM=012345
0:RHOST=
1:RPORT=
2:LHOST=
3:LPORT=21
4:USER=anonymous
5:PASS=password

[TARGETS]
NUM=01
0=win2kspP2en
1=winxpsp2

[PAYLOADS]
NUM=01
0:win_bind_shell
1:win_revese_shell

[COMPILE]
gcc= -o exploit.exe exploit.c 
cl=
c++ =


[EXEC]
exploit.exe -h RHOST ...

use XML format and describe each one so we have just one file for each exploit:

<NAME>Some Exploit</NAME><DES> Descriptions</DES> <PARAMS>RHOST,RPORT:,LHOST,LPORT,USER:anonymous,PASS=password</PARAMS><TARGETS>0=win2kspP2en,1=winxpsp2</TARGETS>
<PAYLOADS>win_bind_shell,win_revese_shell</PAYLOADS>
<COMPILE>gcc -o exploit.exe exploit.c</COMPILE>
<EXEC>exploit.exe -h RHOST ...</EXEC>
<CODE>
#include <winsock2.h>
....
</CODE>

even we can inject this info to the code as comments for C++

// NAME = Some Exploit
// DES = Descriptions
// PARAMS=RHOST,RPORT:,LHOST,LPORT,USER:anonymous,PASS=password
// TARGETS= 0:win2kspP2en,1:winxpsp2
// PAYLOADS=win_bind_shell,win_revese_shell
// COMPILE = gcc -o exploit.exe exploit.c 
// EXEC = exploit.exe -h RHOST ...
// CODE
#include <winsock2.h>
....

so we need just a little word processing to get the code and save it as .\tmp\exploit.c and append the desire payload.

//Exploit.c
....
....
//PayLoad.c
....
....

sets the parameters and compile the result exploit as specified. then we have flexible exploits.

all we have to do is to
1-stablish a standard to describe these info.
2-take apart payloads from exploit codes

[Kenny]

LittleHacker... your Compiled Exploits link is password protected mate ? sounds interesting.. would like to see what you been up to

cheers

[LittleHacker]

Hey man you all are Hackers !
you should guess, I'd told about "9453" and you know me as "LittleHacker" or maybe "Dr.Null",... Well needs less than 10 tries. ;)

anyway sorry about forgoting user/pass :unsure:

user : LittleHacker
pass : 9453

[Kenny]

LittleHacker, on Apr 19 2005, 03:52 PM, said:

Hey man you all are Hackers !
you should guess, I'd told about "9453" and you know me as "LittleHacker" or maybe "Dr.Null",... Well needs less than 10 tries. ;)

anyway sorry about forgoting user/pass  :unsure:

user : LittleHacker
pass : 9453

<{POST_SNAPBACK}>

yes ..you could be right about there being hackers here LH.... but rule of etiquette apply.... you dont hack one of your own :) even if its offered to you on a plate :P

cheers mate...

it is polite to ask ..before you ? :D

[Red Section]

Hi LH some nice stuff, I have pulled some down and will take a look. Oh as a side note any chance of a english versions of the pdf's?

Oh and some nice hiden :D stuff

[toe]

Whatt html code did u use for the user/pass just out of intrest.

-toe

[d4s!d]

thx LH for ur n1 tool, but:

This site has reached its bandwidth limit.
Please try again later.

I will check it out when i can connect ;)

[alibaba]

the site is working again. thanks LittleHacker for sharing.

[LittleHacker]

thanks for your appreciations.
But lets begin with flexible exploits ...