[framework] ms06-040 ETA?
Rhys Kidd
rhyskidd at gmail.com
Wed Aug 9 20:27:08 CDT 2006
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Give HD and the other devs the time they need to get it working reliably :)
Although I haven't played with this bug, I'd assume the exploit will be a
bit different to the usual win32 ones, as it almost certainly overflows in
kernel space, and will require a new payload once EIP is controlled.
Although there has been a few papers on kernel shellcode, notably from
eEye's Barnaby Jack, there hasn't been much further public demonstration of
kernel space exploitation techniques.
Should be interesting!
- -----Original Message-----
From: dajackman [mailto:robby.lists at gmail.com]
Sent: Thursday, 10 August 2006 2:58 AM
To: framework at metasploit.com
Subject: Re: [framework] ms06-040 ETA?
We are more than willing to test what you have :)
On 8/9/06, H D Moore <hdm at metasploit.com> wrote:
> Late tonight or tomorrow, depending on free time. The current code is
> only reliable on Windows 2000, XP/2003 will need a bit more work.
>
> -HD
>
> On Wednesday 09 August 2006 13:43, Exibar wrote:
> > Any speculation when ms06-040 will be part of the framework? It's
> > just too juicy not to wanna play with :-)
> >
> > thanks!
> > Exibar
>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (MingW32)
iD8DBQFE2ots7oK/a/NHBvIRArxlAJ9t1C2I2FzGpb4k3F5dQj8bpXlcxgCg0qfO
hJ8SqoRuq6EM2KA06N5Kqlc=
=A637
-----END PGP SIGNATURE-----
More information about the framework
mailing list