Wednesday, December 28, 2011

New metasploit modules in trunk

Last night HDM checked in a telnetd remote root scanner and exploit module fore BSD-derived telnetd servers (this vuln affects telnet clients as well). We were up late last night working on it. Any testing is appreciated.

Today, sinn3r checked my CorpWatch API modules into trunk. These aid in OSINT research for a company during an engagement.

Tuesday, December 13, 2011

Finding all exploits with RPORT == X

This question comes up quite a bit in the IRC channel: How can I see all exploits for a given port? You can do it easily with IRB

msf > irb
>> framework.exploits.each_module { |n,e| x=e.new; print_good("#{e.fullname}: #{x.datastore['RPORT']}") if x.datastore['RPORT'].to_i == 445   }; nil

Just replace 445 with the port you are looking for. If you want aux modules, you may replace framework.exploits with framework.auxiliary.