Login or Sign Up to become a member!
LessThanDot Sit Logo

LessThanDot

System Admins

Less Than Dot is a community of passionate IT professionals and enthusiasts dedicated to sharing technical knowledge, experience, and assistance. Inside you will find reference materials, interesting technical discussions, and expert tips and commentary. Once you register for an account you will have immediate access to the forums and all past articles and commentaries.

LTD Social Sitings

Lessthandot twitter Lessthandot Linkedin Lessthandot friendfeed Lessthandot facebook Lessthandot rss

Note: Watch for social icons on posts by your favorite authors to follow their postings on these and other social sites.

Your profile

Tools

Tag cloud

acer activex asus bios buffer overflow downadup exploit flash host file iso files mail server malware mysql new hardware performance protection read security spyware tablet pc toolkit typo virus vista vmware win7 windows 7 windows server 2008 windows server 2008 r2 x64

Authors

Main Categories

Search

XML Feeds

What is RSS?

Google Ads

Tags: buffer overflow

2
comments

Do you use Metasploit to check if your servers are vulnerable?

by SQLDenis on Jan 20, 2009 in categories Operating Systems
Rate Post:
submit to reddit Digg!FacebookDotnetkicks

Do you use Metasploit to check if your servers are vulnerable? If not then you should take a look at it.

What is Metasploit?
The Metasploit Framework is a development platform for creating security tools and exploits. The framework is used by network security professionals to perform penetration tests, system administrators to verify patch installations, product vendors to perform regression testing, and security researchers world-wide. The framework is written in the Ruby programming language and includes components written in C and assembler.

What does Metasploit do?
The framework consists of tools, libraries, modules, and user interfaces. The basic function of the framework is a module launcher, allowing the user to configure an exploit module and launch it at a target system. If the exploit succeeds, the payload is executed on the target and the user is provided with a shell to interact with the payload.

Here are some thing you can check with this

Scanning for MD5-signed SSL Certificates
Allows the Metasploit framework to be used as a SSL certificate scanner. This provides a simple way to identify SSL certificates in use that were signed with the MD5 algorithm and need to re-issued

Fuzzing Flash For Fun (ASNative)
The vulnerable function is exposed through the System.Product namespace but is also accessible by using the ASnative API directly.

The ASnative API is interesting because it offers a different way to call builtin functions, and the only way to call certain undocumented functions. ASnative functions are indexed in a two-dimensional array, with the first index being between 1 and 3000, while the second index is usually below 300. The "escape" function has an index value of (100,0)

Remember a H4x0r already is using Metasploit and other tools to penetrate and take over your servers by take advantage of buffer overflows and other vulnerabilities.

You can download Metasploit here: http://www.metasploit.com/framework/

Also check out Oracle Pwnage with the Metasploit Oracle Modules Part 2 and many more exploits on http://carnal0wnage.blogspot.com

About the Author

User bio imageDenis has been working with SQL Server since version 6.5. Although he worked as an ASP/JSP/ColdFusion developer before the dot com bust, he has been working exclusively as a database developer/architect since 2002. In addition to English, Denis is also fluent in Croatian and Dutch, but he can curse in many other languages and dialects (just ask the SQL optimizer) He lives in Princeton, NJ with his wife and three kids.
Social SitingsTwitterFacebookLinkedInHomePageLTD RSS Feed
1603 views
More Posts by SQLDenis
buffer overflow, hackers, metasploit, security
submit to reddit Digg!FacebookDotnetkicks

Comments and Feedback


Powered by B2Evolution
Valid XHTML | Valid CSS