nCircle.com >> 360 Security

« There's a user/customer forum... | Main | SCADAGard SIG To Be Established »

Exploit Development

I'm sure many of our readers are well aware of the Metasploit Project and the Metasploit Framework, recently the founders of the Metasploit Project started a blog (http://metasploit.blogspot.com/). This blog is filled with useful information and interesting insight from the members of the Metasploit Project. What really makes this interesting is the most recent (at the time of writing this post) blog entry on their site, Exploit Development: GroupWise Messenger Server by H.D. Moore.

H.D. takes you through the development of a new module for the Metasploit Framework. Starting with the initial advisory posting, he takes you through finding the software, and walking through the vuln step by step. He takes you through all the steps using Windbg and some of the scripts and tools included with the Metasploit Framework.

The reading flows and it's fairly easy to follow, some knowledge of assembly would definitely be helpful but even without you should be able to work your way through what is happening. It's definitely worth checking out.

Posted by Tyler Reguly on April 18, 2006 5:27 PM |

Comments (1)

jrichards:

As always, HD's posts is very clear and simple to follow.

This is a great starting point for anyone interested in exploit dev.

Posted by jrichards | April 19, 2006 12:20 PM

Posted on April 19, 2006 12:20

Post a comment

(If you haven't left a comment here before, you may need to be approved by the site owner before your comment will appear. Until then, it won't appear on the entry. Thanks for waiting.)

Search


About

This page contains a single entry from the blog posted on April 18, 2006 5:27 PM.

The previous post in this blog was There's a user/customer forum....

The next post in this blog is SCADAGard SIG To Be Established.

Many more can be found on the main index page or by looking through the archives.

Subscribe to this blog's feed
[What is this?]