[Tool] Unique Pattern Generator for Exploit Development

CAUTION: I have realised, that this script gives wrong results after a certain length of characters. It’s not recommended for use. The intention for this script was for me to learn some coding – which I have. But I haven’ got the time at the moment to fix the errors. Hopefully, sometime in the future, I’ll be able to re-write the code. You can use corelanc0d3r’s pvefindaddr.py, which is an excellent script for Immunity Debugger.

Update: Thanks to corelanc0d3r for pointing out that my script does not generate an output same as the metasploit and pvefindaddr scripts. This is useful, as pointed by him, to anyone wishing to mix the outputs/offsets between the tools. I have made relevant changes to the code and also fixed another bug which prevented all offsets from being calculated.

While developing exploits, at times you require a unique string for which any 4 consecutive characters selected at an instance are unique across the string(or may be repeated only after a large gap of characters). This is mostly used to find the ‘offset’ of the characters which have over-written the EIP register.

Metasploit (version 3.0+) has a tool for both:
1) to generate the string pattern (tools/pattern_create.rb)
2) to find the offset of the required pattern (tools/pattern_offset.rb)
Continue reading

Metasploit Unleashed – Mastering the Framework – FREE

Guys,

Update 1: 22-September-2009
: It’s here !! They’ve released the course contents. PDFs and Videos can be bought later at a price. Head over to http://www.offensive-security.com/blog/offsec/free-online-information-security-training-by-offensive-security/ for more info

Keep an eye out for this !! Offensive-Security is coming up with a new security training track and they’re offering the slides and labs for free. The training videos would be available at small fee, proceeds from which will go to the Hackers For Charity, to help kids in Kenya and Uganda.

Metasploit Unleased Logo

The course’s expected to be release late August 2009

For more details visit the blog at Offensive-Security

Will update here as more details come in. I’m sure to be tracking this :-)

-washal

Metasploit tuts+plugins collection

Unless you have been living under a rock, I am sure you would have heard of the Metasploit framework – the click-click-0wn tool.

It was initially developed by H.D. Moore and is currently in it’s version 3.3 of development. Metasploit offers a variety of features, notably it’s ability to inject any payload with any exploit. It also provides integrated tools (like meterpreter and vnc )which are quite useful in certain scenarios.

Looking at the complexity of the tool, one would think it would have an extensive documentation detailing each of it’s features and modules. But (un)fortunately, using metasploit depends on one’s creativity and hence no comprehensive documentation is available.

Victor DaViking at PenetrationTests.com has come up with a nice idea of collecting all metasploit tutorials and plugins that individuals have written.
He has setup two pages :

Metasploit-Tutorials

and

Metasploit-Plugins

This is a very nice initiative considering the vast implemetations of Metasploit framework. Here’s a message for everyone from Victor:

If you have any plugins/tutorials of your own, or know of any other resources to include, either submit them directly to the directory or e-mail me links and info so I can add them myself.

His email address is analogviking at yahoo dot com
Keep checking the website for regular updates.