[framework] CVE to Exploit Mapping

Mario Ceballos mc at metasploit.com
Thu Sep 30 07:52:22 PDT 2010


tools/module_reference.rb can also help.

~mc

On Thu, 30 Sep 2010, Zate Berg wrote:

> I started work on something like this that did lookups on the
> metasploit.com website, and then looked at using osvdb.org's API.
> Neither of which I think is a good solution.  I was hoping to produce
> a regularly updated list of CVE's that were good candidates for an
> exploit of which none existed.
>
> I'm messing about with using CVE and some parts of the CVSS2 vector to
> determine what is a good candidate for exploit via msf from nessus
> results.  Also looking at searching on BID/CVE from within msf.
>
> I agree that CVE to Exploit is a little spotty right now.  Being able
> to take results from a vuln scan and tie with a high confidence into
> msf exploits would be nice.
>
> Zate
>
>
>
> On Thu, Sep 30, 2010 at 10:17 AM, Lukas Kuzmiak <metasploit at backstep.net> wrote:
>> Not sure about the msfconsole/cli/gui/whatever method, however a dirty quick
>> one could be just:
>>
>> [lukash at node2 trunk]$ grep -r 2008-4250 modules/exploits/
>> modules/exploits/windows/smb/.svn/text-base/ms08_067_netapi.rb.svn-base:
>> [ 'CVE', '2008-4250'],
>> modules/exploits/windows/smb/ms08_067_netapi.rb:
>> [ 'CVE', '2008-4250'],
>> [lukash at node2 trunk]$
>>
>> :-)
>>
>> Lukas
>> Only wimps use tape backup: _real_ men just upload their important stuff on
>> ftp, and let the rest of the world mirror it ;). Torvalds, Linus
>> (1996-07-20).
>>
>>
>> On Thu, Sep 30, 2010 at 4:10 PM, Matthew Presson <matthew.presson at gmail.com>
>> wrote:
>>>
>>> Given a CVE number, is there any way to determine of metasploit contains
>>> an exploit for it?  Example CVE-2005-3116.
>>>
>>> --
>>> Matt
>>>
>>> _______________________________________________
>>> https://mail.metasploit.com/mailman/listinfo/framework
>>>
>>
>>
>> _______________________________________________
>> https://mail.metasploit.com/mailman/listinfo/framework
>>
>>
> _______________________________________________
> https://mail.metasploit.com/mailman/listinfo/framework
>


More information about the framework mailing list