[framework] CVE to Exploit Mapping

egypt at metasploit.com egypt at metasploit.com
Thu Sep 30 08:27:22 PDT 2010


The search command also looks at CVEs.

msf > search 2010-0840
[*] Searching loaded modules for pattern '2010-0840'...

Exploits
========

   Name                              Rank       Description
   ----                              ----       -----------
   multi/browser/java_trusted_chain  excellent  Java
Statement.invoke() Trusted Method Chain Exploit




On Thu, Sep 30, 2010 at 8:52 AM, Mario Ceballos <mc at metasploit.com> wrote:
> tools/module_reference.rb can also help.
>
> ~mc
>
> On Thu, 30 Sep 2010, Zate Berg wrote:
>
>> I started work on something like this that did lookups on the
>> metasploit.com website, and then looked at using osvdb.org's API.
>> Neither of which I think is a good solution.  I was hoping to produce
>> a regularly updated list of CVE's that were good candidates for an
>> exploit of which none existed.
>>
>> I'm messing about with using CVE and some parts of the CVSS2 vector to
>> determine what is a good candidate for exploit via msf from nessus
>> results.  Also looking at searching on BID/CVE from within msf.
>>
>> I agree that CVE to Exploit is a little spotty right now.  Being able
>> to take results from a vuln scan and tie with a high confidence into
>> msf exploits would be nice.
>>
>> Zate
>>
>>
>>
>> On Thu, Sep 30, 2010 at 10:17 AM, Lukas Kuzmiak <metasploit at backstep.net>
>> wrote:
>>>
>>> Not sure about the msfconsole/cli/gui/whatever method, however a dirty
>>> quick
>>> one could be just:
>>>
>>> [lukash at node2 trunk]$ grep -r 2008-4250 modules/exploits/
>>> modules/exploits/windows/smb/.svn/text-base/ms08_067_netapi.rb.svn-base:
>>> [ 'CVE', '2008-4250'],
>>> modules/exploits/windows/smb/ms08_067_netapi.rb:
>>> [ 'CVE', '2008-4250'],
>>> [lukash at node2 trunk]$
>>>
>>> :-)
>>>
>>> Lukas
>>> Only wimps use tape backup: _real_ men just upload their important stuff
>>> on
>>> ftp, and let the rest of the world mirror it ;). Torvalds, Linus
>>> (1996-07-20).
>>>
>>>
>>> On Thu, Sep 30, 2010 at 4:10 PM, Matthew Presson
>>> <matthew.presson at gmail.com>
>>> wrote:
>>>>
>>>> Given a CVE number, is there any way to determine of metasploit contains
>>>> an exploit for it?  Example CVE-2005-3116.
>>>>
>>>> --
>>>> Matt
>>>>
>>>> _______________________________________________
>>>> https://mail.metasploit.com/mailman/listinfo/framework
>>>>
>>>
>>>
>>> _______________________________________________
>>> https://mail.metasploit.com/mailman/listinfo/framework
>>>
>>>
>> _______________________________________________
>> https://mail.metasploit.com/mailman/listinfo/framework
>
> _______________________________________________
> https://mail.metasploit.com/mailman/listinfo/framework
>
>



More information about the framework mailing list