Description: In this video an old file format exploit for office 2003(ms09-027) is ported from python to ruby and integrated into the metasploit framework. The reverse handler is then started and the output of the script is tested.
Tags: aking1012 , metasploit , porting , PoC , ms09-027 ,
Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying.
A little feedback please folks. I got over 100 plays in a day. Is this useless but entertaining light watching or actually useful? What could I do to make it more useful? I like the ego boost the high views brings, but I want my posts to be useful. Any thoughts?
thanks you Andrew. i love your tutorials, very useful for me!
- greeting
If you're looking for the code it is available on exploit-db and packetstorm @ exploit-db.com/exploits/17177/ and packetstormsecurity.org/files/author/8875/ respectively.
Definitely a good tutorial. Helps uncover some of the gaps in knowledge of effectively working with the Metasploit API, as opposed to having to dig into the technical documentation. Totally helps for someone like me who learns more effectively while failing horribly at it and going from there.
Also awesome that you broke it down into 4 simple, concise steps. That helps get into your train of thought and whatnot, and show a logical progression of what you're doing.
Great job dude!
Just a note, if you replace the " + "\n indent in the rb source it fixes that ulimit problem (python memory management > ruby memory management imo)