[Full-disclosure] HD Moore
n3td3v
xploitable at gmail.com
Mon May 5 18:03:52 BST 2008
On Mon, May 5, 2008 at 4:20 PM, <Valdis.Kletnieks at vt.edu> wrote:
> On Sun, 04 May 2008 16:27:49 BST, n3td3v said:
> > On Fri, May 2, 2008 at 9:32 AM, Nate McFeters <nate.mcfeters at gmail.com> wrote:
> > > Oh that... Yeah, shame on hd... Maybe he was busy updating metasploit
> > > so that real researchers have a great vulnerability development
> > > framework, or something else that provided some worth to people.
> >
> > Maybe he was busy updating Metasploit so that script kids have a great
> > vulnerability development framework.
> >
> > He should stop providing them with a great vulnerability development framework.
>
> There's 2 really great uses for metasploit for white hat security guys:
>
> 1) When you're handed a /16 or two during a pen test, and need a quick way
> to poke a whole bunch of machines for a vulnerability, it's hard to roll-your-own
> exploit tester as fast as you can chinese-menu one in metasploit.
>
> 2) It's a *great* tool for impressing on a PHB just how easy it is to launch
> an exploit for something at one of the unsecured systems he's responsible for.
I stand by everything i've said in this thread and said it to HD Moore
on IRC months ago, including government conspiracies.
All the best,
n3td3v
Full-Disclosure is hosted and sponsored by Secunia.