Pages: [1]

Author Topic: Metasploit - Barely any linux or OSX exploits  (Read 1076 times)

0 Members and 1 Guest are viewing this topic.

Offline m0l0ko

  • Peasant
  • *
  • Posts: 129
  • Cookies: -4
    • View Profile
Metasploit - Barely any linux or OSX exploits
« on: June 03, 2012, 03:13:45 am »
Metasploit framework comes with loads of Windows exploits but there are barely any exploits for Linux or OSX. Considering how often linux software is updated, I'm guessing the linux exploits that come with msf are all useless. Only reliable exploits for attacking linux users would be 0-days but I'm guessing OSX users are a lot more vulnerable since its not open source. How would you go about finding more exploits for metasploit? I know that people don't openly share 0-day exploits in forums but are there sites where people publish exploits for vulnerabilities that haven't yet been patched? I'm learning to hack by practicing on the computers on my LAN and everyone else in my house uses MacBooks. I doubt they update regularly (if at all) so running exploits on them shouldn't be too difficult but there is a very limited selection of OSX exploits that comes with metasploit, I need to find more.
Report to moderator   Logged

Z3R0

  • Guest
Re: Metasploit - Barely any linux or OSX exploits
« Reply #1 on: June 03, 2012, 03:27:53 am »
That is incorrect my friend. There are many Linux exploits for metasploit, and they are all very reliable as long as the target application is a vulnerable version. There aren't as many OSX exploits in metasploit, but there are a few. You can add new exploits from places like exploit-db or packetstorm, but you'll have to know how to add them to the framework. There are websites for 0-days...however, they are not released publicly. For example, ZDI (zerodayinitiative) is one such site, but the exploits are only published to the target vender so they can make a patch. If you're looking for 0-days in the wild, you'll either need a lot of cash, or the ability to make one yourself. Also, don't place all of your chips on learning how to use iShit exploits. There are far more PC's than there are macs. kthxbai.
Report to moderator   Logged

Offline m0l0ko

  • Peasant
  • *
  • Posts: 129
  • Cookies: -4
    • View Profile
Re: Metasploit - Barely any linux or OSX exploits
« Reply #2 on: June 03, 2012, 03:29:55 pm »
Thanks. So ZDI only publishes them for the purpose of patching the vulnerabilities? It'll be a long time before I'm skilled enough at programming and back engineering to make my own 0-days. I agree, PCs are far more ubiquitous, when I'm at college in a class where everyone brings their own laptops, if I run nmap -O, I see that 95% of the laptops are running WIndows. While there are no machines with Windows installed on my LAN, I practice on a VM.
Report to moderator   Logged
Pages: [1]