first I've read forum rules and feel that this post does not go against the rules.
here is my updated msf:
Code:
=[ metasploit v4.1.0-testing [core:4.1 api:1.0]
+ -- --=[ 745 exploits - 382 auxiliary - 92 post
+ -- --=[ 228 payloads - 27 encoders - 8 nops
=[ svn r13922 updated today (2011.10.14)
as it say's 745 exploit's, so I was wandering go to exploit-db.com and saw that there is in repository about 15 000 exploit's available to download..my question is if there is any way to download all of them using msfconsole or in any other way cos down-ing them manually could take a while.
will such action give u more chances in pentesting using autopwn?
by the way I noticed that db_autopwn will be deprecated is future releases, as it says here in my ouput:
Code:
db_nmap 192.168.1.1 -Pn [*] Nmap: Starting Nmap 5.51SVN ( http://nmap.org ) at 2011-10-14 12:42 CEST[*] Nmap: Nmap scan report for dsldevice.lan (192.168.1.1)[*] Nmap: Host is up (0.0068s latency).[*] Nmap: Not shown: 995 filtered ports[*] Nmap: PORT STATE SERVICE[*] Nmap: 21/tcp open ftp[*] Nmap: 23/tcp open telnet[*] Nmap: 80/tcp open http[*] Nmap: 443/tcp open https[*] Nmap: 1723/tcp open pptp[*] Nmap: MAC Address: 00:24:17:D7:94:94 (Thomson Telecom Belgium)[*] Nmap: Nmap done: 1 IP address (1 host up) scanned in 6.96 seconds
msf > db_autopwn -p -t -e -b
[-]
[-] Warning: The db_autopwn command is deprecated and will be removed in a future version.
[-] This code is not well maintained, crashes systems, and crashes itself.
[-] [*] Analysis completed in 10 seconds (0 vulns / 0 refs)
according to this output fastrack will be somehow deprecated as well?And my 3th question is, what are requirements for pentesting WAN host's.
I've been try to do that with reverse payload's using msf but I would like to know if there is other option to do that by not using the reverse 'trojan',
instead of that just lunch a particular exploit and payload like we do that on LAN network.
so that would mean maping the firewall first from outside.
thanks,
sasanet