Nicholson Security

Fun with Metasploit Framwork and ISR-evilgrade 1.0.0

August 12th, 2008 Posted in Attacks, Research, Software

I am currently updating my Metasploit Framwork labs for one of my class. Metasploit Framwork always seems to be a hit with my students. While searching for new lab ideas, that are both useful to learn and easy enough for everyone to follow, I came across a post on the Metasploit blog about ISR-evilgrade 1.0.0.

I know this is old news to most of my readers since it was release over a month ago, but its new for me and I’m guessing for many of my students as well.

The description on the ISR website:

ISR-evilgrade v1.0.0

It’s is a modular framework that allow us to take advantage of poor upgrade implementations by injecting fake updates.

I don’t want to spoil the lab for my students but for those interested here are some links to get you started. You can visit the ISR website and check out the Readme, Presentation and Demo.

Random Posts

August 11, 2008 -- Excellent Study “Cold Boot Attacks on Encryption Keys” (0)
August 23, 2008 -- Like everything else malware can be a hit or miss. (0)
August 23, 2008 -- Experimental Mail Server Analyzer Online (0)
September 5, 2008 -- Wipe and destroy your old storage… (3)
September 6, 2008 -- Book Review: Secure Your Network for Free (Syngress) (0)

This entry was posted on Tuesday, August 12th, 2008 at 12:01 am and is filed under Attacks, Research, Software. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

Fun with Metasploit Framwork and ISR-evilgrade 1.0.0

Random Posts

Leave a Reply

Recent Post

Recent Comments

Archives

Categories

Books I'm Reading

Books I've Reviewed

Blogroll

Magazines

SecurityFocus Vulnerabilities

Security Database Tools Watch