Author | Message |
---|---|
Methodman n00b Posts: 36 | Security Forest is an exploitation framework of similar vain to Metasploit. Unfortunately the graphical user interface within this framework only comes with a few (11) point and click exploits. The one real benefit of this framework is that once set up you also download hundreds of exploits that have been pre-indexed for you allowing you to try and find an exploit that may be useful for you and compile it yourself. This is really of benefit if you have no internet connection as you have a nice library of exploits to try first before you need to delve a little bit further to gain newer ones. Installation: Install to an easily defined directory. You will need to edit the settings.txt file to make sure the directory you installed it to reflects the information in this file i.e. if install in the root of c: C:\SecurityForest\ExploitTree\ #The above path must point to the ExploitTree directory created by ExploitTree.pl or ExploitTree.exe #Example: D:\Data\tools\SF\ExploitTree\ #Don't forget the trailing backslash "\" #Don't add any spaces after the "\" Note:- Follow the instruction after the # to the letter otherwise it will not work. Updating: This is very easy, although I have found the servers you connect to somewhat unreliable. You just open a command prompt and follow the syntax below: Note:- Obviously if its your first time you need to select option 1, option 2 otherwise C:\SecurityForest>exploittree anonymous ExploitTree Client Utility Manager v0.6 ---------------------------------------- 1) Initialize (first time download) 2) Update Repository 3) Print Exploit Statistics q) Quit > 2 Password is blank (press enter), then wait... (Logging in to anonymous@cvs.securityforest.com) CVS password: cvs update: Updating application/webapp/webfrontShoutbox cvs update: Updating application/webapp/webmin cvs update: Updating application/webapp/webshell cvs update: Updating application/webbrowser cvs update: Updating application/webbrowser/IE cvs update: Updating application/webbrowser/IE/execdror5-Demo cvs update: Updating application/webbrowser/IE/execdror5-Demo/execdror5-Demo cvs update: Updating application/webbrowser/Netscape cvs update: Updating application/webbrowser/firefox cvs update: Updating application/webbrowser/lynx cvs update: Updating application/webbrowser/opera cvs update: Updating application/webserver cvs update: Updating application/webserver/4dwebstar cvs update: Updating application/webserver/_uncategorized cvs update: Updating application/webserver/_uncategorized/armida cvs update: Updating application/webserver/_uncategorized/wheresjames cvs update: Updating application/webserver/alibaba cvs update: Updating application/webserver/anhttpd cvs update: Updating application/webserver/apache cvs update: Updating application/webserver/atphttpd cvs update: Updating application/webserver/badblue cvs update: Updating application/webserver/coldfusion cvs update: Updating application/webserver/eserv cvs update: Updating system/novell cvs update: Updating system/novell/local cvs update: Updating system/novell/remote cvs update: Updating system/qnx cvs update: Updating system/qnx/local cvs update: Updating system/qnx/remote cvs update: Updating system/sco cvs update: Updating system/sco/local cvs update: Updating system/sco/remote cvs update: Updating system/solaris cvs update: Updating system/solaris/local cvs update: Updating system/solaris/remote cvs update: Updating system/tru64 Quiting... C:\SecurityForest> Security Forest is available from http://www.securityforest.com |