Talk:Metasploit

Untitled

The article title should be Metasploit Framework or Metasploit Project with a re-direct from Metasploit

"and automating the process of exploiting vulnerable software." There is no automation code in the metasploit framework (though technically a wrapper script could be written) automation has not been a priority for MSF.

The utility is also only written in perl (though version 3 will be in ruby), there are external additions which are included which are included in binary format (for dlls or shellcode) or python (for Inline Egg) but they are not an actual part of the Metasploit Framework.--Vargc0 01:37, 9 February 2006 (UTC)

Thanks, I made the changes you suggested. —Quarl ^(talk) 2006-02-09 03:46Z

You might also want to split this article (if you want to dedicate a bit more time) into some of the projects. For example the metasploit project's most well known utility is the Metasploit Framework, but the Opcode Database, online shellcode generation, advisories, and research are also important and should get some coverage. The research they conduct is sometimes very original (i.e. WMF polymorphism) and a lot of the projects are well known and commonly used and should get equal coverage.

"External add-ons allow use of python and binary shellcode." sounds a bit awkward. I would either drop the line as it's mostly extraneous information or I would re-state it to say "The Metasploit Framework can use external add-ons in multiple languages." Technically the shellcode is part of the framework (just in binary format but assembly SOURCES are included).

I would also drop a quick mention that the project and it's work are OSS, great job! --Vargc0 05:07, 9 February 2006 (UTC)

Feel free to be bold and edit as much as you want :) I wouldn't split the article yet until it gets much longer; 20,000 to 30,000 characters is when we should start thinking about splitting - see Wikipedia:Article size. —Quarl ^(talk) 2006-02-09 08:27Z

The reason I haven't myself is I'm associated with the project and would rather keep my own biases out of it. As far as splitting I meant into sections. --Vargc0 14:55, 9 February 2006 (UTC)

Oh, okay, I misread w.r.t. splitting the article (obviously). It is noble of you to resist editing! :) —Quarl ^(talk) 2006-02-09 23:04Z

I've edited. —Quarl ^(talk) 2006-02-09 23:26Z

Decided to be a bit bold and did so as well. I cut out some details that really aren't very important (i.e. it including shellcode, the names of the interfaces), and did a bit of re-wording. I also think that the description of what MSF does in the title is really more appropriate in the section as someone quickly searching for info reading only the section would have no idea what MSF actually does. --Vargc0 23:57, 9 February 2006 (UTC)

Looks good. —Quarl ^(talk) 2006-02-10 00:27Z

Opcode database?

The Opcode Database provides users with the ability to easily cross reference specific opcode types, classes, and meta classes across one or more modules for one or more operating system versions. The database facilitates determining opcode portability and includes the opcodes themselves as well as information about the segments, imports, and exports that are associated with each module in the database.

I must say that I don't understand what's going on here. What exactly does this database contain? "Opcode types", i.e. "types of instruction codes of machine languages"? Who would find that useful? The term "opcode portability" also baffles me; by definition opcodes are specific to a machine language and are not portable between machines. What are "opcode classes" and "meta classes"? What are the "modules" that are referred to twice? Does the database perhaps contain modules rather than opcodes?

The paragraph reads as if it was written by someone who uses this database every day and for whom its usefulness is completely obvious. For the uninitiated reader, a standard use case would be very helpful. Why would I ever want to look anything up in this database? AxelBoldt 17:55, 20 February 2006 (UTC)

Ok, I rewrote most of it, since it wasn't clear to me and, in any event, was a copyright violation. AxelBoldt 23:56, 26 February 2006 (UTC)

Thanks. —Quarl ^(talk) 2006-02-27 03:50Z

Many of these edits do not reflect important parts of the Metasploit Project. The steps to run an exploit using the framework are unimportant in an encyclopedic article. That entire part needs to be written as text from the header needs to be moved into the Framework section as if you just start reading it makes no sense what so ever what the framework is or does. Listing the interfaces is also not interesting, the usage details are not very important in an encyclopedia article. That section should discuss what it does (exploit systems, utilize payloads, cool features like VNC and meterpreter.)

Indeed, the Metasploit framework facilitates the latter task considerably. This seems to be rather POV (the reason being that the entire full-disclosure vs. non-disclosure vs. responsible disclosure argument is about this issue alone and has been going on for a long time now.)

This article needs considerable re-organization, capitalization fixes, and re-writing unless you have any objections to these comments I plan to do so. --Vargc0 01:23, 28 February 2006 (UTC)

Open Source? Who says?

This software's license: http://metasploit.com/svn/framework3/trunk/documentation/LICENSE doesn't seem to be really Open Source, let alone Free Software (in an FSF sense). Do we have any links to license examination reports from anyone not associated with this project? I've tried to find some, but haven't come up with much.

• It's not listed here: http://www.opensource.org/licenses/alphabetical
• It's not listed here: http://www.fsf.org/licensing/licenses/index_html

If no relevant sources can be found, I'm going to remove the references to this being Open Source in 3 days.

--NightMonkey 23:11, 31 March 2007 (UTC) It is currently under a BSD 3 clause license IRWolfie- (talk) 22:18, 1 July 2010 (UTC)

Here is a source for the BSD license: http://www.metasploit.com/redmine/projects/framework/repository/entry/README Ricky (talk) 18:11, 12 November 2010 (UTC)

NPOV

There is no "Controversy" section in the article, even though itis well-warranted!

The guys who develop Metasploit and the Defiler's Toolkit, etc. are not researchers, but anarchists and the net would be better if they were saccoed and vanzettied. Maybe in 40 years they would be rehabilitated, but we need to do something to help uphold law and order in the net NOW and they are a barrier, who are also abetting criminals.

Several pages worth of article: food for thought on the topic of Metasploit driven anti-forensics making crooks very happy: http://www.cio.com/article/print/114550

Controversy sections are generally considered to be a bad thing nowadays. Controversies and other issues should be worked into the article as a whole, not forced into a dedicated section. And you need better sources; the one you linked doesn't say what you claim. It describes how Liu is trying to prove that anti-forensics make much existing thought about digital forensics invalid. But his point is that the exploits already exist -- he's not the one creating them, and criminals would still be able to use them even without his work. If a criminal used such an exploit to frame you for a cybercrime, you would be glad that Liu has highlighted you and let you cite those vulnerabilities in your defense. --Aquillion (talk) 16:53, 22 October 2009 (UTC)

Rapid7 - Metasploit takeover

See this news article, or the Metasploit blog —Preceding unsigned comment added by 80.42.58.103 (talk) 17:48, 21 October 2009 (UTC)

External links modified

Hello fellow Wikipedians,

I have just modified one external link on Metasploit Project. Please take a moment to review my edit. If you have any questions, or need the bot to ignore the links, or the page altogether, please visit this simple FaQ for additional information. I made the following changes:

• Added archive https://web.archive.org/web/20070107145900/https://archives.neohapsis.com:80/archives/vulnwatch/2005-q4/0074.html to http://archives.neohapsis.com/archives/vulnwatch/2005-q4/0074.html

When you have finished reviewing my changes, please set the checked parameter below to true or failed to let others know (documentation at {{Sourcecheck}}).

This message was posted before February 2018. After February 2018, "External links modified" talk page sections are no longer generated or monitored by InternetArchiveBot. No special action is required regarding these talk page notices, other than regular verification using the archive tool instructions below. Editors have permission to delete these "External links modified" talk page sections if they want to de-clutter talk pages, but see the RfC before doing mass systematic removals. This message is updated dynamically through the template {{source check}} (last update: 18 January 2022).

• If you have discovered URLs which were erroneously considered dead by the bot, you can report them with this tool.
• If you found an error with any archives or the URLs themselves, you can fix them with this tool.

Cheers.—InternetArchiveBot (Report bug) 22:08, 8 September 2016 (UTC)

Self metasploit?

Seems like a basic question one wants answered by others. Some information should be provided about using metasploit in a single machine and the safety of downloading from a site that can subsequently use the tool itself against its downloaders. — Preceding unsigned comment added by 108.30.56.204 (talk) 11:19, 22 October 2016 (UTC)

Meterpreter commands

Any thoughts on including the meterpreter commands in this article? Or maybe creating a new article specifically for meterpreter? I'm thinking about writing it up. Doctor^G  (talk) 20:04, 7 September 2017 (UTC)

New page for Rapid7 itself?

Should there be a new page for Rapid7 the company? --XtinaS (talk) 14:26, 23 October 2019 (UTC)

If there's sources to support it. CanadianOtaku ^{Talk Page} 21:35, 13 April 2021 (UTC)