-
Notifications
You must be signed in to change notification settings - Fork 13.7k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Lower ranking because they cannot auto-target
In order to be qualified as ExcellentRanking, auto-target is a must, or the module has to default to a payload that's universal for multiple platforms. Otherwise you're wasting time in Pro.
- Loading branch information
Showing
4 changed files
with
4 additions
and
4 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
0c0f4a3
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
someone might want to update https://github.com/rapid7/metasploit-framework/wiki/Exploit-Ranking to reflect this new requirement then.
0c0f4a3
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
0c0f4a3
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Apparently the current wording is at least ambiguous.
How I'm interpreting the list on the wiki page:
In other words, it reads for me as if only the two outer ranks (MANUAL and EXCELLENT) are eligible for non-memory-corruptions and all the other categories are for memory corruptions only to differentiate the reliability (while MANUAL is of course also eligible for memory corruptions). Which somehow makes sense because usually a mischosen target for a memory corruption results in at least a restart of the service, while a mischosen target for a non-memory-corruption in worst case results in no shell or a not working one (which is negligible risk).
Perhaps the right way would be to differentiate between the "automatism" of the exploit (if I run it unconfigured, will it get me shells) and the "risk" (if I run it unconfigured, will it get me into trouble?) by providing two different rank scales?
0c0f4a3
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
FIrst off, a lot of people mistake the Rankings as statements of module quality, which they're not -- but that's not obvious unless you read a particular wiki page.
In this case, it looks like you're fishing for an
is_automatable?
boolean? We went down that path with Browser Autopwn, which ended up being outside of this ranking system, too.Sounds like it might be time to reimagine the ranking system, because if you're getting confused, I can't imagine newbies are going to guess correctly.