|
Security Forest
Security Forest is an exploitation
framework of similar vain to Metasploit. Unfortunately the graphical user
interface within this framework only comes with a few (11) point and click
exploits:
Security Forest is available
from SecurityForest.com
The one real benefit of this framework is
that once set up you also download hundreds of exploits that have been
pre-indexed for you allowing you to try and find an exploit that may be useful
for you and compile it yourself. This is really of benefit if you have no
internet connection as you have a nice library of exploits to try first before
you need to delve a little bit further to gain newer ones.
Installation:
Install to an easily defined directory.
You will need to edit the settings.txt
file to make sure the directory you installed it to reflects the information in
this file i.e. if install in the root of c:
C:\SecurityForest\ExploitTree\
#The above path must point to the ExploitTree directory created by
ExploitTree.pl or ExploitTree.exe
#Example: D:\Data\tools\SF\ExploitTree\
#Don't forget the trailing backslash "\"
#Don't add any spaces after the "\"
Note:- Follow the instruction after the #
to the letter otherwise it will not work.
Updating:
This is very easy, although I have found
the servers you connect to somewhat unreliable. You just open a command
prompt and follow the syntax below:
Note:- Obviously if its your first time
you need to select option 1, option 2 otherwise
C:\SecurityForest>exploittree anonymous
ExploitTree Client Utility Manager v0.6
----------------------------------------
1) Initialize (first time download)
2) Update Repository
3) Print Exploit Statistics
q) Quit
> 2
Password is blank (press enter), then wait...
(Logging in to anonymous@cvs.securityforest.com)
CVS password:
cvs update: Updating application/webapp/webfrontShoutbox
cvs update: Updating application/webapp/webmin
cvs update: Updating application/webapp/webshell
cvs update: Updating application/webbrowser
cvs update: Updating application/webbrowser/IE
cvs update: Updating application/webbrowser/IE/execdror5-Demo
cvs update: Updating application/webbrowser/IE/execdror5-Demo/execdror5-Demo
cvs update: Updating application/webbrowser/Netscape
cvs update: Updating application/webbrowser/firefox
cvs update: Updating application/webbrowser/lynx
cvs update: Updating application/webbrowser/opera
cvs update: Updating application/webserver
cvs update: Updating application/webserver/4dwebstar
cvs update: Updating application/webserver/_uncategorized
cvs update: Updating application/webserver/_uncategorized/armida
cvs update: Updating application/webserver/_uncategorized/wheresjames
cvs update: Updating application/webserver/alibaba
cvs update: Updating application/webserver/anhttpd
cvs update: Updating application/webserver/apache
cvs update: Updating application/webserver/atphttpd
cvs update: Updating application/webserver/badblue
cvs update: Updating application/webserver/coldfusion
cvs update: Updating application/webserver/eserv
cvs update: Updating system/novell
cvs update: Updating system/novell/local
cvs update: Updating system/novell/remote
cvs update: Updating system/qnx
cvs update: Updating system/qnx/local
cvs update: Updating system/qnx/remote
cvs update: Updating system/sco
cvs update: Updating system/sco/local
cvs update: Updating system/sco/remote
cvs update: Updating system/solaris
cvs update: Updating system/solaris/local
cvs update: Updating system/solaris/remote
cvs update: Updating system/tru64
Quiting...
C:\SecurityForest>
| 
