Wish to add exploit/windows/smb/ms17_010_eternalblue as new exploit

13o-bbr-bbq / machine_learning_security

Source code about machine learning and security.

1.96k stars 648 forks source link

Wish to add exploit/windows/smb/ms17_010_eternalblue as new exploit #29

Closed teochenglim closed 5 years ago

teochenglim commented 5 years ago

Hi, I have tried to add an exploit that is not inside the current pool of exploit list based of your rank filter. So I made the edit to this line of code:

original

for module in module_list: if module[1] in {'excellent', 'great', 'good'}:

modified

for module in module_list: if module[1] in {'excellent', 'great', 'good', 'normal', 'average', 'low'}:

Doing so still does not add the exploit with rank normal/average into the exploit tree. Could you let me how I can manually add the exploit into the tree.

Thanks.

Regards, Cheng Lim

teochenglim commented 5 years ago

One finding is here... what do you mean by danger?

$ grep -in ms17 output.log 1261:[!] 1208/1839 windows/fileformat/office_ms17_11882 module is danger (rank: manual). Can't load. 1848:[!] 1795/1839 windows/smb/ms17_010_eternalblue module is danger (rank: average). Can't load. 1849:[!] 1796/1839 windows/smb/ms17_010_eternalblue_win8 module is danger (rank: average). Can't load. 1850:[!] 1797/1839 windows/smb/ms17_010_psexec module is danger (rank: normal). Can't load. root@kali:~/machine_learning_security/DeepExploit#

$ grep danger DeepExploit.py self.util.print_message(WARNING, '{}/{} {} module is danger (rank: {}). Can\'t load.'

gyoisamurai commented 5 years ago

Hi,

It have two mean.

Probability of destroying target.
Cannot reliably autodetect.

Reference
https://github.com/rapid7/metasploit-framework/wiki/Exploit-Ranking

If you want to use the current exception modules, modify source codes.

teochenglim commented 5 years ago

Hi,

Thank you for open source this. This is a very nice framework to play with.

Regards, Cheng Lim