Closed h00die closed 7 years ago
bump
just wanted to make sure its understood, these aren't necessarily easy to do. Some of them need pretty heavy conversion to fit standards and the the updates since they were produced. Also, lots of hardware based ones which at least I don't have the hardware to test against.
For example, i'm working on varnish...
I'm not saying its bad code, just want to quantify how it can take a few hours to get one of these updated and running.
Oh yeah this was sent https://github.com/rapid7/metasploit-framework/pull/3658 but I already finished that pentest... been a few years. The other one is https://github.com/rapid7/metasploit-framework/pull/1074 FYI.
Thanks @aushack for the original ticket references. linked them back to the to do list for reference.
I wonder if rather than having all of these rollup wishlist + one-off module requests, we instead created an Exploit Module Wishlist in the projects section. That way it would be easier to see them all at a glance.
It would be cool if there was some way for people to vote to help prioritize as well
You can sort github issues by number of thumbs-up reactions. If we tagged all feature requests the same way, and had them broken out separately, we could create a prioritized list easily.
thats not a bad idea. maybe include a link somewhere (wiki) as a quick reference. Pain to break everything out, but makes sense. I'd hate to see all the docs that are missing broken out, nightmare.
For what it's worth, the two QNAP ShellShock modules should be exploitable with the apache_mod_cgi_bash_env_exec module.
I haven't verified, however I have verified that ShellShock is exploitable on a QNAP NAS via CSRF. The same principle should apply.
That said, it should be a fairly easy module to write for someone who has access to a test model and three year old firmware.
This will be a list of modules in EDB which are not in MSF. I can attempt to PR them and be in charge of this if no one from r7 (cough cough, intern) wants to handle it. I went back until 2014-12-16, doing a search for '(metasploit)' with the author NOT metasploit.
to do
By no means am i saying these are good, just making a list so we can start to determine what to do about it.
PRed
Finished
Rejecting