[Snort-users] Metasploit exploits on Snort

Joel Esler jesler at ...1935...
Tue Sep 18 14:46:12 EDT 2012


On Sep 18, 2012, at 7:05 AM, Pratik Narang <pratik.cse.bits at ...11827...> wrote:

> I was trying to test my Snort install and the latest rules using some Metasploit exploits. And so I started with the easily doable exploits of Metasploit. But when I searched for the corresponding rules in the ruleset-by mapping the CVEs- I was surprised to not find the corresponding rules for the following exploits and CVEs:
> 
> distcc_exec CVE-2004-2687
> tikiwiki_graph_formula_exec CVE-2007-5423
> tomcat_mgr_login  CVE-2009-4188
> 
> Any help and explanations? 
> Is there a better way to launch live exploits and test Snort?? :)

We'll look at these and see if we can provide coverage for these.  However, for now, take a look at the CVE's in the rules and match them up against metasploit modules.

--
Joel Esler
Senior Research Engineer, VRT
OpenSource Community Manager
Sourcefire
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20120918/d1bb161a/attachment.html>


More information about the Snort-users mailing list