Example 5-7. Proof of concept for Safari vulnerability
# Magic packet
body
=
"\
\n\
Crash PoC\n\
\n\
"
;
What you don’t get in this particular fragment or proof
of concept is an explanation
of how or why the exploit works. As I said, some of the people who develop these
proofs of concept are better about commenting up their work than others. All you get
in this particular example is a comment saying it’s the magic packet.
The comments at
the top of the file do indicate that it’s an issue with JavaScript but that’s about all we
get. To get more details, we would need to look up an announcement that may have
gone with this vulnerability. Most publicly announced vulnerabilities are cataloged
with the Common Vulnerabilities and Exposures (CVE) project, run out of MITRE.
If you have a CVE number
noted in the source code, you can read details there, and
the CVE announcement will probably have links to vendor announcements as well.
If no exploits are available in other places, you can either compile or run the pro‐
grams that are preloaded in Kali for you. If it’s
a C program, you will need to compile
it first. All scripting languages can be run as they are.
Metasploit
Metasploit
is an exploit development framework. It was created nearly 15 years ago by
H.D. Moore and was initially written
in the Perl scripting language, though it has
since been rewritten entirely in Ruby. The idea behind Metasploit was to make it eas‐
ier to create exploits. The framework consists of what are essentially libraries of com‐
ponents. These can be imported into scripts you create that will perform an exploit or
some
other capability, such as writing a scanner.
Scripts that are written to be used within Metasploit include modules that are
included with Metasploit; these scripts also inherit functionality
from classes that are
in other Metasploit modules. Just to give you a sense of what this looks like,
shows the head of one of the scripts written to exploit the Apache web
server running on a Windows system.
