Results 1 to 10 of 10

Thread: update-milw0rm

  1. #1
    Just burned his ISO
    Join Date
    Nov 2008
    Posts
    10

    Default update-milw0rm

    hi I found it hard trying to see if the fix had been posted so mediator please forgive if this is a repost... no offense taken if you delete. Please just don't ban... i just got here

    Okay {what thought okay was a word}I have been trying out /pentest/fast-tack and the update-milw0rm is missing so here is my solution i scrabbled it up together from feed on the net well I will use the milw0rm archive so if to have cisco staff they will dis sapper when you do your cat spoiltlist.txt | grep cisco

    anyway here it is

    #=======Start expolitsearch
    #!/bin/sh
    case "$#" in
    0)
    echo ""
    echo "============================="
    echo "Exploit Archive Search Script"
    echo "======Created By: Firox======"
    echo ""
    echo "Usage: $0 [keyword]"
    echo ""
    echo "Example:"
    echo "$0 apache"
    echo ""
    exit 1
    ;;
    *)
    EXPLOIT="$1"
    echo ""
    echo "============================="
    echo "Exploit Archive Search Script"
    echo "======Created By: Firox======"
    echo ""
    echo "*** Searching Milw0rm for [$1]"
    echo ""
    cat /pentest/exploits/milw0rm/sploitlist.txt |grep -i "$1"
    echo ""
    echo "*** Searching SecFocus for [$1]"
    echo ""
    cat /pentest/exploits/secfocus/sploitlist.txt |grep -i "$1"
    echo ""


    ;;
    esac
    #===============End Thanks to Firox
    #its not like i know the guy nor did i ask for permission but ahhh it was on a public #post

    -----------------------------------------------------------------------------------
    #============Start update-milw0rm
    #!/bin/bash
    echo "Downloading Milw0rm Exploit tar ball"
    proz -f {milworm officialsite}/sploits*/milw0rm.tar.bz2
    echo "Extracting tar ball contents"
    tar -jxvf milw0rm.tar.bz2
    echo "Generating Local Database, please Wait"
    cp bin/makeindex-milw0rm milw0rm/
    cd milw0rm
    ./makeindex-milw0rm
    #===========================

    Note on line "proz -f {milw0rm site}/sploits/milw0rm.tar.bz2" I use prozilla instead of wget coz it is download accelerator and i don't now how to make wget override existing file without appending some number at the end. beside do you know in they charge africa an arm and leg per min for internet usage so lets try and size all the bytes we can and forget about bandwidth hogging. oh yah {milw0rm site} part... lets just say i am a newbie hence i can not post urls

    #==============/pentest/expoilts/milw0rm/makeindex-milw0rm
    #!/bin/bash
    rm -rf sploitlist.txt
    find . -xtype f |grep -v makeindex-milw0rm |grep -v "/CVS/" > allfiles.txt
    for file in $(cat allfiles.txt);do
    echo $file $(head -n 1 $file | cut -d " " -f 2-30) >> sploitlist.txt
    done
    rm -rf allfiles.txt
    echo "Done!"
    echo "You can \"cat sploitlist.txt\""

    #=======================================

    oh make sure you have the [dir] created the
    /pentest/exploits/bin
    /pentest/exploits/milw0rm

    wel that all she wrote

  2. #2
    Member DigiP's Avatar
    Join Date
    Jan 2010
    Location
    NJ
    Posts
    57

    Default

    As for wget downloads, why can't you can just delete the local archive first before using wget to redownload it

    Code:
    rm -f milw0rm.tar.bz2
    Then run wget to redownload the archive. (Is prozilla installed on bt3 by default? I never bothered to look...)

  3. #3
    Just burned his ISO
    Join Date
    Nov 2008
    Posts
    10

    Default

    No its not installed by default. and rm -f just looks like a receipt for a file not found error thanks for the tip though

  4. #4
    Just burned his ISO
    Join Date
    Dec 2008
    Posts
    1

    Default Napoleon, you are the MAN! :)

    Napoleon,


    YOU ARE THE MAN! THANKS SO MUCH FOR THIS!!

    I have been looking for a solution to the Milw0rm update for awhile now.

    But I get the following problems:

    bt / # #============Start update-milw0rm
    bt / # #!/bin/bash
    bt / # echo "Downloading Milw0rm Exploit tar ball"
    Downloading Milw0rm Exploit tar ball
    bt / # proz -f {milworm officialsite}/sploits*/milw0rm.tar.bz2

    bt / # (YES I CAN SUCCESSFULLY DOWNLOAD THE FILE AND EXTRACT)
    BUT.............. I CANT GET PAST THE FOLLOWING..........)

    bt / # echo "Generating Local Database, please Wait"
    Generating Local Database, please Wait
    bt / # cp bin/makeindex-milw0rm milw0rm/
    cp: cannot stat `bin/makeindex-milw0rm': No such file or directory
    bt / # cd milw0rm
    bt milw0rm # ./makeindex-milw0rm [/code]
    -bash: ./makeindex-milw0rm: No such file or directory
    bt milw0rm #

    I get to the / of my harddrive at the commandline and do a " Locate makeindex-milw0rm " and I cant find *^(#^(&#$^%#&(%

    Napoleon, what I am doing wrong?

    Thanks again for the script, this resolves alot of problems for me, but I dont
    understand what I am doing wrong. And yes I have a Native install of BT3 to the harddrive. It is actually Dual booted with Windows, but that means nothing.

    Awaiting your reply and thanks again...

  5. #5
    Just burned his ISO
    Join Date
    Nov 2008
    Posts
    10

    Default

    create update-milw0rm in /pentest/exploits or parent folder of the milw0rm folder. also create bin folder in same location and create the makeindex-milw0rm file in the bin folder.

    that should solve your troubles umless I failed to understand your question or I have smoked too much tweed and am seeing thngs

  6. #6
    Just burned his ISO
    Join Date
    Nov 2008
    Posts
    10

    Default

    Quote Originally Posted by digip View Post
    As for wget downloads, why can't you can just delete the local archive first before using wget to redownload it

    Code:
    rm -f milw0rm.tar.bz2
    Then run wget to redownload the archive. (Is prozilla installed on bt3 by default? I never bothered to look...)
    I have tried to improve it my new I just found out I passed a cisco network and forgot milw0rm update lossed the last cisco vans..

    new update-milw0rm

    Code:
    #!/bin/bash
    echo "Downloading Milw0rm Exploit tar ball"
    cp --backup milw0rm.tar.bz2 milw0rm.tar.bz2.bak
    rm milw0rm.tar.bz2
    wget h**p://milw0rm.com/sploits/milw0rm.tar.bz2
    echo "Extracting tar ball contents"
    tar -jxvf milw0rm.tar.bz2
    echo "Generating Local Database, please Wait"
    cp bin/makeindex-milw0rm milw0rm/
    cd milw0rm
    ./makeindex-milw0rm
    I would appreciate if somebody could show me how to compare local version with the server version before downloading... I could not find the md5.txt on the milw0rm server

    how ever I noticed if i put a
    Code:
    wget -c h:confused::confused:p://milw0rm.com/sploits/milw0rm.tar.bz2
    instead of
    Code:
    wget h:rolleyes::rolleyes:p://milw0rm.com/sploits/milw0rm.tar.bz2
    damn thing actuall appends and does not lose the good stuff... may some please explain.

  7. #7
    Just burned his ISO
    Join Date
    Nov 2008
    Posts
    10

    Default

    Quote Originally Posted by brokentesting View Post
    It is actually Dual booted with Windows, but that means nothing.

    Awaiting your reply and thanks again...
    now install vmware in your windows and then boot that HARD Installed BT3 in windows... that should mean somthing... he he he he...
    Oh yah please always shutdown your vm's... why you may ask well microshity always crashes and I hate always having to reboot...

  8. #8
    Member hawaii67's Avatar
    Join Date
    Feb 2006
    Posts
    318

    Default

    I presume you are speaking about this link:

    http://www.governmentsecurity.org/fo...howtopic=23009

    It's a little bit outdated I think.
    But what exactly is the issue?
    Don't eat yellow snow :rolleyes:

  9. #9
    Senior Member
    Join Date
    Feb 2010
    Posts
    146

    Default

    problem solved: ezpwn does this all for you, and really who doesn't like to clutter their screen up with multiple terminal windows... ie "fasttrack, ezpwn, packetstorm, exploittree, etc.."
    open source = open minds, human knowledge belongs to the world

  10. #10
    Junior Member
    Join Date
    May 2007
    Posts
    40

    Default

    were do I get ezpwn?

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •