The Metasploit project, which aims to permit plug-and-play exploiting for penetration testers and researchers, will add the capability to attack the wireless functionality of Windows and Linux operating systems, founder HD Moore said on his blog this week.
The project has completed a major initiative that allows Metasploit to exploit flaws in kernel components, including wireless drivers. HD Moore is working with Jon Ellch--one of the controversial pair of security researchers that pinpointed flaws in laptop wireless drivers including Apple's--to develop the wireless exploits, according to an eWeek report.
"Imagine what it will be like to get a user-mode meterpreter instance, without touching the disk, through a reverse TCP connection when exploiting a flaw in a wireless device driver," Moore said on his blog. "If this were a Mastercard commercial, I'd be shooting for the priceless slot. Surely there will be more fun things to come."
Flaw finders have increasingly been targeting device drivers rather than the main components of the operating system. The increased focus on security among operating-system developers have resulted in fewer flaws in the systems software, while device drivers' code quality is more haphazard.
Moore has said that a demonstration of the new capabilities should be ready in a week.
