If the exploit will never crash the service, then ExcellentRanking should be used. This is the case for SQL Injection, CMD execution, RFI, LFI, etc. No typical memorycorruption exploits should be given this ranking unless there are extraordinary circumstances (WMF Escape()).
If the exploit has a default target AND either auto-detects the appropriate target or uses an application-specific return address AFTER a version check, then GreatRanking should be used.
If the exploit has a default target and it is the "common case" for this type of software (English, Windows XP for a desktop app, 2003 for server, etc) then GoodRanking should be used.
If the exploit is otherwise reliable, but depends on a specific version and can't reliably auto-detect (or doesn't autodetect) then NormalRanking should be used.
If the exploit is generally unreliable or difficult to exploit, then AverageRanking should be used.
If the exploit is nearly impossible to exploit (or under 50%) for common platforms, then LowRanking should be used.
If the exploit is so unstable or difficult to exploit and is basically a DoS, then ManualRanking should be used. This ranking is also used when the module has no use unless specifically configured by the user (e.g.: php_eval).
0 Comments