Metasploit Module Development
Download as PPTX, PDF0 likes356 views
This document provides an overview of Metasploit module development. It discusses the prerequisites, introduces Metasploit and its architecture including the file system and libraries. It explains the Metasploit object model and modules, covering exploits, payloads, encoders, the module tree, and staged vs stageless payloads. It also discusses digging into an existing module to understand its parameters and methods.
Metasploit Module Development
- 2. Contents • Prerequisites • Introduction to Metasploit • Understanding Metasploit • Metasploit Object Model • Dig into Current Module • Show Time
- 3. Prerequisites • Ruby installed • Metasploit framework • Linux
- 5. Understanding Metasploit Architecture • MSF File System • Libraries
- 6. Understanding Metasploit Architecture • MSF File System • Data • Documentation • External • Lib • Modules • Plugins • Scripts • tools
- 7. Understanding Metasploit Architecture • Msf File System
- 8. Understanding Metasploit Architecture • Libraries • Rex • The basic library for most tasks • Handles sockets, protocols, text transformations, and others • SSL, SMB, HTTP, XOR, Base64, Unicode • Msf:Core • Provides the ‘basic’ API • Define Metasploit Framework • Msf:Base • Provides Friendly API • Provides simplified API for use in the framework
- 10. Understanding Metasploit Modules The Metasploit Framework is composed of modules. • Exploits • Payloads, Encoders, Nops • Primary Module Tree • User-Specified Module Tree
- 11. Understanding Metasploit Modules • Exploit • Defined as modules that use payloads • An exploit without a payload is an Auxiliary module • Payloads, Encoders, Nops • Payloads consist of code that runs remotely • Encoders ensure that payloads make it to their destination • Nops keep the payload sizes consistent
- 12. Understanding Metasploit Modules • Primary Module Tree • /usr/share/metaspoit-framework/modules • ~/git/metasploit-framework/modules/ • User-Specified Module Tree • External module import by users • ~./msf4/modules/
- 14. Understanding Metasploit Object Model • Module • All Modules are ruby class • Inherit from Msf:Module • Payload • Staged and Stagless
- 15. Understanding Metasploit Object Model • Payload • Stager and Stageless • Stage • Stage0 • Create connection metsrv • Send shellcode • Stage 1 • Listen for back connect • Push up metapreter extension DLL • Stapi and priv
- 16. Understanding Metasploit Object Model • Stageless • No Stage • Direct Read metsrv
- 17. Understanding Metasploit Object Model • What’s wrong wiht Stage? • Buffer in stage0 • Low-bandwidth
- 18. Dig into Current Module
- 19. Dig Into Current Module Update Information Paramater of wmapmodule.rb
- 20. Dig Into Current Module run_host - which start the method Send_request_raw() - /rex/http/client_request/rb :response as res parametr which denote of data , when http_fingerprint() is called
- 21. Show Time
- 22. Show Time
Editor's Notes
- #7: data: editable files used by Metasploit documentation: provides documentation for the framework external: source code and third-party libraries lib: the ‘meat’ of the framework code base modules: the actual MSF modules plugins: plugins that can be loaded at run-time scripts: Meterpreter and other scripts tools: various useful command-line utilities
- #15: Stagers Payload which download stages Use normal condition Stageless Use when buffer size is no enough, network traffic is not enough
- #20: /lib/msf/core/exploit/http/client.rb /lib/msf/core/auxiliary/wmapmodule.rb /lib/msf/core/auxiliary/scanner.rb
- #21: Run_host() => method start Send_request_raw() /rex/proto/http/client_request.rb http_fingerprint() => :response as res parameter which denote that fingerprint from res Rescue => catch error