AHA-best-msf-interface-ever
Upcoming SlideShare
Loading in...5
×
 

AHA-best-msf-interface-ever

on

  • 322 views

This is more or less just for fun, but it does allow you to remotely control a metasploit instance, kind of like db_nmap lets you control nmap from msf. Since I wrote this, foundation (I think) ...

This is more or less just for fun, but it does allow you to remotely control a metasploit instance, kind of like db_nmap lets you control nmap from msf. Since I wrote this, foundation (I think) rewrote the msfrpcd-bruteforce script, and the msgpack implementation he wrote in pure lua could probably be substituted instead, but I learned a lot doing this and am making slides for what I learned. This was briefed at AHA in "turbo-talk" style. I'll be uploading a more readable version soon

Statistics

Views

Total Views
322
Views on SlideShare
322
Embed Views
0

Actions

Likes
0
Downloads
1
Comments
1

0 Embeds 0

No embeds

Accessibility

Categories

Upload Details

Uploaded via as Microsoft PowerPoint

Usage Rights

CC Attribution License

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
  • to watch the movie clip:

    http://nmap.org/presentations/BHDC10/ 24th Minute
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

AHA-best-msf-interface-ever AHA-best-msf-interface-ever Presentation Transcript

  • Best MSF InterfaceEver! { < kernelsmith
  • msfrpcd duh
  • Via Lua
  • Ooh ooh, via NMap
  • You probably can’t hear thishttp://nmap.org/presentations/BHDC10/ 24th Minute
  • I.E. Because I Canor I at least thought I could It’s Also All the “Flame” These Days
  • For Lua Need: Lua 5.1 for nowsockets – luasocket http – luasocket*msgpack – let’s talk* http://w3.impa.br/~diego/software/luasocket/
  • Lua 5.1Default package for most Linux “Sweet spot” right now apt-get install lua5.1 liblua5.1-0-dev # <-- this is key# LuaSocket too! liblua5.1-socket2 liblua5.1-socket-dev liblua-socket-doc
  • msgpack: mplua – C/++ 1lua-msgpack – luarocks 2 lua-cmsgpack (redis) N others
  • Testingbox:~/lua/code> luaLua 5.2.0 Copyright (C) 1994…>require “msgpack”if not error then g2gelse check path & cpathend>print(package.path)
  • Easy Part: Learn Lua Learn luasocketLearn rpc api and…
  • Harder Part: NSE Integration Lots of nmap.org reading Brushing up on GCC #nmap helpfulmad thanks to bonsaiviking
  • NSE Integration:Pure Lua easy, Clib annoyingNmap 6.1 == Lua 5.1Nmap 5.2 == Lua 5.2
  • NSE Integration:I used cmsgpack, so clibCreated nse_cmsgpack.hcmsgpack.c => nse_cmsgpack.c - edited for 5.2Edited nse_main.ccEdited Makefile.in
  • Prayed a lot.Got lots of help from #nmapnear the endnse_main.cc = pastebin.com/aCYNfUA5Makefile.in = pastebin.com/AjinN6Y8nse_cmsgpack.h = pastebin.com/zz0z6TWCnse_cmsgpack.c = pastebin.com/SJbcmB9NI will finish updating these pastes and put in github.com/kernelsmith
  • Lame Demo