Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Metasploit Module Development

  • Login to see the comments

  • Be the first to like this

Metasploit Module Development

  1. 1. Metasploit Module Development By Kyaw Thiha
  2. 2. Contents • Prerequisites • Introduction to Metasploit • Understanding Metasploit • Metasploit Object Model • Dig into Current Module • Show Time
  3. 3. Prerequisites • Ruby installed • Metasploit framework • Linux
  4. 4. Introduction to Metasploit
  5. 5. Understanding Metasploit Architecture • MSF File System • Libraries
  6. 6. Understanding Metasploit Architecture • MSF File System • Data • Documentation • External • Lib • Modules • Plugins • Scripts • tools
  7. 7. Understanding Metasploit Architecture • Msf File System
  8. 8. Understanding Metasploit Architecture • Libraries • Rex • The basic library for most tasks • Handles sockets, protocols, text transformations, and others • SSL, SMB, HTTP, XOR, Base64, Unicode • Msf:Core • Provides the ‘basic’ API • Define Metasploit Framework • Msf:Base • Provides Friendly API • Provides simplified API for use in the framework
  9. 9. Understanding Metasploit Architecture Libraries
  10. 10. Understanding Metasploit Modules The Metasploit Framework is composed of modules. • Exploits • Payloads, Encoders, Nops • Primary Module Tree • User-Specified Module Tree
  11. 11. Understanding Metasploit Modules • Exploit • Defined as modules that use payloads • An exploit without a payload is an Auxiliary module • Payloads, Encoders, Nops • Payloads consist of code that runs remotely • Encoders ensure that payloads make it to their destination • Nops keep the payload sizes consistent
  12. 12. Understanding Metasploit Modules • Primary Module Tree • /usr/share/metaspoit-framework/modules • ~/git/metasploit-framework/modules/ • User-Specified Module Tree • External module import by users • ~./msf4/modules/
  13. 13. Understanding Metasploit Modules
  14. 14. Understanding Metasploit Object Model • Module • All Modules are ruby class • Inherit from Msf:Module • Payload • Staged and Stagless
  15. 15. Understanding Metasploit Object Model • Payload • Stager and Stageless • Stage • Stage0 • Create connection metsrv • Send shellcode • Stage 1 • Listen for back connect • Push up metapreter extension DLL • Stapi and priv
  16. 16. Understanding Metasploit Object Model • Stageless • No Stage • Direct Read metsrv
  17. 17. Understanding Metasploit Object Model • What’s wrong wiht Stage? • Buffer in stage0 • Low-bandwidth
  18. 18. Dig into Current Module
  19. 19. Dig Into Current Module Update Information Paramater of wmapmodule.rb
  20. 20. Dig Into Current Module run_host - which start the method Send_request_raw() - /rex/http/client_request/rb :response as res parametr which denote of data , when http_fingerprint() is called
  21. 21. Show Time
  22. 22. Show Time
  23. 23. Thanks Questions?

×