Become a Partner
Add OffSec to your list of training providers
Partner with usOffSec Wins Seven Global InfoSec Awards during RSA Conference 2024
Read blogThe format of an Exploit Module in Metasploit is similar to that of an Auxiliary Module but there are more fields.
class Metasploit3 > Msf::Exploit::Remote
include Msf::Exploit::Remote::TCP
def initialize
super(
'Name' => 'Simplified Exploit Module',
'Description' => 'This module sends a payload',
'Author' => 'My Name Here',
'Payload' => {'Space' => 1024, 'BadChars' => “\x00”},
'Targets' => [ ['Automatic', {} ] ],
'Platform' => 'win',
)
register_options( [
Opt::RPORT(12345)
], self.class)
end
# Connect to port, send the payload, handle it, disconnect
def exploit
connect()
sock.put(payload.encoded)
handler()
disconnect()
end
end
Although it is rarely implemented, a method called check() should be defined in your exploit modules whenever possible.
The return values for check() are:
proftp banner module | Metasploit unleashed
def check
# connect to get the FTP banner
connect
# grab banner
banner = banner = sock.get_once
# disconnect since have cached it as self.banner
disconnect
case banner
when /Serv-U FTP Server v4\.1/
print_status('Found version 4.1.0.3, exploitable')
return Exploit::CheckCode::Vulnerable
when /Serv-U FTP Server/
print_status('Found an unknown version, try it!');
return Exploit::CheckCode::Detected
else
print_status('We could not recognize the server banner')
return Exploit::CheckCode::Safe
end
return Exploit::CheckCode::Safe
end