23
Metasploit Module Development By Kyaw Thiha

Metasploit Module Development

Embed Size (px)

Citation preview

Page 1: Metasploit Module Development

Metasploit Module Development

By Kyaw Thiha

Page 2: Metasploit Module Development

Contents• Prerequisites• Introduction to Metasploit• Understanding Metasploit• Metasploit Object Model• Dig into Current Module• Show Time

Page 3: Metasploit Module Development

Prerequisites• Ruby installed• Metasploit framework• Linux

Page 4: Metasploit Module Development

Introduction to Metasploit

Page 5: Metasploit Module Development

Understanding Metasploit Architecture• MSF File System

• Libraries

Page 6: Metasploit Module Development

Understanding Metasploit Architecture• MSF File System• Data• Documentation• External• Lib• Modules• Plugins• Scripts• tools

Page 7: Metasploit Module Development

Understanding Metasploit Architecture• Msf File System

Page 8: Metasploit Module Development

Understanding Metasploit Architecture• Libraries• Rex

• The basic library for most tasks• Handles sockets, protocols, text transformations, and others• SSL, SMB, HTTP, XOR, Base64, Unicode

• Msf:Core• Provides the ‘basic’ API• Define Metasploit Framework

• Msf:Base• Provides Friendly API• Provides simplified API for use in the framework

Page 9: Metasploit Module Development

Understanding Metasploit ArchitectureLibraries

Page 10: Metasploit Module Development

Understanding Metasploit ModulesThe Metasploit Framework is composed of modules.

• Exploits• Payloads, Encoders, Nops• Primary Module Tree• User-Specified Module Tree

Page 11: Metasploit Module Development

Understanding Metasploit Modules• Exploit• Defined as modules that use payloads• An exploit without a payload is an Auxiliary module

• Payloads, Encoders, Nops• Payloads consist of code that runs remotely• Encoders ensure that payloads make it to their destination• Nops keep the payload sizes consistent

Page 12: Metasploit Module Development

Understanding Metasploit Modules• Primary Module Tree• /usr/share/metaspoit-framework/modules• ~/git/metasploit-framework/modules/

• User-Specified Module Tree• External module import by users• ~./msf4/modules/

Page 13: Metasploit Module Development

Understanding Metasploit Modules

Page 14: Metasploit Module Development

Understanding Metasploit Object Model• Module• All Modules are ruby class• Inherit from Msf:Module

• Payload• Staged and Stagless

Page 15: Metasploit Module Development

Understanding Metasploit Object Model• Payload• Stager and Stageless

• Stage• Stage0

• Create connection metsrv• Send shellcode

• Stage 1• Listen for back connect• Push up metapreter extension DLL• Stapi and priv

Page 16: Metasploit Module Development

Understanding Metasploit Object Model• Stageless• No Stage• Direct Read metsrv

Page 17: Metasploit Module Development

Understanding Metasploit Object Model• What’s wrong wiht Stage?

• Buffer in stage0• Low-bandwidth

Page 18: Metasploit Module Development

Dig into Current Module

Page 19: Metasploit Module Development

Dig Into Current Module

Update Information

Paramater of wmapmodule.rb

Page 20: Metasploit Module Development

Dig Into Current Module

run_host - which start the method

Send_request_raw() - /rex/http/client_request/rb

:response as res parametr which denote of data , when http_fingerprint() is called

Page 21: Metasploit Module Development

Show Time

Page 22: Metasploit Module Development

Show Time

Page 23: Metasploit Module Development

Thanks

Questions?


Guida Metasploit Framework

Guida Metasploit Framework

Documents
Nethemba metasploit

Nethemba metasploit

Lifestyle
Metasploit v0.3

Metasploit v0.3

Technology
Metasploit Completo

Metasploit Completo

Documents
Metasploit User Guide

Metasploit User Guide

Documents
Metasploit Pro Console

Metasploit Pro Console

Documents
The Metasploit Framework - Unicam · The Metasploit Framework is both a penetration testing system and a development platform for creating security tools and exploits. ... function

The Metasploit Framework - Unicam · The Metasploit Framework is both a penetration testing system and a development platform for creating security tools and exploits. ... function

Documents
Metasploit Express User Guide - academy.delmar.eduacademy.delmar.edu/Courses/ITSC1358/.../Metasploit... · Metasploit Express User Guide Metasploit Express User Guide Release 3.6

Metasploit Express User Guide - academy.delmar.eduacademy.delmar.edu/Courses/ITSC1358/.../Metasploit... · Metasploit Express User Guide Metasploit Express User Guide Release 3.6

Documents
Metasploit Open Tutorial

Metasploit Open Tutorial

Documents
Users Guide metasploit

Users Guide metasploit

Documents
Louisville Infosec - Metasploit Class - Fuzzing and Exploit Development with Metasploit

Louisville Infosec - Metasploit Class - Fuzzing and Exploit Development with Metasploit

Technology
Metasploit Framework Unleashed beyond Metasploit · PDF fileMetasploit Framework Unleashed –beyond Metasploit ... MSF Bind Payload

Metasploit Framework Unleashed beyond Metasploit · PDF fileMetasploit Framework Unleashed –beyond Metasploit ... MSF Bind Payload

Documents
Metasploit framwork

Metasploit framwork

Technology
Metasploit Unleashed Msfconsole

Metasploit Unleashed Msfconsole

Documents
Metasploit For Beginners

Metasploit For Beginners

Technology
The Network Security Test Lab - Startseite...Metasploit 286 Armitage 287 Metasploit Console 288 Metasploit Command‐Line Interface 289 Updating Metasploit 290 BeEF 290 Core Impact

The Network Security Test Lab - Startseite...Metasploit 286 Armitage 287 Metasploit Console 288 Metasploit Command‐Line Interface 289 Updating Metasploit 290 BeEF 290 Core Impact

Documents
Metasploit 2.pdf

Metasploit 2.pdf

Documents
Exploitation with Metasploit - Nethemba · PDF file Prologue Metasploit Project Metasploit Framework – open­source platform for exploit developing, testing and using exploit

Exploitation with Metasploit - Nethemba · PDF file Prologue Metasploit Project Metasploit Framework – open­source platform for exploit developing, testing and using exploit

Documents
Metasploit penetration

Metasploit penetration

Internet
Mastering Metasploit

Mastering Metasploit

Software
Curso Metasploit

Curso Metasploit

Documents
Attacking Oracle with the Metasploit Framework Metasploit Support Introduction of a TNS Mixin. Handles a basic TNS packet structure. ... Metasploit,Chris Gates,Oracle,Metasploit Framework

Attacking Oracle with the Metasploit Framework Metasploit Support Introduction of a TNS Mixin. Handles a basic TNS packet structure. ... Metasploit,Chris Gates,Oracle,Metasploit Framework

Documents
Metasploit FrameworkMetasploit_Framework

Metasploit FrameworkMetasploit_Framework

Documents
Metasploit Demo

Metasploit Demo

Education
Offensive Security module introduces the Metasploit and Core Impact Exploit Frameworks, as well as their various functionalities and uses. Module Objectives: 1

Offensive Security module introduces the Metasploit and Core Impact Exploit Frameworks, as well as their various functionalities and uses. Module Objectives: 1

Documents
Isac Metasploit

Isac Metasploit

Documents
CENTRAL UNIVERSITY OF PUNJAB BATHINDA CBS.pdfIntroduction to Metasploit: Metasploit framework, Metasploit Console, Payloads, Metrpreter, Introduction to Armitage, Installing and using

CENTRAL UNIVERSITY OF PUNJAB BATHINDA CBS.pdfIntroduction to Metasploit: Metasploit framework, Metasploit Console, Payloads, Metrpreter, Introduction to Armitage, Installing and using

Documents
Cpods training-metasploit

Cpods training-metasploit

Documents
Finalppt metasploit

Finalppt metasploit

Documents
Learning Metasploit Exploitation and Development · PDF fileLearning Metasploit Exploitation and Development . Aditya Balapure . Chapter No. 6 "Client-side Exploitation"

Learning Metasploit Exploitation and Development · PDF fileLearning Metasploit Exploitation and Development . Aditya Balapure . Chapter No. 6 "Client-side Exploitation"

Documents