Knowledge is not an object, it’s a flow
Save the environment - don’t print this document !
If you want to show your respect for my work - donate : http://www.corelan.be:8800/index.php/donate/
http://www.corelan.be:8800 - Page 1 / 7
Peter Van Eeckhoutte's Blog
:: [Knowledge is not an object, it´s a flow] ::
Exploit writing tutorial part 4 : From Exploit to Metasploit – The basics
Peter Van Eeckhoutte · Wednesday, August 12th, 2009
In the first parts of the exploit writing tutorial, I have discussed some common vulnerabilities that can lead to 2 types of exploits : stack based buffer overflows (with
direct EIP overwrite), and stack based buffer overflows that take advantage of SEH chains. In my examples, I have used perl to demonstrate how to build a working
exploit.
Obviously, writing exploits is not limited to perl only. I guess every programming language could be used to write exploits… so you can just pick the one that you are
most familiar with. (python, c, c++, C#, etc)
Despite the fact that these custom written exploits will work just fine, it may be nice to be able to include your own exploits in the metasploit framework in order to take
advantage of some of the unique metasploit features.
So today, I’m going to explain how exploits can be written as a metasploit module.
Metasploit modules are writting in ruby. Even if you don’t know a lot about ruby, you should still be able to write a metasploit exploit module based on this tutorial and
the existing exploits available in metasploit.
Metasploit exploit module structure
A typical metasploit exploit module consists of the following components :
header and some dependencies
●
Some comments about the exploit module
❍
require ‘msf/core’
❍
class definition
●
includes
●
“def” definitions :
●
initialize
❍
check (optional)
❍
exploit
❍
You can put comments in your metasploit module by using the # character. That’s all we need to know for now, let’s look at the steps to build a metasploit exploit
module.
Case study : building an exploit for a simple vulner