Jump to content
Sign in to follow this  
azagorath

Tutorial: Adding exploits to Metasploit Framework

Recommended Posts

azagorath

assuming you are using BT , Metasploit and exploit-db are already included .

1- update metasploit

2- update exploit-db by going to exploit-db directory /pentest/exploits/exploit-db and run svn update

3- run the "searchsploit" script in exploit-db directory , and search for the exploit you would like to add . Note: the exploit has to be written in Ruby (extension .rb)324201251005pm.png

4- open the exploit on text editor or nano

5- look at the Msf class , it should look something like this Msf::Exploit::Remote:: .

6- go to you home directory and find the hidden folder " .msf4" Note: if you use metasploit 3 , it should say .msf3

7- create a subfolder called " modules"

8- create subfolder inside modules called "exploits"

9- create subfolder inside exploits called "Remote" Note: the new directory you created must match the msf class in the exploit or else it will not work. you have to look inside the exploit

to see the msf class structure and create the needed directory as required..

10- paste your exploit in the new directory , in this example , proftp highlighted should be placed inside Remote subfolder.

you should be able to see the new exploit added through msfconsole or armitage.

it always good idea to rename your exploit before adding it to reflect what this exploit for .

Share this post


Link to post
Jamie

Nice, thanks for the info.

Share this post


Link to post
azagorath

Nice, thanks for the info.

anytime

Share this post


Link to post

Please sign in to comment

You will be able to leave a comment after signing in



Sign In Now
Sign in to follow this  
×