Creating my first metasploit module

Following the tutorial from Metasploit Unleashed website we got to the part where we needed to write a custom TCP scanner.

The process of extending the metasploit framework is really simple and to create a new scanner only one class was needed:

The scanner is called simple_tcp and this is its code:


 require ‘msf/core’
class Metasploit3 < Msf::Auxiliary
include Msf::Exploit::Remote::Tcp
include Msf::Auxiliary::Scanner
def initialize
super(
‘Name’ => ‘My custom TCP scan’,
‘Version’ => ‘$Revision: 1 $’,
‘Description’ => ‘My quick scanner’,
‘Author’ => ‘Your name here’,
‘License’ => MSF_LICENSE
)
register_options(
[
Opt::RPORT(12345)
], self.class)
end

def run_host(ip)
connect()
greeting = “HELLO SERVER”
sock.puts(greeting)
data = sock.recv(1024)
print_status(“Received: #{data} from #{ip}“)
disconnect()
end
end

Looking back at the intro to metasploit we quickly identify a few familiar pieces.
First we saw that the Metasploit3 class was inheriting the functionality from the Msf::Auxiliary module. However, to enable multiple inheritance the use of mixins was put in place and both the modules Msf::Exploit::Remote::Tcp and Msf::Auxiliary::Scanner were included in the class.

Here are the results:
Screen Shot 2014-01-30 at 10.59.59 PM

The example provided by the Metasploit Unleashed tutorial shows how trivial it is to extend the metapsloit framework and customize to fit your specific needs.
The code is widely available on github and you can dig in and find implementation of the core objects the framework provides.