Exploit Mixins
a11y.text Exploit MixinsWorking with Exploit Mixins
a11y.text Working with Exploit MixinsExploit::Remote::Tcp
a11y.text Exploit::Remote::TcpCode:
lib/msf/core/exploit/tcp.rb
Provides TCP options and methods.
- Defines RHOST, RPORT, ConnectTimeout
- Provides connect(), disconnect()
- Creates self.sock as the global socket
- Offers SSL, Proxies, CPORT, CHOST
- Evasion via small segment sends
- Exposes user options as methods – rhost() rport() ssl()
Exploit::Remote::DCERPC
a11y.text Exploit::Remote::DCERPCCode:
lib/msf/core/exploit/dcerpc.rb
Inherits from the TCP mixin and has the following methods and options:
- dcerpc_handle()
- dcerpc_bind()
- dcerpc_call()
- Supports IPS evasion methods with multi-context BIND requests and fragmented DCERPC calls
Exploit::Remote::SMB
a11y.text Exploit::Remote::SMBCode:
lib/msf/core/exploit/smb.rb
Inherits from the TCP mixin and provides the following methods and options:
- smb_login()
- smb_create()
- smb_peer_os()
- Provides the Options of SMBUser, SMBPass, and SMBDomain
- Exposes IPS evasion methods such as: SMB::pipe_evasion, SMB::pad_data_level, SMB::file_data_level
Exploit::Remote::BruteTargets
a11y.text Exploit::Remote::BruteTargetsThere are 2 source files of interest.
Code:
lib/msf/core/exploit/brutetargets.rb
Overloads the exploit() method.’
- Calls exploit_target(target) for each Target
- Handy for easy target iteration
Code:
lib/msf/core/exploit/brute.rb
Overloads the exploit method.
- Calls brute_exploit() for each stepping
- Easily brute force and address range
Metasploit Mixins
a11y.text Metasploit MixinsThe mixins listed above are just the tip of the iceberg as there are many more at your disposal when creating exploits. Some of the more interesting ones are:
- Capture – sniff network packets
- Lorcon – send raw WiFi frames
- MSSQL – talk to Microsoft SQL servers
- KernelMode – exploit kernel bugs
- SEH – structured exception handling
- NDMP – the network backup protocol
- EggHunter – memory search
- FTP – talk to FTP servers
- FTPServer – create FTP servers