About Metasploit Object Model: Understanding the Metasploit Object Model
Metasploit Framwork architecture
Metasploit Framwork architecture
   In the Metasploit Framework, all modules are Ruby classes:
    * Modules inherit from the type-specific class
    * The type-specific class inherits from the Msf::Module class
    * There is a shared common API between modules

   Payloads are slightly different:
    * Payloads are created at runtime from various components
    * Glue together stagers with stages

Metasploit Mixins and Plugins
Metasploit Object Model, Mixins and Plugins | Metasploit Tutorials

   A Quick Diversion into Ruby:
    * Every Class only has one parent
    * A class may include many Modules
    * Modules can add new methods
    * Modules can overload old methods
    * Metasploit modules inherit Msf::Module and include mixins to add features.

   Metasploit Mixins
      Mixins are quite simply, the reason why Ruby rocks:
    * Mixins include one class into another
    * This is both different and similar to inheritance
    * Mixins can override a class’ methods

      Mixins can add new features and allows modules to have different ‘flavors’:
    * Protocol-specific (HTTP, SMB)
    * Behaviour-specific (brute force)
    * connect() is implemented by the TCP mixin
    * connect() is then overloaded by FTP, SMB, and others

      Mixins can change behavior:
    * The Scanner mixin overloads run()
    * Scanner changes run() for run_host() and run_range()
    * It calls these in parallel based on the THREADS setting

    * The BruteForce mixin is similar

   Metasploit Plugins
      Plugins work directly with the API:
    * They manipulate the framework as a whole
    * Plugins hook into the event subsystem
    * They automate specific tasks that would be tedious to do manually

      Plugins only work in the msfconsole:
    * Plugins can add new console commands
    * They extend the overall Framework functionality


Post a Comment

Previous Post Next Post