Hi all I need your advice/help on the implementation of a new metasploit module. The idea is that we are sometimes interested not only in breaking (penetrating) into systems but also we are interested in post-access actions, which can be very significant for security analysis or evaluation (statefull or behavior-based IDSes by example).
Metasploit already contains "access" actions as well as other usefull auxiliary tools of attack (e.g., Dos, scanners, etc). So, I thought to extend metasploit framework by a new module to imitate (and automate) post-access actions that can probably be carried out by attackers. For example, executing a sequence of commands to browse the victim machine, upload a piece of malwae, connect back to another machine, etc. The advantage in metasploit is that it contains all what we need to carry out such actions but the question is how to automate it. I know that autopwn is an advanced step for doing this but unfortunately it stops at gaining access and establishing sessions. We need to go a step further in the automation. What is the entry point to interact with the established sessions, how can we execute commands, receive and process their outputs? I think Msf::Session is the key entry, right? Any help or suggestion for this end is highly appreciated. Best regards, Mohammed GAD _______________________________________________ Framework-Hackers mailing list Framework-Hackers@spool.metasploit.com http://spool.metasploit.com/mailman/listinfo/framework-hackers
