Hi Max It is a good news to find someone out there sharing the same interest. However, I am afraid that we waste our time doing the same stuff cause me too, I did some stuff. If you agree, we can launch a common project on this issue.
Have a nice day, MG On Wed, Oct 22, 2008 at 1:01 PM, max moser <[EMAIL PROTECTED]> wrote: > Hi there, > > i am in te process of writeup a howto on this one as well as contributing a > lot of stuff back to the project. I did most of the stuff you mentioned > allready. > > Greetings > > max > > On Oct 22, 2008, at 12:33 PM, M. GAD wrote: > >> Hi all >> I need your advice/help on the implementation of a new metasploit module. >> The idea is that we are sometimes interested not only in breaking >> (penetrating) into systems but also we are interested in post-access >> actions, which can be very significant for security analysis or >> evaluation (statefull or behavior-based IDSes by example). >> >> Metasploit already contains "access" actions as well as other usefull >> auxiliary tools of attack (e.g., Dos, scanners, etc). So, I thought to >> extend metasploit framework by a new module to imitate (and automate) >> post-access actions that can probably be carried out by attackers. For >> example, executing a sequence of commands to browse the victim >> machine, upload a piece of malwae, connect back to another machine, >> etc. >> The advantage in metasploit is that it contains all what we need to >> carry out such actions but the question is how to automate it. I know >> that autopwn is an advanced step for doing this but unfortunately it >> stops at gaining access and establishing sessions. We need to go a >> step further in the automation. >> >> What is the entry point to interact with the established sessions, how >> can we execute commands, receive and process their outputs? >> I think Msf::Session is the key entry, right? >> >> Any help or suggestion for this end is highly appreciated. >> >> Best regards, >> Mohammed GAD >> _______________________________________________ >> Framework-Hackers mailing list >> Framework-Hackers@spool.metasploit.com >> http://spool.metasploit.com/mailman/listinfo/framework-hackers > > _______________________________________________ Framework-Hackers mailing list Framework-Hackers@spool.metasploit.com http://spool.metasploit.com/mailman/listinfo/framework-hackers
