Metasploit mailing list archives
GUI
From: vmukhi at vsnl.com (vmukhi at vsnl.com)
Date: Fri, 27 Jan 2006 15:16:46 +0500
Hey all, We've been working on extending features of the framework 3.0, and since we're fairly new to both Ruby and the internals of the framework, we decided to develop a GUI with a few extra features, this was a good learning experience which we figured other people on the list could also benefit from. We initially started development using the Tcl/Tk ruby extensions - however after about two days, we realized it wasn't going anywhere, so we switched over to FXruby (www.fxruby.org). Our goal is to create a GUI extension that does the following: 1. Execute recon modules that will parse the output from nmap, nikto, nessus etc. These will determine the target o/s and service versions. 2. Select exploits which have targets that match the recon results (for example, if nmap detects iis5.0, the gui will recommend exploits that should work against iis5.0). In the same vein if we detect that port 21 is closed, no point in displaying ftp exploits. 3. Allow the user in one shot to select multiple exploits, payload and encoders and run all of these in permutation/combination. This would be a useful way to test IDS signatures against different encoders. It should also manage all the successfully exploited sessions. Logically you can extend this to scan a complete subnet and execute a mass-attack. We've decided however to abandon FXRuby in favour of Qt (for ease of development). Do more experienced Ruby coders think this is a wise decision? We're attaching the work we'd done in FXRuby. One problem we faced was creating a FXLabel widget before calling the create method. We had no choice but to create empty labels and then populate their text property later. The code is embarassingly unstructured, but our goal was just to get things working. Hopefully people on the list will find it useful. You can get it working by first installing FXRuby from fxruby.org and then copying the two attached files into the framework directory and running 'ruby -Ilib msfgui.rb'. The UI works under windows also. Looking forward to your feedback! Cheers, Vijay Mukhi & team. -------------- next part -------------- A non-text attachment was scrubbed... Name: msfgui.zip Type: application/x-zip-compressed Size: 7319 bytes Desc: not available URL: <http://mail.metasploit.com/pipermail/framework/attachments/20060127/784f5e9c/attachment.bin>