Metasploit mailing list archives
MSF in msfconsole
From: hdm at metasploit.com (HD Moore)
Date: Sun, 12 Jul 2009 17:21:51 -0500
On Sun, 12 Jul 2009 16:06:45 -0500, Rob Fuller <mubix at room362.com> wrote:
So I was playing around with msfconsole and the msfd module. One of my biggest complaints about msfd is the lack of (guess it's called 'readline') support. Basically history and arrowing. There are a couple ways I can think of doing this but wanted to ping the list first.
1. Extend the plugin to check revision, then if a match, use it's own.. 2. Load all or dynamically across the wire msfconsole and all of it's... 3. Use some IRB majak to go completely ruby connection based, hopefully...
The current code just requires netcat or telnet to be the client. Implement command completion and history would require either of the following: a) A custom ruby client that is smart enough to load stuff over the network and a reimplmented server plugin to support this. b) A change from line-based to character-based input processing in the plugin, a complete termcap implementation, and essentially implement a real telnet session on a pty.
Thoughts, ideas? The basic premise that I'm looking for is the load msfconsole on my side, and do msf> load msfd -c 192.168.1.100 and connect to an interactive remote msfconsole. On the server side it would be msf> load msfd -d 0.0.0.0 54444
This is actually what msfrpc and msfrpcd are for, plus they offer encryption and authentication. The msfrpc client is just an IRB instance that has access to the RPC client object. If you want to get fancy, you could build a full msfconsole replacement that interacts with a remote metasploit instance over the RPC interface. This comes pretty close to solution a) above. -HD
Current thread:
- MSF in msfconsole Rob Fuller (Jul 12)
- MSF in msfconsole HD Moore (Jul 12)