module style guide

[hdm at metasploit.com (HD Moore)]

On Fri, 17 Jul 2009 03:54:37 -0500, Robin Wood <dninja at gmail.com> wrote:

> Hi
> I'm writing a new module, are there any guides on correct code
> structure, styling etc? I'd rather get this stuff right from the start
> rather than build the module then re-write it before I submit it.

If you follow the structure of a similar module, you should be fine. There  
is a little bit of information about style/format/mixins on the Wikibooks  
page[1], but it comes down a few general guidelines:


  * Use hard tab indentations vs spaces for all modules

  * If you are calling a non-standad Ruby library, a load-check on the  
library should be added, or it should be integrated into the framework as  
a mixin.

  * Socket calls should go through mixins if possible (tcp/udp/etc), if you  
need to make sockets by hand, please use the Rex::Socket API and pass in  
the Context parameter like the following:

                csock = Rex::Socket::Tcp.create(
                        'PeerHost'  => datastore['RHOST'],
                        'PeerPort'  => datastore['RPORT'],
                        'Context'   =>
                                {
                                        'Msf'        => framework,
                                        'MsfExploit' => self,
                                })

  * All shellcode should be what the user specifies as an option. If you  
need to embed fixup code (heap cleanup,etc), you can use  
Prepend/PrependEncoder in the Payload section at the top of the module.

  * All return addresses and target-specific information should be stored  
in the Targets section of the module header and pulled out at runtime.


-HD


1. http://en.wikibooks.org/wiki/Metasploit/Contents