Metasploit mailing list archives

GUI

From: vmukhi at vsnl.com (vmukhi at vsnl.com)
Date: Fri, 27 Jan 2006 15:16:46 +0500

Hey all,
We've been working on extending features of the framework 3.0, and since
we're fairly new to both Ruby and the internals of the framework, we decided
to develop a GUI with a few extra features, this was a good learning
experience which we figured other people on the list could also benefit
from. We initially started development using the Tcl/Tk ruby extensions -
however after about two days, we realized it wasn't going anywhere, so we
switched over to FXruby (www.fxruby.org). Our goal is to create a GUI
extension that does the following:

1. Execute recon modules that will parse the output from nmap, nikto, nessus
etc. These will determine the target o/s and service versions.

2. Select exploits which have targets that match the recon results (for
example, if nmap detects iis5.0, the gui will recommend exploits that should
work against iis5.0). In the same vein if we detect that port 21 is closed, no point in displaying ftp exploits.

3. Allow the user in one shot to select multiple exploits, payload and
encoders and run all of these in permutation/combination. This would be a
useful way to test IDS signatures against different encoders. It should also
manage all the successfully exploited sessions. Logically you can extend
this to scan a complete subnet and execute a mass-attack.

We've decided however to abandon FXRuby in favour of Qt (for ease of
development). Do more experienced Ruby coders think this is a wise decision?
We're attaching the work we'd done in FXRuby. One problem we faced was creating a FXLabel widget before calling the
create method. We had no choice but to create empty labels and then populate their text property later.

The code is embarassingly unstructured, but our goal was just to get things working. Hopefully people on the list will
find it useful. You can get it working by first installing FXRuby from fxruby.org and then copying the two attached
files into the framework directory and running 'ruby -Ilib msfgui.rb'. The UI works under windows also.

Looking forward to your feedback!

Cheers,

Vijay Mukhi & team.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: msfgui.zip
Type: application/x-zip-compressed
Size: 7319 bytes
Desc: not available
URL: <http://mail.metasploit.com/pipermail/framework/attachments/20060127/784f5e9c/attachment.bin>

Current thread:

GUI vmukhi at vsnl.com (Jan 27)
- GUI Chuck Fullerton (Jan 27)
  - GUI Sahir Hidayatullah (Jan 27)
  - GUI Sahir Hidayatullah (Jan 27)
- GUI H D Moore (Jan 27)
- <Possible follow-ups>
- GUI Jerome Athias (Jan 28)