Metasploit mailing list archives
Metasploit on Windows (Followup)
From: hdm at metasploit.com (H D Moore)
Date: Thu, 18 Jan 2007 15:08:00 -0600
I would like to thank the dozens of people who replied -- great feedback! Some quick background on why the native ruby interpreter is not an option right now: Ruby provides tab-completion and line-editing functionality through the libreadline library. This library can compile on Windows, but due to how Windows handles the stdio file descriptors, there are two behaviors (depending on which build you use): 1) Readline causes all of the ruby threads to block while reading input from the command line. This happens because Windows doesnt provide a non-blocking select for the standard IO handles. 2) Readline uses a Windows-specific polling API to check for input -- unfortunately, the ruby code that interfaces with readline doesn't handle this mode properly and spins 100% CPU. We can work around these by patching Ruby, but thats yet another thing we would have to maintain. The solution is to provide a user-interface that doesn't depend on standard IO or readline. While msfweb may be a good contender, its not really there with regards to functionality. If we can get msfweb to host a msfconsole replacement, this opens the way to ship a native ruby version for Windows. The alternative is we build a custom console interface that doesn't actually use real stdio. Unless somone with strong Windows skills volunteers for this, it won't happen anytime soon. With all of that said -- we realize that the Framework is one of the few security tools that works out-of-the-box on Windows. This has increased the size of our user-base and exposed the world of exploits to thousands of people who would not have looked otherwise. Whatever solution we come up with, we don't want to alienate these users, and if anything, we want make it easier for people to learn about security using the Framework. The plan forward: 1) Investigate using msfweb to provide a console interface on Windows. Look into existing console-like codebases we might be able to co-opt as a msfconsole replacement. We need a big container that people can type into and that interfaces cleanly with the Ruby interpreter. The solution might be to use Gtk/Tk/Wx to provide a ruby-based GUI console on Windows. 2) Look into building a customized virtual machine that is really simple for someone to download and use, even if they have no VM experience. A VM solution is a strong possibility even if we find a way to mostly-support Windows via a user-interface change. The biggest downside of using a VM is networking -- a reverse shell would kind of a pain to use in a NAT'd VM environment, and having to configure a new IP just to use Metasploit seems kind of silly. -HD
Current thread:
- Metasploit on Windows (Followup) H D Moore (Jan 18)
- Metasploit on Windows (Followup) Fab (Jan 18)
- Metasploit on Windows (Followup) Angelic Solutions (Jan 19)
- Metasploit on Windows (Followup) Nicolas RUFF (Jan 20)
- Metasploit on Windows (Followup) Pusscat (Jan 20)
- Metasploit on Windows (Followup) Fab (Jan 18)