Metasploit mailing list archives

Auxiliary Module Questions

From: a10n3.s7r1k3r at gmail.com (Kashif Iftikhar)
Date: Tue, 17 Apr 2007 17:48:50 +0000

Hello,

  I am trying to put together an HTTP PUT/GET auxiliary module. I have
a few questions regarding the working of auxiliary modules.

1. What is the difference between auxiliary actions (of class
AuxiliaryAction) and auxiliary commands? Looking at the source code,
the auxiliary_commands accessor function returns an empty dictionary (
{ } ). Does this mean that auxiliary commands have not yet been
implemented?

2. Regarding auxiliary actions, I was able to add auxiliary actions by
passing either

  'Actions'        => [AuxiliaryAction.new('PUT_FILE', {}),
                                 AuxiliaryAction.new('DELETE_FILE', {})],

    OR

  'Actions'     =>
                                [ ['My Aux action'] ],

  Looking at the constructor of AuxiliaryAction class, there is also
an options dictionary/hash named opts that can be passed. For the time
being I am passing it empty. What keys/values can come into opts? How
do I add description for an action.

  doing 'show actions' in msfconsole just displays the action name
without any description. I tried adding a 'Description' key to the
opts passed to AuxiliaryAction class but it had no effect.

3. How does an action become passive? Do I just include it in the
PassiveActions list/array and it automatically gets to run as passive
or are there other requirements?

4. Is there a way to monitor the status/progress of auxiliary scanner
modules? Can this progress be monitored from the database without
calling msfcli or msfconsole etc?

5. The auxiliary scanner modules provide three ways (scan host, scan
range and scan batch) to do a scan. Exploring the source code, I was
able to figure out these:

  * To scan a host the module should implement the run_host() method.
  * To scan a range, the run_range method should be implemented.
  * To scan a batch, the run_batch() method and also a batch_size
accessor function should be implemented.

  My question is from where does the run_host(ip) method gets the IP,
the run_range(range) method gets the range and the run_batch(batch)
method gets the batch? How can a user specify a range or a batch using
msfconsole?

  I am planning to write a tutorial on auxiliary modules developments
and on some useful mixins like HttpClient, any other tips suggestions
will also be greatly appreciated.

- Kashif.

Current thread:

Auxiliary Module Questions Kashif Iftikhar (Apr 17)
- Auxiliary Module Questions mmiller at hick.org (Apr 17)
  - Auxiliary Module Questions Kashif Iftikhar (Apr 20)