Metasploit mailing list archives
Using Scapy dissectors in Metasploit
From: hdm at metasploit.com (H D Moore)
Date: Sat, 29 Sep 2007 01:33:19 -0500
I started on integration, but ran into a bunch of issues: * Scruby uses globals to store configuration. This is fine for a console script, but very bad for a giant pile of code like the Framework. $conf is not guaranteed unique nor unmolested. * Calling Scruby's methods from another class/outside of the module scope is tricky. The same applies to the :prn callback for the sniff method. For the Framework to use Scruby, we need to instantiate a Class that provides methods we can call. If I overlooked something simple, please let me know. These should all be fixable, though it may require some code reorganization. I am happy to help with the effort and have already started some local changes here to get things working. -- examples -- # Scruby uses global variables which can conflict with other modules @before = global_variables require "scruby" @after = global_variables @diff = @after - @before p @diff # ["$IS_WINDOWS", "$IS_LINUX", "$layer_bounds", "$IS_BSD", "$HAVE_LIBDNET", "$aware_proto", "$conf", "$IS_OPENBSD"] # Scruby is a module, not a class: # a = Scruby.new # error: undefined local variable or method `new' for Scruby # Scruby's module doesn't work as a mixin class MyScruby @@before = self.methods include Scruby @@after = self.methods @@diff = @@after - @@before # No new methods by including Scruby # p @@diff end # This fails because sniff is not a method on the class # MyScruby.sniff(:intf => 'eth0') # error: undefined method `sniff' for MyScruby:Class (NoMethodError) # The current sniff method doesn't have a way to yield back to the caller # This means that even if it can be called from a class, theres no clean # way to pass back the data via :prn On Friday 28 September 2007 13:19, H D Moore wrote:
Looks good -- I will integrate pcaprub/scruby tonight and configure an exploit mixin to use them. Pcaprub is missing a few methods, but these are easy to integrate from my pcapx codebase. ?I do have two more feature requests for scruby, if you don't mind:
Current thread:
- Using Scapy dissectors in Metasploit Sylvain SARMEJEANNE (Sep 28)
- Using Scapy dissectors in Metasploit H D Moore (Sep 28)
- Using Scapy dissectors in Metasploit H D Moore (Sep 28)
- Using Scapy dissectors in Metasploit H D Moore (Sep 29)
- Using Scapy dissectors in Metasploit Sylvain SARMEJEANNE (Sep 30)
- Using Scapy dissectors in Metasploit H D Moore (Sep 28)
- Using Scapy dissectors in Metasploit H D Moore (Sep 28)