SCO exploits in metasploit

[hdm at metasploit.com (H D Moore)]

On Fri, 2009-03-06 at 18:16 +0200, A K wrote:
> Hello all,
> has any work been done in porting the (ok, ancient, I admit) SCO
> exploits at milw0rm.com? If not, can someone give some specific
> pointers about how one goes adding a new operating system? I am
> fiddling with adding a new payload
> at /framework-3.2/lib/msf/core/payload (by copying
> over the generic.rb as sco.rb and editing/adding stuff as required),
> but I have a gut feeling that this is NOT the way to go :-)


The basic list of architectures can be found under lib/rex/constants.rb.
More than likely the architecture you want is already implemented
(x86?), but if you need to add one, thats the first place it goes.

To add a new operating system for an existing architecture, look at the
structure of modules/payloads/singles/linux/, you should be able to copy
linux/x86/ to sco/x86/, then edit the modules inside, key things to
change:

---
include Msf::Payload::Linux
 change this to Sco or just remove it, if you change it to sco, you 
 will need to implement a mixin under lib/msf/core/payloads/sco.rb 
 and require it into lib/msf/core/payload.rb

 this is used to implement PrependSetuid and other linux-specific
 options
---
'Platform'      => 'linux', (change to 'sco')
---

and finally, the raw payload itself.

hope this helps,

-HD