Re: Will Packetfu Support 802.15.4 and other WSN protocols (6LowPan) in future?

[Tod Beardsley <todb () metasploit com>]

On 11/28/2011 3:36 AM, Prabhakaran Kasinathan wrote:

> So how to define a protocol suite? inside packetfu. Previously Racket
> module is used for raw packet processing. Which is better way? Is there
> any tutorial for Packetfu?

I wouldn't say there's a tutorial, but there are tons of examples. Take 
a look at the Capture mixin and any module that includes that.

https://github.com/rapid7/metasploit-framework/blob/master/lib/msf/core/exploit/capture.rb

$ grep -rl "::Capture" modules/

Plenty of these modules define protocols directly. If you have some 
protocols in mind for PacketFu for general purpose use, you can write me 
off-list and I can see what I can do to help, or submit issues and pull 
requests to

https://github.com/todb/packetfu

> When i write an auxillary module , is it possible to make an attack such
> that , two modules or attacks can be combined to one attack with real
> time change in (run_timed,etc ) value for each modules to process?

Sorry, I'm not sure what you're asking. In terms of doing things in 
response to network conditions, it's totally possible to control 
behavior based on packets received -- maybe the Bailiwicked modules do 
something like what you want?

https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/spoof/dns/bailiwicked_domain.rb

If you're looking for something like, "When Module X is successful, run 
Module Y, otherwise, run Module Z" then I imagine you could automate 
something like that via an rc script that does some <ruby> evaluation in 
between each module. I don't have an example handy, though.

-todb
_______________________________________________
https://mail.metasploit.com/mailman/listinfo/framework