Expanding Metasploits Exploit capability

So if you use metasploit and you want to get the best from it when on a pentest every advantage could lead to compromising those boxes .. so here is how we add some meat to metasploits already meaty exploit capabilities

you’ll need to pull down some exploit packs .. I use packetstorm security as a source as it’s pretty good and has been for many years.

once you have downloaded your exploit packs you need to unpack and sort the .rb.txt files as these are the one’s we are going to put into measploit .

Adding additional exploits into metasploit happens like this .. you navigate to ~/.msf3 or ~/.msf4 once in there you will cd to modules then mkdir exploits then cd exploits in here is where we will copy our rb.txt files. if you open a command line in the folder where the files currently reside it might look something like this from command line  - cp *.txt.rb ~/msf4/modules/exploits/

Change directory cd ~/msf4/modules/exploits/ and then ls to see that the move has copy has worked (alternatively you can drag and drop if your smart enough to have a gui I prefer a gui but it’s overpowered by the mockery of the overlords of the internet )

strip away the .txt from .rb.txt with this command: for f in *.rb.txt; do mv “$f” “`basename “$f” .rb.txt`.rb”; done;

Boot up msfconsole

you will see some errors from some of the files that don’t sit well with metasploit … for times sake .. I delete those files and perhaps one day when I have the ability to look and try to fix/port them .. i will but for now it’s about showing you what I can with the knowledge I have .

You should see you have more exploits in your metasploit log in screen …

This process is repeatable so you can get more and more exploit packs and grow your metasploit monster

enjoy the screencast.