Hi guys, I am writing a graduation work at the university. Here is the main idea: I need to write a programm that will alow me to do attack modelling for IDS testing. So, let's suppose, I know target OS, open ports and running services (by running nmap, for exaple). Now I'd like to filter exploits (by ports, OS, etc) from Metasploit, that I might use. But I don't know how to do this. Can I make a request to postgresql DB, or exploits don't store there? Or should I use msfconsole instead?
Next step is splitting these exploits by groups and building an attack tree or attack scenarios.
After that the programm should run exploits and define, whether they were successfull or not.
So, please, help me, if you know answer to one of my quistions. Maybe there is some API for Metasploit, for example for C or Java, it would be much easier to write such programm.
Thanks a lot.
5 Responses
If I understand your question, you can use the search command in msfconsole.
For instance, if you were looking for exploits of the RPC on Windows, you could serach;
msfconsole > search type:exploit platform:windows RPC
This command would return a list of exploits for the Windows platform that has RPC in the module.
Hope that helps
OTW
Thank you for your answer, but it's not what I wanted. If I understand correctly, I should do this search manually, and I need to write a programm, that would do this automatically taking as input Nmap scan result. For example, in Armitage there is a function Find Atacks. It does what I want, but I need to write something similar by myself.
Sorry, if my explanations aren't clear. My english isn't good enough.
In that case, you can simply you use the postgresql database. Write a stored procedure that takes inputs from the user and queries the database.
That would be perfect but I couln't find any documentation on database structure, I didn't find in which table exploits stored.
Could you help me with this?
Well, you could always make your own Ruby exploit for MSF.
Share Your Thoughts