Header Banner
Null Byte Logo
Null Byte
WonderHowTo Gadget Hacks Next Reality Null Byte
wonderhowto.mark.png
Cyber Weapons Lab Forum Metasploit Basics Facebook Hacks Password Cracking Top Wi-Fi Adapters Wi-Fi Hacking Linux Basics Mr. Robot Hacks Hack Like a Pro Forensics Recon Social Engineering Networking Basics Antivirus Evasion Spy Tactics MitM Advice from a Hacker
how to

How to Create a Metasploit Exploit in Few Minutes

Feb 6, 2016 08:31 PM
Exploit text in bold, stylized font

Today I will show you how to make a metasploit exploit really quickly.

This tutorial is mainly applied to stack based buffer overflows and seh buffer overflows exploits .There is a simple way for rop exploits too but I will dedicate a special tutorial on this subject.

I will use an existing vulnerability in freefloat ftp server https://www.exploit-db.com/exploits/23243/

and the tools that I am going to use are:

-Immunity debugger

download link: http://www.immunityinc.com/products/debugger/

-Mona.py

download link: https://github.com/corelan/mona

Simply drop mona.py into the 'PyCommands' folder (inside the Immunity Debugger application folder).

Manual for Mona.py

https://www.corelan.be/index.php/2011/07/14/mona-py-the-manual/

-Windows XP-SP3 (target)

-Kali Linux (attacker)

-Metasploit-Framework

It is included in Kali Linux

//Also If you are new to exploit development It is better to read first

my other tutorials about this subject to give you an idea about debuggers, fuzzing, reverse engineering etc.

Let's Begin!

Pseudo-Fuzzing

Since we already know(we have studied the exploit on exploit-db) that the bytes that will create Buffer Overflow are 1000 we will use a pattern with 1000 characters and we will send It to the FTP server's command port, port 21.

How to Create a Metasploit Exploit in Few Minutes

After the execution of this script we can see on the Immunity Debugger that EIP is overwritten.This is the simplest scenario on Exploit Development but is not always so unusuall.

Code editor displaying programming code and terminal output.

Mona

Now that the characters are written in the memory you type on the command line of Immunity Debugger:

! Mona suggest

Because It is ftp server we select network client tcp

How to Create a Metasploit Exploit in Few Minutes

and port 21

Code editor displaying programming code with a pop-up message.

Exploit

Then a ruby file will be created (the exploits in metasploit are written in ruby) and I will make some minor changes and I will name It f.rb

Example(you can make whatever modification you want)

Before

Code snippet demonstrating a Java programming function for calculating product prices.

After

How to Create a Metasploit Exploit in Few Minutes

From Exploit to Metasploit

After the modifications I will transfer the exploit to Kali Linux and I have to copy the exploit from root

File explorer window showing a directory with a folder and a file icon.

to metasploit-framework

Kali Linux terminal displaying command line interface with various commands.

Proof of Concept

Now I will open FreeFloat ftp server on my windows machine and I will test my exploit

Windows desktop with green grass background and a pop-up message dialog.

and then we can see that the metasploit-framework recognizes the exploit that we have made

How to Create a Metasploit Exploit in Few Minutes

and It is completely functional...

How to Create a Metasploit Exploit in Few Minutes

You already know how to use your phone. With Gadget Hacks' newsletter, we'll show you how to master it. Each week, we explore features, hidden tools, and advanced settings that give you more control over iOS and Android than most users even know exists.

Sign up for Gadget Hacks Weekly and start unlocking your phone's full potential.

Related Articles

Comments

No Comments Exist

Be the first, drop a comment!