我正在尝试为Metasploit编写一个基本模块,该模块仅充当服务器。我遇到的问题是,一旦客户端连接并从我的模块获得响应,连接就会断开。我需要模块能够在一个会话中处理多个响应。
我研究了metasploit随附的大多数现有模块,它们似乎都仅依赖于一个响应。
class MetasploitModule < Msf::Exploit::Remote
Rank = NormalRanking
include Msf::Exploit::Remote::HttpServer
def initialize(info = {})
super(
update_info(
info,
'Name' => 'Test',
'Description' => %q(
test desc.
),
'License' => MSF_LICENSE,
'Author' => ['me'],
'Targets' =>
[
[
'Linux',
{
'Platform' => 'linux'
}
],
]
)
)
register_options([
OptString.new('SRVHOST', [false, 'The local host to listen on. This must be an address on the local machine or 0.0.0.0', '0.0.0.0']),
OptString.new('SRVPORT', [false, 'The local port to listen on', '80']),
OptString.new('URIPATH', [false, 'The URI to use', 'test_file']),
deregister_options('SSL', 'SSLCert')
end
def on_request_uri(cli, request)
if some_condition
response = create_response(200)
cli.send_response(response)
else
response = create_response(404)
cli.send_response(response)
end
end
当前,客户端将设置三向握手,执行GET,接收响应,然后服务器断开连接。