-
Notifications
You must be signed in to change notification settings - Fork 14.4k
Writing External Metasploit Modules
Brent Cook edited this page Apr 27, 2017
·
6 revisions
External modules communicate with Metasploit over stdin/stdout. The methods a module must implement are describe and run. Metasploit implements message and will implement report in the near future. The specs for each method are written below using JSON-schema. Work still needs to be done enumerating valid types and codes for the messages.
Request
{
"$schema": "http://json-schema.org/schema#",
"type": "object",
"required": ["params", "method", "jsonrpc", "id"],
"properties": {
"jsonrpc": {"enum": ["2.0"]},
"id": {"type": "string"},
"method": {"enum": ["describe"]},
"params": {"type": "object"}
}
}Response
{
"$schema": "http://json-schema.org/schema#",
"type": "object",
"required": ["jsonrpc", "response", "id"],
"properties": {
"jsonrpc": {"enum": ["2.0"]},
"id": {"type": "string"},
"response": {
"type": "object",
"required": ["options", "meta", "capabilities"],
"properties": {
"name": {"type": "string"},
"description": {"type": "string"},
"authors": {"type": "array", "items": {"type": "string"}},
"date": {"type": "string"},
"references": {
"type": "array",
"items": {
"type": "object",
"required": ["type", "ref"],
"properties": {
"type": {"type": "string"},
"ref": {"type": "string"}
}
}
},
"type": {"enum": ["remote_exploit.cmd_stager.wget"]},
"privileged": {"type": "boolean"},
"targets": {
"type": "array",
"items": {
"type": "object",
"required": ["platform", "arch"],
"properties": {
"platform": {"type": "string"},
"arch": {"type": "string"}
}
}
},
"options": {
"type": "object",
"additionalProperties": false,
"patternProperties": {
"^[^=]*$": {
"type": "object",
"required": ["type", "description", "required", "default"],
"properties": {
"required": {"type": "boolean"},
"default": {"type": ["null", "string", "number", "boolean", "object", "array"]},
"description": {"type": "string"},
"type": {"type": "string"}
}
}
}
}
}
}
}
}Request
{
"$schema": "http://json-schema.org/schema#",
"type": "object",
"required": ["params", "method", "jsonrpc", "id"],
"properties": {
"jsonrpc": {"enum": ["2.0"]},
"id": {"type": "string"},
"method": {"enum": ["run"]},
"params": {
"type": "object"
"additionalProperties": false,
"patternProperties": {
"^[^=]*$": {
"type": "object",
"required": ["type", "description", "required", "default"],
"properties": {
"required": {"type": "boolean"},
"default": {"type": ["null", "string", "number", "boolean", "object", "array"]},
"description": {"type": "string"},
"type": {"type": "string"}
}
}
}
}
}
}Response
{
"$schema": "http://json-schema.org/schema#",
"type": "object",
"required": ["jsonrpc", "id"],
"properties": {
"jsonrpc": {"enum": ["2.0"]},
"id": {"type": "string"},
"response": {
"type": "object",
"required": ["message"]
"properties": {
"message": {"type": "string"}
}
},
"error": {
"type": "object",
"required": ["message", "code"],
"properties": {
"message": {"type": "string"},
"code": {"type": "number"},
"data": {"type": "object"}
}
}
}
}Notification - no response
{
"$schema": "http://json-schema.org/schema#",
"type": "object",
"required": ["params", "method", "jsonrpc"],
"properties": {
"jsonrpc": {"enum": ["2.0"]},
"method": {"enum": ["message"]},
"params": {
"type": "object",
"required": ["level", "message"],
"properties": {
"level": {"enum": ["error", "good", "warning", "info", "debug"]},
"message": {"type": "string"}
}
}
}
}- Home Welcome to Metasploit!
- Using Metasploit A collection of useful links for penetration testers.
-
Setting Up a Metasploit Development Environment From
apt-get installtogit push. - CONTRIBUTING.md What should your contributions look like?
- Landing Pull Requests Working with other people's contributions.
- Using Git All about Git and GitHub.
- Contributing to Metasploit Be a part of our open source community.
- Meterpreter All about the Meterpreter payload.