Hey all, I am trying to develop a metasploit module that acts as a server. I need the module to accept a request, send a payload, accept a second request, and send a second response. The problem that I am running into is all of the modules I am finding just do 1 exchange in a fire-and-forget format.
My current code takes every request as a separate connection and closes after 1 exchange. Any idea how I can accomplish this?
Here is what I have so far:
class MetasploitModule < Msf::Exploit::Remote
Rank = NormalRanking
include Msf::Exploit::Remote::HttpServer
def initialize(info = {})
super(
update_info(
info,
'Name' => 'Test',
'Description' => %q(
test desc.
),
'License' => MSF_LICENSE,
'Author' => ['me'],
'Targets' =>
[
[
'Linux',
{
'Platform' => 'linux'
}
],
]
)
)
register_options([
OptString.new('SRVHOST', [false, 'The local host to listen on. This must be an address on the local machine or 0.0.0.0', '0.0.0.0']),
OptString.new('SRVPORT', [false, 'The local port to listen on', '80']),
OptString.new('URIPATH', [false, 'The URI to use', 'test_file']),
deregister_options('SSL', 'SSLCert')
end
def on_request_uri(cli, request)
if some_condition
response = create_response(200)
cli.send_response(response)
else
response = create_response(404)
cli.send_response(response)
end
end
