From 7cd1e905ca501a1f20dd7b84e01e4517e5ff5f4f Mon Sep 17 00:00:00 2001 From: sinn3r Date: Tue, 12 Nov 2013 16:16:24 -0800 Subject: [PATCH] Updated How to write a browser exploit using BrowserExploitServer (markdown) --- ...wser-exploit-using-BrowserExploitServer.md | 29 +++++++++++++++++++ 1 file changed, 29 insertions(+) diff --git a/How-to-write-a-browser-exploit-using-BrowserExploitServer.md b/How-to-write-a-browser-exploit-using-BrowserExploitServer.md index 530251e32d..8350e2363a 100644 --- a/How-to-write-a-browser-exploit-using-BrowserExploitServer.md +++ b/How-to-write-a-browser-exploit-using-BrowserExploitServer.md @@ -57,6 +57,35 @@ You can also define target-specific requirements. This is also how the mixin is ] ``` +The exact values for the :os_name requirement you may use: +OperatingSystems::LINUX = "Linux" +OperatingSystems::MAC_OSX = "Mac OS X" +OperatingSystems::WINDOWS = "Microsoft Windows" +OperatingSystems::FREEBSD = "FreeBSD" +OperatingSystems::NETBSD = "NetBSD" +OperatingSystems::OPENBSD = "OpenBSD" +OperatingSystems::VMWARE = "VMware" + +The exact values available for :os_flavor: +WindowsVersions::NT = "NT" +WindowsVersions::XP = "XP" +WindowsVersions::TWOK = "2000" +WindowsVersions::TWOK3 = "2003" +WindowsVersions::VISTA = "Vista" +WindowsVersions::TWOK8 = "2008" +WindowsVersions::SEVEN = "7" + +The exact values for :ua_name: +HttpClients::IE = "MSIE" +HttpClients::FF = "Firefox" +HttpClients::SAFARI = "Safari" +HttpClients::OPERA = "Opera" +HttpClients::CHROME = "Chrome" +HttpClients::UNKNOWN = "Unknown" + +More of these constants can be found here: +https://github.com/rapid7/metasploit-framework/blob/master/lib/msf/core/constants.rb + ### Set up a listener After the detection stage and the requirement check, the mixin will trigger the "on_request_exploit" callback method, that's where you handle the HTTP request, craft the HTML, and send back the exploit response. Here's an example of how to set up "on_request_exploit":