Updated How to write a browser exploit using BrowserExploitServer (markdown)
This commit is contained in:
sinn3r
@@ -57,6 +57,35 @@ You can also define target-specific requirements. This is also how the mixin is
|
||||
]
|
||||
```
|
||||
|
||||
The exact values for the :os_name requirement you may use:
|
||||
OperatingSystems::LINUX = "Linux"
|
||||
OperatingSystems::MAC_OSX = "Mac OS X"
|
||||
OperatingSystems::WINDOWS = "Microsoft Windows"
|
||||
OperatingSystems::FREEBSD = "FreeBSD"
|
||||
OperatingSystems::NETBSD = "NetBSD"
|
||||
OperatingSystems::OPENBSD = "OpenBSD"
|
||||
OperatingSystems::VMWARE = "VMware"
|
||||
|
||||
The exact values available for :os_flavor:
|
||||
WindowsVersions::NT = "NT"
|
||||
WindowsVersions::XP = "XP"
|
||||
WindowsVersions::TWOK = "2000"
|
||||
WindowsVersions::TWOK3 = "2003"
|
||||
WindowsVersions::VISTA = "Vista"
|
||||
WindowsVersions::TWOK8 = "2008"
|
||||
WindowsVersions::SEVEN = "7"
|
||||
|
||||
The exact values for :ua_name:
|
||||
HttpClients::IE = "MSIE"
|
||||
HttpClients::FF = "Firefox"
|
||||
HttpClients::SAFARI = "Safari"
|
||||
HttpClients::OPERA = "Opera"
|
||||
HttpClients::CHROME = "Chrome"
|
||||
HttpClients::UNKNOWN = "Unknown"
|
||||
|
||||
More of these constants can be found here:
|
||||
https://github.com/rapid7/metasploit-framework/blob/master/lib/msf/core/constants.rb
|
||||
|
||||
### Set up a listener
|
||||
|
||||
After the detection stage and the requirement check, the mixin will trigger the "on_request_exploit" callback method, that's where you handle the HTTP request, craft the HTML, and send back the exploit response. Here's an example of how to set up "on_request_exploit":
|
||||
|
||||
Reference in New Issue
Block a user