Windows Exploit Development Basics
◾
289
Next, we change the name constant from TCP to FTP at the top. This would enable us to use
commands like connect:
Finally we replace sock.put(buffer) to
send _ cmd(['USER', buffer], false)
. This
command would send our buffer as an argument to the FTP server via the USER command.
When
all is set and done, you will see the module being loaded up inside of Metasploit; if you
have made
a mistake or made wrong edits, the module will not be loaded and will throw up the
following error:
In
this case, metasploit failed to find the method named “FTP” since it’s case sensitive and
should have been set to Ftp instead. Once everything is in order
and the module is perfectly
loaded, you would be able to find your exploit inside of Metasploit.
290
◾
Ethical Hacking and Penetration Testing Guide
We perform show options to see what other
options are available; we can set FTP username
and
password; the only thing required now is the rhost.
So we set up the rhost, the payload, and the lhost and finally use
the exploit command to gain
a meterpreter session.
Conclusion
Exploit development is an extensive topic and certainly cannot be covered in one chapter. My
purpose was to introduce you to the process of exploit development by demonstrating the simplest
exploit. We also discussed about a
great exploit development tool, mona, which is often ignored by
people new to exploit development.
Dostları ilə paylaş: 
