Using Kernel.load to speed up exploit dev

When modifying Metasploit library code, you generally need to restart msfconsole to see the changes take effect. Although we've made some improvements in startup time, it's still not great, and waiting for the whole framework to load for a one-line change can be frustrating. Fortunately, Ruby has a simple way to reload a file: Kernel.load. Here's a simple example of how to use it:

##
# $Id$
##

load "./lib/rex/proto/my_new_protocol.rb"
load "./lib/msf/core/exploit/my_new_protocol.rb"

require 'msf/core'

class Metasploit3 < Msf::Exploit::Remote
include Msf::Exploit::Remote::MyNewProtocol
def initialize(info={})
super(update_info(info,
'Name' => "My New Protocol Exploit",
'Description' => %q{ Exploits something in My New Protocol },
# ...
))
end
def exploit
MyNewProtocol.frobnicate(datastore["RHOST"])
end
end

If my_new_protocol.rb defines any constants, Ruby will warn that they are being redefined. Generally this is harmless and you can ignore the warnings.

This simple technique can greatly decrease development time and works equally well when writing your own lib or modifying an existing one. When you're done with the exploit, simply replace the load lines with appropriate requires and send us a patch!

egypt 21 May, 2011