Skip to content

How to use the Msf::Exploit::Remote::Tcp mixin

wchen-r7 edited this page Oct 31, 2014 · 27 revisions

In Metasploit Framework, TCP sockets are implemented as Rex::Socket::Tcp, which extends the built-in Ruby Socket base class. You should always use the Rex socket instead of the native Ruby one because if not, your sockets are not manageable by the framework itself, and of course some missing features such as pivoting. The Developer's Guide in Metasploit's documentation directory explains how this works pretty well.

For module development, normally you wouldn't be using Rex directly, so instead you'd be using the Msf::Exploit::Remote::Tcp mixin. The mixin already provides some useful features you don't really have to worry about during development, such as TCP evasions, proxies, SSL, etc. All you have to do is make that connection, send something, receive something. Sounds pretty easy, right?

Make a connection

Sending data

Receiving data

Disconnecting

Full example

Metasploit Wiki Pages


Clone this wiki locally