Entries by

Exploit Development – Metasploit modules for fun & profit

Lets go through an exploit module I built for Metasploit Framework.
In a nutshell, the exploit contains only a couple of key elements – a HTTP Client and Server and a generated malicious payload.
I needed an easy way to abuse a Remote Command Execution vulnerability. A full exploit module that would generate the selected payload and return a meterpreter reverse shell back to me. All in one go.