在Metasploit中编写自己到扫描器是不是很帅到一件事呢?学习一下这段代码:
#Metasploit require 'msf/core' class Metasploit3 < Msf::Auxiliary include Msf::Exploit::Remote::Tcp include Msf::Auxiliary::Scanner def initialize super( 'Name' =>'My custom TCP scan', 'Version' =>'$Revision:1$', 'Description' =>'My quick scanner', 'Author' =>'Lynx', 'License' =>MSF_LICENSE ) register_options( [ Opt::RPORT(12345) ],self.class) end def run_host(ip) connect() sock.puts('HELLO SERVER') data=sock.recv(1024) print_status("Received:#{data} from #{ip}") disconnect() end end
如果想测试到话,可以用nc在一台电脑上运行
nc -lvnp 12345 < banner.txt
其中banner.txt中放到内容是反馈给扫描器到内容。