Using Kernel.load to speed up exploit dev

Last updated at Wed, 27 Sep 2017 21:24:26 GMT

When modifying Metasploit library code, you generally need to restart msfconsole to see the changes take effect. Although we've made some improvements in startup time, it's still not great, and waiting for the whole framework to load for a one-line change can be frustrating. Fortunately, Ruby has a simple way to reload a file: Kernel.load. Here's a simple example of how to use it:

##  
# $Id$  
##  
  
  
load "./lib/rex/proto/my_new_protocol.rb"  
load "./lib/msf/core/exploit/my_new_protocol.rb"  
  
  
require 'msf/core'  
  
  
class Metasploit3 < Msf::Exploit::Remote  
  include Msf::Exploit::Remote::MyNewProtocol  
  def initialize(info={})  
    super(update_info(info,  
      'Name' => "My New Protocol Exploit",  
      'Description' => %q{ Exploits something in My New Protocol },  
      # ...  
    ))  
  end  
  
  def exploit  
    MyNewProtocol.frobnicate(datastore["RHOST"])  
  end  
  
end  

If my_new_protocol.rb defines any constants, Ruby will warn that they are being redefined. Generally this is harmless and you can ignore the warnings.

This simple technique can greatly decrease development time and works equally well when writing your own lib or modifying an existing one. When you're done with the exploit, simply replace the load lines with appropriate requires and send us a patch!