Installing Additional Modules in Metasploit

In this guide you will learn how to install additional modules in Metasploit.

Metasploit is An open source attack framework first developed by H. D. Moore in 2003. Metasploit is used for hacking into systems for testing purposes. Metasploit provides useful information to people who perform penetration testing, IDS signature development, and exploit research.

lets get started Metasploit’s default local module search path is, $HOME/.msf4/modules Metasploit

The Metasploit Framework is composed of modules they are wrote in Ruby the advantage of using third party modules is the ability to write your own modules and install modules that are not usually installed by default.

Exploits: Are defined as modules that use Payloads they consist of code that runs remotely. An exploit without a payload is an Auxiliary module.

Encoders: Ensure that payloads make it to their destination,

Nops: keep the payload sizes consistent.

I’ll now show you how to install additional Metasploit modules. First we need to set up a directory structure that corresponds with Metasploit expectations don’t install your modules to  $HOME/.msf4/modules/ as it won’t work because you need to tell Metasploit if the module you are installing is a exploit or a payload.

mkdir -p $HOME/.msf4/modules/exploits

If you are using auxiliary or post modules, or payloads you should mkdir those modules as well.

Now we need to create an appropriate category modules are sorted by somewhat arbitrary categories they can be called what ever you want however if you plan on getting your module into the main Metasploit distribution you should mirror to the real path.

Example:

mkdir -p $HOME/.msf4/modules/exploits/windows/fileformat

Once your module is downloaded or written add it to the module directory.

Nows it time to test our new module.

Open up a new Metasploit session.

# sudo msfconsole

Now we will reload our modules using reload_all.

msf > reload_all

To use our new module we use the following command.

msf > use exploit/test/module 

To list information on the module we use the info command in Metasploit.

msf exploit(module) > info

Now you can start your new exploit using the following commands.
msf exploit(test_module) > exploit

You can also run modules at run time using -m option when starting Metasploit.

metasploit -m

Building A Module For Metasploit

Now your additional modules are installed enjoy.