forked from rapid7/metasploit-framework
-
Notifications
You must be signed in to change notification settings - Fork 3
怎么弃用 Metasploit 模块
L edited this page May 19, 2020
·
1 revision
Metasploit has a very specific way to deprecate a module. To do so, you must be using the Msf::Module::Deprecated mixin. The reason you must be using this mixin is because two things: Metasploit 有一种非常特定的方法来弃用模块. 为此, 你必须使用 Msf::Module::Deprecated mixin. 之所以必须使用此 mixin, 是因为两件事:
- 你需要设置弃用日期. 这样我们就知道何时删除它, 这是手动完成的.
- 你可以选择替换你要弃用的模块.
要使用 Msf::Module::Deprecated, 如下:
1 - 在 class MetasploitModule 的模块, 包括以下内容:
include Msf::Module::Deprecated2a - 使用 deprecated 分配弃用日期和替换模块的方法:
deprecated(Date.new(2014, 9, 21), 'exploit/linux/http/dlink_upnp_exec_noauth')2b - 或者定义 DEPRECATION_DATE 和 DEPRECATION_REPLACEMENT 常量:
DEPRECATION_DATE = Date.new(2014, 9, 21) # Sep 21
# The new module is exploit/linux/http/dlink_upnp_exec_noauth
DEPRECATION_REPLACEMENT = 'exploit/linux/http/dlink_upnp_exec_noauth'当用户加载该模块时, 他们应该看到如下警告:
msf > use exploit/windows/misc/test
[!] ************************************************************************
[!] * The module windows/misc/test is deprecated! *
[!] * It will be removed on or about 2014-09-21 *
[!] * Use exploit/linux/http/dlink_upnp_exec_noauth instead *
[!] ************************************************************************
require 'msf/core'
class MetasploitModule < Msf::Exploit::Remote
Rank = ExcellentRanking
include Msf::Module::Deprecated
deprecated(Date.new(2014, 9, 21), 'exploit/linux/http/dlink_upnp_exec_noauth')
def initialize(info = {})
super(update_info(info,
'Name' => 'Msf::Module::Deprecated Example',
'Description' => %q{
This shows how to use Msf::Module::Deprecated.
},
'Author' => [ 'sinn3r' ],
'License' => MSF_LICENSE,
'References' => [ [ 'URL', 'http://metasploit.com' ] ],
'DisclosureDate' => 'Apr 01 2014',
'Targets' => [ [ 'Automatic', { } ] ],
'DefaultTarget' => 0
))
end
def exploit
print_debug("Code example")
end
end