metasploit-framework/HACKING

$Id$

This file contains some brief instructions on contributing to the Metasploit
Framework.


General Guidelines
========================
Don't print to standard output.  Doing so means that users of interfaces other
than msfconsole, such as msfrpc and msfweb, won't see your output.  You can use
print_line to accomplish the same thing as puts.

Code Style
 - Hard tabs, not spaces
 - Try to keep your lines under 100 columns (assuming four-space tabs)
 - do; end instead of {} for a block


Modules
=======
Always use Rex sockets, not ruby sockets.  This includes third-party libraries
such as Net::Http.  There are several very good reasons for this rule.  First,
the framework doesn't get notified on the creation of ruby sockets and won't
know how to clean them up in case your module raises an exception without
cleaning up after itself.  Secondly, non-Rex sockets do not know about routes
and therefore can't be used through a meterpreter tunnel.  Lastly, regular
sockets miss out on msf's proxy and ssl features.  Msf includes many protocols
already implemented with Rex and if the protocol you need is missing, porting
another library to use them is straight-forward.  See our Net::SSH
modifications in lib/net/ssh/ for an example.

When creating a new module, the simplest way to start is to copy another module
that uses the same protocol and modify it to your needs.  If you're creating an
exploit module, generally you'll want to edit the exploit() method.  Auxiliary
modules use one of run_host(), run_range(), or run_batch() instead of
exploit().


Licensing
=========
By submitting code contributions to the Metasploit Project it is assumed that
you are offering your code under a BSD or similar license.  MIT and Ruby
Licenses are also fine.  We specifically cannot include GPL code.
first stab at a HACKING file. fixes #821 git-svn-id: file:///home/svn/framework3/trunk@9264 4d416f70-5f16-0410-b530-b9f4589650da 2010-05-09 20:16:48 +00:00			$Id$

			`This file contains some brief instructions on contributing to the Metasploit`
			`Framework.`


			`General Guidelines`
			`========================`
			`Don't print to standard output. Doing so means that users of interfaces other`
			`than msfconsole, such as msfrpc and msfweb, won't see your output. You can use`
			`print_line to accomplish the same thing as puts.`

			`Code Style`
			`- Hard tabs, not spaces`
			`- Try to keep your lines under 100 columns (assuming four-space tabs)`
			`- do; end instead of {} for a block`


			`Modules`
			`=======`
			`Always use Rex sockets, not ruby sockets. This includes third-party libraries`
			`such as Net::Http. There are several very good reasons for this rule. First,`
			`the framework doesn't get notified on the creation of ruby sockets and won't`
			`know how to clean them up in case your module raises an exception without`
			`cleaning up after itself. Secondly, non-Rex sockets do not know about routes`
			`and therefore can't be used through a meterpreter tunnel. Lastly, regular`
			`sockets miss out on msf's proxy and ssl features. Msf includes many protocols`
			`already implemented with Rex and if the protocol you need is missing, porting`
			`another library to use them is straight-forward. See our Net::SSH`
			`modifications in lib/net/ssh/ for an example.`

			`When creating a new module, the simplest way to start is to copy another module`
			`that uses the same protocol and modify it to your needs. If you're creating an`
			`exploit module, generally you'll want to edit the exploit() method. Auxiliary`
			`modules use one of run_host(), run_range(), or run_batch() instead of`
			`exploit().`


			`Licensing`
			`=========`
			`By submitting code contributions to the Metasploit Project it is assumed that`
			`you are offering your code under a BSD or similar license. MIT and Ruby`
			`Licenses are also fine. We specifically cannot include GPL code.`