We have too many slides, hermf

git-svn-id: file:///home/svn/incoming/trunk@2477 4d416f70-5f16-0410-b530-b9f4589650da
unstable
Spoon M 2005-04-30 04:49:32 +00:00
parent e5dba29518
commit d49bbb8b7a
1 changed files with 114 additions and 7 deletions

View File

@ -932,20 +932,127 @@ real 0m12.404s
\pdfpart{Metasploit Framework 3.0} \pdfpart{Metasploit Framework 3.0}
%--------------------------------------% %--------------------------------------%
\section{Architecture of 3.0} \section{Introduction}
\begin{frame}[t] \begin{frame}[t]
\frametitle{Temporarily Not in Service} %%
\frametitle{Lessons learned}
%%
\begin{sitemize} \begin{sitemize}
\item The complete presentation can be found at: \item "Hackers" run 98\% win32, 2\% linux/bsd/osx
\begin{sitemize} \item Portability sucks, win32 sucks, and cygwin sucks
\item http://www.cansecwest.com/ \end{sitemize}
\item http://www.metasploit.com/confs/ \pause
\end{sitemize} \begin{sitemize}
\item Msf 2.x can't be automated very well
\item Everyone wants a completely automatic hack tool
\pause
\item Everyone else will hate us if we write one
\end{sitemize}
\pause
\begin{sitemize}
\item External contributors inversely porpotional to user base
\item The ones who complain the loudest contribute the least
\pause
\item Don't pick your language in hopes of contributions
\item Perl is falling short as we grow more complex
\end{sitemize}
\pause
\begin{sitemize}
\item Metasploit 2.0 mostly designed around exploits
\item Payloads have grown more important and complex
\end{sitemize} \end{sitemize}
\end{frame} \end{frame}
\section{Architecture}
\subsection{Introduction}
\begin{frame}[t]
\frametitle{Metasploit 3.0 goals}
\begin{sitemize}
\item A capable language we \emph{enjoy} writing in
\begin{sitemize}
\item Portability less important, support major OS's
\end{sitemize}
\pause
\item Embedable for use in other tools
\pause
\item Strong custom automation
\begin{sitemize}
\item Test suites for the framework itself
\item Ability to test defensive infrastructure
\end{sitemize}
\pause
\item Staged payloads as first class citizens
\pause
\item "Pivoting" through owned hosts
\pause
\item Thread designed, not just thread safe
\end{sitemize}
\end{frame}
\subsection{Ruby to the rescue}
\begin{frame}[t]
\frametitle{We love Ruby}
\begin{sitemize}
\item Used for our prototypes, leading candidate for msf3
\item Clean, simple language and easy to learn
\item Strong object model, and we use every inch
\pause
\item Library support is decent, often better than Perl
\item Native Win32 builds, cygwin as backup
\item 2.x will stay Perl and continue in parallel
\end{sitemize}
\end{frame}
\subsection{Embedding}
\begin{frame}[t]
\frametitle{Metasploit embedded}
\begin{sitemize}
\item Metasploit: A hacker tool framework
\pause
\item Tools built upon "framework-core" libraries
\item Clear and documented SDK and interfaces
\pause
\item Similar 2.x interfaces written by us
\item Automation tools written by you
\end{sitemize}
\end{frame}
\begin{frame}[t, fragile]
\frametitle{Payload model}
\begin{sitemize}
\item Payloads subscribe to unified API layers
\item APIs emulate and extend the native Ruby APIs
\item Port existing applications to be remote with no changes
\item Great for scripting, great for testing
\pause
\item Better post-exploitation tools, more fun
\begin{sitemize}
\item Mirror victims harddrive:
\begin{verbatim}
client.fs.dir.download('./victim', 'c:\\', true)
\end{verbatim}
\pause
\item Migrate to a different process
\begin{verbatim}
pid = client.sys.process['calc.exe']
client.core.migrate(pid)
\end{verbatim}
\pause
\item Socket support, inefficent network pivoting
\pause
\item Support for Unix too, improved tools on their way
\end{sitemize}
\pause
\end{sitemize}
\end{frame}
%%% summary and bib has been removed %%% %%% summary and bib has been removed %%%
\begin{comment} \begin{comment}