metasploit-framework/documentation/plan.txt

114 lines
2.6 KiB
Plaintext

The following things are required for the December alpha release:
- rex
X - post-exploitation
X - meterpreter
X - pivoting
X - portfwd command
- networking
X - switch board routing table for pivoting
X - meterpreter 'comm' support
- proxy 'comm' support
- asm
- block dependencies (req'd for shikata)
- block permutation generation (req'd for shikata)
- text
X - create_pattern, pattern_offset
X - base64
X - consider extending String
- framework-core
- modules
X - reloading
X - compatibility filtering (keys)
X - description sanitation (strip lines/etc)
- payloads
X - meta information
X - stager/stage calling conventions
X - stack requirements
X - make payload prepend target specific
X - sessions
X - logging session activity
- modules needing ports (above other modules)
- encoders
- shikata
X - nops
X - opty2
- payloads
- cmd payloads
X - mac os x payloads
- osx null free reverse stager
X - solaris payloads
X - bsd payloads
- user interfaces
- general
X - add concept of EVASION option (high, normal, low)
X - logging improvements
X - provide log file setting interface
X - log by default in the LogDir
X - msfcli
- msfweb
X - msfpayload
X - msfencode
- msfconsole
- spawn web-server from within msfconsole (msfweb instance)
- irb mode
- running 'msf scripts'
- testing framework
- framework core
- handlers
- framework modules
- exploits
- payloads
- encoders
- nops
- recon
- framework sessions
- shell
- meterpreter
- documentation
- rex
- framework-core
- framework-base
- module interfaces
The following things should be implemented both as protocols and as exploit
mixins to encourage code re-use:
- ftp
- backup agent protocols
- CA brightstor
- Arkeia
- mssql
- sunrpc
- xdr
- jbase
- oracle
Things that would be useful to have completed, but not a requirement:
- rex
- exploitation
- format string generator
- opcodedb client (return addr pooling)
- networking
- msfd 'comm' support
- modules
- payloads
- implement 'reliable' stagers with a higher rating so that
if there is enough room, reliable stagers can be used
- recon
- basic range/port scanner
- basic service identifier
- basic OS fingerprinting
- framework-core
- handler sharing
- exploits using the same payload/handler can share (ref count)
- framework-base
- event correlation
- recon events correlations
- user interfaces
- msfd
- daemon interface, provides command line interaction and proxying
- support authentication
- support SSL