metasploit-framework/documentation/plan.txt

111 lines
2.5 KiB
Plaintext

The following things are required for the December alpha release:
- rex
X - post-exploitation
X - meterpreter
X - pivoting
X - portfwd command
- networking
- switch board routing table for pivoting
- meterpreter 'comm' support
- proxy 'comm' support
- asm
- block dependencies (req'd for shikata)
- block permutation generation (req'd for shikata)
- text
- create_pattern, pattern_offset
- base64
- consider extending String
- framework-core
- modules
- reloading
- compatibility filtering (keys)
- description sanitation (strip lines/etc)
- payloads
- meta information
- stager/stage calling conventions
- stack requirements
- make payload prepend target specific
- sessions
- logging session activity
- handler sharing
- exploits using the same payload/handler can share (ref count)
- modules needing ports (above other modules)
- encoders
- shikata
- nops
- opty2
- payloads
- mac os x payloads
- solaris payloads
- bsd payloads
- user interfaces
- general
- add concept of EVASION option (high, normal, low)
- logging improvements
- provide log file setting interface
- log by default in the LogDir
- msfcli
- msfweb
- msfpayload
- msfencode
- msfconsole
- spawn web-server from within msfconsole (msfweb instance)
- irb mode
- running 'msf scripts'
- testing framework
- framework core
- handlers
- framework modules
- exploits
- payloads
- encoders
- nops
- recon
- framework sessions
- shell
- meterpreter
- documentation
- rex
- framework-core
- framework-base
- module interfaces
The following things should be implemented both as protocols and as exploit
mixins to encourage code re-use:
- ftp
- backup agent protocols
- CA brightstor
- Arkeia
- mssql
- sunrpc
- xdr
- jbase
- oracle
Things that would be useful to have completed, but not a requirement:
- rex
- exploitation
- format string generator
- opcodedb client (return addr pooling)
- networking
- msfd 'comm' support
- modules
- payloads
- implement 'reliable' stagers with a higher rating so that
if there is enough room, reliable stagers can be used
- recon
- basic range/port scanner
- basic service identifier
- basic OS fingerprinting
- framework-base
- event correlation
- recon events correlations
- user interfaces
- msfd
- daemon interface, provides command line interaction and proxying
- support authentication
- support SSL