The Life of a Penetration Tester: How to Add N... http://lifeofpentester.blogspot.com/2013/06/how-...

3 Ms Siguiente blog luisvite.constant@gmail.com Escritorio Salir

The Life of a Penetration Tester

Security Journal

Home

We d n e s d a y, J u n e 5 , 2 0 1 3 Disclaimer!

The contents of this blog detail

How to Add New Exploit to Metasploit / Kali Linux / BackTrack
experiments done on my
[Screenshots included] personal devices, systems, and
local networks. The information
Written by: Pranshu Bajpai | Find Pranshu on Google+ And LinkedIn
provided here is for educational
purposes only. Illicit hacking is
Sooner or later, penetration testers might feel the modules that are auto included in the strongly discouraged.
Metasploit framework to be lacking. In such a case, they will want to add a new exploit to
Metasploit. Subscribe To

Lets say you dig up a new vulnerability from cvedetails.com and notice that there is a Posts
public exploit available for this vulnerability on 'exploit-db' or '1337day'.
Comments

Goto exploit-db or 1337day and download the public exploit. It will be a .rb (ruby) script (or
may be a python script). Follow @0xpranshu

Once you have the .rb exploit code, you need to add this to a hidden folder '.msf4' in your Most Popular
home folder (/root)
Using Tor and
Privoxy on Kali /
Note that the period, '.', before a file or folder name in Linux indicates that it is hidden.
Debian /
Backtrack Linux
Metasploit provides you a way to add new exploits. All you need to do is to add the .rb or To Anonymize
.py file to this hidden .msf4 folder in your home folder and reload 'msfconsole'. Internet Surfing or Open
Blocked Websites
Written by: Pranshu Bajpai |
Here's a screenshot of 'msfconsole' before adding a new exploit: Find Pranshu on Google+
And LinkedIn Freedom of
expression and speech is
your fundamental right and if
the...

Hacking
Neighbour's Wifi
(Password) |
Hacking
Neighbor's
Wireless (Internet) | Step by
Step How To
Written by Pranshu Bajpai |
Join me on Google+ |
LinkedIn Disclaimer: For
educational purposes only:
This is meant merely to
exhibit ...

Index Page '/'

Installing
Nessus in Kali
Linux
Written by
Pranshu Bajpai
| Join me on Google+ |
LinkedIn The Nessus
Notice that total exploits equal 1090. vulnerability scanner is a
Here's a screenshot of the commands to copy the new exploit to .msf4 folder: great scanner for locating
vulnerabil...

How To Hack A
Website -
Simple Demo |
Kali Linux /

1 of 4 24/07/16 11:23
The Life of a Penetration Tester: How to Add N... http://lifeofpentester.blogspot.com/2013/06/how-...

BackTrack | Pranshu
Written by: Pranshu Bajpai |
Find Pranshu on Google+
And LinkedIn I was testing for
SQL vulnerabilities at random
over the Internet and ...

Recent

#whoami

Pranshu Bajpai
Security
Researcher
View my complete
profile

Search

Search

Labels

Android (1)
Backtrack (24)
Cryptography (8)
Now reload 'msfconsole'.
Exploit Research (1)

And here's a screenshot after the new exploit has been added: General Programming (1)
Hacking (31)
Java (12)
Kali Linux (36)
Linux (13)
Lists Of Best.. (3)
Malware Analysis (1)
metasploit (5)
misc (4)
Mutillidae (4)
My Python Scripts (4)
mysql (1)
screencast (1)
SSH (1)
Tomcat (2)
Web Applications Hacking (6)
Windows (2)
Wireless Hacking (3)

Do Not Copy Pageviews

796,062

Notice that the total number of exploit now equal 1091. We have successfully added a new
exploit to Metasploit.

Posted by Pranshu Bajpai +3 Recommend this on Google

Labels: Backtrack, Kali Linux, metasploit

10 comments:

Anonymous June 5, 2013 at 7:02 PM

This comment has been removed by a blog administrator.
Reply

Anonymous June 19, 2013 at 7:18 AM

2 of 4 24/07/16 11:23
The Life of a Penetration Tester: How to Add N... http://lifeofpentester.blogspot.com/2013/06/how-...

Dear Mr. Bajpai Pranshu,

I please need to be contacted for a service.
I could not find your contact mail address.
Please if interested contact me here at: gigibagigi72[at]yahoo[dot]com.

I am available to pay

Regards,
Gigi
Reply

Anonymous July 13, 2013 at 9:13 PM

Ok so if you install new exploits on Kali Live will they stay or no?? if not how would you
make them stay on the live drive?
Reply

Replies

Pranshu Bajpai July 16, 2013 at 1:52 PM

On Kali live, nothing 'stays' on disk (unless you have persistent storage for kali
assigned on a part of that bootable live disk)

Reply

Anonymous May 21, 2014 at 3:53 AM

how to automatic update exploit database using exploit-db.com????
i use kali linux
Reply

Replies

Anonymous August 1, 2014 at 12:28 PM

that is with:
- svn update

Reply

Anonymous August 12, 2014 at 10:51 PM

I cant run any newly added exploits. it says "failed to load module" do you know how to fix
this sir?
Reply

Replies

Anonymous October 1, 2014 at 11:50 AM

I get this same issue :(

Reply

Anonymous September 30, 2014 at 5:00 AM

same error for me?
Reply

Anonymous October 22, 2014 at 10:38 AM

I wish there was a way to add the Exploits-DB directories that I downloaded with the
LazyKali script to the metasploit directories easily :(

Is there a way???
Reply

3 of 4 24/07/16 11:23
The Life of a Penetration Tester: How to Add N... http://lifeofpentester.blogspot.com/2013/06/how-...

Enter your comment...

Comment as: Luis Vite (Google) Sign out

Publish Preview Notify me

Newer Post Home Older Post

Subscribe to: Post Comments (Atom)

Pranshu Bajpai - 2013 - All Rights Reserved. Simple template. Powered by Blogger.

4 of 4 24/07/16 11:23