background image

Metasploit Auxiliary Modules

129

Chris Gates wrote an auxiliary module for the Framework that gave his 

Twitter followers the impression that he had somehow invented a device that 
allowed him to travel at the speed of light. It makes a great example of the 
code reuse available in Metasploit. (You can access the source of the script at 

http://carnal0wnage.googlecode.com/

.)

 root@bt:/opt/framework3/msf3# 

cd modules/auxiliary/admin/

root@bt:/opt/framework3/msf3/modules/auxiliary/admin# 

wget http://carnal0wnage.googlecode

.com/svn/trunk/msf3/modules/auxiliary/admin/random/foursquare.rb

We’ve placed the module in our auxiliary directory   so that it will be 

available for use by Metasploit. But before we use this module, let’s look at 
the actual script and break down the components so we can see exactly 
what the module contains.

require 'msf/core'

 class Metasploit3 < Msf::Auxiliary

    
    # Exploit mixins should be called first

include Msf::Exploit::Remote::HttpClient

include Msf::Auxiliary::Report

The module begins with the first two lines importing the auxiliary class  . 

Next it makes the HTTP client functions available for use   within the script. 

 def initialize

        super(

'Name'         => 'Foursquare Location Poster', 

            'Version       => '$Revision:$',
            'Description'  => 'F*ck with Foursquare, be anywhere you want to be by venue id',
            'Author'       => ['CG'],
            'License'      => MSF_LICENSE,
            'References'   =>
                [
                    [ 'URL', 'http://groups.google.com/group/foursquare-api' ],
                    [ 'URL', 'http://www.mikekey.com/im-a-foursquare-cheater/'],
                ]
        )
#todo pass in geocoords instead of venueid, create a venueid, other tom foolery
        register_options(
            [

Opt::RHOST('api.foursquare.com'), 

                OptString.new('VENUEID', [ true, 'foursquare venueid', '185675']), #Louvre 

Paris France

                OptString.new('USERNAME', [ true, 'foursquare username', 'username']),
                OptString.new('PASSWORD', [ true, 'foursquare password', 'password']),
            ], self.class)
    
end