Modules – the bread and butter of Metasploit
We've already been playing around with modules within Metasploit; if it isn't obvious by now, everything that is the Metasploit Framework is in its modules. Payloads are a kind of module; exploits are another kind of module that incorporates payloads. You can have exploit modules without payloads, however—these are known as auxiliary modules. To the uninitiated, it's easy to think of the exploit modules as where the real excitement happens. Nothing feels quite so Hollywood as popping a shell after exploiting some obscure software flaw. But when you're out in the field and find that almost all of that juicy pile of vulnerabilities isn't actually present in client environments, you'll find yourself relying on auxiliary modules instead.
Since we've already had a taste of how modules work, let's now take a look at the core of how they work by building one of our own. Although this is just a simple example, this will hopefully whet your appetite for...