Adding external exploits to Metasploit
New vulnerabilities across various applications and products are found on a daily basis. For most newly found vulnerabilities, an exploit code is also made public. Now, the exploit code is quite often in a raw format (just like a shellcode) and not readily usable. Also, it might take some time before the exploit is officially made available as a module within the Metasploit Framework. However, we can manually add an external exploit module in the Metasploit Framework and use it like any other existing exploit module. Let's take an example of the MS17-010 vulnerability that was recently used by the Wannacry ransomware. By default, the exploit code for MS17-010 isn't available within the Metasploit Framework.
Let's start by downloading the MS17-010 module from the exploit database.
Note
Did you know? Exploit-DB located at https://www.exploit-db.com is one of the most trusted and updated sources for getting new exploits for a variety of platforms, products...