Covering the brainstorming exercises of porting exploits, we have now developed approaches to import various kinds of exploits in Metasploit. After going through this chapter, we have learned how we can port exploits of different kinds into the framework with ease. In this chapter, we have developed mechanisms to figure out the essentials from a standalone exploit. We saw various HTTP functions and their use in exploitation. We have also refreshed our knowledge of SEH-based exploits and how exploit servers are built.
You can try your hands at the following exercises:
- Port 10 exploits to Metasploit from: https://exploit-db.com/
- Work on at least 3 browser exploits and port them to Metasploit
- Try creating your own custom shellcode module and port it to Metasploit
So, by now, we have covered most of the exploit writing exercises. In the next chapter, we will see how we can...