-
Notifications
You must be signed in to change notification settings - Fork 14.1k
GSoC 2017 Project Ideas
GSoC Project Ideas in no particular order.
If you want to suggest your own idea, please discuss it with us first on our mailing list to make sure it is a reasonable amount of work for a summer and that it fits the goals of the project.
--
Perl, Python, and Ruby scripts can all be run via a short command line invocation. It would be nice to be able to use these payloads in ARCH_CMD
contexts as well as their own separate architectures (ARCH_PYTHON
, ARCH_RUBY
). This would allow modules that exploit command injection vulnerabilities to use python meterpreter in particular.
Difficulty: 4/5 Requirements: Ruby, Python, bash/sh Mentor: @wvu @sempervictus
Automatically run a module over and over, determine success rates.
Mentor: @busterb
Set up automated testing using something like Vagrant to spin up and configure vulnerable machines, run exploits against them.
Something like "make all X exploits badass", or add a full suite of modules around particular gear or vendor stack.
Requirements: Ruby Mentor: @hdm
As it stands, the framework defines anything that takes a payload to be an exploit. Because post-exploitation modules cannot take a payload, things that want to drop an executable for persistence are implemented as local exploits (in the exploit/*/local
namespace instead of post/*/persistence
). This project would give those kinds of modules a more consistent interface.
Once this is done, we can move the exploit/*/local
modules that aren't actually exploits back to post/
Difficulty: 3/5 Requirements: Ruby Mentor: @egypt
(see also ruby_smb project)
Difficulty: 5/5 Mentor: @egypt
The idea here is to create a new session type for authenticated protocols that give you filesystem access. The simplest is FTP, so that's where we should start. We'll need several pieces for this to work:
- A new session interface in
Msf::Sessions
(lib/msf/base/sessions/
). This should be abstract enough that we can implement protocols other than FTP in the future. - A mapping of protocol details to that interface.
- A new command dispatcher implementing at least
upload
,download
,ls
,cd
commands. - We'll need to modify
auxiliary/scanner/ftp/ftp_login
to create one of these awesome new sessions when authentication is successful.
Difficulty: 2/5 Requirements: Ruby
--
Currently, the attributes that one can set for how a Meterpreter payload appears at the HTTP level are limited. We would like the ability to set and add arbitrary HTTP headers to requests and responses, so that the traffic appears more realistic.
Difficulty: 5/5 Requirements: C, Ruby. Bonus: Python, PHP Mentor: @busterb
Using either Python or Powershell (or maybe both if it can be abstract enough). This could allow things like running Responder.py or Empire on a compromised host.
Difficulty: 4/5 Requirements: C, Python/Powershell Mentor: @OJ
SChannel is Windows' built-in TLS library.
Difficulty: 3/5 Requirements: C, Windows systems programming Mentor: @OJ
--
Requirements: Vagrant
Requirements: Vagrant
--
Replace msftidy
with a real linter using e.g. rubocop as a base.
Difficulty: 2/5 Requirements: Ruby
--
All of the following folks have expressed willingness to be mentors.
- Home Welcome to Metasploit!
- Using Metasploit A collection of useful links for penetration testers.
-
Setting Up a Metasploit Development Environment From
apt-get install
togit push
. - CONTRIBUTING.md What should your contributions look like?
- Landing Pull Requests Working with other people's contributions.
- Using Git All about Git and GitHub.
- Contributing to Metasploit Be a part of our open source community.
- Meterpreter All about the Meterpreter payload.