add new exploits to metasploit

All posts tagged add new exploits to metasploit

Good Evening friends. Today we will see how to add new exploits to Metasploit from the exploit database. As we all know, Metasploit is a framework to exploit systems. This howto is being done in Kali Linux which has Metasploit installed by default. You can see below that here Metasploit has total 1467 exploits.  Now let us add the recently released Microsoft Windows Media Center MCL vulnerability exploit to Metasploit framework.

      edb1

Go to the website exploit-db.com and open the search option as shown below. Go to the Advanced Search option and give the below values to search for all the exploits for Metasploit.

edb2

As the below image shows, we get all the exploits authored by Metasploit. We are interested in the  Ms15-100 Microsoft Windows Media Center MCL vulnerability underlined below.

edb3

Now click on the download option as shown below. A window will open as shown below.  Select the Save option.

edb4

Now open a terminal and navigate to the Downloads folder to check your download.  In our present case it is “38195.rb”.

edb5

Now navigate to the directory where metasploit stores its exploits by typing command “cd/root/.msf4“. Go into modules directory and create a directory named “exploits” inside that directory. Now go into the exploits directory(which you just created) and create another directory named “windows”, inside the windows directory( which once again you just created) create directory “local”. If you are getting confused, all the steps are given in below image, just follow them. We are just creating a valid path for metasploit to find this exploit. Once you are in the local directory, copy the exploit you just downloaded to the local folder as shown below.

edb6

Ok, we’re almost done. Now restart the system and fire up your Metasploit. Now you can see that we have 1468 exploits as 1467 previously.

edb7

Now let us search for our exploit by typing command “search ms15_100”.  Load the exploit as shown below.  We have successfully added a new exploit  to Metasploit. Hope that was helpful.

edb8