Home page logo

metasploit logo Metasploit mailing list archives

Re: Adding new database tables in Metasploit
From: egypt () metasploit com
Date: Mon, 10 May 2010 09:43:09 -0600

On Mon, May 10, 2010 at 8:45 AM, Ludovic Courgnaud
<ludovic.courgnaud () etu unilim fr> wrote:
Any additions to the existing migrations will result in a conflict when
we add a new migration to the tree (fairly often).
If the table you are thinking of is relevant to the rest of the users as
well and fits into the overall design, we can consider the change for
the trunk as well.

Thank you for this quick response.

Well actually I am developing a Metasploit plugin for Cross-Site Scripting
vulnerability. Each XSS attack is a module implemented the same way that
Metasploit ones (auxiliaries).

For this reason I need new tables to manage properly (and in a Metasploit
way) things like curently active victims (zombies), attack logs for each
victim, running attacks.
I know there will be a conflict when updating the tree but for now it is the
only way I found to solve my problem although this is not necessarily the

Curently, I added these tables :
- victims : Victims information => victims information linked to {0-1}
attack and {1} attack server
- attacks : Attacks (launched module or Metasploit exploit) linked to one or
many victims => module name, module service URL
- logs    : Result of the attack execution inside a victim's browser =>
result linked to an attack and a victim
- servers : Active attack server launched by the plugin => server info
[host, port, uri]

Maybe that these tables fit into the overall design ?



As a short-term solution, you can just name your migrations something
like 999_name.rb to avoid conflicts.


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]