New content and modules on the way

The Shodan search module for Metasploit is something I created over a year ago as a fun project. Several months ago, I submitted it to the Metasploit Project for inclusion and was told to rewrite it using the native MSF libraries and not Ruby libraries (net/http). Of course, I ended up frustrated because I followed the example of 3 other MSF auxiliary modules that used net/http.

I’ve since rewritten the module with native MSF libs, removed the dependency on an external JSON rubygem, added support for the “page” Shodan variable, and more. The final thing to do before resubmitting (via the new git system) is to debug an issue where my results differ from a Shodan web search with the same parameters.

There are some additional modules I’ve been thinking of writing related to my interest in forensics and incident response that would work well in a penetration testing scenario. I also will likely be putting together a module or two related to my mobile security research with Kevin Johnson of SecureIdeas for the presentation we submitted to ShmooCon.

More to come…

~ by John Sawyer on November 15, 2011.

Posted in Administrivia

One Response to “New content and modules on the way”

  1. Sorry for your frustrations. I filed bug #5983 about those other modules.

    http://dev.metasploit.com/redmine/issues/5983

    Thanks for contributing to Metasploit!

    jduck said this on November 16, 2011 at 9:51 pm | Reply

Leave a reply to jduck Cancel reply