Im interested to know how a new module or exploit gets into Metasploit Framework? I can see the new PrintNightmare vulnerability being worked on/ finished, so I ran an update on Kali, but it didn't show up.
Maybe as it's not in the repo yet?
Anyhow, I copied the ruby code from the GitHub page and added it to:
/usr/share/metasploit-framework/modules/auxiliary/admin/dcerpc/cve_2021_1675_printnightmare.rbThen i started msf6 and reload_all.
Is this the correct way to get a new module, payload, exploit etc. into MSF6 …maybe it will this break everything when the actual module comes out?
1 Answer
If you are using the apt repository version of Metasploit, it can take a very long time before the packages will be updated to the current version, so apt update isn't going to do you any good for quite a while. If you want to use this module now, you have two options:
- Copy the cve_2021_1675_printnightmare.rb file from GitHub to your local system.
- Clone the metasploit-framework repository and manually run git pull every now and then to update it with the latest exploits. In order to be able to run metasploit from within the cloned repo, you need to make sure all necessary dependencies are installed.
Pull requests are merged into the master branch. The master branch is released as a new point release every week. From there, package managers for various distros (ie, Kali) will eventually package the new release into a package available using the operating system package manager (ie, apt).
In this instance, yes, you can copy the module to whichever directory your Metasploit installation loads modules from.
On kali that is /usr/share/metasploit-framework/modules/ by default. Modules in $HOME/.msf4/modules/ will also be loaded automatically.