The format of a Metasploit module

The skeleton for Metasploit modules is reasonably straightforward. We can see the universal header section in the code shown here:

require 'msf/core' 
 
class MetasploitModule < Msf::Auxiliary 
  def initialize(info = {}) 
    super(update_info(info, 
      'Name'           => 'Module name', 
      'Description'    => %q{ 
        Say something that the user might want to know. 
      }, 
      'Author'         => [ 'Name' ], 
      'License'        => MSF_LICENSE 
    )) 
  end 
  def run 
    # Main function 
  end 
end 

A module starts by including the necessary libraries using the require keyword, which in the preceding code is followed by the msf/core libraries. Thus, it includes the core libraries from the /msf directory.

The next major thing is to define the class type that is to specify the kind of module we are going to create. We can see that we have set MSF::Auxiliary for the same purpose.

In the initialize method, which is the default constructor in Ruby, we define the Name, Description, Author, License, CVE details, and so on. This method covers all the relevant information for a particular module: Name generally contains the software name that is being targeted; Description includes the excerpt on the explanation of the vulnerability; Author is the name of the person who develops the module; and License is the MSF_LICENSE, as stated in the code example listed previously. The auxiliary module's primary method is the run method. Hence, all the operations should be performed inside it unless and until you have plenty of other methods. However, the execution will still begin with the run method.