API calls and mixins

We just saw how we could perform advanced tasks with Meterpreter. This indeed makes the life of a penetration tester easier.

Now, let's dig deeper into the working of Meterpreter and uncover the underlying building process of Meterpreter modules and scripts. Sometimes, it might happen that we may run out of Meterpreter's offerings and desire customized functionality to perform all the required tasks. In that case, we need to build our own custom Meterpreter modules that can implement or automate various tasks which are needed at the time of exploitation.

Let's first understand the basics of Meterpreter scripting. The base for coding with Meterpreter is the Application Programming Interface (API) calls and mixins. These are required to perform specific tasks using a specific Windows-based Dynamic Link Library (DLL) and some common tasks using a variety of built-in Ruby-based modules.

Mixins are Ruby-programming-based classes that contain methods from various other classes. Mixins are extremely helpful when we perform a variety of tasks at the target system. In addition to this, mixins are not exactly part of IRB, but they can be beneficial to write specific and advanced Meterpreter scripts with ease.

For more information on mixins, refer to: http://www.offensive-security.com/metasploit-unleashed/Mixins_and_Plugins.

I recommend that you all have a look at the /lib/rex/post/meterpreter and /lib/msf/scripts/meterpreter directories, to check out the various libraries used by meterpreter.

API calls are Windows-specific calls used to call out specific functions from a Windows DLL file. We will learn about API calls shortly in the Working with RailGun section.