Following the tutorial from Metasploit Unleashed website we got to the part where we needed to write a custom TCP scanner.

The process of extending the metasploit framework is really simple and to create a new scanner only one class was needed:

The scanner is called simple_tcp and this is its code:


 require ‘msf/core’  
 class Metasploit3 < Msf::Auxiliary  
 include Msf::Exploit::Remote::Tcp  
 include Msf::Auxiliary::Scanner  
 def initialize  
 super(  
 ‘Name’ => ‘My custom TCP scan’,  
 ‘Version’ => ‘$Revision: 1 $’,  
 ‘Description’ => ‘My quick scanner’,  
 ‘Author’ => ‘Your name here’,  
 ‘License’ => MSF_LICENSE  
 )  
 register_options(  
 [  
 Opt::RPORT(12345)  
 ], self.class)  
 end

 def run_host(ip)  
 connect()  
 greeting = "HELLO SERVER"  
 sock.puts(greeting)  
 data = sock.recv(1024)  
 print_status("Received: #{data} from #{ip}")  
 disconnect()  
 end  
 end  

Looking back at the intro to metasploit we quickly identify a few familiar pieces.
First we saw that the Metasploit3 class was inheriting the functionality from the Msf::Auxiliary module. However, to enable multiple inheritance the use of mixins was put in place and both the modules Msf::Exploit::Remote::Tcp and Msf::Auxiliary::Scanner were included in the class.

Here are the results:
Screen Shot 2014-01-30 at 10.59.59 PM

The example provided by the Metasploit Unleashed tutorial shows how trivial it is to extend the metapsloit framework and customize to fit your specific needs.
The code is widely available on github and you can dig in and find implementation of the core objects the framework provides.