Let's build a small post-exploitation module that will enumerate all of the users on the target using WMIC. As it is a post-exploitation module, we will require a compromised target in order to execute the module:
class MetasploitModule < Msf::Post include Msf::Post::Windows::WMIC
The script starts up with the class that extends the properties of the Msf::Post modules and the include statement to include the WMIC functionality.
Next, we will define the module's name, description, author, platform, and session type:
def initialize(info={}) super( update_info( info, 'Name' => 'Windows WMIC User Gather', 'Description' => %q{ This module will enumerate user accounts using WMIC. }, 'License' => MSF_LICENSE, 'Author' => [ 'Daniel ...