WMAP runs loaded modules in a specific order. The order is defined by a numeric value. By default, the first module to run for web scanning is http_version, which has the OrderID=0 and open_proxy module with OrderID=1. This also means that the http_version module will execute first and open_proxy will run after that. A tester can change the default behavior of the module execution by changing the OrderID accordingly:
- The module execution order can be changed according to our needs. We can obtain the OrderID by executing the wmap_modules -l command.
The following screenshot shows the output of the preceding command:
- The OrderID is set in the Metasploit module code. Let's see the OrderID for the http_version module:
The execution order for WMAP modules can be adjusted using the register_wmap_options() method.
- Let's use this method to change the OrderID for the http_version module:
- Now let's reload the module:
- Once the reload is done, we list the modules using the wmap_modules -l command to see the updated module execution order:
From the preceding screenshot, we can see that the OrderID has now been changed. Now that we have gone through the module execution order, let's add a module to WMAP in the next section.