documentation/samples/framework/run_exploit_using_base.rb

#!/usr/bin/env ruby
#
# $Id$
#
# This sample demonstrates using the framework core directly to launch an
# exploit.  It makes use of the simplified exploit wrapper method provided by
# the Msf::Simple::Exploit mixin.
#
# $Revision$
#

$:.unshift(File.join(File.dirname(__FILE__), '..', '..', '..', 'lib'))

require 'msf/base'

if (ARGV.length == 0)
  puts "Usage: #{File.basename(__FILE__)} exploit_name payload_name OPTIONS"
  exit
end

framework    = Msf::Simple::Framework.create
exploit_name = ARGV.shift || 'test/multi/aggressive'
payload_name = ARGV.shift || 'windows/meterpreter/reverse_tcp'
input        = Rex::Ui::Text::Input::Stdio.new
output       = Rex::Ui::Text::Output::Stdio.new

begin
  # Initialize the exploit instance
  exploit = framework.exploits.create(exploit_name)

  # Fire it off.
  session = exploit.exploit_simple(
    'Payload'     => payload_name,
    'OptionStr'   => ARGV.join(' '),
    'LocalInput'  => input,
    'LocalOutput' => output)

  # If a session came back, try to interact with it.
  if (session)
    output.print_status("Session #{session.sid} created, interacting...")
    output.print_line

    session.init_ui(input, output)

    session.interact
  else
    output.print_line("Exploit completed, no session was created.")
  end

rescue
  output.print_error("Error: #{$!}\n\n#{$@.join("\n")}")
end
/usr/bin/ruby vs /usr/bin/env ruby 2005-12-17 06:46:23 +00:00			`#!/usr/bin/env ruby`
a handful of framework samples 2005-11-28 14:26:33 +00:00			`#`
more cleanups 2010-05-03 17:13:09 +00:00			`# $Id$`
			`#`
a handful of framework samples 2005-11-28 14:26:33 +00:00			`# This sample demonstrates using the framework core directly to launch an`
			`# exploit. It makes use of the simplified exploit wrapper method provided by`
			`# the Msf::Simple::Exploit mixin.`
			`#`
more cleanups 2010-05-03 17:13:09 +00:00			`# $Revision$`
			`#`
a handful of framework samples 2005-11-28 14:26:33 +00:00
			`$:.unshift(File.join(File.dirname(__FILE__), '..', '..', '..', 'lib'))`

			`require 'msf/base'`

			`if (ARGV.length == 0)`
Retab all the things (except external/) 2013-09-30 13:47:53 -05:00			`puts "Usage: #{File.basename(__FILE__)} exploit_name payload_name OPTIONS"`
			`exit`
a handful of framework samples 2005-11-28 14:26:33 +00:00			`end`

			`framework = Msf::Simple::Framework.create`
			`exploit_name = ARGV.shift \|\| 'test/multi/aggressive'`
			`payload_name = ARGV.shift \|\| 'windows/meterpreter/reverse_tcp'`
			`input = Rex::Ui::Text::Input::Stdio.new`
			`output = Rex::Ui::Text::Output::Stdio.new`

			`begin`
Retab all the things (except external/) 2013-09-30 13:47:53 -05:00			`# Initialize the exploit instance`
			`exploit = framework.exploits.create(exploit_name)`
a handful of framework samples 2005-11-28 14:26:33 +00:00
Retab all the things (except external/) 2013-09-30 13:47:53 -05:00			`# Fire it off.`
			`session = exploit.exploit_simple(`
			`'Payload' => payload_name,`
			`'OptionStr' => ARGV.join(' '),`
			`'LocalInput' => input,`
			`'LocalOutput' => output)`
a handful of framework samples 2005-11-28 14:26:33 +00:00
Retab all the things (except external/) 2013-09-30 13:47:53 -05:00			`# If a session came back, try to interact with it.`
			`if (session)`
			`output.print_status("Session #{session.sid} created, interacting...")`
			`output.print_line`
a handful of framework samples 2005-11-28 14:26:33 +00:00
Retab all the things (except external/) 2013-09-30 13:47:53 -05:00			`session.init_ui(input, output)`
a handful of framework samples 2005-11-28 14:26:33 +00:00
Retab all the things (except external/) 2013-09-30 13:47:53 -05:00			`session.interact`
			`else`
			`output.print_line("Exploit completed, no session was created.")`
			`end`
a handful of framework samples 2005-11-28 14:26:33 +00:00
			`rescue`
Retab all the things (except external/) 2013-09-30 13:47:53 -05:00			`output.print_error("Error: #{$!}\n\n#{$@.join("\n")}")`
a handful of framework samples 2005-11-28 14:26:33 +00:00			`end`