adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Retab all the things (except external/)

Browse Source
This commit is contained in:
Tab Assassin
2013-09-30 13:47:53 -05:00
parent 0ecba377f5
commit 2e8d19edcf
293 changed files with 32962 additions and 32962 deletions
Download Patch File Download Diff File Expand all files Collapse all files
documentation/samples/framework/dump_module_info.rb
+11 -11
View File
@@ -13,22 +13,22 @@ $:.unshift(File.join(File.dirname(__FILE__), '..', '..', '..', 'lib'))
require 'msf/base'
if (ARGV.empty?)
puts "Usage: #{File.basename(__FILE__)} module_name"
exit
puts "Usage: #{File.basename(__FILE__)} module_name"
exit
end
modname = ARGV.shift
framework = Msf::Simple::Framework.create
begin
# Create the module instance.
mod = framework.modules.create(modname)
if not mod
puts "Error: The specified Msf::Module, \"#{modname}\", was not found."
else
# Dump the module's information in readable text format.
puts Msf::Serializer::ReadableText.dump_module(mod)
end
# Create the module instance.
mod = framework.modules.create(modname)
if not mod
puts "Error: The specified Msf::Module, \"#{modname}\", was not found."
else
# Dump the module's information in readable text format.
puts Msf::Serializer::ReadableText.dump_module(mod)
end
rescue
puts "Error: #{$!}\n\n#{$@.join("\n")}"
puts "Error: #{$!}\n\n#{$@.join("\n")}"
end
documentation/samples/framework/encode_file.rb
+7 -7
View File
@@ -13,18 +13,18 @@ $:.unshift(File.join(File.dirname(__FILE__), '..', '..', '..', 'lib'))
require 'msf/base'
if (ARGV.empty?)
puts "Usage: #{File.basename(__FILE__)} encoder_name file_name format"
exit
puts "Usage: #{File.basename(__FILE__)} encoder_name file_name format"
exit
end
framework = Msf::Simple::Framework.create
begin
# Create the encoder instance.
mod = framework.encoders.create(ARGV.shift)
# Create the encoder instance.
mod = framework.encoders.create(ARGV.shift)
puts(Msf::Simple::Buffer.transform(
mod.encode(IO.read(ARGV.shift)), ARGV.shift || 'ruby'))
puts(Msf::Simple::Buffer.transform(
mod.encode(IO.read(ARGV.shift)), ARGV.shift || 'ruby'))
rescue
puts "Error: #{$!}\n\n#{$@.join("\n")}"
puts "Error: #{$!}\n\n#{$@.join("\n")}"
end
documentation/samples/framework/enumerate_modules.rb
+1 -1
View File
@@ -16,5 +16,5 @@ framework = Msf::Simple::Framework.create
# Enumerate each module in the framework.
framework.modules.each_module { |name, mod|
puts "#{mod.type}: #{name}"
puts "#{mod.type}: #{name}"
}
documentation/samples/framework/run_exploit_using_base.rb
+20 -20
View File
@@ -14,8 +14,8 @@ $:.unshift(File.join(File.dirname(__FILE__), '..', '..', '..', 'lib'))
require 'msf/base'
if (ARGV.length == 0)
puts "Usage: #{File.basename(__FILE__)} exploit_name payload_name OPTIONS"
exit
puts "Usage: #{File.basename(__FILE__)} exploit_name payload_name OPTIONS"
exit
end
framework = Msf::Simple::Framework.create
@@ -25,28 +25,28 @@ input = Rex::Ui::Text::Input::Stdio.new
output = Rex::Ui::Text::Output::Stdio.new
begin
# Initialize the exploit instance
exploit = framework.exploits.create(exploit_name)
# Initialize the exploit instance
exploit = framework.exploits.create(exploit_name)
# Fire it off.
session = exploit.exploit_simple(
'Payload' => payload_name,
'OptionStr' => ARGV.join(' '),
'LocalInput' => input,
'LocalOutput' => output)
# Fire it off.
session = exploit.exploit_simple(
'Payload' => payload_name,
'OptionStr' => ARGV.join(' '),
'LocalInput' => input,
'LocalOutput' => output)
# If a session came back, try to interact with it.
if (session)
output.print_status("Session #{session.sid} created, interacting...")
output.print_line
# If a session came back, try to interact with it.
if (session)
output.print_status("Session #{session.sid} created, interacting...")
output.print_line
session.init_ui(input, output)
session.init_ui(input, output)
session.interact
else
output.print_line("Exploit completed, no session was created.")
end
session.interact
else
output.print_line("Exploit completed, no session was created.")
end
rescue
output.print_error("Error: #{$!}\n\n#{$@.join("\n")}")
output.print_error("Error: #{$!}\n\n#{$@.join("\n")}")
end
documentation/samples/framework/run_exploit_using_core.rb
+30 -30
View File
@@ -15,8 +15,8 @@ $:.unshift(File.join(File.dirname(__FILE__), '..', '..', '..', 'lib'))
require 'msf/base'
if (ARGV.length == 0)
puts "Usage: #{File.basename(__FILE__)} exploit_name payload_name OPTIONS"
exit
puts "Usage: #{File.basename(__FILE__)} exploit_name payload_name OPTIONS"
exit
end
framework = Msf::Simple::Framework.create
@@ -26,43 +26,43 @@ input = Rex::Ui::Text::Input::Stdio.new
output = Rex::Ui::Text::Output::Stdio.new
begin
# Create the exploit driver instance.
driver = Msf::ExploitDriver.new(framework)
# Create the exploit driver instance.
driver = Msf::ExploitDriver.new(framework)
# Initialize the exploit driver's exploit and payload instance
driver.exploit = framework.exploits.create(exploit_name)
driver.payload = framework.payloads.create(payload_name)
# Initialize the exploit driver's exploit and payload instance
driver.exploit = framework.exploits.create(exploit_name)
driver.payload = framework.payloads.create(payload_name)
# Import options specified in VAR=VAL format from the supplied command
# line.
driver.exploit.datastore.import_options_from_s(ARGV.join(' '))
# Import options specified in VAR=VAL format from the supplied command
# line.
driver.exploit.datastore.import_options_from_s(ARGV.join(' '))
# Share the exploit's datastore with the payload.
driver.payload.share_datastore(driver.exploit.datastore)
# Share the exploit's datastore with the payload.
driver.payload.share_datastore(driver.exploit.datastore)
# Initialize the target index to what's in the exploit's data store or
# zero by default.
driver.target_idx = (driver.exploit.datastore['TARGET'] || 0).to_i
# Initialize the target index to what's in the exploit's data store or
# zero by default.
driver.target_idx = (driver.exploit.datastore['TARGET'] || 0).to_i
# Initialize the exploit and payload user interfaces.
driver.exploit.init_ui(input, output)
driver.payload.init_ui(input, output)
# Initialize the exploit and payload user interfaces.
driver.exploit.init_ui(input, output)
driver.payload.init_ui(input, output)
# Fire it off.
session = driver.run
# Fire it off.
session = driver.run
# If a session came back, try to interact with it.
if (session)
output.print_status("Session #{session.sid} created, interacting...")
output.print_line
# If a session came back, try to interact with it.
if (session)
output.print_status("Session #{session.sid} created, interacting...")
output.print_line
session.init_ui(input, output)
session.init_ui(input, output)
session.interact
else
output.print_line("Exploit completed, no session was created.")
end
session.interact
else
output.print_line("Exploit completed, no session was created.")
end
rescue
output.print_error("Error: #{$!}\n\n#{$@.join("\n")}")
output.print_error("Error: #{$!}\n\n#{$@.join("\n")}")
end
documentation/samples/modules/auxiliary/sample.rb
+22 -22
View File
@@ -15,31 +15,31 @@ require 'msf/core'
###
class Metasploit4 < Msf::Auxiliary
def initialize(info={})
super(update_info(info,
'Name' => 'Sample Auxiliary Module',
'Description' => 'Sample Auxiliary Module',
'Author' => ['hdm'],
'License' => MSF_LICENSE,
'Actions' =>
[
['Default Action'],
['Another Action']
]
))
def initialize(info={})
super(update_info(info,
'Name' => 'Sample Auxiliary Module',
'Description' => 'Sample Auxiliary Module',
'Author' => ['hdm'],
'License' => MSF_LICENSE,
'Actions' =>
[
['Default Action'],
['Another Action']
]
))
end
end
def run
print_status("Running the simple auxiliary module with action #{action.name}")
end
def run
print_status("Running the simple auxiliary module with action #{action.name}")
end
def auxiliary_commands
return { "aux_extra_command" => "Run this auxiliary test commmand" }
end
def auxiliary_commands
return { "aux_extra_command" => "Run this auxiliary test commmand" }
end
def cmd_aux_extra_command(*args)
print_status("Running inside aux_extra_command()")
end
def cmd_aux_extra_command(*args)
print_status("Running inside aux_extra_command()")
end
end
documentation/samples/modules/encoders/sample.rb
+17 -17
View File
@@ -13,23 +13,23 @@
###
class Metasploit4 < Msf::Encoder
def initialize
super(
'Name' => 'Sample Encoder',
'Description' => %q{
Sample encoder that just returns the block it's passed
when encoding occurs.
},
'License' => MSF_LICENSE,
'Author' => 'skape',
'Arch' => ARCH_ALL)
end
def initialize
super(
'Name' => 'Sample Encoder',
'Description' => %q{
Sample encoder that just returns the block it's passed
when encoding occurs.
},
'License' => MSF_LICENSE,
'Author' => 'skape',
'Arch' => ARCH_ALL)
end
#
# Returns the unmodified buffer to the caller.
#
def encode_block(state, buf)
buf
end
#
# Returns the unmodified buffer to the caller.
#
def encode_block(state, buf)
buf
end
end
documentation/samples/modules/exploits/ie_browser.rb
+108 -108
View File
@@ -15,133 +15,133 @@ require 'msf/core'
#
###
class Metasploit4 < Msf::Exploit::Remote
Rank = NormalRanking
Rank = NormalRanking
include Msf::Exploit::Remote::HttpServer::HTML
include Msf::Exploit::RopDb
include Msf::Exploit::Remote::BrowserAutopwn
include Msf::Exploit::Remote::HttpServer::HTML
include Msf::Exploit::RopDb
include Msf::Exploit::Remote::BrowserAutopwn
# Set :classid and :method for ActiveX exploits. For example:
# :classid => "{C3B92104-B5A7-11D0-A37F-00A0248F0AF1}",
# :method => "SetShapeNodeType",
autopwn_info({
:ua_name => HttpClients::IE,
:ua_minver => "8.0",
:ua_maxver => "10.0",
:javascript => true,
:os_name => OperatingSystems::WINDOWS,
:rank => NormalRanking
})
# Set :classid and :method for ActiveX exploits. For example:
# :classid => "{C3B92104-B5A7-11D0-A37F-00A0248F0AF1}",
# :method => "SetShapeNodeType",
autopwn_info({
:ua_name => HttpClients::IE,
:ua_minver => "8.0",
:ua_maxver => "10.0",
:javascript => true,
:os_name => OperatingSystems::WINDOWS,
:rank => NormalRanking
})
def initialize(info={})
super(update_info(info,
'Name' => "Module Name",
'Description' => %q{
This template covers IE8/9/10, and uses the user-agent HTTP header to detect
the browser version. Please note IE8 and newer may emulate an older IE version
in compatibility mode, in that case the module won't be able to detect the
browser correctly.
},
'License' => MSF_LICENSE,
'Author' => [ 'sinn3r' ],
'References' =>
[
[ 'URL', 'http://metasploit.com' ]
],
'Platform' => 'win',
'Targets' =>
[
[ 'Automatic', {} ],
[ 'IE 8 on Windows XP SP3', { 'Rop' => :jre } ],
[ 'IE 8 on Windows Vista', { 'Rop' => :jre } ],
[ 'IE 8 on Windows 7', { 'Rop' => :jre } ],
[ 'IE 9 on Windows 7', { 'Rop' => :jre } ],
[ 'IE 10 on Windows 8', { 'Rop' => :jre } ]
],
'Payload' =>
{
'BadChars' => "\x00", # js_property_spray
'StackAdjustment' => -3500
},
'Privileged' => false,
'DisclosureDate' => "Apr 1 2013",
'DefaultTarget' => 0))
end
def initialize(info={})
super(update_info(info,
'Name' => "Module Name",
'Description' => %q{
This template covers IE8/9/10, and uses the user-agent HTTP header to detect
the browser version. Please note IE8 and newer may emulate an older IE version
in compatibility mode, in that case the module won't be able to detect the
browser correctly.
},
'License' => MSF_LICENSE,
'Author' => [ 'sinn3r' ],
'References' =>
[
[ 'URL', 'http://metasploit.com' ]
],
'Platform' => 'win',
'Targets' =>
[
[ 'Automatic', {} ],
[ 'IE 8 on Windows XP SP3', { 'Rop' => :jre } ],
[ 'IE 8 on Windows Vista', { 'Rop' => :jre } ],
[ 'IE 8 on Windows 7', { 'Rop' => :jre } ],
[ 'IE 9 on Windows 7', { 'Rop' => :jre } ],
[ 'IE 10 on Windows 8', { 'Rop' => :jre } ]
],
'Payload' =>
{
'BadChars' => "\x00", # js_property_spray
'StackAdjustment' => -3500
},
'Privileged' => false,
'DisclosureDate' => "Apr 1 2013",
'DefaultTarget' => 0))
end
def get_target(agent)
return target if target.name != 'Automatic'
def get_target(agent)
return target if target.name != 'Automatic'
nt = agent.scan(/Windows NT (\d\.\d)/).flatten[0] || ''
ie = agent.scan(/MSIE (\d)/).flatten[0] || ''
nt = agent.scan(/Windows NT (\d\.\d)/).flatten[0] || ''
ie = agent.scan(/MSIE (\d)/).flatten[0] || ''
ie_name = "IE #{ie}"
ie_name = "IE #{ie}"
case nt
when '5.1'
os_name = 'Windows XP SP3'
when '6.0'
os_name = 'Windows Vista'
when '6.1'
os_name = 'Windows 7'
when '6.2'
os_name = 'Windows 8'
end
case nt
when '5.1'
os_name = 'Windows XP SP3'
when '6.0'
os_name = 'Windows Vista'
when '6.1'
os_name = 'Windows 7'
when '6.2'
os_name = 'Windows 8'
end
targets.each do |t|
if (!ie.empty? and t.name.include?(ie_name)) and (!nt.empty? and t.name.include?(os_name))
return t
end
end
targets.each do |t|
if (!ie.empty? and t.name.include?(ie_name)) and (!nt.empty? and t.name.include?(os_name))
return t
end
end
nil
end
nil
end
def get_payload(t)
stack_pivot = "\x41\x42\x43\x44"
code = payload.encoded
def get_payload(t)
stack_pivot = "\x41\x42\x43\x44"
code = payload.encoded
case t['Rop']
when :msvcrt
print_status("Using msvcrt ROP")
rop_payload = generate_rop_payload('msvcrt', code, {'pivot'=>stack_pivot, 'target'=>'xp'})
case t['Rop']
when :msvcrt
print_status("Using msvcrt ROP")
rop_payload = generate_rop_payload('msvcrt', code, {'pivot'=>stack_pivot, 'target'=>'xp'})
else
print_status("Using JRE ROP")
rop_payload = generate_rop_payload('java', code, {'pivot'=>stack_pivot})
end
else
print_status("Using JRE ROP")
rop_payload = generate_rop_payload('java', code, {'pivot'=>stack_pivot})
end
rop_payload
end
rop_payload
end
def get_html(t)
js_p = ::Rex::Text.to_unescape(get_payload(t), ::Rex::Arch.endian(t.arch))
html = %Q|
<script>
#{js_property_spray}
def get_html(t)
js_p = ::Rex::Text.to_unescape(get_payload(t), ::Rex::Arch.endian(t.arch))
html = %Q|
<script>
#{js_property_spray}
var s = unescape("#{js_p}");
sprayHeap({shellcode:s});
</script>
|
var s = unescape("#{js_p}");
sprayHeap({shellcode:s});
</script>
|
html.gsub(/^\t\t/, '')
end
html.gsub(/^\t\t/, '')
end
def on_request_uri(cli, request)
agent = request.headers['User-Agent']
print_status("Requesting: #{request.uri}")
def on_request_uri(cli, request)
agent = request.headers['User-Agent']
print_status("Requesting: #{request.uri}")
target = get_target(agent)
if target.nil?
print_error("Browser not supported, sending 404: #{agent}")
send_not_found(cli)
return
end
target = get_target(agent)
if target.nil?
print_error("Browser not supported, sending 404: #{agent}")
send_not_found(cli)
return
end
print_status("Target selected as: #{target.name}")
html = get_html(target)
send_response(cli, html, { 'Content-Type'=>'text/html', 'Cache-Control'=>'no-cache' })
end
print_status("Target selected as: #{target.name}")
html = get_html(target)
send_response(cli, html, { 'Content-Type'=>'text/html', 'Cache-Control'=>'no-cache' })
end
end
documentation/samples/modules/exploits/sample.rb
+58 -58
View File
@@ -15,71 +15,71 @@ require 'msf/core'
###
class Metasploit4 < Msf::Exploit::Remote
#
# This exploit affects TCP servers, so we use the TCP client mixin.
#
include Exploit::Remote::Tcp
#
# This exploit affects TCP servers, so we use the TCP client mixin.
#
include Exploit::Remote::Tcp
def initialize(info = {})
super(update_info(info,
'Name' => 'Sample Exploit',
'Description' => %q{
This exploit module illustrates how a vulnerability could be exploited
in an TCP server that has a parsing bug.
},
'License' => MSF_LICENSE,
'Author' => ['skape'],
'References' =>
[
],
'Payload' =>
{
'Space' => 1000,
'BadChars' => "\x00",
},
'Targets' =>
[
# Target 0: Windows All
[
'Windows XP/Vista/7/8',
{
'Platform' => 'win',
'Ret' => 0x41424344
}
],
],
'DisclosureDate' => "Apr 1 2013",
'DefaultTarget' => 0))
end
def initialize(info = {})
super(update_info(info,
'Name' => 'Sample Exploit',
'Description' => %q{
This exploit module illustrates how a vulnerability could be exploited
in an TCP server that has a parsing bug.
},
'License' => MSF_LICENSE,
'Author' => ['skape'],
'References' =>
[
],
'Payload' =>
{
'Space' => 1000,
'BadChars' => "\x00",
},
'Targets' =>
[
# Target 0: Windows All
[
'Windows XP/Vista/7/8',
{
'Platform' => 'win',
'Ret' => 0x41424344
}
],
],
'DisclosureDate' => "Apr 1 2013",
'DefaultTarget' => 0))
end
#
# The sample exploit just indicates that the remote host is always
# vulnerable.
#
def check
Exploit::CheckCode::Vulnerable
end
#
# The sample exploit just indicates that the remote host is always
# vulnerable.
#
def check
Exploit::CheckCode::Vulnerable
end
#
# The exploit method connects to the remote service and sends 1024 random bytes
# followed by the fake return address and then the payload.
#
def exploit
connect
#
# The exploit method connects to the remote service and sends 1024 random bytes
# followed by the fake return address and then the payload.
#
def exploit
connect
print_status("Sending #{payload.encoded.length} byte payload...")
print_status("Sending #{payload.encoded.length} byte payload...")
# Build the buffer for transmission
buf = rand_text_alpha(1024)
buf << [ target.ret ].pack('V')
buf << payload.encoded
# Build the buffer for transmission
buf = rand_text_alpha(1024)
buf << [ target.ret ].pack('V')
buf << payload.encoded
# Send it off
sock.put(buf)
sock.get_once
# Send it off
sock.put(buf)
sock.get_once
handler
end
handler
end
end
documentation/samples/modules/nops/sample.rb
+14 -14
View File
@@ -15,20 +15,20 @@ require 'msf/core'
###
class Metasploit4 < Msf::Nop
def initialize
super(
'Name' => 'Sample NOP Generator',
'Description' => 'Sample single-byte NOP generator',
'License' => MSF_LICENSE,
'Author' => 'skape',
'Arch' => ARCH_X86)
end
def initialize
super(
'Name' => 'Sample NOP Generator',
'Description' => 'Sample single-byte NOP generator',
'License' => MSF_LICENSE,
'Author' => 'skape',
'Arch' => ARCH_X86)
end
#
# Returns a string of 0x90's for the supplied length.
#
def generate_sled(length, opts)
"\x90" * length
end
#
# Returns a string of 0x90's for the supplied length.
#
def generate_sled(length, opts)
"\x90" * length
end
end
documentation/samples/modules/payloads/singles/sample.rb
+15 -15
View File
@@ -14,21 +14,21 @@ require 'msf/core'
###
module Metasploit4
include Msf::Payload::Single
include Msf::Payload::Single
def initialize(info = {})
super(update_info(info,
'Name' => 'Debugger Trap',
'Description' => 'Causes a debugger trap exception through int3',
'License' => MSF_LICENSE,
'Author' => 'skape',
'Platform' => 'win',
'Arch' => ARCH_X86,
'Payload' =>
{
'Payload' => "\xcc"
}
))
end
def initialize(info = {})
super(update_info(info,
'Name' => 'Debugger Trap',
'Description' => 'Causes a debugger trap exception through int3',
'License' => MSF_LICENSE,
'Author' => 'skape',
'Platform' => 'win',
'Arch' => ARCH_X86,
'Payload' =>
{
'Payload' => "\xcc"
}
))
end
end
documentation/samples/modules/post/sample.rb
+19 -19
View File
@@ -15,26 +15,26 @@ require 'msf/core/post/common'
###
class Metasploit4 < Msf::Post
include Msf::Post::Common
include Msf::Post::Common
def initialize(info={})
super(update_info(info,
'Name' => 'Sample Post Module',
'Description' => %q{Sample Post Module},
'License' => MSF_LICENSE,
'Author' => [ 'sinn3r'],
'Platform' => [ 'win'],
'SessionTypes' => [ "shell", "meterpreter" ]
))
end
def initialize(info={})
super(update_info(info,
'Name' => 'Sample Post Module',
'Description' => %q{Sample Post Module},
'License' => MSF_LICENSE,
'Author' => [ 'sinn3r'],
'Platform' => [ 'win'],
'SessionTypes' => [ "shell", "meterpreter" ]
))
end
#
# This post module runs a ipconfig command and returns the output
#
def run
print_status("Executing ipconfig on remote machine")
o = cmd_exec("ipconfig")
print_line(o)
end
#
# This post module runs a ipconfig command and returns the output
#
def run
print_status("Executing ipconfig on remote machine")
o = cmd_exec("ipconfig")
print_line(o)
end
end
documentation/samples/pro/msfrpc_pro_discover.rb
+75 -75
View File
@@ -5,19 +5,19 @@ require 'msfrpc-client'
require 'rex/ui'
def usage(ropts)
$stderr.puts ropts
$stderr.puts ropts
if @rpc and @rpc.token
wspaces = @rpc.call("pro.workspaces") rescue {}
if wspaces.keys.length > 0
$stderr.puts "Active Projects:"
wspaces.each_pair do |k,v|
$stderr.puts "\t#{k}"
end
end
end
$stderr.puts ""
exit(1)
if @rpc and @rpc.token
wspaces = @rpc.call("pro.workspaces") rescue {}
if wspaces.keys.length > 0
$stderr.puts "Active Projects:"
wspaces.each_pair do |k,v|
$stderr.puts "\t#{k}"
end
end
end
$stderr.puts ""
exit(1)
end
opts = {}
@@ -27,88 +27,88 @@ parser = Msf::RPC::Client.option_parser(opts)
parser.separator('Discover Mandatory Options:')
parser.on("--project PROJECT") do |x|
opts[:project] = x
opts[:project] = x
end
parser.on("--targets TARGETS") do |x|
opts[:targets] = [x]
opts[:targets] = [x]
end
parser.on("--blacklist BLACKLIST (optional)") do |x|
opts[:blacklist] = x
opts[:blacklist] = x
end
parser.on("--speed SPEED (optional)") do |x|
opts[:speed] = x
opts[:speed] = x
end
parser.on("--extra-ports PORTS (optional)") do |x|
opts[:extra_ports] = x
opts[:extra_ports] = x
end
parser.on("--blacklist-ports PORTS (optional)") do |x|
opts[:blacklist_ports] = x
opts[:blacklist_ports] = x
end
parser.on("--custom-ports PORTS (optional)") do |x|
opts[:custom_ports] = x
opts[:custom_ports] = x
end
parser.on("--portscan-timeout TIMEOUT (optional)") do |x|
opts[:portscan_timeout] = x
opts[:portscan_timeout] = x
end
parser.on("--source-port PORT (optional)") do |x|
opts[:source_port] = x
opts[:source_port] = x
end
parser.on("--custom-nmap-options OPTIONS (optional)") do |x|
opts[:custom_nmap_options] = x
opts[:custom_nmap_options] = x
end
parser.on("--disable-udp-probes (optional)") do
opts[:disable_udp_probes] = true
opts[:disable_udp_probes] = true
end
parser.on("--disable-finger-users (optional)") do
opts[:disable_finger_users] = true
opts[:disable_finger_users] = true
end
parser.on("--disable-snmp-scan (optional)") do
opts[:disable_snmp_scan] = true
opts[:disable_snmp_scan] = true
end
parser.on("--disable-service-identification (optional)") do
opts[:disable_service_identification] = true
opts[:disable_service_identification] = true
end
parser.on("--smb-user USER (optional)") do |x|
opts[:smb_user] = x
opts[:smb_user] = x
end
parser.on("--smb-pass PASS (optional)") do |x|
opts[:smb_pass] = x
opts[:smb_pass] = x
end
parser.on("--smb-domain DOMAIN (optional)") do |x|
opts[:smb_domain] = x
opts[:smb_domain] = x
end
parser.on("--dry-run (optional)") do
opts[:dry_run] = true
opts[:dry_run] = true
end
parser.on("--single-scan (optional)") do
opts[:single_scan] = true
opts[:single_scan] = true
end
parser.on("--fast-detect (optional)") do
opts[:fast_detect] = true
opts[:fast_detect] = true
end
parser.on("--help") do
$stderr.puts parser
exit(1)
$stderr.puts parser
exit(1)
end
parser.separator('')
@@ -117,9 +117,9 @@ parser.parse!(ARGV)
@rpc = Msf::RPC::Client.new(opts)
if not @rpc.token
$stderr.puts "Error: Invalid RPC server options specified"
$stderr.puts parser
exit(1)
$stderr.puts "Error: Invalid RPC server options specified"
$stderr.puts parser
exit(1)
end
# Provide default values for certain options - If there's no alternative set
@@ -149,59 +149,59 @@ user = @rpc.call("pro.default_admin_user")['username']
# Create the task object with all options
task = @rpc.call("pro.start_discover", {
'workspace' => project,
'username' => user,
'ips' => targets,
'DS_BLACKLIST_HOSTS' => blacklist,
'DS_PORTSCAN_SPEED' => speed,
'DS_PORTS_EXTRA' => extra_ports,
'DS_PORTS_BLACKLIST' => blacklist_ports,
'DS_PORTS_CUSTOM' => custom_ports,
'DS_PORTSCAN_TIMEOUT' => portscan_timeout,
'DS_PORTSCAN_SOURCE_PORT' => source_port,
'DS_CustomNmap' => custom_nmap_options,
'DS_UDP_PROBES' => disable_udp_probes,
'DS_FINGER_USERS' => disable_finger_users,
'DS_SNMP_SCAN' => disable_snmp_scan,
'DS_IDENTIFY_SERVICES' => disable_service_identification,
'DS_SMBUser' => smb_user,
'DS_SMBPass' => smb_pass,
'DS_SMBDomain' => smb_domain,
'DS_SINGLE_SCAN' => single_scan,
'DS_FAST_DETECT' => fast_detect
'workspace' => project,
'username' => user,
'ips' => targets,
'DS_BLACKLIST_HOSTS' => blacklist,
'DS_PORTSCAN_SPEED' => speed,
'DS_PORTS_EXTRA' => extra_ports,
'DS_PORTS_BLACKLIST' => blacklist_ports,
'DS_PORTS_CUSTOM' => custom_ports,
'DS_PORTSCAN_TIMEOUT' => portscan_timeout,
'DS_PORTSCAN_SOURCE_PORT' => source_port,
'DS_CustomNmap' => custom_nmap_options,
'DS_UDP_PROBES' => disable_udp_probes,
'DS_FINGER_USERS' => disable_finger_users,
'DS_SNMP_SCAN' => disable_snmp_scan,
'DS_IDENTIFY_SERVICES' => disable_service_identification,
'DS_SMBUser' => smb_user,
'DS_SMBPass' => smb_pass,
'DS_SMBDomain' => smb_domain,
'DS_SINGLE_SCAN' => single_scan,
'DS_FAST_DETECT' => fast_detect
})
puts "DEBUG: Running task with #{task.inspect}"
if not task['task_id']
$stderr.puts "[-] Error starting the task: #{task.inspect}"
exit(0)
$stderr.puts "[-] Error starting the task: #{task.inspect}"
exit(0)
end
puts "[*] Creating Task ID #{task['task_id']}..."
while true
select(nil, nil, nil, 0.50)
select(nil, nil, nil, 0.50)
stat = @rpc.call("pro.task_status", task['task_id'])
stat = @rpc.call("pro.task_status", task['task_id'])
if stat['status'] == 'invalid'
$stderr.puts "[-] Error checking task status"
exit(0)
end
if stat['status'] == 'invalid'
$stderr.puts "[-] Error checking task status"
exit(0)
end
info = stat[ task['task_id'] ]
info = stat[ task['task_id'] ]
if not info
$stderr.puts "[-] Error finding the task"
exit(0)
end
if not info
$stderr.puts "[-] Error finding the task"
exit(0)
end
if info['status'] == "error"
$stderr.puts "[-] Error generating report: #{info['error']}"
exit(0)
end
if info['status'] == "error"
$stderr.puts "[-] Error generating report: #{info['error']}"
exit(0)
end
break if info['progress'] == 100
break if info['progress'] == 100
end
$stdout.puts "[+] Task Complete!"
documentation/samples/pro/msfrpc_pro_exploit.rb
+76 -76
View File
@@ -5,19 +5,19 @@ require 'msfrpc-client'
require 'rex/ui'
def usage(ropts)
$stderr.puts ropts
$stderr.puts ropts
if @rpc and @rpc.token
wspaces = @rpc.call("pro.workspaces") rescue {}
if wspaces.keys.length > 0
$stderr.puts "Active Projects:"
wspaces.each_pair do |k,v|
$stderr.puts "\t#{k}"
end
end
end
$stderr.puts ""
exit(1)
if @rpc and @rpc.token
wspaces = @rpc.call("pro.workspaces") rescue {}
if wspaces.keys.length > 0
$stderr.puts "Active Projects:"
wspaces.each_pair do |k,v|
$stderr.puts "\t#{k}"
end
end
end
$stderr.puts ""
exit(1)
end
opts = {}
@@ -43,88 +43,88 @@ parser = Msf::RPC::Client.option_parser(opts)
parser.separator('Exploit Specific Options:')
parser.on("--project PROJECT") do |x|
opts[:project] = x
opts[:project] = x
end
parser.on("--targets TARGETS") do |x|
opts[:targets] = x
opts[:targets] = x
end
parser.on("--speed SPEED") do |x|
opts[:speed] = x
opts[:speed] = x
end
parser.on("--minimum-rank RANK") do |x|
opts[:rank] = x
opts[:rank] = x
end
parser.on("--blacklist BLACKLIST (optional)") do |x|
opts[:blacklist] = x
opts[:blacklist] = x
end
parser.on("--whitelist-ports PORTS (optional)") do |x|
opts[:whitelist_ports] = x
opts[:whitelist_ports] = x
end
parser.on("--blacklist-ports PORTS (optional)") do |x|
opts[:blacklist_ports] = x
opts[:blacklist_ports] = x
end
parser.on("--exploit-timeout TIMEOUT (optional)") do |x|
opts[:exploit_timeout] = x
opts[:exploit_timeout] = x
end
parser.on("--limit-sessions (optional)") do |x|
opts[:limit_sessions] = (x =~ /^(y|t|1)/i ? true : false )
opts[:limit_sessions] = (x =~ /^(y|t|1)/i ? true : false )
end
parser.on("--ignore-fragile-devices (optional)") do |x|
opts[:ignore_fragile_devices] = (x =~ /^(y|t|1)/i ? true : false )
opts[:ignore_fragile_devices] = (x =~ /^(y|t|1)/i ? true : false )
end
parser.on("--filter-by-os (optional)") do |x|
opts[:filter_by_os] = (x =~ /^(y|t|1)/i ? true : false )
opts[:filter_by_os] = (x =~ /^(y|t|1)/i ? true : false )
end
parser.on("--dry-run (optional)") do |x|
opts[:only_match] = (x =~ /^(y|t|1)/i ? true : false )
opts[:only_match] = (x =~ /^(y|t|1)/i ? true : false )
end
parser.on("--match-vulns (optional)") do |x|
opts[:match_vulns] = (x =~ /^(y|t|1)/i ? true : false )
opts[:match_vulns] = (x =~ /^(y|t|1)/i ? true : false )
end
parser.on("--match-ports (optional)") do |x|
opts[:match_ports] = (x =~ /^(y|t|1)/i ? true : false )
opts[:match_ports] = (x =~ /^(y|t|1)/i ? true : false )
end
parser.on("--payload-method AUTO|REVERSE|BIND (optional)") do |x|
opts[:payload_method] = x
opts[:payload_method] = x
end
parser.on("--payload-type METERPRETER|SHELL (optional)") do |x|
opts[:payload_type] = x
opts[:payload_type] = x
end
parser.on("--payload-ports PORTS (optional)") do |x|
opts[:payload_ports] = x
opts[:payload_ports] = x
end
parser.on("--evasion-level-tcp LEVEL (optional)") do |x|
opts[:evasion_level_tcp] = x
opts[:evasion_level_tcp] = x
end
parser.on("--evasion-level-app LEVEL (optional)") do |x|
opts[:evasion_level_app] = x
opts[:evasion_level_app] = x
end
parser.on("--module-filter FILTER (optional)") do |x|
opts[:module_filter] = x
opts[:module_filter] = x
end
parser.on("--help") do
$stderr.puts parser
exit(1)
$stderr.puts parser
exit(1)
end
parser.separator('')
@@ -133,9 +133,9 @@ parser.parse!(ARGV)
@rpc = Msf::RPC::Client.new(opts)
if not @rpc.token
$stderr.puts "Error: Invalid RPC server options specified"
$stderr.puts parser
exit(1)
$stderr.puts "Error: Invalid RPC server options specified"
$stderr.puts parser
exit(1)
end
# Store the user's settings
@@ -166,60 +166,60 @@ user = @rpc.call("pro.default_admin_user")['username']
# Create the task object with all options
task = @rpc.call("pro.start_exploit", {
'workspace' => project,
'username' => user,
'DS_WHITELIST_HOSTS' => targets,
'DS_BLACKLIST_HOSTS' => blacklist,
'DS_WHITELIST_PORTS' => whitelist_ports,
'DS_BLACKLIST_PORTS' => blacklist_ports,
'DS_MinimumRank' => rank,
'DS_EXPLOIT_SPEED' => speed,
'DS_EXPLOIT_TIMEOUT' => exploit_timeout,
'DS_LimitSessions' => limit_sessions,
'DS_IgnoreFragileDevices' => ignore_fragile_devices,
'DS_FilterByOS' => filter_by_os,
'DS_OnlyMatch' => only_match,
'DS_MATCH_VULNS' => match_vulns,
'DS_MATCH_PORTS' => match_ports,
'DS_PAYLOAD_METHOD' => payload_method,
'DS_PAYLOAD_TYPE' => payload_type,
'DS_PAYLOAD_PORTS' => payload_ports,
'DS_EVASION_LEVEL_TCP' => evasion_level_tcp,
'DS_EVASION_LEVEL_APP' => evasion_level_app,
'DS_ModuleFilter' => module_filter
'workspace' => project,
'username' => user,
'DS_WHITELIST_HOSTS' => targets,
'DS_BLACKLIST_HOSTS' => blacklist,
'DS_WHITELIST_PORTS' => whitelist_ports,
'DS_BLACKLIST_PORTS' => blacklist_ports,
'DS_MinimumRank' => rank,
'DS_EXPLOIT_SPEED' => speed,
'DS_EXPLOIT_TIMEOUT' => exploit_timeout,
'DS_LimitSessions' => limit_sessions,
'DS_IgnoreFragileDevices' => ignore_fragile_devices,
'DS_FilterByOS' => filter_by_os,
'DS_OnlyMatch' => only_match,
'DS_MATCH_VULNS' => match_vulns,
'DS_MATCH_PORTS' => match_ports,
'DS_PAYLOAD_METHOD' => payload_method,
'DS_PAYLOAD_TYPE' => payload_type,
'DS_PAYLOAD_PORTS' => payload_ports,
'DS_EVASION_LEVEL_TCP' => evasion_level_tcp,
'DS_EVASION_LEVEL_APP' => evasion_level_app,
'DS_ModuleFilter' => module_filter
})
puts "DEBUG: Running task with #{task.inspect}"
if not task['task_id']
$stderr.puts "[-] Error starting the task: #{task.inspect}"
exit(0)
$stderr.puts "[-] Error starting the task: #{task.inspect}"
exit(0)
end
puts "[*] Creating Task ID #{task['task_id']}..."
while true
select(nil, nil, nil, 0.50)
select(nil, nil, nil, 0.50)
stat = @rpc.call("pro.task_status", task['task_id'])
stat = @rpc.call("pro.task_status", task['task_id'])
if stat['status'] == 'invalid'
$stderr.puts "[-] Error checking task status"
exit(0)
end
if stat['status'] == 'invalid'
$stderr.puts "[-] Error checking task status"
exit(0)
end
info = stat[ task['task_id'] ]
info = stat[ task['task_id'] ]
if not info
$stderr.puts "[-] Error finding the task"
exit(0)
end
if not info
$stderr.puts "[-] Error finding the task"
exit(0)
end
if info['status'] == "error"
$stderr.puts "[-] Error generating report: #{info['error']}"
exit(0)
end
if info['status'] == "error"
$stderr.puts "[-] Error generating report: #{info['error']}"
exit(0)
end
break if info['progress'] == 100
break if info['progress'] == 100
end
$stdout.puts "[+] Task Complete!"
documentation/samples/pro/msfrpc_pro_import.rb
+39 -39
View File
@@ -5,18 +5,18 @@ require 'msfrpc-client'
require 'rex/ui'
def usage(ropts)
$stderr.puts ropts
$stderr.puts ropts
if @rpc and @rpc.token
wspaces = @rpc.call("pro.workspaces") rescue {}
if wspaces.keys.length > 0
$stderr.puts "Active Projects:"
wspaces.each_pair do |k,v|
$stderr.puts "\t#{k}"
end
end
end
exit(1)
if @rpc and @rpc.token
wspaces = @rpc.call("pro.workspaces") rescue {}
if wspaces.keys.length > 0
$stderr.puts "Active Projects:"
wspaces.each_pair do |k,v|
$stderr.puts "\t#{k}"
end
end
end
exit(1)
end
opts = {}
@@ -26,16 +26,16 @@ parser = Msf::RPC::Client.option_parser(opts)
parser.separator('Task Options:')
parser.on("--path PATH") do |path|
opts[:path] = path
opts[:path] = path
end
parser.on("--project PROJECT") do |project|
opts[:project] = project
opts[:project] = project
end
parser.on("--help") do
$stderr.puts parser
exit(1)
$stderr.puts parser
exit(1)
end
parser.separator('')
@@ -43,49 +43,49 @@ parser.parse!(ARGV)
@rpc = Msf::RPC::Client.new(opts)
if not @rpc.token
$stderr.puts "Error: Invalid RPC server options specified"
$stderr.puts parser
exit(1)
$stderr.puts "Error: Invalid RPC server options specified"
$stderr.puts parser
exit(1)
end
project = opts[:project] || usage(parser)
path = opts[:path] || usage(parser)
user = @rpc.call("pro.default_admin_user")['username']
task = @rpc.call("pro.start_import", {
'workspace' => project,
'username' => user,
'DS_PATH' => path
'workspace' => project,
'username' => user,
'DS_PATH' => path
})
if not task['task_id']
$stderr.puts "[-] Error starting the task: #{task.inspect}"
exit(0)
$stderr.puts "[-] Error starting the task: #{task.inspect}"
exit(0)
end
puts "[*] Creating Task ID #{task['task_id']}..."
while true
select(nil, nil, nil, 0.50)
select(nil, nil, nil, 0.50)
stat = @rpc.call("pro.task_status", task['task_id'])
stat = @rpc.call("pro.task_status", task['task_id'])
if stat['status'] == 'invalid'
$stderr.puts "[-] Error checking task status"
exit(0)
end
if stat['status'] == 'invalid'
$stderr.puts "[-] Error checking task status"
exit(0)
end
info = stat[ task['task_id'] ]
info = stat[ task['task_id'] ]
if not info
$stderr.puts "[-] Error finding the task"
exit(0)
end
if not info
$stderr.puts "[-] Error finding the task"
exit(0)
end
if info['status'] == "error"
$stderr.puts "[-] Error generating report: #{info['error']}"
exit(0)
end
if info['status'] == "error"
$stderr.puts "[-] Error generating report: #{info['error']}"
exit(0)
end
break if info['progress'] == 100
break if info['progress'] == 100
end
$stdout.puts "[+] Task Complete!"
documentation/samples/pro/msfrpc_pro_nexpose.rb
+54 -54
View File
@@ -5,19 +5,19 @@ require 'msfrpc-client'
require 'rex/ui'
def usage(ropts)
$stderr.puts ropts
$stderr.puts ropts
if @rpc and @rpc.token
wspaces = @rpc.call("pro.workspaces") rescue {}
if wspaces.keys.length > 0
$stderr.puts "Active Projects:"
wspaces.each_pair do |k,v|
$stderr.puts "\t#{k}"
end
end
end
$stderr.puts ""
exit(1)
if @rpc and @rpc.token
wspaces = @rpc.call("pro.workspaces") rescue {}
if wspaces.keys.length > 0
$stderr.puts "Active Projects:"
wspaces.each_pair do |k,v|
$stderr.puts "\t#{k}"
end
end
end
$stderr.puts ""
exit(1)
end
opts = {}
@@ -27,44 +27,44 @@ parser = Msf::RPC::Client.option_parser(opts)
parser.separator('NeXpose Specific Options:')
parser.on("--project PROJECT") do |x|
opts[:project] = x
opts[:project] = x
end
parser.on("--targets TARGETS") do |x|
opts[:targets] = [x]
opts[:targets] = [x]
end
parser.on("--nexpose-host HOST") do |x|
opts[:nexpose_host] = x
opts[:nexpose_host] = x
end
parser.on("--nexpose-user USER") do |x|
opts[:nexpose_user] = x
opts[:nexpose_user] = x
end
parser.on("--nexpose-pass PASSWORD") do |x|
opts[:nexpose_pass] = x
opts[:nexpose_pass] = x
end
parser.on("--nexpose-pass-file PATH") do |x|
opts[:nexpose_pass_file] = x
opts[:nexpose_pass_file] = x
end
parser.on("--scan-template TEMPLATE (optional)") do |x|
opts[:scan_template] = x
opts[:scan_template] = x
end
parser.on("--nexpose-port PORT (optional)") do |x|
opts[:nexpose_port] = x
opts[:nexpose_port] = x
end
parser.on("--blacklist BLACKLIST (optional)") do |x|
opts[:blacklist] = x
opts[:blacklist] = x
end
parser.on("--help") do
$stderr.puts parser
exit(1)
$stderr.puts parser
exit(1)
end
parser.separator('')
@@ -73,16 +73,16 @@ parser.parse!(ARGV)
@rpc = Msf::RPC::Client.new(opts)
if not @rpc.token
$stderr.puts "Error: Invalid RPC server options specified"
$stderr.puts parser
exit(1)
$stderr.puts "Error: Invalid RPC server options specified"
$stderr.puts parser
exit(1)
end
# Get the password from the file
if opts[:nexpose_pass_file]
nexpose_pass = File.open(opts[:nexpose_pass_file],"r").read.chomp!
nexpose_pass = File.open(opts[:nexpose_pass_file],"r").read.chomp!
else
nexpose_pass = opts[:nexpose_pass] || usage(parser)
nexpose_pass = opts[:nexpose_pass] || usage(parser)
end
# Store the user's settings
@@ -98,14 +98,14 @@ scan_template = opts[:scan_template] || "pentest-audit"
user = @rpc.call("pro.default_admin_user")['username']
options = {
'workspace' => project,
'username' => user,
'DS_WHITELIST_HOSTS' => targets,
'DS_NEXPOSE_HOST' => nexpose_host,
'DS_NEXPOSE_PORT' => nexpose_port,
'DS_NEXPOSE_USER' => nexpose_user,
'nexpose_pass' => nexpose_pass,
'DS_SCAN_TEMPLATE' => scan_template
'workspace' => project,
'username' => user,
'DS_WHITELIST_HOSTS' => targets,
'DS_NEXPOSE_HOST' => nexpose_host,
'DS_NEXPOSE_PORT' => nexpose_port,
'DS_NEXPOSE_USER' => nexpose_user,
'nexpose_pass' => nexpose_pass,
'DS_SCAN_TEMPLATE' => scan_template
}
puts "DEBUG: Running task with #{options}"
@@ -115,34 +115,34 @@ task = @rpc.call("pro.start_exploit", options)
if not task['task_id']
$stderr.puts "[-] Error starting the task: #{task.inspect}"
exit(0)
$stderr.puts "[-] Error starting the task: #{task.inspect}"
exit(0)
end
puts "[*] Creating Task ID #{task['task_id']}..."
while true
select(nil, nil, nil, 0.50)
select(nil, nil, nil, 0.50)
stat = @rpc.call("pro.task_status", task['task_id'])
stat = @rpc.call("pro.task_status", task['task_id'])
if stat['status'] == 'invalid'
$stderr.puts "[-] Error checking task status"
exit(0)
end
if stat['status'] == 'invalid'
$stderr.puts "[-] Error checking task status"
exit(0)
end
info = stat[ task['task_id'] ]
info = stat[ task['task_id'] ]
if not info
$stderr.puts "[-] Error finding the task"
exit(0)
end
if not info
$stderr.puts "[-] Error finding the task"
exit(0)
end
if info['status'] == "error"
$stderr.puts "[-] Error generating report: #{info['error']}"
exit(0)
end
if info['status'] == "error"
$stderr.puts "[-] Error generating report: #{info['error']}"
exit(0)
end
break if info['progress'] == 100
break if info['progress'] == 100
end
$stdout.puts "[+] Task Complete!"
documentation/samples/pro/msfrpc_pro_report.rb
+65 -65
View File
@@ -6,43 +6,43 @@ require 'msfrpc-client'
require 'rex/ui'
def usage(ropts)
$stderr.puts ropts
$stderr.puts ropts
if @rpc and @rpc.token
wspaces = @rpc.call("pro.workspaces") rescue {}
if wspaces.keys.length > 0
$stderr.puts "Active Projects:"
wspaces.each_pair do |k,v|
$stderr.puts "\t#{k}"
end
end
end
$stderr.puts ""
exit(1)
if @rpc and @rpc.token
wspaces = @rpc.call("pro.workspaces") rescue {}
if wspaces.keys.length > 0
$stderr.puts "Active Projects:"
wspaces.each_pair do |k,v|
$stderr.puts "\t#{k}"
end
end
end
$stderr.puts ""
exit(1)
end
opts = {
:format => 'PDF'
:format => 'PDF'
}
parser = Msf::RPC::Client.option_parser(opts)
parser.separator('Report Options:')
parser.on("--format FORMAT") do |v|
opts[:format] = v.upcase
opts[:format] = v.upcase
end
parser.on("--project PROJECT") do |v|
opts[:project] = v
opts[:project] = v
end
parser.on("--output OUTFILE") do |v|
opts[:output] = v
opts[:output] = v
end
parser.on("--help") do
$stderr.puts parser
exit(1)
$stderr.puts parser
exit(1)
end
parser.separator('')
@@ -50,9 +50,9 @@ parser.parse!(ARGV)
@rpc = Msf::RPC::Client.new(opts)
if not @rpc.token
$stderr.puts "Error: Invalid RPC server options specified"
$stderr.puts parser
exit(1)
$stderr.puts "Error: Invalid RPC server options specified"
$stderr.puts parser
exit(1)
end
project = opts[:project] || usage(parser)
@@ -61,66 +61,66 @@ rtype = opts[:format]
user = @rpc.call("pro.default_admin_user")['username']
task = @rpc.call("pro.start_report", {
'DS_WHITELIST_HOSTS' => "",
'DS_BLACKLIST_HOSTS' => "",
'workspace' => project,
'username' => user,
'DS_MaskPasswords' => false,
'DS_IncludeTaskLog' => false,
'DS_JasperDisplaySession' => true,
'DS_JasperDisplayCharts' => true,
'DS_LootExcludeScreenshots' => false,
'DS_LootExcludePasswords' => false,
'DS_JasperTemplate' => "msfxv3.jrxml",
'DS_REPORT_TYPE' => rtype.upcase,
'DS_UseJasper' => true,
'DS_UseCustomReporting' => true,
'DS_JasperProductName' => "Metasploit Pro",
'DS_JasperDbEnv' => "production",
'DS_JasperLogo' => '',
'DS_JasperDisplaySections' => "1,2,3,4,5,6,7,8",
'DS_EnablePCIReport' => true,
'DS_EnableFISMAReport' => true,
'DS_JasperDisplayWeb' => true,
'DS_WHITELIST_HOSTS' => "",
'DS_BLACKLIST_HOSTS' => "",
'workspace' => project,
'username' => user,
'DS_MaskPasswords' => false,
'DS_IncludeTaskLog' => false,
'DS_JasperDisplaySession' => true,
'DS_JasperDisplayCharts' => true,
'DS_LootExcludeScreenshots' => false,
'DS_LootExcludePasswords' => false,
'DS_JasperTemplate' => "msfxv3.jrxml",
'DS_REPORT_TYPE' => rtype.upcase,
'DS_UseJasper' => true,
'DS_UseCustomReporting' => true,
'DS_JasperProductName' => "Metasploit Pro",
'DS_JasperDbEnv' => "production",
'DS_JasperLogo' => '',
'DS_JasperDisplaySections' => "1,2,3,4,5,6,7,8",
'DS_EnablePCIReport' => true,
'DS_EnableFISMAReport' => true,
'DS_JasperDisplayWeb' => true,
})
if not task['task_id']
$stderr.puts "[-] Error generating the report: #{task.inspect}"
exit(0)
$stderr.puts "[-] Error generating the report: #{task.inspect}"
exit(0)
end
puts "[*] Report is generating with Task ID #{task['task_id']}..."
while true
select(nil, nil, nil, 0.50)
stat = @rpc.call("pro.task_status", task['task_id'])
if stat['status'] == 'invalid'
$stderr.puts "[-] Error checking task status"
exit(0)
end
select(nil, nil, nil, 0.50)
stat = @rpc.call("pro.task_status", task['task_id'])
if stat['status'] == 'invalid'
$stderr.puts "[-] Error checking task status"
exit(0)
end
info = stat[ task['task_id'] ]
info = stat[ task['task_id'] ]
if not info
$stderr.puts "[-] Error finding the task"
exit(0)
end
if not info
$stderr.puts "[-] Error finding the task"
exit(0)
end
if info['status'] == "error"
$stderr.puts "[-] Error generating report: #{info['error']}"
exit(0)
end
if info['status'] == "error"
$stderr.puts "[-] Error generating report: #{info['error']}"
exit(0)
end
break if info['progress'] == 100
break if info['progress'] == 100
end
report = @rpc.call('pro.report_download_by_task', task['task_id'])
if report and report['data']
::File.open(fname, "wb") do |fd|
fd.write(report['data'])
end
$stderr.puts "[-] Report saved to #{::File.expand_path(fname)}"
::File.open(fname, "wb") do |fd|
fd.write(report['data'])
end
$stderr.puts "[-] Report saved to #{::File.expand_path(fname)}"
else
$stderr.puts "[-] Error downloading report: #{report.inspect}"
$stderr.puts "[-] Error downloading report: #{report.inspect}"
end
documentation/samples/scripts/meterpreter_script_template.rb
+14 -14
View File
@@ -7,9 +7,9 @@
@client = client
sample_option_var = nil
@exec_opts = Rex::Parser::Arguments.new(
"-h" => [ false, "Help menu." ],
"-o" => [ true , "Option that requieres a value"]
)
"-h" => [ false, "Help menu." ],
"-o" => [ true , "Option that requieres a value"]
)
meter_type = client.platform
################## Function Declarations ##################
@@ -17,26 +17,26 @@ meter_type = client.platform
# Usage Message Function
#-------------------------------------------------------------------------------
def usage
print_line "Meterpreter Script for INSERT PURPOSE."
print_line(@exec_opts.usage)
raise Rex::Script::Completed
print_line "Meterpreter Script for INSERT PURPOSE."
print_line(@exec_opts.usage)
raise Rex::Script::Completed
end
# Wrong Meterpreter Version Message Function
#-------------------------------------------------------------------------------
def wrong_meter_version(meter = meter_type)
print_error("#{meter} version of Meterpreter is not supported with this Script!")
raise Rex::Script::Completed
print_error("#{meter} version of Meterpreter is not supported with this Script!")
raise Rex::Script::Completed
end
################## Main ##################
@exec_opts.parse(args) { |opt, idx, val|
case opt
when "-h"
usage
when "-o"
sample_option_var = val
end
case opt
when "-h"
usage
when "-o"
sample_option_var = val
end
}
# Check for Version of Meterpreter
documentation/samples/scripts/resource_script.rb
+60 -60
View File
@@ -15,27 +15,27 @@
# will have to do the trick for now.
#
def help
msg = %Q|
Description:
Let's describe what this RC script is all about, plus anything the user should know before
actually using it.
msg = %Q|
Description:
Let's describe what this RC script is all about, plus anything the user should know before
actually using it.
Usage:
msfconsole -r <rc file> <db_user> <db_pass> <db_workspace> <arg1>
Usage:
msfconsole -r <rc file> <db_user> <db_pass> <db_workspace> <arg1>
Options:
<rc file> - I'm sure you already know
<db_user> - Username for the database (datastore: 'DB_USER')
<db_pass> - Password for the database (datastore: 'DB_PASS')
<db_workspace> - Workspace for the database (datastore: 'DB_WORKSPACE')
<arg1> - Argument 1 (datastore: 'ARG1')
Options:
<rc file> - I'm sure you already know
<db_user> - Username for the database (datastore: 'DB_USER')
<db_pass> - Password for the database (datastore: 'DB_PASS')
<db_workspace> - Workspace for the database (datastore: 'DB_WORKSPACE')
<arg1> - Argument 1 (datastore: 'ARG1')
Authors:
sinn3r <sinn3r[at]metasploit.com>
|
Authors:
sinn3r <sinn3r[at]metasploit.com>
|
msg = msg.gsub(/^\t/, '')
print_line(msg)
msg = msg.gsub(/^\t/, '')
print_line(msg)
end
@@ -43,12 +43,12 @@ end
# See if we're already connected
#
def is_db_active?
begin
framework.db.hosts
return true
rescue ::ActiveRecord::ConnectionNotEstablished
return false
end
begin
framework.db.hosts
return true
rescue ::ActiveRecord::ConnectionNotEstablished
return false
end
end
@@ -57,9 +57,9 @@ end
# Default to localhost:5432, as this is the default configuration suggested by the manual.
#
def init_db(username, password, workspace)
db = "localhost:5432"
print_status("Opening #{workspace} at #{db}")
run_single("db_connect #{username}:#{password}@#{db}/#{workspace}")
db = "localhost:5432"
print_status("Opening #{workspace} at #{db}")
run_single("db_connect #{username}:#{password}@#{db}/#{workspace}")
end
@@ -67,30 +67,30 @@ end
# Initialize the argumets here
#
def init_args
args = {}
args = {}
joint = ARGV.join('')
if joint =~ /^help$/i
args[:help] = true
return args
end
joint = ARGV.join('')
if joint =~ /^help$/i
args[:help] = true
return args
end
# Add more arguments according to your help() function
datastore = framework.datastore
args[:db_user] = ARGV.shift || datastore['DB_USER'] || ''
args[:db_pass] = ARGV.shift || datastore['DB_PASS'] || ''
args[:db_workspace] = ARGV.shift || datastore['DB_WORKSPACE'] || ''
args[:arg1] = ARGV.shift || datastore['ARG1'] || ''
# Add more arguments according to your help() function
datastore = framework.datastore
args[:db_user] = ARGV.shift || datastore['DB_USER'] || ''
args[:db_pass] = ARGV.shift || datastore['DB_PASS'] || ''
args[:db_workspace] = ARGV.shift || datastore['DB_WORKSPACE'] || ''
args[:arg1] = ARGV.shift || datastore['ARG1'] || ''
if not is_db_active?
if args[:db_user].empty? or args[:db_pass].empty? or args[:db_workspace].empty?
raise ArgumentError, "Need DB_USER, DB_PASS, and DB_WORKSPACE"
end
end
if not is_db_active?
if args[:db_user].empty? or args[:db_pass].empty? or args[:db_workspace].empty?
raise ArgumentError, "Need DB_USER, DB_PASS, and DB_WORKSPACE"
end
end
raise ArgumentError, "Need ARG1" if args[:arg1].empty?
raise ArgumentError, "Need ARG1" if args[:arg1].empty?
return args
return args
end
@@ -98,7 +98,7 @@ end
# This is your main function
#
def main(args)
print_status("Initialzation is done, and here's your input: #{args[:arg1]}")
print_status("Initialzation is done, and here's your input: #{args[:arg1]}")
end
@@ -106,27 +106,27 @@ end
# Below initializes the arguments and database
#
begin
args = init_args
if args[:help]
help
return
end
args = init_args
if args[:help]
help
return
end
init_db(args[:db_user], args[:db_pass], args[:db_workspace]) if not is_db_active?
main(args)
init_db(args[:db_user], args[:db_pass], args[:db_workspace]) if not is_db_active?
main(args)
rescue ArgumentError => e
print_error("Bad argument(s): #{e.message}")
return
print_error("Bad argument(s): #{e.message}")
return
rescue RuntimeError => e
# Any runtime error should be raised as "RuntimeError"
print_error(e.message)
return
# Any runtime error should be raised as "RuntimeError"
print_error(e.message)
return
rescue ::Exception => e
# Whatever unknown exception occurs, we raise it
raise e
# Whatever unknown exception occurs, we raise it
raise e
end
</ruby>