forked from rapid7/metasploit-framework
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathmsfcli
executable file
·94 lines (77 loc) · 2.49 KB
/
msfcli
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
#!/usr/bin/ruby
#
# This user interface allows users to interact with the framework through a
# command line interface (CLI) rather than having to use a prompting console
# or web-based interface.
#
$:.unshift(File.join(File.dirname(__FILE__), 'lib'))
require 'rex'
require 'msf/ui'
require 'msf/base'
Indent = ' '
# Initialize the simplified framework instance.
$framework = Msf::Simple::Framework.create
if (ARGV.length <= 1)
$stderr.puts("\n" + " Usage: #{$0} <exploit> [var=val] [MODE]\n\n")
exit
end
# Get the exploit name we'll be using
exploit_name = ARGV.shift
exploit = $framework.exploits.create(exploit_name)
if (exploit == nil)
$stderr.puts("Invalid exploit: #{exploit_name}")
exit
end
# Initialize the user interface
exploit.init_ui($stdout, $stdin)
# Evalulate the command
mode = ARGV.pop.downcase
# Import options
exploit.datastore.import_options_from_s(ARGV.join(' '))
case mode.downcase
when "s"
$stdout.puts("\n" + Msf::Serializer::ReadableText.dump_module(exploit, Indent))
when "o"
$stdout.puts("\n" + Msf::Serializer::ReadableText.dump_options(exploit, Indent))
when "a"
$stdout.puts("\n" + Msf::Serializer::ReadableText.dump_advanced_options(exploit, Indent))
when "p"
$stdout.puts("\n" + Msf::Serializer::ReadableText.dump_compatible_payloads(
exploit, Indent, "Compatible payloads"))
when "t"
$stdout.puts("\n" + Msf::Serializer::ReadableText.dump_exploit_targets(exploit, Indent))
when "c"
begin
if (code = exploit.check)
stat = (code == Msf::Exploit::CheckCode::Vulnerable) ? '[+]' : '[*]'
$stdout.puts("#{stat} #{code[1]}")
else
$stderr.puts("Check failed: The state could not be determined.")
end
rescue
$stderr.puts("Check failed: #{$!}")
end
when "e"
begin
session = exploit.exploit_simple(
'Encoder' => exploit.datastore['ENCODER'],
'Target' => exploit.datastore['TARGET'],
'Payload' => exploit.datastore['PAYLOAD'],
'Nop' => exploit.datastore['NOP'],
'LocalInput' => Rex::Ui::Text::Input::Stdio.new,
'LocalOutput' => Rex::Ui::Text::Output::Stdio.new,
'ForceBlocking' => true)
if (session)
$stdout.puts("[*] #{session.desc} session #{session.name} opened (#{session.tunnel_to_s})\n\n")
session.init_ui(
Rex::Ui::Text::Input::Stdio.new,
Rex::Ui::Text::Output::Stdio.new)
session.interact
end
rescue
$stderr.puts("Exploit failed: #{$!}")
$stderr.puts("Backtrace:")
$stderr.puts($!.backtrace.join("\n"))
end
end
$stdout.puts