metasploit-runner 0.0.8 → 0.0.9
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/README.md +7 -0
- data/lib/MetasploitPenTestScript/version.rb +1 -1
- data/lib/metasploit/exploit.rb +10 -4
- data/spec/exploit_spec.rb +8 -0
- metadata +1 -1
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 3b62c85eea93ad0811660c4edfd7f47710e2db90
|
|
4
|
+
data.tar.gz: a6f0854d43fea53c523c7d95693a1d876044dd22
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: e0988fef0a4b916632bc895d131b7cfbb36495d38241553febfd5c0b66e70a891c510995b61f0923e07bf0568845ca34822db6dfb174938aefecf7f411bd9db1
|
|
7
|
+
data.tar.gz: 273ccd1acb8882347c8ab4ec70d23d7a57cebba93b148861b3fd40681c8f58fe550dc9660585536a8b2efa845bc6565b931e96e63f2a220163b83c1b84bb4191
|
data/README.md
CHANGED
|
@@ -39,12 +39,19 @@ Example WITHOUT Nexpose Console Integration:
|
|
|
39
39
|
|
|
40
40
|
$ exploit "sploit.mydomain.com" "3790" "/api/1.0" "true" "asdlkjhsdfuw1228340asdasf8" "mycoolsoftware-build-28" "" "10.0.0.1"
|
|
41
41
|
|
|
42
|
+
Additionally, a module filter may be passed in to determine which modules are whitelisted to run during an exploit. The module filter parameter is a comma separate value
|
|
43
|
+
for specifying multiple paths.
|
|
44
|
+
|
|
45
|
+
Example WITH Module Filter:
|
|
46
|
+
|
|
47
|
+
$ exploit "sploit.mydomain.com" "3790" "/api/1.0" "true" "asdlkjhsdfuw1228340asdasf8" "mycoolsoftware-build-28" "nexpose-console-1" "10.0.0.1" "exploit/linux,exploit/multi"
|
|
42
48
|
|
|
43
49
|
The if you do not pass the following options they will default to the respective values:
|
|
44
50
|
|
|
45
51
|
port -> 3790
|
|
46
52
|
uri -> /api/1.0
|
|
47
53
|
use_ssl -> true
|
|
54
|
+
module_filter -> nil
|
|
48
55
|
|
|
49
56
|
Example using the defaults:
|
|
50
57
|
|
data/lib/metasploit/exploit.rb
CHANGED
|
@@ -4,7 +4,7 @@ require 'metasploit/exploit_run_description'
|
|
|
4
4
|
|
|
5
5
|
module Metasploit
|
|
6
6
|
module Exploit
|
|
7
|
-
def Exploit.start(connection_url, port, uri, use_ssl, token, workspace_name, nexpose_console_name, device_ip_to_scan)
|
|
7
|
+
def Exploit.start(connection_url, port, uri, use_ssl, token, workspace_name, nexpose_console_name, device_ip_to_scan, module_filter=nil)
|
|
8
8
|
run_details = ExploitRunDescription.new connection_url, port, uri, use_ssl, token, workspace_name, nexpose_console_name, device_ip_to_scan
|
|
9
9
|
run_details.verify
|
|
10
10
|
|
|
@@ -18,7 +18,7 @@ module Metasploit
|
|
|
18
18
|
|
|
19
19
|
do_metasploit_audit(rpc_client, run_details)
|
|
20
20
|
|
|
21
|
-
do_metasploit_exploit(rpc_client, run_details)
|
|
21
|
+
do_metasploit_exploit(rpc_client, run_details, module_filter)
|
|
22
22
|
end
|
|
23
23
|
|
|
24
24
|
private
|
|
@@ -61,8 +61,14 @@ module Metasploit
|
|
|
61
61
|
wait_for_task_to_stop_running(rpc_client, CONSTANTS::AUDIT_MESSAGE, audit['task_id'])
|
|
62
62
|
end
|
|
63
63
|
|
|
64
|
-
def self.do_metasploit_exploit(rpc_client, run_details)
|
|
65
|
-
|
|
64
|
+
def self.do_metasploit_exploit(rpc_client, run_details, module_filter)
|
|
65
|
+
options = {
|
|
66
|
+
'workspace' => run_details.workspace_name
|
|
67
|
+
}
|
|
68
|
+
if !module_filter.nil?
|
|
69
|
+
options['DS_ModuleFilter'] = module_filter
|
|
70
|
+
end
|
|
71
|
+
sploit = rpc_client.call('pro.start_exploit', options)
|
|
66
72
|
wait_for_task_to_stop_running(rpc_client, CONSTANTS::EXPLOIT_MESSAGE, sploit['task_id'])
|
|
67
73
|
end
|
|
68
74
|
|
data/spec/exploit_spec.rb
CHANGED
|
@@ -17,6 +17,7 @@ describe 'exploit' do
|
|
|
17
17
|
@expected_webscan_task_id = '12'
|
|
18
18
|
@expected_import_task_id = '1'
|
|
19
19
|
@expected_exploit_task_id = '13'
|
|
20
|
+
@expected_exploit_module_filter = 'exploit/linux,exploit/multi'
|
|
20
21
|
@expected_audit_task_id = '14'
|
|
21
22
|
@expected_audit_max_requests = 1000
|
|
22
23
|
@expected_audit_max_minutes = 3
|
|
@@ -293,6 +294,13 @@ describe 'exploit' do
|
|
|
293
294
|
Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, @expected_token, @expected_workspace_name, @expected_nexpose_console_name, @mock_device_ip_to_scan)
|
|
294
295
|
end
|
|
295
296
|
|
|
297
|
+
it 'should use a module filter if one is specified' do
|
|
298
|
+
expect(@mock_rpc_client).to receive(:call)
|
|
299
|
+
.with('pro.start_exploit', {'workspace' => @expected_workspace_name, 'DS_ModuleFilter' => @expected_exploit_module_filter})
|
|
300
|
+
|
|
301
|
+
Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, @expected_token, @expected_workspace_name, @expected_nexpose_console_name, @mock_device_ip_to_scan, @expected_exploit_module_filter)
|
|
302
|
+
end
|
|
303
|
+
|
|
296
304
|
describe 'wait for exploit to be over' do
|
|
297
305
|
before(:each) do
|
|
298
306
|
|