metasploit-runner 0.0.8 → 0.0.9
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/README.md +7 -0
- data/lib/MetasploitPenTestScript/version.rb +1 -1
- data/lib/metasploit/exploit.rb +10 -4
- data/spec/exploit_spec.rb +8 -0
- metadata +1 -1
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 3b62c85eea93ad0811660c4edfd7f47710e2db90
|
|
4
|
+
data.tar.gz: a6f0854d43fea53c523c7d95693a1d876044dd22
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: e0988fef0a4b916632bc895d131b7cfbb36495d38241553febfd5c0b66e70a891c510995b61f0923e07bf0568845ca34822db6dfb174938aefecf7f411bd9db1
|
|
7
|
+
data.tar.gz: 273ccd1acb8882347c8ab4ec70d23d7a57cebba93b148861b3fd40681c8f58fe550dc9660585536a8b2efa845bc6565b931e96e63f2a220163b83c1b84bb4191
|
data/README.md
CHANGED
|
@@ -39,12 +39,19 @@ Example WITHOUT Nexpose Console Integration:
|
|
|
39
39
|
|
|
40
40
|
$ exploit "sploit.mydomain.com" "3790" "/api/1.0" "true" "asdlkjhsdfuw1228340asdasf8" "mycoolsoftware-build-28" "" "10.0.0.1"
|
|
41
41
|
|
|
42
|
+
Additionally, a module filter may be passed in to determine which modules are whitelisted to run during an exploit. The module filter parameter is a comma separate value
|
|
43
|
+
for specifying multiple paths.
|
|
44
|
+
|
|
45
|
+
Example WITH Module Filter:
|
|
46
|
+
|
|
47
|
+
$ exploit "sploit.mydomain.com" "3790" "/api/1.0" "true" "asdlkjhsdfuw1228340asdasf8" "mycoolsoftware-build-28" "nexpose-console-1" "10.0.0.1" "exploit/linux,exploit/multi"
|
|
42
48
|
|
|
43
49
|
The if you do not pass the following options they will default to the respective values:
|
|
44
50
|
|
|
45
51
|
port -> 3790
|
|
46
52
|
uri -> /api/1.0
|
|
47
53
|
use_ssl -> true
|
|
54
|
+
module_filter -> nil
|
|
48
55
|
|
|
49
56
|
Example using the defaults:
|
|
50
57
|
|
data/lib/metasploit/exploit.rb
CHANGED
|
@@ -4,7 +4,7 @@ require 'metasploit/exploit_run_description'
|
|
|
4
4
|
|
|
5
5
|
module Metasploit
|
|
6
6
|
module Exploit
|
|
7
|
-
def Exploit.start(connection_url, port, uri, use_ssl, token, workspace_name, nexpose_console_name, device_ip_to_scan)
|
|
7
|
+
def Exploit.start(connection_url, port, uri, use_ssl, token, workspace_name, nexpose_console_name, device_ip_to_scan, module_filter=nil)
|
|
8
8
|
run_details = ExploitRunDescription.new connection_url, port, uri, use_ssl, token, workspace_name, nexpose_console_name, device_ip_to_scan
|
|
9
9
|
run_details.verify
|
|
10
10
|
|
|
@@ -18,7 +18,7 @@ module Metasploit
|
|
|
18
18
|
|
|
19
19
|
do_metasploit_audit(rpc_client, run_details)
|
|
20
20
|
|
|
21
|
-
do_metasploit_exploit(rpc_client, run_details)
|
|
21
|
+
do_metasploit_exploit(rpc_client, run_details, module_filter)
|
|
22
22
|
end
|
|
23
23
|
|
|
24
24
|
private
|
|
@@ -61,8 +61,14 @@ module Metasploit
|
|
|
61
61
|
wait_for_task_to_stop_running(rpc_client, CONSTANTS::AUDIT_MESSAGE, audit['task_id'])
|
|
62
62
|
end
|
|
63
63
|
|
|
64
|
-
def self.do_metasploit_exploit(rpc_client, run_details)
|
|
65
|
-
|
|
64
|
+
def self.do_metasploit_exploit(rpc_client, run_details, module_filter)
|
|
65
|
+
options = {
|
|
66
|
+
'workspace' => run_details.workspace_name
|
|
67
|
+
}
|
|
68
|
+
if !module_filter.nil?
|
|
69
|
+
options['DS_ModuleFilter'] = module_filter
|
|
70
|
+
end
|
|
71
|
+
sploit = rpc_client.call('pro.start_exploit', options)
|
|
66
72
|
wait_for_task_to_stop_running(rpc_client, CONSTANTS::EXPLOIT_MESSAGE, sploit['task_id'])
|
|
67
73
|
end
|
|
68
74
|
|
data/spec/exploit_spec.rb
CHANGED
|
@@ -17,6 +17,7 @@ describe 'exploit' do
|
|
|
17
17
|
@expected_webscan_task_id = '12'
|
|
18
18
|
@expected_import_task_id = '1'
|
|
19
19
|
@expected_exploit_task_id = '13'
|
|
20
|
+
@expected_exploit_module_filter = 'exploit/linux,exploit/multi'
|
|
20
21
|
@expected_audit_task_id = '14'
|
|
21
22
|
@expected_audit_max_requests = 1000
|
|
22
23
|
@expected_audit_max_minutes = 3
|
|
@@ -293,6 +294,13 @@ describe 'exploit' do
|
|
|
293
294
|
Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, @expected_token, @expected_workspace_name, @expected_nexpose_console_name, @mock_device_ip_to_scan)
|
|
294
295
|
end
|
|
295
296
|
|
|
297
|
+
it 'should use a module filter if one is specified' do
|
|
298
|
+
expect(@mock_rpc_client).to receive(:call)
|
|
299
|
+
.with('pro.start_exploit', {'workspace' => @expected_workspace_name, 'DS_ModuleFilter' => @expected_exploit_module_filter})
|
|
300
|
+
|
|
301
|
+
Metasploit::Exploit.start(@expected_connection, @expected_port, @expected_uri, @expected_ssl, @expected_token, @expected_workspace_name, @expected_nexpose_console_name, @mock_device_ip_to_scan, @expected_exploit_module_filter)
|
|
302
|
+
end
|
|
303
|
+
|
|
296
304
|
describe 'wait for exploit to be over' do
|
|
297
305
|
before(:each) do
|
|
298
306
|
|