diff --git a/scripts/resource/auto_brute.rc b/scripts/resource/auto_brute.rc
index e7ac76520e..157afff0d9 100644
--- a/scripts/resource/auto_brute.rc
+++ b/scripts/resource/auto_brute.rc
@@ -38,6 +38,14 @@ else
verbose = 0
end
+# Test and see if we have a database connected
+begin
+ framework.db.hosts
+rescue ::ActiveRecord::ConnectionNotEstablished
+ print_error("Database connection isn't established")
+ return
+end
+
def jobwaiting(maxjobs,verbose) #thread handling for poor guys
while(framework.jobs.keys.length >= maxjobs)
::IO.select(nil, nil, nil, 2.5)
diff --git a/scripts/resource/auto_cred_checker.rc b/scripts/resource/auto_cred_checker.rc
index 9a23edec77..6e726f4759 100644
--- a/scripts/resource/auto_cred_checker.rc
+++ b/scripts/resource/auto_cred_checker.rc
@@ -14,6 +14,14 @@ else
verbose = 0
end
+# Test and see if we have a database connected
+begin
+ framework.db.hosts
+rescue ::ActiveRecord::ConnectionNotEstablished
+ print_error("Database connection isn't established")
+ return
+end
+
def jobwaiting(verbose)
maxjobs=15 #throtteling if we get too much jobs
while(framework.jobs.keys.length >= maxjobs)
diff --git a/scripts/resource/auto_pass_the_hash.rc b/scripts/resource/auto_pass_the_hash.rc
index 8799edfc42..f87b4ef469 100644
--- a/scripts/resource/auto_pass_the_hash.rc
+++ b/scripts/resource/auto_pass_the_hash.rc
@@ -32,6 +32,14 @@ else
verbose = 0
end
+# Test and see if we have a database connected
+begin
+ framework.db.hosts
+rescue ::ActiveRecord::ConnectionNotEstablished
+ print_error("Database connection isn't established")
+ return
+end
+
def infos(serv,creds,host)
print_line("")
print_line("====================================")
diff --git a/scripts/resource/autocrawler.rc b/scripts/resource/autocrawler.rc
index e8a40be498..2306d60187 100644
--- a/scripts/resource/autocrawler.rc
+++ b/scripts/resource/autocrawler.rc
@@ -15,6 +15,14 @@ end
threadspercrawler = "4" #check this ... now its default
+# Test and see if we have a database connected
+begin
+ framework.db.hosts
+rescue ::ActiveRecord::ConnectionNotEstablished
+ print_error("Database connection isn't established")
+ return
+end
+
def jobwaiting() #thread handling for poor guys ...
maxjobs=15 #throttling if we get too much jobs
while(framework.jobs.keys.length >= maxjobs)
diff --git a/scripts/resource/basic_discovery.rc b/scripts/resource/basic_discovery.rc
index 19c7a8cb9e..20122a9bd4 100644
--- a/scripts/resource/basic_discovery.rc
+++ b/scripts/resource/basic_discovery.rc
@@ -45,6 +45,14 @@ else
nmap = 0
end
+# Test and see if we have a database connected
+begin
+ framework.db.hosts
+rescue ::ActiveRecord::ConnectionNotEstablished
+ print_error("Database connection isn't established")
+ return
+end
+
def jobwaiting(maxjobs,verbose) #thread handling for poor guys
while(framework.jobs.keys.length >= maxjobs)
::IO.select(nil, nil, nil, 2.5)
diff --git a/scripts/resource/nessus_vulns_cleaner.rc b/scripts/resource/nessus_vulns_cleaner.rc
new file mode 100644
index 0000000000..4eceb7a19e
--- /dev/null
+++ b/scripts/resource/nessus_vulns_cleaner.rc
@@ -0,0 +1,44 @@
+# nessus_cleaner.rc
+# Author: m-1-k-3 (Web: http://www.s3cur1ty.de / Twitter: @s3cur1ty_de)
+#
+# after importing the nesssus results, typically we have lots of mess in our vuln database
+# cause we dont use the vuln infos which just have a Nessus ID (NSS) we could clean them out
+# of our database
+
+
+# having a counter is nice
+count = 0
+
+#we look in the global datastore for a global VERBOSE option and use it
+if (framework.datastore['VERBOSE'] == "true")
+ verbose = 1
+else
+ verbose = 0
+end
+
+# Test and see if we have a database connected
+begin
+ framework.db.hosts
+rescue ::ActiveRecord::ConnectionNotEstablished
+ print_error("Database connection isn't established")
+ return
+end
+
+
+if (framework.db.workspace.vulns.size > 0)
+ print_line("starting with #{framework.db.workspace.vulns.size} vulnerabilities")
+end
+
+framework.db.workspace.vulns.each do |vuln|
+ next if (vuln.refs.to_s !~ /NSS/)
+ next if (vuln.refs.size > 1)
+ if (verbose == 1)
+ print_line("#{vuln.refs.to_s}")
+ print_line("deleting Nessus stuff ...")
+ end
+ vuln.destroy
+ count = count +1
+end
+print_line("cleaned out #{count} vulnerabilities, results with #{framework.db.workspace.vulns.size} vulnerabilities")
+
+
diff --git a/scripts/resource/port_cleaner.rc b/scripts/resource/port_cleaner.rc
index cdf3ce60f1..85c48b7995 100644
--- a/scripts/resource/port_cleaner.rc
+++ b/scripts/resource/port_cleaner.rc
@@ -4,17 +4,25 @@
# This Metasploit RC-File could be used to clean up your metasploit database from closed ports
+# Test and see if we have a database connected
+begin
+ framework.db.hosts
+rescue ::ActiveRecord::ConnectionNotEstablished
+ print_error("Database connection isn't established")
+ return
+end
+
counter = 0
framework.db.hosts.each do |host|
host.services.each do |serv|
next if not serv.host
- if (serv.state != ServiceState::Open)
- print_line("cleaning closed services (Port: #{serv.port.to_i} / Host: #{host.address})")
- run_single("services -d -p #{serv.port.to_i} -r #{serv.proto} #{host.address}")
+ if (serv.state != ServiceState::Open)
+ print_line("cleaning closed services (Port: #{serv.port.to_i} / Host: #{host.address})")
+ run_single("services -d -p #{serv.port.to_i} -r #{serv.proto} #{host.address}")
counter = counter + 1
- next
- end
- end
+ next
+ end
+ end
end
print_line("")
print_line("cleaned #{counter} closed ports")
diff --git a/scripts/resource/portscan.rc b/scripts/resource/portscan.rc
index 1daf2ebda3..f38f28351d 100644
--- a/scripts/resource/portscan.rc
+++ b/scripts/resource/portscan.rc
@@ -41,6 +41,14 @@ else
nmap = 0
end
+# Test and see if we have a database connected
+begin
+ framework.db.hosts
+rescue ::ActiveRecord::ConnectionNotEstablished
+ print_error("Database connection isn't established")
+ return
+end
+
print_line("")
print_line("starting portscanners ...")
print_line("")
diff --git a/scripts/resource/wmap_autotest.rc b/scripts/resource/wmap_autotest.rc
index f40b457e2d..ccb2a5ff21 100644
--- a/scripts/resource/wmap_autotest.rc
+++ b/scripts/resource/wmap_autotest.rc
@@ -6,22 +6,32 @@
# for learning the application
-#wmap profile - set it to nil if you would not use any profile
-#profile = nil
-profile = "#{Msf::Config.install_root}/data/wmap/wmap_sample_profile.txt"
+if (framework.datastore['WMAP_PROFILE'] == nil)
+ profile = nil
+elsif (framework.datastore['WMAP_PROFILE'] == "profile")
+ #default profile of the metasploit installation
+ profile = "#{Msf::Config.install_root}/data/wmap/wmap_sample_profile.txt"
+else
+ #we are able to define an other file as the profile file, for example we are able to
+ #define a file in our .msf4 directory which we use for our webaudits
+ profile = framework.datastore['WMAP_PROFILE']
+end
-if (framework.datastore['THREADS'] == nil) #default to 50 Threads
+#default to 50 Threads
+if (framework.datastore['THREADS'] == nil)
run_single("setg THREADS 50")
end
#we look in the global datastore for a global VERBOSE option and use it
if (framework.datastore['VERBOSE'] == "true")
- verbose = 1
+ verbose = 1
else
- verbose = 0
+ verbose = 0
end
-if (framework.plugins.to_s !~ /Wmap/)
+if (framework.plugins.to_s =~ /[Ww]map/)
+ print_line("Wmap plugin already loaded ...")
+else
print_line("loading the wmap plugin ...")
run_single("load wmap")
end