commit
1699825c27
|
@ -38,6 +38,14 @@ else
|
||||||
verbose = 0
|
verbose = 0
|
||||||
end
|
end
|
||||||
|
|
||||||
|
# Test and see if we have a database connected
|
||||||
|
begin
|
||||||
|
framework.db.hosts
|
||||||
|
rescue ::ActiveRecord::ConnectionNotEstablished
|
||||||
|
print_error("Database connection isn't established")
|
||||||
|
return
|
||||||
|
end
|
||||||
|
|
||||||
def jobwaiting(maxjobs,verbose) #thread handling for poor guys
|
def jobwaiting(maxjobs,verbose) #thread handling for poor guys
|
||||||
while(framework.jobs.keys.length >= maxjobs)
|
while(framework.jobs.keys.length >= maxjobs)
|
||||||
::IO.select(nil, nil, nil, 2.5)
|
::IO.select(nil, nil, nil, 2.5)
|
||||||
|
|
|
@ -14,6 +14,14 @@ else
|
||||||
verbose = 0
|
verbose = 0
|
||||||
end
|
end
|
||||||
|
|
||||||
|
# Test and see if we have a database connected
|
||||||
|
begin
|
||||||
|
framework.db.hosts
|
||||||
|
rescue ::ActiveRecord::ConnectionNotEstablished
|
||||||
|
print_error("Database connection isn't established")
|
||||||
|
return
|
||||||
|
end
|
||||||
|
|
||||||
def jobwaiting(verbose)
|
def jobwaiting(verbose)
|
||||||
maxjobs=15 #throtteling if we get too much jobs
|
maxjobs=15 #throtteling if we get too much jobs
|
||||||
while(framework.jobs.keys.length >= maxjobs)
|
while(framework.jobs.keys.length >= maxjobs)
|
||||||
|
|
|
@ -32,6 +32,14 @@ else
|
||||||
verbose = 0
|
verbose = 0
|
||||||
end
|
end
|
||||||
|
|
||||||
|
# Test and see if we have a database connected
|
||||||
|
begin
|
||||||
|
framework.db.hosts
|
||||||
|
rescue ::ActiveRecord::ConnectionNotEstablished
|
||||||
|
print_error("Database connection isn't established")
|
||||||
|
return
|
||||||
|
end
|
||||||
|
|
||||||
def infos(serv,creds,host)
|
def infos(serv,creds,host)
|
||||||
print_line("")
|
print_line("")
|
||||||
print_line("====================================")
|
print_line("====================================")
|
||||||
|
|
|
@ -15,6 +15,14 @@ end
|
||||||
|
|
||||||
threadspercrawler = "4" #check this ... now its default
|
threadspercrawler = "4" #check this ... now its default
|
||||||
|
|
||||||
|
# Test and see if we have a database connected
|
||||||
|
begin
|
||||||
|
framework.db.hosts
|
||||||
|
rescue ::ActiveRecord::ConnectionNotEstablished
|
||||||
|
print_error("Database connection isn't established")
|
||||||
|
return
|
||||||
|
end
|
||||||
|
|
||||||
def jobwaiting() #thread handling for poor guys ...
|
def jobwaiting() #thread handling for poor guys ...
|
||||||
maxjobs=15 #throttling if we get too much jobs
|
maxjobs=15 #throttling if we get too much jobs
|
||||||
while(framework.jobs.keys.length >= maxjobs)
|
while(framework.jobs.keys.length >= maxjobs)
|
||||||
|
|
|
@ -45,6 +45,14 @@ else
|
||||||
nmap = 0
|
nmap = 0
|
||||||
end
|
end
|
||||||
|
|
||||||
|
# Test and see if we have a database connected
|
||||||
|
begin
|
||||||
|
framework.db.hosts
|
||||||
|
rescue ::ActiveRecord::ConnectionNotEstablished
|
||||||
|
print_error("Database connection isn't established")
|
||||||
|
return
|
||||||
|
end
|
||||||
|
|
||||||
def jobwaiting(maxjobs,verbose) #thread handling for poor guys
|
def jobwaiting(maxjobs,verbose) #thread handling for poor guys
|
||||||
while(framework.jobs.keys.length >= maxjobs)
|
while(framework.jobs.keys.length >= maxjobs)
|
||||||
::IO.select(nil, nil, nil, 2.5)
|
::IO.select(nil, nil, nil, 2.5)
|
||||||
|
|
|
@ -0,0 +1,44 @@
|
||||||
|
# nessus_cleaner.rc
|
||||||
|
# Author: m-1-k-3 (Web: http://www.s3cur1ty.de / Twitter: @s3cur1ty_de)
|
||||||
|
#
|
||||||
|
# after importing the nesssus results, typically we have lots of mess in our vuln database
|
||||||
|
# cause we dont use the vuln infos which just have a Nessus ID (NSS) we could clean them out
|
||||||
|
# of our database
|
||||||
|
|
||||||
|
<ruby>
|
||||||
|
# having a counter is nice
|
||||||
|
count = 0
|
||||||
|
|
||||||
|
#we look in the global datastore for a global VERBOSE option and use it
|
||||||
|
if (framework.datastore['VERBOSE'] == "true")
|
||||||
|
verbose = 1
|
||||||
|
else
|
||||||
|
verbose = 0
|
||||||
|
end
|
||||||
|
|
||||||
|
# Test and see if we have a database connected
|
||||||
|
begin
|
||||||
|
framework.db.hosts
|
||||||
|
rescue ::ActiveRecord::ConnectionNotEstablished
|
||||||
|
print_error("Database connection isn't established")
|
||||||
|
return
|
||||||
|
end
|
||||||
|
|
||||||
|
|
||||||
|
if (framework.db.workspace.vulns.size > 0)
|
||||||
|
print_line("starting with #{framework.db.workspace.vulns.size} vulnerabilities")
|
||||||
|
end
|
||||||
|
|
||||||
|
framework.db.workspace.vulns.each do |vuln|
|
||||||
|
next if (vuln.refs.to_s !~ /NSS/)
|
||||||
|
next if (vuln.refs.size > 1)
|
||||||
|
if (verbose == 1)
|
||||||
|
print_line("#{vuln.refs.to_s}")
|
||||||
|
print_line("deleting Nessus stuff ...")
|
||||||
|
end
|
||||||
|
vuln.destroy
|
||||||
|
count = count +1
|
||||||
|
end
|
||||||
|
print_line("cleaned out #{count} vulnerabilities, results with #{framework.db.workspace.vulns.size} vulnerabilities")
|
||||||
|
</ruby>
|
||||||
|
|
|
@ -4,17 +4,25 @@
|
||||||
# This Metasploit RC-File could be used to clean up your metasploit database from closed ports
|
# This Metasploit RC-File could be used to clean up your metasploit database from closed ports
|
||||||
|
|
||||||
<ruby>
|
<ruby>
|
||||||
|
# Test and see if we have a database connected
|
||||||
|
begin
|
||||||
|
framework.db.hosts
|
||||||
|
rescue ::ActiveRecord::ConnectionNotEstablished
|
||||||
|
print_error("Database connection isn't established")
|
||||||
|
return
|
||||||
|
end
|
||||||
|
|
||||||
counter = 0
|
counter = 0
|
||||||
framework.db.hosts.each do |host|
|
framework.db.hosts.each do |host|
|
||||||
host.services.each do |serv|
|
host.services.each do |serv|
|
||||||
next if not serv.host
|
next if not serv.host
|
||||||
if (serv.state != ServiceState::Open)
|
if (serv.state != ServiceState::Open)
|
||||||
print_line("cleaning closed services (Port: #{serv.port.to_i} / Host: #{host.address})")
|
print_line("cleaning closed services (Port: #{serv.port.to_i} / Host: #{host.address})")
|
||||||
run_single("services -d -p #{serv.port.to_i} -r #{serv.proto} #{host.address}")
|
run_single("services -d -p #{serv.port.to_i} -r #{serv.proto} #{host.address}")
|
||||||
counter = counter + 1
|
counter = counter + 1
|
||||||
next
|
next
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
print_line("")
|
print_line("")
|
||||||
print_line("cleaned #{counter} closed ports")
|
print_line("cleaned #{counter} closed ports")
|
||||||
|
|
|
@ -41,6 +41,14 @@ else
|
||||||
nmap = 0
|
nmap = 0
|
||||||
end
|
end
|
||||||
|
|
||||||
|
# Test and see if we have a database connected
|
||||||
|
begin
|
||||||
|
framework.db.hosts
|
||||||
|
rescue ::ActiveRecord::ConnectionNotEstablished
|
||||||
|
print_error("Database connection isn't established")
|
||||||
|
return
|
||||||
|
end
|
||||||
|
|
||||||
print_line("")
|
print_line("")
|
||||||
print_line("starting portscanners ...")
|
print_line("starting portscanners ...")
|
||||||
print_line("")
|
print_line("")
|
||||||
|
|
|
@ -6,22 +6,32 @@
|
||||||
# for learning the application
|
# for learning the application
|
||||||
|
|
||||||
<ruby>
|
<ruby>
|
||||||
#wmap profile - set it to nil if you would not use any profile
|
if (framework.datastore['WMAP_PROFILE'] == nil)
|
||||||
#profile = nil
|
profile = nil
|
||||||
profile = "#{Msf::Config.install_root}/data/wmap/wmap_sample_profile.txt"
|
elsif (framework.datastore['WMAP_PROFILE'] == "profile")
|
||||||
|
#default profile of the metasploit installation
|
||||||
|
profile = "#{Msf::Config.install_root}/data/wmap/wmap_sample_profile.txt"
|
||||||
|
else
|
||||||
|
#we are able to define an other file as the profile file, for example we are able to
|
||||||
|
#define a file in our .msf4 directory which we use for our webaudits
|
||||||
|
profile = framework.datastore['WMAP_PROFILE']
|
||||||
|
end
|
||||||
|
|
||||||
if (framework.datastore['THREADS'] == nil) #default to 50 Threads
|
#default to 50 Threads
|
||||||
|
if (framework.datastore['THREADS'] == nil)
|
||||||
run_single("setg THREADS 50")
|
run_single("setg THREADS 50")
|
||||||
end
|
end
|
||||||
|
|
||||||
#we look in the global datastore for a global VERBOSE option and use it
|
#we look in the global datastore for a global VERBOSE option and use it
|
||||||
if (framework.datastore['VERBOSE'] == "true")
|
if (framework.datastore['VERBOSE'] == "true")
|
||||||
verbose = 1
|
verbose = 1
|
||||||
else
|
else
|
||||||
verbose = 0
|
verbose = 0
|
||||||
end
|
end
|
||||||
|
|
||||||
if (framework.plugins.to_s !~ /Wmap/)
|
if (framework.plugins.to_s =~ /[Ww]map/)
|
||||||
|
print_line("Wmap plugin already loaded ...")
|
||||||
|
else
|
||||||
print_line("loading the wmap plugin ...")
|
print_line("loading the wmap plugin ...")
|
||||||
run_single("load wmap")
|
run_single("load wmap")
|
||||||
end
|
end
|
||||||
|
|
Loading…
Reference in New Issue