metasploit-framework/scripts/resource/bap_dryrun_only.rc

16 lines
742 B
Plaintext

<ruby>
print_status("Starting BAP...")
print_status("Exploits will not be actually served, but you will know which ones the clients might be vulnerable to.")
print_status("You can do 'notes -t baps.clicks' in msfconsole to track clicks and client-specific exploit info.")
run_single("use exploit/multi/browser/autopwn")
run_single("set RealList true")
run_single("set MaxSessions 0")
# Instead of set Content, you can also do set Custom404 to redirect the client to an SE training website
# For example (why don't you try this? :-) )
# run_single("set Custom404 https://www.youtube.com/watch?v=dQw4w9WgXcQ")
run_single("set Content \"Hello, this is a security test. You shouldn't have clicked on that link :-)\"")
run_single("run")
</ruby>