This paper describes in detail the Python method of remote call Metasploit, which has a good reference value for Python learning. The implementation methods are as follows:
(1) Installing the Python Msgpack class library, the data serialization standard in the MSF official documentation is the reference to Msgpack.
root@kali:~# apt-get Install python-setuptools root@kali:~# Easy_install
(2) Create Createdb_sql.txt:
Create database MSF; Create user MSF with password ' msf123 '; Grant all privileges in database MSF to MSF;
(3) Execute the above documents in PostgreSQL:
root@kali:~#/etc/init.d/postgresql start root@kali:~# sudo-u Postgres/usr/bin/psql < Createdb_sql.txt
(4) Create setup.rc files
Db_connect msf:msf123@127.0.0.1/msf load msgrpc user=msf pass= ' abc123 '
(5) Start MSF and execute loading files
root@kali:~# msfconsole-r setup.rc * snip * [*] processing setup.rc for ERB directives. Resource (setup.rc) > Db_connect msf:msf123@127.0.0.1/msf [*] Rebuilding the module cache in the background ... resource (setup.rc) > Load msgrpc user=msf pass= ' abc123 ' [*] MSGRPC service:127.0.0.1:55552 [*] Msgrpc username:msf [*] msgrpc password:abc123 [*] successfully loaded Plugin:msgrpc
(6) There is a Python class library on the GitHub, but it's not easy to use.
root@kali:~# git clone git://github.com/spiderlabs/msfrpc.git msfrpc root@kali:~# cd msfrpc/python-msfrpc root@kali:~# python setup.py Install
The test code is as follows:
#!/usr/bin/env python import msgpack import httplib class Msfrpc:class Msferror (Exception): def __init__ (self,msg): self.msg = Msg def __str__ (self): return repr (Self.msg) class Msfautherror (Msferror): def __init__ (self,msg) : self.msg = Msg def __init__ (self,opts=[]): Self.host = Opts.get (' host ') or "127.0.0.1" Self.port = Opts.get ('
Port ') or 55552 Self.uri = opts.get (' uri ') or '/api/' Self.ssl = Opts.get (' SSL ') or false self.authenticated = False Self.token = False Self.headers = {"Content-type": "Binary/message-pack"} if Self.ssl:self.client = Httplib.H Ttpsconnection (self.host,self.port) else:self.client = Httplib. Httpconnection (Self.host,self.port) def encode (Self,data): Return msgpack.packb (data) def decode (self,data): retur n msgpack.unpackb (data) def call (self,meth,opts = []): If meth!= ' auth.login ': If not Self.authenticated:rai Se self. Msfautherror ("Msfrpc:not authenticated") If meth!= "Auth.login": Opts.insert (0,self.token) Opts.insert (0,meth) params = Self.encode (opts) self.client.request ("POST", Self.uri, params,self.headers) resp = Self.client.getresponse () return Self.decode (Resp.read ()) def login (Self,user,password ): ret = Self.call (' Auth.login ', [User,password]) if ret.get (' result ') = = ' Success ': self.authenticated = True Self . token = Ret.get (' token ') return True else:raise self. Msfautherror ("Msfrpc:authentication failed") if __name__ = = ' __main__ ': # Create A new instance of the MSFRPC client With the default options client = Msfrpc ({}) # Login to the MSFMSG server using the password ' abc123 ' Client.login (' MSF ', ' abc123 '] # Get a list of the exploits from the server mod = Client.call (' module.exploits ') # Grab the ' I TEM from the modules value of the the Returned DICT print "compatible payloads for:%s\n"% mod[' modules '-][0] # get the L IST of compatible payloads for the option RET = Client.call (' Module.compatIble_payloads ', [mod[' modules '][0]]) for I in (Ret.get (' payloads ')): print "\t%s"% i
Believe that the method described in this article can play a certain role in learning from Python learning.
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
