Python implementation of Remote call Metasploit method _python

This paper describes in detail the Python method of remote call Metasploit, which has a good reference value for Python learning. The implementation methods are as follows:

(1) Installing the Python Msgpack class library, the data serialization standard in the MSF official documentation is the reference to Msgpack.

root@kali:~# apt-get Install python-setuptools
root@kali:~# Easy_install

(2) Create Createdb_sql.txt:

Create database MSF;
Create user MSF with password ' msf123 ';
Grant all privileges in database MSF to MSF;

(3) Execute the above documents in PostgreSQL:

root@kali:~#/etc/init.d/postgresql start
root@kali:~# sudo-u Postgres/usr/bin/psql < Createdb_sql.txt

(4) Create setup.rc files

Db_connect msf:msf123@127.0.0.1/msf
load msgrpc user=msf pass= ' abc123 '

(5) Start MSF and execute loading files

root@kali:~# msfconsole-r setup.rc
* snip *
[*] processing setup.rc for ERB directives.
Resource (setup.rc) > Db_connect msf:msf123@127.0.0.1/msf
[*] Rebuilding the module cache in the background ...
resource (setup.rc) > Load msgrpc user=msf pass= ' abc123 '
[*] MSGRPC service:127.0.0.1:55552
[*] Msgrpc username:msf [*]
msgrpc password:abc123
[*] successfully loaded Plugin:msgrpc

(6) There is a Python class library on the GitHub, but it's not easy to use.

root@kali:~# git clone git://github.com/spiderlabs/msfrpc.git msfrpc
root@kali:~# cd msfrpc/python-msfrpc
root@kali:~# python setup.py Install

The test code is as follows:

#!/usr/bin/env python import msgpack import httplib class Msfrpc:class Msferror (Exception): def __init__ (self,msg): self.msg = Msg def __str__ (self): return repr (Self.msg) class Msfautherror (Msferror): def __init__ (self,msg) : self.msg = Msg def __init__ (self,opts=[]): Self.host = Opts.get (' host ') or "127.0.0.1" Self.port = Opts.get (' 
  Port ') or 55552 Self.uri = opts.get (' uri ') or '/api/' Self.ssl = Opts.get (' SSL ') or false self.authenticated = False Self.token = False Self.headers = {"Content-type": "Binary/message-pack"} if Self.ssl:self.client = Httplib.H Ttpsconnection (self.host,self.port) else:self.client = Httplib. Httpconnection (Self.host,self.port) def encode (Self,data): Return msgpack.packb (data) def decode (self,data): retur n msgpack.unpackb (data) def call (self,meth,opts = []): If meth!= ' auth.login ': If not Self.authenticated:rai Se self. Msfautherror ("Msfrpc:not authenticated") If meth!= "Auth.login": Opts.insert (0,self.token) Opts.insert (0,meth) params = Self.encode (opts) self.client.request ("POST", Self.uri, params,self.headers) resp = Self.client.getresponse () return Self.decode (Resp.read ()) def login (Self,user,password ): ret = Self.call (' Auth.login ', [User,password]) if ret.get (' result ') = = ' Success ': self.authenticated = True Self . token = Ret.get (' token ') return True else:raise self.  Msfautherror ("Msfrpc:authentication failed") if __name__ = = ' __main__ ': # Create A new instance of the MSFRPC client With the default options client = Msfrpc ({}) # Login to the MSFMSG server using the password ' abc123 ' Client.login (' MSF ', ' abc123 '] # Get a list of the exploits from the server mod = Client.call (' module.exploits ') # Grab the ' I TEM from the modules value of the the Returned DICT print "compatible payloads for:%s\n"% mod[' modules '-][0] # get the L IST of compatible payloads for the option RET = Client.call (' Module.compatIble_payloads ', [mod[' modules '][0]]) for I in (Ret.get (' payloads ')): print "\t%s"% i

 

Believe that the method described in this article can play a certain role in learning from Python learning.