Python Remote Call Metasploit

Source: Internet
Author: User
Tags git clone

(1) Install the Python msgpack class library, The data serialization standard in the MSF official documentation is reference msgpack.

[Email protected]:~# apt-get Install Python-setuptools

[Email protected]:~# easy_install Msgpack-python

(2) create createdb_sql.txt:

Create DATABASE MSF;

Create user MSF with password ' msf123 ';

Grant all privileges in database MSF to MSF;

(3) Execute the above documents at PostgreSQL:

[Email protected]:~#/etc/init.d/postgresql Start

[Email protected]:~# sudo-u Postgres/usr/bin/psql < Createdb_sql.txt

(4) Create a setup.rc file

Db_connect Msf:[email PROTECTED]/MSF

Load Msgrpc user=msf pass= ' abc123 '

(5) Start the MSF and execute the load file

[Email protected]:~# msfconsole-r setup.rc

* SNIP *

[*] Processing setup.rc for ERB directives.

Resource (setup.rc) > Db_connect msf:[email protected]/msf

[*] Rebuilding the module cache in the background ...

Resource (SETUP.RC) > Load msgrpc user=msf pass= ' abc123 '

[*] Msgrpc service:127.0.0.1:55552

[*] Msgrpc USERNAME:MSF

[*] Msgrpc password:abc123

[*] Successfully loaded PLUGIN:MSGRPC

(6) There is a Python class library on Github, but it's not very useful.

[Email protected]:~# git clone git://github.com/spiderlabs/msfrpc.git msfrpc

[Email protected]:~# cd MSFRPC/PYTHON-MSFRPC

[Email protected]:~# python setup.py Install

Test code:

#!/usr/bin/env python

Import Msgpack

Import Httplib

class Msfrpc:

class Msferror(Exception):

def __init__ (self,msg):

Self. msg = msg

def __str__ (self):

return repr(self. msg)

class Msfautherror(msferror):

def __init__ (self,msg):

Self. msg = msg

def __init__ (self,opts=[]):

Self. Host = opts. Get(' host ') or "127.0.0.1"

Self. Port = opts. Get(' Port ') or 55552

Self. Uri = opts. Get(' uri ') or '/api/'

Self. SSL = opts. Get(' SSL ') or False

Self. Authenticated = False

Self. Token = False

Self. Headers = {"Content-type" : "Binary/message-pack" }

if self. SSL:

Self. Client = httplib. Httpsconnection(self. Host,self. Port)

Else :

Self. Client = httplib. Httpconnection(self. Host,self. Port)

def encode (self,data):

return msgpack. PACKB(data)

def Decode (self,data):

return msgpack. UNPACKB(data)

def Pager (self,meth,opts = []):

if meth! = "Auth.login":

if not self. Authenticated:

raise self. Msfautherror("Msfrpc:not authenticated")

if meth! = "Auth.login":

OPTs. Insert(0,self. Token)

OPTs. Insert(0,meth)

params = self. Encode(opts)

Self. Client. Request("POST",self. ) Uri,params,self. Headers)

Resp = self. Client. GetResponse()

return self. Decode(resp. Read())

def Login (self,user,password):

RET = self. Call(' auth.login ', [user,password])

if ret. Get(' result ') = = ' success ':

Self. Authenticated = True

Self. Token = ret. Get(' token ')

return True

Else :

raise self. Msfautherror("Msfrpc:authentication failed")

if __name__ = = ' __main__ ':

# Create A new instance of the MSFRPC client with the default options

Client = Msfrpc({})

# Login to the MSFMSG server using the password "abc123"

Client. Login(' MSF ',' abc123 ')

# Get A list of the exploits from the server

MoD = client. Call(' module.exploits ')

# Grab The first item from the modules value of the returned Dict

Print "Compatible payloads for:%s\n" % mod[' modules '] [0]

# Get The list of compatible payloads for the first option

RET = client. Call(' module.compatible_payloads ', [mod[' modules '][0 ]])

for i in (ret. Get(' payloads ')):

    print   "\t%s"  %  i

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.