(1) Install the Python msgpack class library, The data serialization standard in the MSF official documentation is reference msgpack.
[Email protected]:~# apt-get Install Python-setuptools
[Email protected]:~# easy_install Msgpack-python
(2) create createdb_sql.txt:
Create DATABASE MSF;
Create user MSF with password ' msf123 ';
Grant all privileges in database MSF to MSF;
(3) Execute the above documents at PostgreSQL:
[Email protected]:~#/etc/init.d/postgresql Start
[Email protected]:~# sudo-u Postgres/usr/bin/psql < Createdb_sql.txt
(4) Create a setup.rc file
Db_connect Msf:[email PROTECTED]/MSF
Load Msgrpc user=msf pass= ' abc123 '
(5) Start the MSF and execute the load file
[Email protected]:~# msfconsole-r setup.rc
* SNIP *
[*] Processing setup.rc for ERB directives.
Resource (setup.rc) > Db_connect msf:[email protected]/msf
[*] Rebuilding the module cache in the background ...
Resource (SETUP.RC) > Load msgrpc user=msf pass= ' abc123 '
[*] Msgrpc service:127.0.0.1:55552
[*] Msgrpc USERNAME:MSF
[*] Msgrpc password:abc123
[*] Successfully loaded PLUGIN:MSGRPC
(6) There is a Python class library on Github, but it's not very useful.
[Email protected]:~# git clone git://github.com/spiderlabs/msfrpc.git msfrpc
[Email protected]:~# cd MSFRPC/PYTHON-MSFRPC
[Email protected]:~# python setup.py Install
Test code:
#!/usr/bin/env python
Import Msgpack
Import Httplib
class Msfrpc:
class Msferror(Exception):
def __init__ (self,msg):
Self. msg = msg
def __str__ (self):
return repr(self. msg)
class Msfautherror(msferror):
def __init__ (self,msg):
Self. msg = msg
def __init__ (self,opts=[]):
Self. Host = opts. Get(' host ') or "127.0.0.1"
Self. Port = opts. Get(' Port ') or 55552
Self. Uri = opts. Get(' uri ') or '/api/'
Self. SSL = opts. Get(' SSL ') or False
Self. Authenticated = False
Self. Token = False
Self. Headers = {"Content-type" : "Binary/message-pack" }
if self. SSL:
Self. Client = httplib. Httpsconnection(self. Host,self. Port)
Else :
Self. Client = httplib. Httpconnection(self. Host,self. Port)
def encode (self,data):
return msgpack. PACKB(data)
def Decode (self,data):
return msgpack. UNPACKB(data)
def Pager (self,meth,opts = []):
if meth! = "Auth.login":
if not self. Authenticated:
raise self. Msfautherror("Msfrpc:not authenticated")
if meth! = "Auth.login":
OPTs. Insert(0,self. Token)
OPTs. Insert(0,meth)
params = self. Encode(opts)
Self. Client. Request("POST",self. ) Uri,params,self. Headers)
Resp = self. Client. GetResponse()
return self. Decode(resp. Read())
def Login (self,user,password):
RET = self. Call(' auth.login ', [user,password])
if ret. Get(' result ') = = ' success ':
Self. Authenticated = True
Self. Token = ret. Get(' token ')
return True
Else :
raise self. Msfautherror("Msfrpc:authentication failed")
if __name__ = = ' __main__ ':
# Create A new instance of the MSFRPC client with the default options
Client = Msfrpc({})
# Login to the MSFMSG server using the password "abc123"
Client. Login(' MSF ',' abc123 ')
# Get A list of the exploits from the server
MoD = client. Call(' module.exploits ')
# Grab The first item from the modules value of the returned Dict
Print "Compatible payloads for:%s\n" % mod[' modules '] [0]
# Get The list of compatible payloads for the first option
RET = client. Call(' module.compatible_payloads ', [mod[' modules '][0 ]])
for i in (ret. Get(' payloads ')):
print "\t%s" % i