In /etc/rc.local, do you have it set to sudo?Originally Posted by mcj30606
{SOLVED} Startup script (not for startx or networking,I promise!)
Hi, Guys,
I am in the process of setting up a dedicated virtual machine to serve as a 24x7 meterpreter listener for social engineering attacks on some of my pentests. I have written the following (very short) script that calls msfconsole and provides with a list of commands to execute the listener:
#!/bin/sh
/pentest/exploits/framework3/msfconsole -r /root/msflistener.rc
The script works great and starts the listener perfectly but I have been unable to get it to successfully run at startup in an interactive command shell. I have tried calling it from /etc/rc.local (where my startx and networking startup commands are placed) and /root/.bash_profile to no avail. Also tried dropping the script into the /etc/xdg/autostart directory.
Is it possible to spawn a shell script into a separate terminal window as part of the login process or am I totally barking up the wrong tree?
In /etc/rc.local, do you have it set to sudo?
This is the sixth time we have created a thread about it... and we have become exceedingly efficient at it.
It's not set to sudo but that's because I'm logging in as root. The server is in a DMZ and is disposable so I'm not terribly worried about credentials.
Can you post the snip from your rc.local?
This is the sixth time we have created a thread about it... and we have become exceedingly efficient at it.
Stick it in your crontab.
Then type in:Code:sudo -s crontab -eAnd save/quit the editor (I use vi as my env so it's :wq for me)Code:@reboot /pentest/exploits/framework3/msfconsole -r /root/msflistener.rc
Still not underestimating the power...
There is no such thing as bad information - There is truth in the data, so you sift it all, even the crap stuff.
I tried inserting the script in crontab but not calling msfconsole directly...will give that a shot when I get home and post back the results.
thanks guys...
Don't forget that you probably want to be using msfcli rather than console.
Still not underestimating the power...
There is no such thing as bad information - There is truth in the data, so you sift it all, even the crap stuff.
Actually, I'm wanting to use msfconsole so it will handle multiple sessions...basically just want to have the listener up and running at all times. If I send out an email to 10 targets and get 2 responses, I want to be able to handle them both without having to sit and watch the server.
I have used both and actually like the command line better for quick and dirty, but the way the metasploit unleashed documentation read indicated that msfcli is good for scripting but would not handle multiple sessions. That was where the whole command file specified by -r comes into play. The script itself works great if I can just get the damn thing to fire off automatically!
Gonna try the crontab suggestion here in a sec and will post back.
Thank y'all for all of the input!
Just calling the script directly:
/root/start_listener.sh
The script is executable and the above command opens it when typed into a console.
Still no dice with the crontab even when calling msfconsole directly.
I have tried a couple of things with no success (both in the crontab and rc.local:
/pentest/exploits/framework3/msfconsole -r /root/msf_listener.rc
/root/start_listener.sh
/bin/sh /root/start_listener.sh
xterm /root/start_listener.sh (this works when typed into a run dialog but still not at startup)
After booting up you know that you should perform a user login (maybe even as root) since you need an user environment, then you can place a script to the directory
~/.kde3/Autostart
like this:
Script launch.sh
Code:xterm -e "/pentest/exploits/framework3/msfconsole -r /root/msflistener.rc" &
Posting Permissions