I am in the process of setting up a dedicated virtual machine to serve as a 24x7 meterpreter listener for social engineering attacks on some of my pentests. I have written the following (very short) script that calls msfconsole and provides with a list of commands to execute the listener:
/pentest/exploits/framework3/msfconsole -r /root/msflistener.rc
The script works great and starts the listener perfectly but I have been unable to get it to successfully run at startup in an interactive command shell. I have tried calling it from /etc/rc.local (where my startx and networking startup commands are placed) and /root/.bash_profile to no avail. Also tried dropping the script into the /etc/xdg/autostart directory.
Is it possible to spawn a shell script into a separate terminal window as part of the login process or am I totally barking up the wrong tree?
Stick it in your crontab.
Then type in:Code:sudo -s crontab -eAnd save/quit the editor (I use vi as my env so it's :wq for me)Code:@reboot /pentest/exploits/framework3/msfconsole -r /root/msflistener.rc
Still not underestimating the power...
There is no such thing as bad information - There is truth in the data, so you sift it all, even the crap stuff.
I have used both and actually like the command line better for quick and dirty, but the way the metasploit unleashed documentation read indicated that msfcli is good for scripting but would not handle multiple sessions. That was where the whole command file specified by -r comes into play. The script itself works great if I can just get the damn thing to fire off automatically!
Gonna try the crontab suggestion here in a sec and will post back.
Thank y'all for all of the input!
The script is executable and the above command opens it when typed into a console.
I have tried a couple of things with no success (both in the crontab and rc.local:
/pentest/exploits/framework3/msfconsole -r /root/msf_listener.rc
xterm /root/start_listener.sh (this works when typed into a run dialog but still not at startup)
After booting up you know that you should perform a user login (maybe even as root) since you need an user environment, then you can place a script to the directory
Code:xterm -e "/pentest/exploits/framework3/msfconsole -r /root/msflistener.rc" &