Page 1 of 2 12 LastLast
Results 1 to 10 of 12

Thread: Startup script (not for startx or networking,I promise!)

  1. #1
    Just burned his ISO mcjon3z's Avatar
    Join Date
    Jan 2010
    Posts
    15

    Thumbs up {SOLVED} Startup script (not for startx or networking,I promise!)

    Hi, Guys,

    I am in the process of setting up a dedicated virtual machine to serve as a 24x7 meterpreter listener for social engineering attacks on some of my pentests. I have written the following (very short) script that calls msfconsole and provides with a list of commands to execute the listener:

    #!/bin/sh
    /pentest/exploits/framework3/msfconsole -r /root/msflistener.rc

    The script works great and starts the listener perfectly but I have been unable to get it to successfully run at startup in an interactive command shell. I have tried calling it from /etc/rc.local (where my startx and networking startup commands are placed) and /root/.bash_profile to no avail. Also tried dropping the script into the /etc/xdg/autostart directory.

    Is it possible to spawn a shell script into a separate terminal window as part of the login process or am I totally barking up the wrong tree?

  2. #2
    Junior Member g3ksan's Avatar
    Join Date
    Jan 2010
    Location
    Florida
    Posts
    93

    Default

    Quote Originally Posted by mcj30606 View Post
    Hi, Guys,

    I am in the process of setting up a dedicated virtual machine to serve as a 24x7 meterpreter listener for social engineering attacks on some of my pentests. I have written the following (very short) script that calls msfconsole and provides with a list of commands to execute the listener:

    #!/bin/sh
    /pentest/exploits/framework3/msfconsole -r /root/msflistener.rc

    The script works great and starts the listener perfectly but I have been unable to get it to successfully run at startup in an interactive command shell. I have tried calling it from /etc/rc.local (where my startx and networking startup commands are placed) and /root/.bash_profile to no avail. Also tried dropping the script into the /etc/xdg/autostart directory.

    Is it possible to spawn a shell script into a separate terminal window as part of the login process or am I totally barking up the wrong tree?
    In /etc/rc.local, do you have it set to sudo?
    This is the sixth time we have created a thread about it... and we have become exceedingly efficient at it.

  3. #3
    Just burned his ISO mcjon3z's Avatar
    Join Date
    Jan 2010
    Posts
    15

    Default

    Quote Originally Posted by g3ksan View Post
    In /etc/rc.local, do you have it set to sudo?
    It's not set to sudo but that's because I'm logging in as root. The server is in a DMZ and is disposable so I'm not terribly worried about credentials.

  4. #4
    Junior Member g3ksan's Avatar
    Join Date
    Jan 2010
    Location
    Florida
    Posts
    93

    Default

    Quote Originally Posted by mcj30606 View Post
    It's not set to sudo but that's because I'm logging in as root. The server is in a DMZ and is disposable so I'm not terribly worried about credentials.
    Can you post the snip from your rc.local?
    This is the sixth time we have created a thread about it... and we have become exceedingly efficient at it.

  5. #5
    Very good friend of the forum Gitsnik's Avatar
    Join Date
    Jan 2010
    Location
    The Crystal Wind
    Posts
    851

    Default

    Stick it in your crontab.
    Code:
    sudo -s
    crontab -e
    Then type in:
    Code:
    @reboot /pentest/exploits/framework3/msfconsole -r /root/msflistener.rc
    And save/quit the editor (I use vi as my env so it's :wq for me)
    Still not underestimating the power...

    There is no such thing as bad information - There is truth in the data, so you sift it all, even the crap stuff.

  6. #6
    Just burned his ISO mcjon3z's Avatar
    Join Date
    Jan 2010
    Posts
    15

    Default

    Quote Originally Posted by Gitsnik View Post
    Stick it in your crontab.
    Code:
    sudo -s
    crontab -e
    Then type in:
    Code:
    @reboot /pentest/exploits/framework3/msfconsole -r /root/msflistener.rc
    And save/quit the editor (I use vi as my env so it's :wq for me)
    I tried inserting the script in crontab but not calling msfconsole directly...will give that a shot when I get home and post back the results.

    thanks guys...

  7. #7
    Very good friend of the forum Gitsnik's Avatar
    Join Date
    Jan 2010
    Location
    The Crystal Wind
    Posts
    851

    Default

    Quote Originally Posted by mcj30606 View Post
    I tried inserting the script in crontab but not calling msfconsole directly...will give that a shot when I get home and post back the results.

    thanks guys...
    Don't forget that you probably want to be using msfcli rather than console.
    Still not underestimating the power...

    There is no such thing as bad information - There is truth in the data, so you sift it all, even the crap stuff.

  8. #8
    Just burned his ISO mcjon3z's Avatar
    Join Date
    Jan 2010
    Posts
    15

    Default

    Quote Originally Posted by Gitsnik View Post
    Don't forget that you probably want to be using msfcli rather than console.
    Actually, I'm wanting to use msfconsole so it will handle multiple sessions...basically just want to have the listener up and running at all times. If I send out an email to 10 targets and get 2 responses, I want to be able to handle them both without having to sit and watch the server.

    I have used both and actually like the command line better for quick and dirty, but the way the metasploit unleashed documentation read indicated that msfcli is good for scripting but would not handle multiple sessions. That was where the whole command file specified by -r comes into play. The script itself works great if I can just get the damn thing to fire off automatically!

    Gonna try the crontab suggestion here in a sec and will post back.

    Thank y'all for all of the input!

  9. #9
    Just burned his ISO mcjon3z's Avatar
    Join Date
    Jan 2010
    Posts
    15

    Default

    Quote Originally Posted by g3ksan View Post
    Can you post the snip from your rc.local?
    Just calling the script directly:
    /root/start_listener.sh

    The script is executable and the above command opens it when typed into a console.

    Quote Originally Posted by Gitsnik View Post
    Stick it in your crontab.
    Code:
    sudo -s
    crontab -e
    Then type in:
    Code:
    @reboot /pentest/exploits/framework3/msfconsole -r /root/msflistener.rc
    And save/quit the editor (I use vi as my env so it's :wq for me)
    Still no dice with the crontab even when calling msfconsole directly.

    I have tried a couple of things with no success (both in the crontab and rc.local:
    /pentest/exploits/framework3/msfconsole -r /root/msf_listener.rc
    /root/start_listener.sh
    /bin/sh /root/start_listener.sh
    xterm /root/start_listener.sh (this works when typed into a run dialog but still not at startup)

  10. #10
    Moderator fancy's Avatar
    Join Date
    Jan 2010
    Posts
    204

    Default

    After booting up you know that you should perform a user login (maybe even as root) since you need an user environment, then you can place a script to the directory
    ~/.kde3/Autostart

    like this:

    Script launch.sh
    Code:
    xterm -e "/pentest/exploits/framework3/msfconsole -r /root/msflistener.rc" &

Page 1 of 2 12 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •