Mad-Metasploit:一款智能Metasploit自定义模块、插件&資源脚本制作模块

Mad-Metasploit是一款对于Metasploit的智能架构,该架构出示了多种多样自定义模块、插件和資源脚本制作。 如何把Mad-Metasploit加上到Metasploit架构? 1. 配备你的metasploit-framework文...

Mad-Metasploit是一款对于Metasploit的智能架构,该架构出示了多种多样自定义模块、插件和資源脚本制作。

如何把Mad-Metasploit加上到Metasploit架构?

1. 配备你的metasploit-framework文件目录:

$ vim config/config.rb

$ metasploit_path='/opt/metasploit-framework/embedded/framework/'

# /usr/share/metasploit-framework

2-A、互动方式:

$

2-B、cmd方式:

$[-a/-y/--all/--yes]

应用自定义模块

检索auxiliary/exploits:

HAHWUL> search springboot

Matching Modules

================

Name Disclosure Date Rank Check Description

---- --------------- ---- ----- -----------

auxiliary/mad_metasploit/springboot_actuator normal No Springboot actuator check

应用自定义插件

在msfconsole中载入mad-metasploit/{plugins}:

HAHWUL> load mad-metasploit/db_autopwn

[*]Successfully loaded plugin: db_autopwn

HAHWUL> db_autopwn

[-]The db_autopwn command is DEPRECATED

[-]See instead

[*]Usage: db_autopwn[options]

-h Display this help text

-t Show all matching exploit modules

-x Select modules based on vulnerabilityreferences

-p Select modules based on open ports

-e Launch exploits against all matchedtargets

-r Use a reverse connect shell

-b Use a bind shell on a random port(default)

-q Disable exploit module output

-R[rank]Only run modules with aminimal rank

-I[range]Only exploit hosts inside this range

-X[range]Always exclude hosts inside this range

-PI[range]Only exploit hosts with theseports open

-PX[range]Always exclude hosts withthese ports open

-m[regex]Only run modules whose name matches the regex

-T[secs]Maximum runtime for anyexploit in seconds

etc...

插件目录:

mad-metasploit/db_autopwn

mad-metasploit/arachni

mad-metasploit/meta_ssh

mad-metasploit/db_exploit

应用資源脚本制作

#>msfconsole

MSF> load alias

MSF> alias ahosts 'resource/mad-metasploit/resource-script/ahosts.rc'

MSF> ahosts

[Custom command!]

資源目录:

ahosts.rc

cache_bomb.rb

feed.rc

getdomains.rb

getsessions.rb

ie_hashgrab.rb

listdrives.rb

loggedon.rb

runon_netview.rb

search_hash_creds.rc

virusscan_bypass8_8.rb

Archive模块构造

archive/

└── exploits

├── aix

│ ├── dos

│ │ ├── 16657.rb

│ │ └── 16929.rb

│ ├──local

│ │ └── 16659.rb

│ └── remote

│ └── 16930.rb

├── android

│ ├── local

│ │ ├── 40504.rb

  • 发表于 2021-02-16 13:53
  • 阅读 ( 220 )
  • 分类:互联网

0 条评论

请先 登录 后评论
131145
131145

696 篇文章

你可能感兴趣的文章

相关问题