Vulners
Lucene search
Multi Manage Post Module Macro Execution
🗓️ 19 Jul 2011 22:14:06Reported by carlos_perez <[email protected]>Type 
metasploit🔗 www.rapid7.com👁 27 Views
##
# This module requires Metasploit: https://metasploit.com/download
# Current source: https://github.com/rapid7/metasploit-framework
##
class MetasploitModule < Msf::Post
include Msf::Post::File
def initialize(info = {})
super(
update_info(
info,
'Name' => 'Multi Manage Post Module Macro Execution',
'Description' => %q{
This module will execute a list of modules given in a macro file in the format
of <module> <opt=val,opt=val> against the select session checking for compatibility
of the module against the sessions and validation of the options provided.
},
'License' => MSF_LICENSE,
'Author' => [ '<carlos_perez[at]darkoperator.com>'],
'Platform' => %w[linux osx solaris unix win],
'SessionTypes' => [ 'meterpreter', 'shell' ]
)
)
register_options(
[
OptString.new('MACRO', [true, 'File with Post Modules and Options to run in the session', nil])
]
)
end
# Run Method for when run command is issued
def run
# syinfo is only on meterpreter sessions
print_status("Running module against #{sysinfo['Computer']}") if !sysinfo.nil?
macro = datastore['MACRO']
entries = []
if !::File.exist?(macro)
print_error 'Resource File does not exist!'
return
else
::File.open(datastore['MACRO'], 'rb').each_line do |line|
# Empty line
next if line.strip.empty?
# Comment
next if line[0, 1] == '#'
entries << line.chomp
end
end
if entries
entries.each do |l|
values = l.split(' ')
post_mod = values[0]
if values.length == 2
mod_opts = values[1].split(',')
end
print_line("Loading #{post_mod}")
# Make sure we can handle post module names with or without post in the start
if post_mod =~ %r{^post/}
post_mod.gsub!(%r{^post/}, '')
end
m = framework.post.create(post_mod)
# Check if a post module was actually initiated
if m.nil?
print_error("Post module #{post_mod} could not be initialized!")
next
end
# Set the current session
s = datastore['SESSION']
if m.session_compatible?(s.to_i)
print_line("Running Against #{s}")
m.datastore['SESSION'] = s
if mod_opts
mod_opts.each do |o|
opt_pair = o.split('=', 2)
print_line("\tSetting Option #{opt_pair[0]} to #{opt_pair[1]}")
m.datastore[opt_pair[0]] = opt_pair[1]
end
end
m.options.validate(m.datastore)
m.run_simple(
'LocalInput' => user_input,
'LocalOutput' => user_output
)
else
print_error("Session #{s} is not compatible with #{post_mod}")
end
end
else
print_error('Resource file was empty!')
end
end
end
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
08 Feb 2023 13:47Current
7.2High risk
Vulners AI Score7.2