[NSE] metasploit-info

[Aleksandar Nikolic <nikolic.alek () gmail com>]

Hi all,

here's a post auth info gathering script that uses metasploit rpc service.
It requires valid username and password of course. What it does is:
1) Login to get auth token
2) Get metasploit version to deduce if we are on linux or windows (if
you can supply me with other version info I'd gladly add it).
3) Create new console
4) Execute the command (systeminfo on windows, uname -a and id on linux)
5) Read the result
6) Optionally, execute user supplied command
7) Close the console

If anybody want's to test it, it's attached.

Please share your comments and ideas.

Aleksandar

Attachment: metasploit-info.nse
Description:

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/