console with arguments

[jerome.athias at free.fr (Jerome Athias)]

Hi Bill,

i've also tried something like this.


1) If you check the source of the frame where the "Launch exploit" 
button appears in msfweb, you will find something like this:

<form action="/exploits/config" method="post">
<input id="refname" name="refname" type="hidden" value="windows:http:navicopa_get_overflow" />
<input id="step" name="step" type="hidden" value="exploit" /> <== put your tiger's eye here
<input id="target" name="target" type="hidden" value="0" />
<input id="payload" name="payload" type="hidden" value="16" />

so your URL looks like quite correct

2) Ok, now you should check the code of:
exploits_controller.rb

you should have, for example, to add:
&step=exploit
in your url


My 2 chips
/JA


PS:
my problem is the use of the compatible_payloads() function:
@payload_ref = @tmod.compatible_payloads[params[:payload].to_i] in 
exploits_controller.rb

since the id of a given named payload returned by compatible_payloads() 
could change, and it seems there is no way to pass the name of a payload 
in the URL without modifying the code

inbox-sc1 wrote :
> I'd like to be able to open a MSF console
> all by itself (not within the broader MSF web
> console with the tool bar etc.) and supply the
> console with all the necessary parameters to
> run an exploit. Something like:
>
> http://127.0.0.1:55555/console?refname=windows%3Aarkeia%3Atype77&;
> step=exploit&target=2&payload=4&RHOST=127.0.0.1&RPORT=617&EXITFUNC=seh&PASS=
> pass&USER=foo
>
> What I have tried complains about there not being
> an open session.
>
> - Bill